Security Directory

.

.kloos

kloos.agency

0

The website kloos.agency represents .kloos, a small but established digital marketing agency based in Vienna, Austria, founded around 2020. The company offers a broad range of services including SEO, PPC advertising, analytics, content marketing, social media marketing, design, development, and training workshops. Their market position is strong within the European digital marketing space, supported by client testimonials and a professional online presence. Technically, the site is built on WordPress with modern plugins for SEO, multilingual support, and cookie consent, but suffers from critical SSL/TLS misconfigurations that undermine security. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. However, the lack of a valid SSL certificate and modern TLS protocols significantly lowers the security posture, exposing the site to risks. Overall, the site is professional and trustworthy but urgently needs to address its SSL/TLS issues to ensure secure user interactions and maintain credibility.

The Kverneland Group's website at kvgportal.com currently serves as a simple notification page informing partners that the partner portal has moved to a new URL. The content is minimal and primarily targeted at existing partners, providing multilingual links and instructions to update bookmarks. The business is positioned as a manufacturing entity with a partner network, but the website itself does not provide detailed business information or services beyond portal access guidance. Technically, the site is hosted on an Apache server with basic DNS configuration but lacks a valid SSL certificate and modern TLS support, resulting in an insecure HTTP-only connection. Security headers are partially implemented but insufficient to ensure robust security. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available on the site. Overall, the website's digital maturity is low, with poor SEO, accessibility, and performance characteristics. The security posture is weak due to missing HTTPS and lack of DNSSEC. The domain registration appears consistent and legitimate, but the absence of critical security controls and policies poses risks. Strategic improvements in SSL deployment, security headers, and privacy compliance are recommended to enhance trust and security.

N

Net Patrol Italia srl

acaraweb.it

0

Net Patrol Italia srl operates a specialized whistleblowing platform called Acara, designed to support companies in compliance with European privacy and whistleblowing regulations. The platform emphasizes privacy by design, allowing anonymous or identified reporting, and aligns with ISO 37001:2016 anti-corruption standards. The website is built on WordPress with Elementor and uses modern SEO tools like Yoast. However, a critical security gap is the absence of a valid SSL certificate, leaving the site without HTTPS protection. Security headers are partially implemented, but the lack of TLS protocols and DNS security features reduces the overall security posture. Contact information and privacy policies are clearly presented, supporting GDPR compliance. The company maintains a moderate digital maturity with room for improvement in security and technical infrastructure.

S

SUPPLYGROUP, SAS

supplygroup.fr

0

SupplyGroup is a French medium-sized company specializing in supply chain, logistics, and business development solutions leveraging Big Data and artificial intelligence. Their offerings include software platforms for order management, shipment tracking, warehousing, data management, and quality control, targeting businesses from startups to large groups. The website is built on WordPress with integrations such as Google Tag Manager and reCAPTCHA, indicating a moderate level of digital maturity. However, the technical infrastructure shows weaknesses, notably the absence of a valid SSL certificate and lack of HTTPS support, which significantly impacts security posture. The site provides comprehensive legal and privacy information in French, including a named Data Protection Officer, but lacks a cookie policy and consent mechanism. Overall, the business credibility is strong with clear company registration details and contact information, but security improvements are critical to protect user data and enhance trust.

E

ENVASES Group

minikeg.blog

0

The MiniKEG Blog is operated by the ENVASES Group, a medium-sized German manufacturing company specializing in innovative packaging solutions, particularly 5-liter party kegs. The company holds a strong market position as a world leader in party keg production and packaging innovation. The website serves as an online magazine targeting beverage industry professionals and consumers interested in party kegs, providing product news, quality insights, and customer stories. Technically, the site is built on WordPress with the Divi theme and uses common plugins for cookie consent and newsletter management. However, the site suffers from a critical security flaw: the SSL certificate is invalid or missing, resulting in no HTTPS support and no modern TLS protocols enabled, which significantly impacts security posture. Privacy compliance is addressed with a privacy and cookie policy and consent mechanism, but no terms of service or security policies are published. Contact information is clearly provided, enhancing business credibility. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect users and business reputation.

4

4DESIGN

4design.com.au

0

4DESIGN is an established Australian industrial design studio with over 50 years of experience, specializing in product development, 3D CAD engineering, prototyping, and manufacturing services. The company targets businesses and startups requiring comprehensive industrial design and engineering solutions. Their market position is strong within the Australian design industry, supported by awards and a professional online presence. Technically, the website is built on WordPress, hosted on WP Engine with Cloudflare CDN, and uses modern web technologies including Google Analytics and Instagram integration. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap. The security posture is basic, lacking modern TLS protocols, HSTS, and other security headers. Privacy compliance is minimal, with a basic privacy policy but no cookie consent mechanism or GDPR indicators. Overall, the business credibility is solid, but security improvements are urgently needed to protect user data and enhance trust.

B

Boston Scientific Corporation

intracept.com

0

The website intracept.com represents the Intracept Procedure by Relievant, a medical treatment for chronic low back pain, supported by clinical evidence and patient testimonials. It is owned by Boston Scientific Corporation, a large healthcare company. The site targets patients and healthcare professionals, providing educational content and resources about the procedure. Technically, the site is built on WordPress with the Divi theme, hosted on WP Engine and served via Cloudflare CDN. It uses modern web technologies and includes tracking tools like Google Tag Manager and Facebook Pixel. However, the site currently lacks a valid SSL certificate, which is a critical security issue. Privacy policies and terms of service are present and comprehensive, but no cookie consent mechanism is detected. Overall, the site is professional and trustworthy but requires urgent security improvements to enable HTTPS and enhance user data protection.

T

The Intracept Procedure by Relievant

relievant.com

0

Relievant.com represents The Intracept Procedure by Relievant, a healthcare-focused business specializing in treatment for chronic low back pain through a clinically supported medical procedure. The website is professionally designed with clear navigation and rich content targeting patients and healthcare providers. It is owned by Boston Scientific Corporation, a recognized entity in the medical device industry. Technically, the site is built on WordPress with the Divi theme and uses common JavaScript libraries and external resources. However, the absence of a valid SSL certificate and HTTPS is a critical security flaw that undermines user trust and data protection. Privacy policies are present and comprehensive, but cookie consent mechanisms are lacking despite the use of tracking pixels. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements.

L

Law in Austria

laa.law

0

Law in Austria is a Vienna-based legal services provider specializing in multimedia, digital, and interdisciplinary legal advice. The firm positions itself as a client-oriented partner offering precise and timely legal solutions. The website reflects a professional and consistent brand image targeting clients seeking legal expertise in Austria. Technically, the site is built on the Webflow CMS platform, leveraging modern web fonts and JavaScript libraries such as jQuery and Finsweet Cookie Consent for privacy compliance. Hosting appears to be via Cloudflare CDN, enhancing content delivery performance. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of HTTPS enforcement, exposing visitors to potential risks. The site implements a cookie consent banner with opt-in capabilities, aligning with GDPR requirements, but lacks explicit contact information and terms of service pages, which could affect user trust and compliance completeness. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to meet industry standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

O

Orchestrade

orchestrade.com

0

Orchestrade is a specialized software provider offering a comprehensive cross-asset front-to-back trading and risk management platform primarily targeting investment banks, hedge funds, asset managers, and energy companies. The company positions itself as a market leader with a strong portfolio of industry awards and a broad client base. Technically, the website is built on WordPress with modern plugins and integrations, hosted on WP Engine with Cloudflare protection, and employs multiple analytics and marketing tools. However, the security posture is weakened by the absence of a valid SSL certificate and HTTPS support, which is a critical vulnerability. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website demonstrates professionalism and trustworthiness but requires urgent security improvements to protect user data and maintain credibility.

M

Murex

murex.com

0

Murex is a leading provider of capital markets technology solutions, offering an integrated platform (MX.3) that supports trading, treasury, risk, and post-trade operations. The company serves a broad range of financial services clients globally, including banks, investment managers, and corporates. Their business model focuses on enterprise software and managed services, with a strong emphasis on regulatory compliance and risk management. The website reflects a mature digital presence with comprehensive content, strong branding, and extensive use of modern marketing and analytics technologies. However, a critical security gap exists due to the absence of HTTPS, which undermines the security posture despite well-implemented security headers. Privacy policies and cookie consent mechanisms are present and GDPR compliant. Overall, the site demonstrates high professionalism and trustworthiness but urgently requires SSL/TLS implementation to secure user data and communications.

Moody's Analytics is a well-established enterprise providing financial intelligence and risk management solutions primarily targeting financial institutions and business leaders. The company operates under the parent company Moody's Corporation and holds a strong market position in the finance sector. However, the website content is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block triggered by an ASN restriction, which prevents direct content analysis. The technical infrastructure includes Cloudflare for security and performance, but the SSL configuration lacks modern TLS protocol support and some security best practices such as HSTS and OCSP stapling are not enabled. Security headers are partially implemented, providing a basic security posture. The WHOIS data confirms the domain's legitimacy and consistency with the corporate identity. Overall, the website's security posture is basic but could be improved, and the lack of accessible content limits the ability to assess privacy compliance and user experience.

I

ITRS Group

itrsgroup.com

0

ITRS Group is a leading provider of AI-powered real-time monitoring and observability solutions tailored for demanding and regulated industries such as finance and investment banking. The company is recognized as a visionary in the digital experience monitoring space, serving top-tier investment banks and thousands of customers worldwide. Their platform focuses on preventing system outages, enhancing performance, and enabling continuous innovation through intelligent observability and digital experience monitoring. Technically, the website is built on Drupal 10 and leverages a modern technology stack including Google Tag Manager, Zendesk, Uptrends, and Cloudflare, hosted on AWS infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance metrics indicate moderate speed. Security headers are well implemented, but the SSL configuration is currently invalid, lacking proper TLS protocol support and OCSP stapling, which poses a significant security risk. From a security perspective, while the site employs several best practices such as Content Security Policy and X-Frame-Options, the absence of a valid SSL certificate and disabled TLS protocols significantly reduce the security posture. No critical vulnerabilities like exposed credentials or malware were detected, but improvements in SSL configuration and session management are recommended. Overall, the website presents a professional and trustworthy image with comprehensive privacy and cookie policies, clear contact information, and strong business credibility. The domain registration details align with the company's UK-based operations, supporting its legitimacy. Strategic recommendations include immediate SSL renewal and configuration, enhanced security monitoring, and continued compliance with privacy regulations.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

F

Fenergo

fenergo.com

0

Fenergo is a medium-sized SaaS financial technology company founded in 2009, specializing in client lifecycle management (CLM) and regulatory compliance solutions for banking and financial institutions. The company offers a comprehensive suite of services including KYC, client onboarding, transaction monitoring, and regulatory compliance, supported by AI-powered technologies such as FinCrime OS and Agentic AI. Fenergo is recognized as a market leader in its sector, with strong client endorsements and multiple industry awards. Technically, the website is built on Webflow and leverages modern JavaScript libraries and Cloudflare CDN for delivery, with good mobile optimization and SEO practices. However, the site currently lacks a valid SSL certificate and modern TLS support, which is a critical security concern. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanisms. Overall, the business demonstrates strong credibility and trustworthiness, but the security posture requires urgent improvement to protect user data and maintain compliance.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

M

Malmö Designer Village

malmodesignervillage.com

0

Malmö Designer Village is a premium retail outlet project positioned as the largest outlet in Scandinavia and the first premium outlet village serving the Greater Copenhagen region. The business model focuses on offering discounted fashion and lifestyle brands to residents and tourists in the Malmö and Copenhagen area. The website is built on the Squarespace platform, featuring professional design and clear navigation but lacks a valid SSL certificate, resulting in no HTTPS support. This is a critical security shortfall. The site includes a contact form for inquiries but does not provide explicit email addresses or phone numbers. Privacy compliance is minimal, with a basic privacy policy page but no cookie consent mechanism. Social media presence is limited to LinkedIn. Overall, the site demonstrates moderate digital maturity but requires significant security improvements to protect user data and build trust.

P

PEIQ

peiq.de

0

PEIQ is a medium-sized German company specializing in cloud-based publishing software solutions tailored for the DACH region's media industry. Their product portfolio includes automated newspaper production (PEIQ PRINT), a digital editor for multi-channel content creation (PEIQ CREATE), and a proprietary CMS platform (PEIQ PORTAL). The company holds a strong market position, serving major newspapers and media groups, with a significant share of newspaper circulation produced using their systems. Technically, the website employs modern JavaScript frameworks and responsive design, but lacks a valid SSL certificate, which is a critical security concern. The site includes cookie consent mechanisms and basic privacy compliance but lacks visible security policies or incident response contacts. Overall, the business demonstrates professionalism and trustworthiness, though the absence of HTTPS significantly impacts security posture and user trust.

The website consol-software.at currently presents only a minimal placeholder page with the title 'HTTP only' and the text 'HTTP only. Redirect?'. There is no meaningful content, metadata, or business information available on the site. The domain is registered but lacks any DNS records, including A, AAAA, MX, or NS records, which indicates the domain is not properly configured for web or email services. The SSL/TLS configuration is absent or invalid, with no supported TLS protocols and no valid certificate, resulting in no HTTPS support despite the presence of an HSTS header. This severely impacts the security posture and trustworthiness of the site. Technically, the site is hosted on an Apache server but lacks modern web technologies, frameworks, or CMS platforms. Performance data is unavailable, and the site is not optimized for mobile or accessibility. No analytics, advertising, or tracking technologies are detected. Security headers are partially present but ineffective due to the lack of HTTPS. No privacy, cookie, or terms of service policies are found, and no contact or business information is provided. From a security perspective, the absence of HTTPS and DNS records, combined with minimal content, suggests the site is either inactive, under development, or abandoned. There are no indications of WAF or security challenge blocking access. The overall risk is high due to poor security configuration and lack of transparency. Strategic recommendations include obtaining a valid SSL certificate, properly configuring DNS records, and publishing meaningful content and policies to improve trust and compliance.

W

webcapital

quli.nl

0

Quli.nl is a Dutch digital health platform offering a Personal Health Environment (PGO) that centralizes users' healthcare data, enabling better management and communication with healthcare providers. The platform targets patients, caregivers, healthcare organizations, and patient groups, positioning itself as a leader in digital accessibility and personal health data management in the Netherlands. The website is built on WordPress with modern web technologies and integrates Google Analytics and Tag Manager for analytics and marketing purposes. Security headers are properly configured; however, the absence of a valid SSL certificate and HTTPS implementation is a critical vulnerability that significantly impacts the site's security posture. Privacy policies and cookie consent mechanisms are well implemented and GDPR compliant. Overall, the site demonstrates good content quality and business credibility but requires urgent improvements in SSL/TLS configuration to ensure secure user interactions.

T

The AES Corporation

lightingsimplified.com

0

Miami Valley Lighting, a division of The AES Corporation, specializes in providing comprehensive outdoor lighting solutions including street lighting, parking lot and security lighting, decorative lighting, and customized solutions primarily serving West Central Ohio. The company positions itself as a regional leader with a focus on safety, security, energy savings, and responsive maintenance services. The website is built on Drupal 10 with modern front-end technologies and integrates multiple analytics and marketing tools, indicating a mature digital infrastructure. However, the absence of a valid SSL certificate and disabled TLS protocols represent significant security vulnerabilities that undermine user trust and data protection. Privacy and cookie policies are present but basic, and no explicit security or incident response policies are published. Overall, the website demonstrates good content quality and business credibility but requires urgent security improvements to meet modern standards.

N

Netz Burgenland GmbH

netzburgenland.at

0

Netz Burgenland GmbH operates as a regional energy network operator in Burgenland, Austria, providing reliable electricity and gas distribution services. The company emphasizes customer service and offers a range of services including smart metering, energy communities, and infrastructure support. The website reflects a professional and well-structured digital presence, leveraging modern technologies such as Next.js and React, hosted on AWS infrastructure. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. While contact information and business legitimacy are clearly established, privacy compliance could be improved by implementing cookie consent mechanisms and publishing security policies. Overall, the site is content-rich and trustworthy but requires urgent security enhancements to protect user data and maintain trust.

N

NewMotoAsset GmbH

drivebeem.at

0

drivebeem is an Austrian company specializing in electric vehicle subscriptions, offering all-inclusive monthly plans that cover vehicle costs, insurance, maintenance, and charging solutions. The company targets both private customers and businesses, providing flexible subscription durations and additional services such as wallbox installations and photovoltaic energy solutions. The website is professionally designed with clear navigation and comprehensive content, including detailed FAQs and legal documentation. Technically, the site uses modern frameworks like Next.js and React, with content managed via a WordPress headless CMS. However, the website lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Security headers are partially implemented, but critical TLS protocols and certificate transparency are missing. Privacy compliance is generally good with a clear privacy policy, though no cookie consent mechanism was detected. Contact information is clearly presented, enhancing business credibility. Overall, the site is functional and informative but requires urgent security improvements to protect user data and build trust.

S

SONNENABO

sonnenabo.at

0

SonnenAbo is a regional energy service provider based in Austria offering local solar power subscriptions through community photovoltaic parks. The business model focuses on enabling residents to access renewable energy without upfront investment, promoting sustainability and energy community membership. The website is professionally designed using modern web technologies such as Next.js and hosted on AWS infrastructure. However, the site lacks a valid SSL certificate and does not enforce HTTPS, which is a critical security vulnerability. Additionally, no cookie consent mechanism is present despite the use of Google Tag Manager, indicating partial privacy compliance. Contact information is available primarily as a physical address and contact page, but no direct emails or phone numbers are exposed. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

F

Fanclub Burgenland Energieunabhängig

fcbe.at

0

Fanclub Burgenland Energieunabhängig is a regional energy community initiative based in Burgenland, Austria, focused on promoting renewable energy usage through wind and solar power. The organization offers membership benefits including access to renewable energy at attractive prices, participation in regional energy projects, and digital services to support energy independence. The website is well-designed, content-rich, and targets residents, businesses, and municipalities interested in sustainable energy solutions. Technically, the site uses modern web frameworks such as Next.js and is hosted on AWS infrastructure, but suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support. Privacy compliance is strong with a comprehensive GDPR-aligned privacy policy and explicit data processing consents in forms. Contact information is clearly provided, enhancing business credibility. However, the lack of cookie consent mechanisms and security headers reduces the overall security posture. Strategic improvements in SSL deployment and security best practices are recommended to enhance trust and compliance.

T

The AES Corporation

aespanama.com

0

AES Panama is a regional branch of The AES Corporation, a large multinational energy company focused on accelerating the future of energy through sustainable and innovative solutions. The website targets energy consumers, business clients, investors, and community partners primarily in Panama and other global markets. The company emphasizes community investment, sustainability, and advanced energy technologies. Technically, the website is built on Drupal 10 with modern frontend libraries and integrates multiple analytics and marketing tools. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS support despite security headers and policies being in place. Privacy and cookie policies are present and indicate some GDPR compliance, but no explicit incident response or security policy pages were found. The domain registration data is consistent and trustworthy, with no signs of suspicious activity. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

A

A1 Telekom Austria AG

befunkt.at

0

BE.funkt is a telecommunications service provider offering affordable mobile and internet tariffs primarily targeting consumers in Austria. The business operates as a joint project between Burgenland Energie and A1 Telekom Austria AG, leveraging the A1 network to provide 5G mobile services, eSIM options, and hardware sales such as smartphones and 5G webcubes. The website presents a professional and consistent brand image with clear navigation and relevant content tailored to its target audience. Technically, the site uses modern frontend technologies including Bootstrap, jQuery, and Swiper.js, ensuring good mobile optimization and user experience. However, the absence of a valid SSL/TLS certificate is a critical security flaw, exposing users to insecure connections. The site implements a cookie consent modal indicating some privacy compliance efforts, but lacks a visible privacy policy page and security policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and trust.

T

The AES Corporation

aes-ohio.com

0

AES Ohio operates as a regional energy utility under The AES Corporation, providing electricity services and customer support to residential and commercial customers in Ohio. The website offers comprehensive information on energy supply options, billing, outages, safety, and sustainability initiatives. It leverages modern web technologies including Drupal 10 CMS and integrates multiple third-party analytics and marketing tools to enhance user engagement and service delivery. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the site's security posture, exposing users to potential risks. Privacy and cookie policies are well-established, indicating a commitment to compliance and user data protection. Overall, the site presents a professional and content-rich experience but requires urgent security improvements to align with best practices.

T

The AES Corporation

aesindiana.com

0

AES Indiana is a large regional energy provider operating under The AES Corporation, focused on delivering electric utility services to residential and business customers in Indiana. The website offers comprehensive information on billing, outages, energy saving, and company initiatives, reflecting a mature business model with significant investments in infrastructure and digital transformation. Technically, the site is built on Drupal 10 with modern frontend libraries and integrates multiple analytics and marketing tools, indicating a high level of digital maturity. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to potential risks. While security headers and content security policies are implemented, critical gaps remain in SSL configuration and incident response transparency. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and enhance compliance.

A

AES El Salvador

aes-elsalvador.com

0

AES El Salvador operates as a major energy provider in El Salvador, offering electricity distribution, generation, and energy solutions. The website reflects a well-established corporate entity with a broad service portfolio and strong community engagement. The technical infrastructure is modern, leveraging Drupal 10 CMS and multiple JavaScript libraries for enhanced user experience and analytics. However, the absence of a valid SSL certificate is a critical security gap, undermining the site's HTTPS security and potentially affecting user trust. Privacy and cookie policies are comprehensive and GDPR compliant, supporting good privacy practices. Overall, the site is professional and content-rich but requires urgent security improvements to meet modern standards.

S

Storebrand

storebrand.se

0

Storebrand is a well-established Nordic financial services group specializing in pensions, insurance, and asset management. With a history dating back to 1767 and assets under management exceeding 1,400 billion NOK, it holds a leading market position in Norway and the broader Nordic region. The website reflects a mature business with clear branding, comprehensive service offerings, and a focus on sustainability. Technically, the site uses modern frameworks such as Blazor and integrates with Salesforce and various analytics and marketing tools, indicating a high level of digital maturity. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy compliance is strong, with clear cookie and privacy policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

T

The AES Corporation

aesdominicana.com

0

AES Dominicana is a regional subsidiary of The AES Corporation, focused on accelerating the future of energy through sustainable and innovative solutions in the Dominican Republic. The website presents a professional corporate image with comprehensive content about their products, sustainability initiatives, community partnerships, and investor relations. Technically, the site is built on Drupal 10 with modern frontend libraries and integrates multiple analytics and marketing tools. However, a critical security issue is the absence of a valid SSL certificate and HTTPS, which severely impacts the security posture. The site implements strong security headers and content security policies but lacks advanced SSL/TLS configurations and DNS security features. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the site is credible and professionally maintained but requires urgent security improvements to protect user data and trust.

A

Casa | AES Colombia | AES Colombia

aescol.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 1 critical issues require immediate attention. Total of 21 security findings identified across all modules.

A

AES Chile

aeschile.com

0

AES Chile operates as a major energy company focused on accelerating the future of energy through sustainable and innovative solutions. The company emphasizes renewable energy, advanced energy networks, energy storage, and community partnerships. The website reflects a strong corporate presence with comprehensive content, clear navigation, and consistent branding. Technically, the site is built on Drupal 10 with modern frontend technologies and integrates multiple analytics and marketing tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts the security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the site presents a professional and trustworthy image but requires urgent security improvements to protect users and data.

T

The AES Corporation

aesbulgaria.com

0

AES Bulgaria operates as a regional branch of The AES Corporation, a global energy company focused on accelerating the future of energy through sustainable and innovative solutions. The website presents a professional corporate image emphasizing clean energy, sustainability, community partnerships, and employee engagement. The technical infrastructure is based on Drupal 10 CMS with modern frontend libraries and integrations with multiple analytics and marketing tools, indicating a mature digital presence. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. The site implements strong security headers and content security policies but lacks visible incident response or vulnerability disclosure information. Overall, the domain registration data aligns well with the corporate identity, supporting legitimacy. Strategic improvements in SSL deployment and security practices are recommended to enhance trust and compliance.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

M

MSD Tiergesundheit Österreich

msd-tiergesundheit.at

0

MSD Tiergesundheit Österreich operates as a prominent veterinary pharmaceutical provider in Austria, offering a broad range of veterinary medicines and vaccines. The website serves multiple target audiences including veterinarians and animal owners, providing product information, news, and educational resources. The business is part of the global Merck & Co., Inc. group, indicating a strong market position and established brand presence. The site features professional design, consistent branding, and comprehensive content tailored to the veterinary healthcare sector. Technically, the website is built on WordPress VIP with modern SEO and analytics integrations, but suffers from critical SSL/TLS deficiencies that undermine security and trust. Security headers are well implemented, but the absence of a valid SSL certificate and HTTPS support is a major vulnerability. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates good digital maturity but requires urgent security improvements to protect user data and maintain credibility.

L

LexisNexis

compliance-praxis.at

0

Compliance Praxis is Austria's largest compliance network providing comprehensive information media, partner networks, and events to support professionals in the expanding field of compliance. The website is professionally designed, content-rich, and targets compliance officers, legal experts, and organizations interested in compliance and ESG topics within Austria. Technically, the site runs on Gentics CMS with nginx server and integrates modern marketing and analytics tools such as Google Tag Manager and Mailchimp. However, the absence of a valid SSL certificate and HTTPS configuration represents a significant security vulnerability. Privacy and cookie policies are well implemented and GDPR compliant. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and trust.

F

Fluidtime Data Services GmbH

fluidlife.app

0

FluidLife is a German-language SaaS platform focused on corporate mobility and resource management, helping companies achieve sustainability goals through modular tools including routing, ride sharing, CO2 reporting, and employee motivation. The website is professionally designed with comprehensive content and clear navigation, targeting companies, municipalities, and NGOs primarily in Austria and German-speaking regions. Technically, the site is built on WordPress with modern SEO and analytics integrations but lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. Privacy compliance is well addressed with cookie consent mechanisms and detailed privacy policies. Contact information and business details are clearly presented, enhancing credibility. However, the absence of HTTPS and modern security headers significantly lowers the security posture and overall trust score. Strategic improvements in SSL deployment and security hardening are essential to elevate the site's security and user trust.

B

Boxcar

boxcar.com

0

Boxcar is a regional transportation company specializing in commuter bus services and complementary local services such as grill cleaning, knife sharpening, and auto detailing. The company targets commuters in the New Jersey and New York City metropolitan area, offering reserved seating, Wi-Fi, and other amenities to enhance the commuting experience. The website presents a professional and consistent brand image with clear service offerings and customer testimonials, positioning Boxcar as a trusted local transportation provider. Technically, the website is built on the Webflow platform, leveraging modern frontend technologies including jQuery and Google Fonts, and is hosted behind Cloudflare. While the site is mobile-optimized and well-structured, performance data is missing, and the SSL/TLS configuration is critically deficient, lacking a valid certificate and modern protocol support. This represents a significant security risk. From a security perspective, the absence of HTTPS and TLS protocols severely undermines the site's security posture, exposing users to potential data interception and undermining trust. Although privacy and terms of service policies are present and comprehensive, the lack of a cookie consent mechanism despite active tracking scripts indicates partial privacy compliance. Contact information is clearly provided, supporting business credibility. Overall, Boxcar's website demonstrates good content quality and business credibility but suffers from critical security shortcomings that must be addressed urgently to protect user data and maintain trust. Strategic improvements in SSL/TLS deployment and privacy compliance will significantly enhance the site's security and compliance posture.

I

Interlink

interlink.mr

0

Interlink is a medium-sized technology company based in Mauritania, specializing in AI-powered digital solutions for businesses and government institutions. With 15 years of experience, they offer services in e-governance, e-health, software development, messaging, geolocation, and cybersecurity. The website is built on modern technologies like Next.js and React, providing a professional and user-friendly experience. However, technical issues such as missing DNS records and an invalid SSL certificate undermine the security posture. No privacy or cookie policies are present, indicating compliance gaps. Contact information is clearly provided, supporting business credibility. Overall, the site demonstrates solid business presence but requires urgent security and technical improvements.

M

Mediaprint Zeitungs- und Zeitschriftenverlag Gesellschaft m.b.H. & Co KG

mediaprint.at

0

Mediaprint Zeitungs- und Zeitschriftenverlag Gesellschaft m.b.H. & Co KG is a leading Austrian media company operating prominent brands such as Kronen Zeitung and KURIER. The company offers a broad range of media-related services including corporate publishing, printing, logistics, marketing, and subscription management, positioning itself as a market leader in Austria's media sector. The website reflects a professional and consistent brand image targeting both consumers and business clients within Austria. Technically, the site employs modern frontend technologies such as Bootstrap, jQuery, FontAwesome Pro, and integrates Google Tag Manager and Didomi for analytics and consent management. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the site demonstrates good content quality and business credibility but requires urgent security improvements to meet modern standards.

R

RE.COMM

recomm.eu

0

RE.COMM operates a professional real estate leaders summit event in Austria, targeting top managers and decision makers in the real estate sector. The website serves as an information and registration platform for the annual summit scheduled for November 2025. The company positions itself as a leading think tank and networking forum within the real estate industry. Technically, the website is built on WordPress with Elementor and several plugins for SEO, multilingual support, and GDPR compliance. However, the site suffers from critical security issues including an invalid or missing SSL certificate and lack of HTTPS enforcement, which significantly impacts user trust and security posture. The DNS configuration appears incomplete or misconfigured, lacking essential A/AAAA records and DNSSEC, which raises concerns about domain management. Privacy and cookie policies are well implemented, and social media presence is active. Overall, the site is professionally designed but requires urgent technical and security improvements to ensure trustworthiness and compliance.

B

Backslash

backslash.com

0

Backslash is a cultural intelligence unit operating within the Omnicom Advertising Group, providing strategic insights through a combination of data, journalism, and cultural analysis. The website serves as a platform to share reports, documentaries, and newsletters targeted primarily at advertising professionals and agencies within the Omnicom ecosystem. Technically, the site is built on WordPress, hosted on WP Engine, and utilizes Cloudflare CDN along with several marketing and analytics tools such as Google Analytics and OneTrust for cookie consent. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. Security headers are partially implemented, but the lack of encryption and modern TLS protocols is a major vulnerability. Privacy compliance is basic, with a cookie consent mechanism present but no comprehensive GDPR-aligned privacy policy detected. Business credibility is supported by the affiliation with Omnicom and professional content, but contact information is limited to a newsletter signup form without direct emails or phone numbers. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

T

TBWA

tbwacannes.com

0

TBWA at Cannes is a professionally designed website serving as a showcase for the global TBWA Collective's creative work at the Cannes Lions Festival of Creativity. The site features a broad portfolio of advertising campaigns from various TBWA offices worldwide, targeting advertising professionals and festival attendees. Technically, the site is built on WordPress, hosted on WP Engine with Cloudflare CDN, and uses modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and OneTrust for cookie consent. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS support, which significantly undermines its security posture. Additionally, the lack of DNS records is unusual and may indicate configuration issues. Privacy compliance is partially addressed through cookie consent, but no privacy policy or terms of service pages were found. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements.

RCSRD d.o.o. is a Serbia-based technology company specializing in open-source software solutions, technical support, development, and education. Founded in 2007 through partnerships with industry leaders such as Red Hat and IBM, RCSRD serves a broad Southeast European market with enterprise-grade open-source products and services. The company maintains a medium-sized international team and subsidiaries in Vienna and Katowice, positioning itself as a regional leader in open-source innovation. Technically, the website is built on the Bitrix CMS platform, utilizing modern web technologies including jQuery, Bootstrap, and OwlCarousel. Google Tag Manager is employed for analytics and tracking. The site is mobile-optimized with good navigation and professional design, though accessibility and SEO optimizations are basic. Performance metrics are unavailable. From a security perspective, the website lacks HTTPS and SSL/TLS encryption, representing a critical vulnerability. While some security headers are present, the absence of encryption and modern TLS protocols significantly reduces the security posture. No privacy or cookie policies are found, indicating compliance gaps with GDPR and related regulations. Contact information is clearly provided, enhancing business credibility. Overall, the website demonstrates solid business credibility and content quality but suffers from critical security and privacy compliance issues. Strategic improvements in SSL implementation, privacy policy publication, and security best practices are recommended to enhance trust and protect user data.

SLOS is an enterprise software company specializing in open-source based software platforms designed for stability, security, and performance. Their product suite includes enterprise, virtualization, middleware, storage, cloud, application, container, and automation platforms targeting modern business needs. The company operates primarily from Serbia with subsidiaries in Vienna and Katowice. Technically, the website is built on Bitrix Site Manager CMS with common web technologies like jQuery and Bootstrap, but lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented but overall security posture is weak due to missing HTTPS and DNS security features. The website lacks privacy and cookie policies, impacting compliance and user trust. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security and compliance improvements.

H

HOYER GmbH

hoyer-anniversary.com

0

HOYER GmbH is a well-established international transportation and logistics company celebrating its 75th anniversary. The website serves primarily as a corporate milestone showcase with multimedia content and links to official corporate resources. The technical infrastructure is based on TYPO3 CMS running on an Apache server, with embedded video content and integration of Usercentrics for consent management scripts. However, the website lacks a valid SSL certificate, which critically impacts its security posture. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly reduces the site's security score. Privacy compliance is moderate with a privacy policy present but no cookie consent mechanism detected. Business credibility is supported by consistent branding and official social media presence, though direct contact information is missing on the landing page. Overall, the site is functional but requires urgent security improvements to meet modern standards.