Security Directory

RUD Gruppe is a well-established German manufacturing company specializing in chain systems and components for diverse industrial applications including lifting, securing, and transportation. With a history spanning approximately 140 years, the company operates globally and offers a broad product portfolio including lifting chains, securing devices, conveyor and drive technology, and specialized military and forestry chains. The website reflects a mature digital presence with multilingual support and structured navigation, powered by TYPO3 CMS and enhanced with caching and Google Tag Manager for analytics. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS configuration, exposing users to potential risks. Privacy policies and terms of service are present and comprehensive, supporting GDPR compliance, though cookie consent mechanisms are lacking. Social media integration is robust, enhancing brand trust and engagement.

fab it Consulting GmbH is a small German company specializing in IT consulting and software development services tailored for the financial industry. Established in 1995, the company focuses on delivering market-oriented software solutions, particularly in interface and API development for front-, middle-, and back-office financial systems. Their target audience includes banks, insurance companies, investment firms, and financial departments of large industrial enterprises. The website content is professional and relevant, reflecting a niche market position with a clear business model centered on B2B IT services in finance. Technically, the website uses an older technology stack including Apache server, Bootstrap 3, and jQuery 3.1.1. The site lacks modern performance optimizations and accessibility features, and the absence of HTTPS severely impacts security and trust. The website is accessible without WAF or blocking mechanisms, but it lacks critical security configurations such as SSL/TLS, HSTS, and security headers. There is no evidence of privacy or cookie policies, GDPR compliance indicators, or contact emails and phone numbers, limiting user trust and regulatory compliance. From a security perspective, the site is at high risk due to the lack of HTTPS and modern security headers. DNS records show no DNSSEC or CAA records, and the SSL certificate is invalid or missing. No incident response or security policies are published. The WHOIS data aligns well with the business claims, showing consistent registration and legitimacy. Overall, the website scores low on security and privacy compliance, moderate on business credibility, and good on content quality. Strategic recommendations include immediate implementation of HTTPS with a valid certificate, addition of security headers, publication of privacy and cookie policies to meet GDPR requirements, and enhancement of contact information transparency. These steps will improve trust, security posture, and regulatory compliance, supporting the company’s professional image and business growth.

The website visit-ucds.de is currently inaccessible beyond a Cloudflare security challenge page, which blocks access to any substantive content. This prevents a full assessment of the business, its services, or compliance posture. The domain is registered and uses Cloudflare for protection, but the SSL certificate is invalid or missing, resulting in no HTTPS support. The site lacks any visible privacy, cookie, or terms of service policies, and no contact information or business details are provided. Technically, the site uses Cloudflare's security and analytics services but fails to deliver meaningful content or user experience. Security headers are well configured, but the absence of valid SSL is a critical vulnerability. Overall, the site scores very low on content quality, privacy compliance, and business credibility due to the blocking and lack of information.

K

KAEFER SE & Co. KG

kaefer.com

0

KAEFER SE & Co. KG is a global industrial services company specializing in technical services such as insulation, access solutions, surface protection, fire protection, and electrical/mechanical services. With over 33,000 employees and a presence in more than 150 cities across approximately 30 countries, KAEFER positions itself as a reliable partner for industrial plants, ships, and buildings worldwide. The website reflects a mature business with comprehensive service offerings and a strong emphasis on sustainability and innovation. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, WP Rocket, and Slider Revolution, providing a good user experience and SEO optimization. However, performance is moderate and accessibility is basic. Mobile optimization is good, and the site uses cookie consent management to comply with GDPR. From a security perspective, the site has implemented several important HTTP security headers and uses secure cookies. However, a critical issue is the absence of a valid SSL certificate and the lack of enabled TLS protocols, which severely impacts the security posture and user trust. This is a significant vulnerability that should be addressed immediately. Overall, the website is professional and trustworthy in content and business representation but requires urgent improvements in SSL/TLS configuration to ensure secure communications and protect user data.

L

Leifheit

leifheit.com

0

Leifheit is a well-established German retail company specializing in household and kitchen products, with a strong brand presence and a history of over 65 years. The website serves as an e-commerce platform built on Shopware 6, offering a wide range of products including cleaning tools, laundry drying solutions, and kitchen utensils. The site is professionally designed with good navigation, mobile optimization, and rich multimedia content, targeting household consumers seeking quality products. Technically, the site uses modern JavaScript libraries and integrates marketing and analytics tools such as Bazaarvoice, Klaviyo, and Google Tag Manager. However, a critical security gap exists as the website currently lacks a valid SSL/TLS certificate and does not enforce HTTPS, exposing users to potential risks. Security headers are partially implemented, but the absence of HTTPS severely impacts the overall security posture. Privacy and cookie policies are present and include consent mechanisms, indicating compliance with GDPR requirements. Contact information is available via a contact page, though no explicit emails or phone numbers are embedded in the HTML content. The domain registration and DNS records are consistent with the company's German origin and business claims, supporting legitimacy. Strategic recommendations include immediate implementation of HTTPS, enhancement of security policies, and improved incident response readiness to strengthen trust and compliance.

A

Ansorg GmbH

ansorg.com

0

Ansorg GmbH is a German-based expert company specializing in retail lighting solutions, offering innovative products, lighting planning, and sustainable concepts tailored for retail environments. The company operates under the parent company Trilux and targets retail businesses and professionals seeking high-quality lighting solutions. The website is built on TYPO3 CMS, uses Matomo for analytics, and integrates cookie consent mechanisms, reflecting a modern digital infrastructure. However, the lack of a valid SSL certificate and HTTPS implementation significantly weakens the security posture. Security headers are well configured, but the absence of TLS protocols and certificate transparency compliance are critical gaps. Overall, the website is professional, content-rich, and trustworthy but requires urgent SSL/TLS remediation to ensure secure communications and improve trust.

S

Senacor Technologies AG

senacor.com

0

Senacor Technologies AG is a leading German technology company specializing in business and IT transformation, digitalization, and custom software development, primarily serving large enterprises in the banking and automotive sectors. The website reflects a mature digital presence with professional branding, comprehensive content, and a clear focus on digital transformation services. Technically, the site is built on WordPress with modern SEO and cookie consent tools, but suffers from a critical security issue due to an invalid SSL certificate, resulting in no HTTPS protection. Security headers are well configured, but the lack of valid SSL undermines overall security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. The company maintains active social media channels and a dedicated job portal subdomain. Overall, the site is professional and trustworthy but requires urgent remediation of SSL issues to improve security and user trust.

Z

Zell Materials GmbH

zellamid.com

0

Zell Materials GmbH is a medium-sized manufacturing company specializing in engineering plastics, offering a range of products including general purpose materials, special performance materials, and high performance materials. The company operates primarily in the manufacturing sector and serves industrial and engineering clients. Their website provides product finders, material comparison tools, and a B2B webshop, indicating a mature digital presence tailored to professional customers. Technically, the website uses Apache server technology, ezPublish CMS, and includes JavaScript libraries such as jQuery and YUI. However, the absence of SSL/TLS encryption and DNS records significantly undermines the security posture and operational reliability of the domain. The site includes comprehensive privacy and cookie policies with consent mechanisms, reflecting good privacy compliance practices. Security headers are minimal, and no explicit security or incident response policies are published. Overall, the website is professionally designed with consistent branding but requires urgent security improvements to protect users and enhance trust.

T

Theater Regensburg

theaterregensburg.de

0

Theater Regensburg is a public theater institution located in Regensburg, Germany, offering a diverse range of cultural performances including music theater, dance, and plays. The website serves as a portal for event information, ticket sales, and community engagement, targeting local and regional audiences interested in cultural arts. The business operates primarily in the hospitality and cultural sector with a medium-sized organizational footprint. Technically, the website employs a modern frontend stack with libraries such as jQuery, Bootstrap, and Font Awesome, providing a good user experience and mobile optimization. However, the absence of a valid SSL certificate and missing DNS records represent significant technical and security shortcomings. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR. The site maintains active social media channels and provides clear contact information, enhancing business credibility. Overall, the website is functional and professional but requires urgent improvements in security infrastructure to protect user data and improve trust.

The website 'Das Viertel liefert' serves as a local food delivery platform targeting residents in Bremen, Germany. It aggregates various local restaurants offering diverse cuisines such as burgers, pasta, sushi, Italian pizza, and Syrian specialties. The business model focuses on online food ordering and delivery, leveraging third-party ordering platforms. The site content is basic but relevant, with a clear focus on local hospitality services. Technically, the website is minimalistic, using nginx as the server and Google Fonts for typography. There is no evidence of a CMS or advanced frameworks. The site lacks HTTPS, which is a critical security flaw, and no modern security headers or mechanisms are implemented. Performance metrics are unavailable, but the site appears to have basic mobile optimization and accessibility. From a security perspective, the absence of SSL/TLS encryption, security headers, and DNS security features exposes users to potential risks. No privacy or cookie policies are present, indicating non-compliance with GDPR. No contact or incident response information is provided, limiting trust and transparency. Overall, the website presents a low security posture and limited privacy compliance, which negatively impacts its trustworthiness and professional appearance. Strategic improvements in security, privacy policies, and contact transparency are recommended to enhance user trust and regulatory compliance.

Pelipal is a well-established German manufacturer and retailer specializing in high-quality bathroom furniture with a history spanning over 110 years. The company targets consumers and retail partners primarily in Germany, Austria, and Switzerland, offering a broad product range including mounted and customizable bathroom furniture, mirrors, and accessories. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site uses a traditional Apache server with jQuery and other JavaScript libraries, managed via the dialogperfect® CMS platform. However, the website lacks HTTPS support, which is a critical security shortfall. Security headers are minimal, and no advanced security policies or incident response information is provided. The cookie consent mechanism is implemented, indicating some privacy compliance efforts. WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Henry Mex's website serves as an informational platform for the artist's work as a composer, musician, and artistic director in the contemporary music scene. The site highlights upcoming and past events, projects, and compositions, targeting an audience interested in experimental and chamber music. The business model revolves around artistic promotion, event participation, and music education. Technically, the website is basic, relying on static HTML with embedded YouTube videos and hosted on an Apache server via Ionos. There is no evidence of modern CMS or advanced web technologies, and performance appears limited. Security posture is weak, with no valid SSL certificate or HTTPS support, exposing visitors to risks. Privacy compliance is minimal, lacking privacy or cookie policies and no user data collection mechanisms. Overall, the site is functional for informational purposes but requires significant improvements in security and compliance to meet modern standards.

Adjust GmbH operates a leading mobile measurement and analytics platform designed to accelerate app growth through comprehensive attribution, fraud prevention, and marketing automation solutions. The company targets app marketers and developers globally, offering a suite of products including Measure, Analyze, Engage, Recommend, Automate, and Protect. Hosting on Vercel with a modern Nuxt.js and Vue.js frontend, the website demonstrates strong digital maturity and internationalization with multiple language support. However, a critical security issue is present due to an invalid or missing SSL certificate, significantly impacting the security posture. While security headers are mostly configured, the lack of valid HTTPS undermines trust and data protection. Privacy policies are comprehensive and GDPR compliant, but no cookie consent mechanism was detected. Contact information is primarily via forms, with no explicit emails or phone numbers visible. Overall, the site is professional and content-rich, but urgent remediation of SSL issues is recommended to improve security and user trust.

E

Envases Öhringen GmbH

huber-packaging.com

0

Envases Öhringen GmbH is a well-established German manufacturer specializing in metal and plastic packaging solutions, with a strong global presence and leadership in the beverage packaging sector, particularly 5-liter party kegs. The company operates multiple sites worldwide and emphasizes sustainability and quality, supported by ISO certifications and a whistleblower system. The website is built on the Jimdo CMS platform, featuring good content quality, clear navigation, and a professional design tailored to industrial clients. However, the technical infrastructure shows weaknesses in SSL implementation, lacking a valid HTTPS certificate, which poses a significant security risk. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the business credibility is high, supported by consistent WHOIS data and comprehensive contact information.

H

HOT Microfluidics (fluidXlab)

fluidxlab.com

0

fluidXlab GmbH, formerly HOT Microfluidics, is a specialized technology company focused on advanced fluidic and laboratory services primarily serving the energy sector. Their offerings include microfluidic products, turnkey microfluidic technology platforms, and laboratory services supporting enhanced oil recovery, underground hydrogen storage, and carbon capture solutions. The company positions itself as a niche leader with a strong emphasis on innovation and compliance with high HSE standards. The website reflects a professional and consistent brand image, targeting energy companies and research institutions engaged in subsurface energy challenges. Technically, the website is built on WordPress with Elementor and employs modern web technologies and performance optimizations. However, the SSL certificate is currently invalid, which poses a critical security risk. The site includes GDPR-compliant privacy and cookie policies with a consent mechanism, and integrates marketing and analytics tools such as Google Tag Manager and LinkedIn Insight. Social media presence is active on LinkedIn, X (Twitter), and YouTube. Overall, the website demonstrates good business credibility and privacy compliance but requires urgent remediation of SSL issues to improve security posture.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 11 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

ConSol Consulting & Solutions Software GmbH is a medium-sized German IT service provider specializing in custom IT solutions and product solutions across the entire software lifecycle. The company has a strong market position with notable clients such as BMW Group, Union Investment, and Lidl, and holds ISO 9001 and ISO 27001 certifications. Their website is professionally designed, content-rich, and well-structured, targeting businesses seeking tailored IT and software services. Technically, the site is built on TYPO3 CMS with modern frontend frameworks and integrates multiple analytics and marketing tools. However, the current lack of a valid SSL certificate and absence of HTTPS support represent critical security vulnerabilities that must be addressed promptly. The security posture is otherwise supported by appropriate security headers but lacks advanced SSL/TLS configurations. Overall, the website demonstrates good privacy compliance with comprehensive cookie and privacy policies and consent mechanisms. Strategic improvements in SSL/TLS implementation and security configurations are recommended to enhance trust and security.

E

Eyemaxx Real Estate AG

eyemaxx.com

0

Eyemaxx Real Estate AG is an established real estate development company operating primarily in Germany and Austria, with over 20 years of market presence. The company focuses on residential, micro and student apartments, hotels, urban quarters, retail, and logistics properties. It is publicly listed on the Frankfurt and Vienna Stock Exchanges and issues bonds, indicating a mature business model targeting investors and real estate clients. The website reflects a professional corporate presence with good content quality and consistent branding. Technically, the site uses standard web technologies such as Apache, Bootstrap, and Google Analytics, but lacks a valid SSL certificate, which is a significant security concern. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols severely impacts the security posture. Privacy compliance is minimal, with a privacy policy present but no cookie consent mechanism despite tracking usage. Contact information is not explicitly provided on the homepage, which may affect user trust and engagement. Overall, the website is functional and professional but requires urgent improvements in security and privacy compliance to meet modern standards.

S

STAPPERT

stappert.biz

0

STAPPERT is a leading European stockholder and supplier of stainless steel long products and fittings, targeting industrial and business customers. The company emphasizes a comprehensive product range, quality, and customer-oriented service. The website is built on WordPress with professional SEO and multilingual support, indicating a mature digital presence. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to potential risks. Cookie consent is managed via a third-party tool, and contact forms are protected with reCAPTCHA, showing some privacy awareness. Overall, the site is functional and professional but requires urgent security improvements to protect data and build trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

D

daten-strom.Medical-IT-Services GmbH

datenstrom.net

0

daten-strom.Medical-IT-Services GmbH is a specialized small business focused on providing secure digital transformation services in the healthcare sector, including IT security, telematics, and data protection for medical and care facilities in Germany and Austria. Their website presents a professional image with comprehensive content targeting healthcare providers such as doctors, therapists, and care institutions. Technically, the site is built on the Contao CMS platform using common web technologies like jQuery and Revolution Slider, with good mobile optimization and user experience. However, the absence of HTTPS and valid SSL certificates represents a critical security vulnerability, exposing users to potential data interception risks. The website includes privacy and cookie policies with consent mechanisms, reflecting GDPR compliance efforts, but lacks explicit terms of service and security policy documentation. DNS records for the domain are missing, raising concerns about domain configuration and legitimacy. Overall, while the business content and presentation are solid, significant improvements in security infrastructure are urgently needed to protect sensitive healthcare data and enhance trust.

The website finanzamt-geilenkirchen.de serves as the official online presence of the Finanzamt Geilenkirchen, a regional tax office under the Oberfinanzdirektion Nordrhein-Westfalen in Germany. It provides comprehensive tax-related information, contact details, online services such as appointment booking and electronic tax declaration (ELSTER), and current news updates. The site targets residents and businesses in the Nordrhein-Westfalen region, offering clear navigation and well-structured content tailored to public service needs. Technically, the website is built on the Drupal CMS platform, utilizing modern web technologies including Apache server, Matomo analytics for user tracking, and a robust Content Security Policy. The site demonstrates good mobile optimization and accessibility features, ensuring usability across devices and for users with disabilities. However, the SSL/TLS configuration is critically flawed, with no valid certificate and no TLS protocols enabled, which undermines secure HTTPS access. From a security perspective, the site implements several best practices such as strict security headers (X-Frame-Options, X-Content-Type-Options, CSP), HSTS with preload directive, and referrer policies. Despite these, the lack of a valid SSL certificate and HTTPS support is a major vulnerability that must be addressed urgently to protect user data and maintain trust. Overall, the website is professional, trustworthy, and compliant with GDPR, featuring clear privacy and cookie policies with consent mechanisms. The business credibility is high given its government affiliation, but the security posture is currently weak due to SSL issues. Strategic recommendations include immediate remediation of SSL/TLS configuration, enhancement of session security features, and continuous monitoring of security compliance.

I

Institute of Microtraining

micro-training.com

0

Institute of Microtraining is a small-sized education technology company specializing in mobile learning solutions for corporate clients. Their core offering is a mobile learning app leveraging proprietary Microtraining® technology, complemented by content creation and training services. The company operates under the parent company duftner.digital, providing a full-service approach to mobile learning. The website is professionally designed with good content quality and clear navigation, targeting businesses seeking flexible and effective employee training solutions. Technical infrastructure is based on WordPress with common plugins and frameworks, hosted on a dedicated IP likely at Hetzner. However, the absence of HTTPS and valid SSL certificate is a critical security gap that undermines user trust and data protection. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Social media presence and video testimonials add trust signals. Overall, the site is functional but requires urgent security improvements to meet modern standards.

Z

zero

zero.de

0

zero.de is a German e-commerce website specializing in women's fashion, offering a wide range of clothing and accessories for leisure, business, and festive occasions. The brand emphasizes feminine, authentic, and sustainable fashion, targeting women who value quality and modern design. The website is professionally designed with clear navigation and good content relevance, supporting a medium-sized retail business model in Germany. Technically, the site runs on a Shopware platform with Apache and PHP backend, using various third-party marketing and analytics tools. However, the absence of a valid SSL certificate and HTTPS is a critical security flaw that undermines user trust and data protection. The site uses secure cookie flags but without HTTPS, limiting their effectiveness. No explicit security or incident response policies are found, indicating room for improvement in security governance. Overall, the website is functional and credible but requires urgent security enhancements to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 22 security findings identified across all modules.

F

Frankenberg-Metallrecycling GmbH

fmr.ag

0

Frankenberg-Metallrecycling GmbH is a well-established family-owned metal recycling company based in Germany, specializing in the recycling and trading of zinc, tin, lead, and other metals. With over 65 years of experience and a certified waste disposal status, the company serves industrial and commercial clients across Europe, offering sustainable recycling solutions and related services. The website reflects a medium-sized business with a clear focus on metal recycling and environmental compliance. Technically, the website runs on an Apache server with legacy JavaScript libraries such as jQuery 1.10.2 and includes Google Analytics for tracking. However, the absence of HTTPS and modern security headers significantly weakens the site's security posture. The site is basic in mobile optimization and accessibility, with no CMS or advanced frameworks detected. Performance metrics are unavailable, indicating potential monitoring gaps. From a security perspective, the lack of SSL/TLS encryption is a critical vulnerability, exposing users to data interception risks. No advanced security policies or incident response contacts are published, and cookie consent mechanisms are missing despite cookie usage. The domain registration data is consistent with the business claims, supporting legitimacy. Privacy policies exist but are basic, and GDPR compliance is implied but not explicitly detailed. Overall, the website is functional and professional but requires urgent security improvements, especially HTTPS implementation and enhanced privacy compliance. Strategic recommendations include upgrading security infrastructure, implementing cookie consent, modernizing the tech stack, and publishing clear security and incident response policies to build trust and compliance.

F

Fretello GmbH

fretello.com

0

Fretello GmbH operates a well-designed educational platform focused on step-by-step guitar lessons for beginners, supported by a mobile app available on iOS and Android. The company has established a strong market presence with over 700,000 users and notable endorsements from Apple and major media publishers. The website is professionally designed with clear navigation and consistent branding, targeting beginner guitar players seeking structured learning and interactive practice. Technically, the site uses modern frameworks such as Angular and Express, hosted on AWS CloudFront, and integrates marketing and tracking tools like Customer.io and Google Identity Services. However, a critical security gap exists due to the absence of HTTPS/SSL, exposing users to potential risks. Privacy policies and cookie consent mechanisms are in place and appear GDPR compliant, but no explicit security or incident response policies are published. Overall, the site demonstrates strong business credibility and user engagement but requires urgent security improvements to protect user data and trust.

A

accilium GmbH

accilium.com

0

accilium GmbH is a medium-sized management and strategy consultancy specializing in digital transformation within the mobility, energy, and public sectors. With over 130 consultants across multiple European offices, it holds a strong market position among the top consultancies in the German-speaking region. The company offers services including strategy and innovation, business transformation, data intelligence, and organizational consulting. The website is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital presence. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which poses risks to data confidentiality and user trust. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, accilium demonstrates strong business credibility and digital maturity but requires urgent improvements in SSL/TLS security to protect its users and enhance trust.

J

Jung Eco Building Solutions GmbH

jung-ingenieure.com

0

Jung Eco Building Solutions GmbH is a specialized engineering consultancy focused on climate engineering, green building design, and energy consulting primarily serving clients such as builders, planners, and architects in Germany. The company offers tailored energy and climate concepts, building envelope optimization, and certification services for sustainable buildings. Their market position is that of a niche player in the energy and sustainability sector with a small company size and a professional online presence. Technically, the website is built on WordPress with common libraries like Bootstrap and jQuery, but lacks HTTPS and modern security configurations, which is a significant risk. The absence of cookie consent mechanisms and incident response information indicates partial GDPR compliance. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

N

N26 SE

number26.de

0

N26 SE operates a leading mobile-first digital banking platform in Germany and Europe, offering a range of financial services including checking accounts, savings, investments, and a mobile telecom service branded as N26 SIM. The company holds a full banking license from BaFin, ensuring regulatory compliance and deposit protection up to 100,000 EUR. The website is professionally designed with excellent content quality and clear navigation, targeting consumers who prefer intuitive, app-based banking solutions. Technically, the site leverages modern web technologies such as React, Contentful CMS, and cloud hosting via AWS CloudFront, with integrated analytics and marketing tools like Datadog and Google Tag Manager. However, a critical security issue is the invalid SSL certificate and lack of modern TLS support, which undermines the security posture. Security headers and policies are well implemented, but SSL/TLS must be fixed to ensure trust and compliance. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. Overall, the site demonstrates strong business credibility and digital maturity but requires urgent SSL remediation to maintain security and user trust.

lautstark gmbh is a specialized below-the-line communications agency founded in 2003, focusing on live communication and brand experiences for premium clients including world brands and market leaders. The company positions itself as a creative activist agency delivering personalized, reliable, and impactful brand activations. The website reflects a professional and consistent brand image with comprehensive content and clear navigation targeting German-speaking audiences. Technically, the site is built on WordPress with Yootheme framework, hosted on Hetzner, and uses modern tools like Google reCAPTCHA and Matomo analytics. However, the absence of a valid SSL certificate and HTTPS is a critical security flaw that undermines user trust and data protection. Privacy compliance is well addressed with detailed policies and consent mechanisms. Overall, the business demonstrates strong market positioning but must urgently address security shortcomings to maintain credibility and protect user data.

D

DRK-Kreisverband Nordwestmecklenburg e. V.

drk-nwm.de

0

DRK-Kreisverband Nordwestmecklenburg e. V. is a regional non-profit organization providing a wide range of social, healthcare, emergency, and community services in the Nordwestmecklenburg area of Germany. The website serves as an information portal for their services, events, and engagement opportunities, targeting local residents, families, seniors, and volunteers. The organization is part of the larger Deutsches Rotes Kreuz network, emphasizing humanitarian aid and social support. Technically, the website is built on TYPO3 CMS and hosted by dt-internet.de, but it lacks a valid SSL certificate, which is a critical security shortfall. The site includes cookie consent mechanisms and uses Google Analytics with IP anonymization, indicating some privacy compliance efforts. However, the absence of HTTPS and modern security headers exposes the site to risks and undermines user trust. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect visitors and comply with best practices.

A

AFI Solutions GmbH

afi-solutions.com

0

AFI Solutions GmbH is a medium-sized German technology company specializing in SAP-integrated software solutions for automated document processing. As part of the SER Group, it holds a strong market position with over 800 customers worldwide and offers certified SAP Add-Ons that enhance Purchase-to-Pay and Order-to-Cash processes using advanced technologies like AI and RPA. The company provides full-service offerings including consulting, implementation, training, and support. Technically, the website is built on TYPO3 CMS and employs modern analytics and consent management tools, but lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes users to risks and undermines trust. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the website is professionally designed with clear navigation and strong branding, but the lack of HTTPS significantly impacts its security posture and overall trustworthiness.

G

Gesundheitscampus Wesel

mehrdrinalserwartet.de

0

Gesundheitscampus Wesel is a large healthcare organization based in Germany, providing a broad range of medical, nursing, and therapeutic services through an integrated campus model. The website reflects a professional and consistent brand focused on healthcare professionals and patients, emphasizing family-friendly work culture and digital transformation. Technically, the site is built on TYPO3 CMS with modern front-end frameworks and includes social media and analytics integrations. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to risks. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and privacy policy. Overall, the site is functional and professional but requires urgent security improvements to protect user data and trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 11 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

B

B+S Banksysteme AG

bs-ag.com

0

B+S Banksysteme AG is a German-based software manufacturer specializing in banking and financial services software solutions. With over 40 years of experience, the company serves a broad range of clients including traditional banks, fintechs, and neobanks primarily in the D-A-CH region. Their offerings include core banking applications, online and mobile banking, banking APIs, and modular banking services underpinned by a ZAG license. The company maintains a medium-sized presence with subsidiaries such as B+S Banksysteme Salzburg GmbH and emphasizes customer-centric service models like Banking as a Service. Technically, the website is built on WordPress with popular plugins such as WPBakery Page Builder and Slider Revolution. While the site is well-structured, SEO optimized, and mobile responsive, it suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support. The security headers are well configured, but the lack of TLS protocols and the presence of unsafe inline scripts reduce the overall security posture. From a security perspective, the site demonstrates good header policies and content security policies but critically lacks HTTPS, which exposes users to potential risks. No explicit security or incident response policies are published, and no vulnerability disclosure or security.txt files are present. Contact information is clearly provided, including multiple phone numbers, email addresses, and physical locations, supporting business credibility. Overall, the website presents a professional and trustworthy business front with strong market positioning in banking software. However, the lack of HTTPS significantly undermines security and trustworthiness, necessitating urgent remediation to protect user data and comply with modern security standards.

The website headstart-marketing.de is currently a reserved domain hosted by STRATO, displaying a placeholder page with no business content or services. The domain is registered with German name servers and has no active content or contact information, indicating it is not yet operational. Technically, the site is served over HTTP without a valid SSL certificate, lacking modern security protocols and headers, which poses significant security risks. There are no privacy or cookie policies, no forms, and no analytics or tracking technologies implemented. Overall, the site is in an initial state with minimal digital maturity and poor security posture. Strategic recommendations include obtaining a valid SSL certificate, implementing security headers, and publishing essential compliance documents before launching any business operations.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 18 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 15 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Website security analysis completed with a risk score of 40/100.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Eckes-Granini Group GmbH is a leading European manufacturer and provider of fruit juices and fruit-based beverages, operating as a family-owned business with a strong market position in Europe. The company emphasizes product quality, sustainability, and innovation in its offerings. The website reflects a professional digital presence with clear branding and comprehensive business information, targeting European consumers interested in healthy fruit beverages. Technically, the site uses modern frameworks such as Astro and a headless CMS (Storyblok), hosted on Microsoft Azure, with integration of Google Tag Manager for analytics and marketing. However, the website lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security vulnerability. Security headers are partially implemented but some important protections like X-XSS-Protection are disabled. Privacy and legal compliance are well addressed with dedicated pages and a cookie consent mechanism. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.