Security Directory

A

ASN CONCEPTS GmbH & Co. KG

asn-concepts.de

0

ASN Concepts is a medium-sized service provider specializing in facility management, cleaning, and hotel services primarily in Germany and Austria. The company targets commercial and hospitality clients, offering specialized cleaning and facility management solutions. The website reflects a regional service provider with a moderate market position and a client base including notable hotels and wellness centers. Technically, the website uses a custom PHP backend with common frontend libraries such as Bootstrap and jQuery, but suffers from slow performance and basic mobile optimization. Security posture is weak due to the absence of HTTPS and valid SSL certificates, lack of security headers, and missing incident response information. Privacy compliance is basic with a cookie consent banner and a privacy policy page, but no explicit GDPR compliance statements. Overall, the website is functional but requires significant improvements in security and technical modernization to enhance trust and compliance.

G

GVO Personal GmbH

gvo-personal.de

0

GVO Personal GmbH operates as a personnel service provider specializing in staffing and job placement within the hospitality sector, including gastronomy, hotellerie, aviation, and event services. The company maintains a strong regional presence with approximately 50 locations across Germany and Austria, targeting both job seekers and corporate clients. Their business model focuses on flexible employment solutions such as temporary staffing and personnel leasing, supported by a professional and content-rich website that effectively communicates their offerings and brand identity. Technically, the website is built on Drupal 8 and incorporates modern front-end libraries such as Swiper.js and Font Awesome, alongside Google Tag Manager and Klaro for consent management. However, the site lacks a valid SSL certificate and does not support any TLS protocols, which is a critical security deficiency. Performance metrics are not available, but the site demonstrates good mobile optimization and SEO practices. From a security perspective, the absence of HTTPS and TLS protocols significantly undermines the site's security posture, exposing users to potential risks. While some security headers like Content-Security-Policy and X-Content-Type-Options are present, the lack of HSTS, OCSP stapling, and session resumption further weakens defenses. Privacy compliance is well addressed with comprehensive policies and a consent mechanism, reflecting GDPR adherence. Overall, the site presents a professional business front with good content and privacy practices but suffers from critical security shortcomings that must be addressed urgently to protect user data and maintain trust. Strategic improvements in SSL/TLS implementation and enhanced security configurations are recommended to elevate the site's security maturity and compliance standing.

S

SILVERLINE

silverline24.de

0

Silverline24.de is a German-based manufacturer and retailer specializing in kitchen appliances, particularly kitchen ventilation products such as wall-mounted hoods, island hoods, cooktop extractors, and related accessories. The company holds a recognized market position supported by industry awards like the Plus X Award for Fachhandelsmarke des Jahres 2020 and membership in the Arbeitsgemeinschaft Die Moderne Küche e.V. (AMK). Their website targets kitchen appliance buyers, retailers, and partners primarily in Germany and Europe, offering detailed product information, customer service, and partner portals. Technically, the website is built on WordPress with WooCommerce and uses modern plugins for SEO, cookie consent, and performance optimization. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. Other security best practices such as HSTS, DMARC, DNSSEC, and security headers are missing or not configured. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

T

TENTE International GmbH

tente.com

0

TENTE International GmbH is a well-established manufacturer of high-quality castors and wheels, with a history spanning over 100 years. The company serves a broad range of industries including automotive, healthcare, logistics, and retail, offering both standard and custom mobility solutions. Their global presence is supported by localized websites and a comprehensive product catalog. Technically, the website is built on Shopware 6, leveraging modern web technologies and third-party services such as Usercentrics for consent management and Google Analytics for tracking. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. Despite this, the site implements several security headers and privacy policies that align with GDPR requirements. Overall, the business credibility and website quality are high, but immediate remediation of the SSL issue is essential to protect user data and maintain trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 14 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website for boder-partner.de represents a small, locally focused business led by Managing Director Reinhard Boder, based in Schwabhausen, Germany. The site provides basic contact information but lacks detailed business descriptions or service listings, indicating a modest online presence. The technical infrastructure is minimal and outdated, with no modern CMS or frameworks detected, and the site is hosted on kundenserver.de. Critically, the website lacks HTTPS support and a valid SSL certificate, exposing visitors to security risks and undermining trust. No privacy or cookie policies are present, indicating non-compliance with GDPR and related privacy regulations. Overall, the site is functional but basic, with significant room for improvement in security, compliance, and user experience.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 14 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

U

USU GmbH

usu.de

0

USU GmbH is a well-established enterprise technology company headquartered in Germany, specializing in IT service management, software asset management, knowledge management, cloud management, and digital consulting solutions. The company targets large enterprises and organizations seeking to optimize their IT landscapes and customer service experiences through AI-powered tools and services. USU maintains a strong market position supported by a comprehensive product portfolio, global customer base, and industry recognitions. Technically, the website is built on Drupal 10 with a modern tech stack including jQuery and various marketing and analytics integrations. The site is well-optimized for mobile and SEO, providing excellent user experience and navigation. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of TLS support, which significantly impacts the security posture. Privacy policies and cookie consent mechanisms are present and appear GDPR compliant, supporting the company's commitment to data protection. Overall, USU demonstrates high business credibility and professionalism but must urgently address its SSL/TLS configuration to ensure secure communications and maintain trust.

W

WeRetail GmbH

weretail.com

0

WeRetail GmbH is a small German-based company specializing in integrated travel retail and cross-border e-commerce solutions targeting Chinese tourists and customers. Their services include enabling businesses to accept mobile payments via Alipay and WeChat Pay, providing POS solutions with table reservation and menu pre-ordering, and offering cross-border logistics and VAT refund services. The company leverages popular Chinese social media platforms such as WeChat and Xiaohongshu for marketing and customer engagement. Technically, the website is built on WordPress using the Enfold theme and Avia framework, hosted likely on AWS infrastructure. While the site is well-structured and content-rich, it suffers from a critical lack of HTTPS, which severely impacts its security posture. Cookie consent mechanisms are implemented, but Google Analytics is installed without active configuration. Contact information is clearly provided, enhancing business credibility.

biolution GmbH is a specialized scientific consulting and visualization company serving the life sciences sector with over 20 years of experience. Their services include scientific consulting, 3D visualizations, grant and funding support, project management, coaching, workshops, and media design. The company targets researchers and organizations in the life sciences domain, positioning itself as a niche expert with a professional online presence. Technically, the website is built on WordPress with modern plugins like Elementor and WooCommerce, hosted on a LiteSpeed server by mysecurecloudhost.com. While the site has good SEO and structured data, it lacks a valid SSL certificate, which is a critical security gap. Privacy compliance is well addressed with iubenda cookie and privacy policies, including consent mechanisms. Social media integration is strong, enhancing trust and engagement. Security posture is weak due to missing HTTPS and lack of advanced security headers, exposing the site to potential risks. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

V

VESCON GmbH (now SCIO Automation GmbH)

vescon.com

0

VESCON GmbH, now operating as SCIO Automation GmbH, is a medium-sized engineering and automation service provider founded in 1993 and based in Germany. The company specializes in delivering tailored Industry 4.0 solutions across sectors including manufacturing, energy, and water treatment. As part of the international SCIO Automation group, VESCON leverages extensive expertise and partnerships to support smart factory initiatives. The website is professionally designed, content-rich, and well-structured, targeting industrial clients and OEMs. Technically, the site uses TYPO3 CMS and includes modern web technologies but lacks a valid SSL certificate and HTTPS support, which is a critical security deficiency. Security posture is strengthened by TISAX certification, reflecting a commitment to information security, although the absence of HTTPS and modern TLS protocols significantly lowers the security score. Privacy compliance is good, with a clear privacy policy and cookie consent mechanism. Overall, the site is trustworthy and professional but urgently needs to address SSL/TLS issues to improve security and user trust.

Zahnwerkstatt Selz is a small local dental workshop based in Germany, currently operating a website that is under construction. The site provides minimal information, primarily contact details including a phone number and an email address. The business appears to target local dental patients, offering dental care and workshop services. The website's market position is that of a small local dental practice with limited digital presence. Technically, the website is hosted on an Apache server with static HTML and CSS, lacking modern web technologies or CMS platforms. Performance and mobile optimization are poor, and the site lacks accessibility and SEO best practices. Critically, the website does not have a valid SSL/TLS certificate, serving content over HTTP only, which severely impacts security and trust. From a security perspective, the absence of HTTPS, security headers, and privacy policies indicates a low security posture. No vulnerabilities such as malware or phishing were detected, but the lack of basic security controls and compliance measures is a significant concern. The WHOIS data is consistent with a legitimate small business domain registration, with no suspicious patterns. Overall, the website presents a high risk due to lack of encryption and privacy compliance, minimal content, and poor technical implementation. Strategic improvements are necessary to enhance security, privacy, and user trust before the site can be considered professional or reliable.

The Sigmund Freud PrivatUniversität Berlin is a private European university accredited under Austrian law, offering a range of degree programs primarily in psychology, psychotherapy, media, digital journalism, and related fields. The institution targets students and professionals seeking academic and continuing education in these disciplines, positioning itself as a specialized private university with a European footprint. The website reflects a professional and well-structured digital presence, leveraging WordPress CMS and common web technologies, with good content quality and clear navigation tailored for its academic audience. Technically, the website uses Apache hosting on a Hetzner IP, with WordPress and several JavaScript libraries including jQuery and Turbolinks. SEO and accessibility features are adequately implemented, though performance data is unavailable. However, a critical security shortfall is the absence of a valid SSL certificate and HTTPS support, which severely impacts the site's security posture and user trust. Cookie consent mechanisms and GDPR compliance indicators are present, reflecting attention to privacy regulations. Security-wise, the lack of HTTPS and modern TLS protocols, absence of HSTS, and missing security headers expose the site to potential risks. No incident response or security policies are publicly documented. WHOIS data aligns well with the university's identity, showing consistent registration and no privacy protection, supporting legitimacy. Overall, while the website excels in content and business credibility, urgent improvements in security infrastructure are necessary to protect users and enhance trust. Strategic recommendations include immediate SSL deployment, enabling security headers, and enhancing incident response visibility.

fischerAppelt AG is a leading German content marketing and PR agency, offering a wide range of marketing and communication services to strong brands across various industries globally. The company maintains a professional and well-structured website with rich multimedia content and clear navigation, targeting businesses seeking comprehensive marketing solutions. Technically, the website is built on modern frameworks such as Next.js and served via Apache, but it suffers from a critical security issue due to an invalid or missing SSL certificate, which undermines secure HTTPS connections. Privacy and cookie policies are well implemented and GDPR compliant, reflecting a mature approach to data protection. Overall, the site demonstrates high professionalism and trustworthiness, though the SSL issue requires urgent remediation to improve security posture and user trust.

experts, a brand under the I.K. Hofmann GmbH group, is a leading HR service provider in Germany specializing in the placement of skilled and managerial personnel. The company operates an extensive network of locations and offers a broad range of services including personnel leasing, recruitment, freelancer services, RPO, interim management, and career coaching. The website is professionally designed and targets both job seekers and companies looking for qualified staff. Technically, the site is built on TYPO3 CMS and uses modern JavaScript libraries and analytics tools, but suffers from critical SSL/TLS configuration issues that undermine security. The absence of a valid SSL certificate and disabled HTTPS protocols represent significant vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the business is credible and well-positioned in the HR sector, but the security posture requires urgent improvement to protect user data and trust.

U

UNIVERSAL Eisen und Stahl GmbH

universal-stahl.com

0

UNIVERSAL Eisen und Stahl GmbH is a German medium-sized full-service steel trading company specializing in heavy plates and advanced processing services. It operates as part of the Salzgitter AG group, leveraging a large inventory and extensive logistics capabilities to serve industrial clients across Europe. The company emphasizes sustainability and quality, certified under ISO 9001, and promotes innovative green steel production initiatives such as SALCOS®. Technically, the website is built on TYPO3 CMS and uses Matomo for analytics, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and HTTPS support. Security headers are partially implemented, but modern TLS protocols and HSTS are missing, exposing the site to risks. Privacy compliance is well addressed with cookie consent and GDPR-aligned policies. Overall, the business is credible and professionally presented, but the lack of HTTPS significantly undermines security posture.

G

Grünenthal

grunenthal.com

0

Grünenthal is a globally recognized pharmaceutical company specializing in pain management and related diseases. The company operates with a strong focus on innovation, patient support, and corporate responsibility, positioning itself as a leader in its sector. The website reflects a mature digital presence with comprehensive content targeting healthcare professionals, patients, partners, and investors. Technically, the site uses modern tools such as Matomo analytics and consent management but suffers from a critical lack of valid SSL/TLS configuration, which undermines its security posture. Despite this, privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent security improvements to protect user data and maintain credibility.

B

BEWOTEC GmbH

bewotec.de

0

BEWOTEC GmbH is a German-based technology company specializing in software solutions for travel agencies and tour operators. Their product suite includes myJACK, a comprehensive travel agency software, DaVinci for tour operators, and dynamic packaging tools like flexStore and OTDS Player. The company has a strong market presence in the German-speaking travel industry, with a history dating back to 1988. Technically, the website is built on WordPress with modern plugins and tools, offering good content quality and user experience. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR. Overall, the site is professional and trustworthy but requires urgent security improvements to enable HTTPS and enhance protection.

B

Blue Tomato

blue-tomato.com

0

Blue Tomato is a well-established European e-commerce and retail company specializing in boardsport and lifestyle products including snowboarding, skateboarding, surfing, freeski, and streetwear. With over 30 years of experience and more than 70 physical shops across Europe, the company offers a comprehensive product range from over 500 brands, supported by community engagement and specialized services such as snowboard schools and rental shops. The website is professionally designed, highly localized, and optimized for performance and user experience across devices. Technically, the website employs modern web technologies including React and Preact frameworks, utilizes Cloudflare for hosting and security, and integrates advanced analytics and consent management tools. The site demonstrates good SEO and accessibility practices, ensuring broad reach and compliance with relevant regulations. From a security perspective, the site uses a valid SSL certificate but lacks modern TLS protocol support and some security headers like HSTS and OCSP stapling. No critical vulnerabilities were detected, but improvements are recommended to enhance security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, Blue Tomato presents a low-risk profile with strong business credibility, good technical infrastructure, and adequate security measures. Strategic recommendations include enhancing SSL/TLS configurations, enabling additional security headers, and implementing domain protection locks to further secure the domain registration.

S

Sto SE & Co. KGaA

sto.com

0

Sto SE & Co. KGaA is a global enterprise specializing in facade systems, insulation, acoustic surfaces, and floor coatings with over 50 years of industry experience. The company targets architects, builders, and developers seeking sustainable and aesthetic building solutions. Their website reflects a mature digital presence with comprehensive content, localized contacts, and professional branding. Technically, the site uses a custom Sto framework with modern JavaScript and CSS but lacks a valid SSL certificate, resulting in insecure HTTP connections and a weak security posture. Privacy and cookie policies are well implemented with consent mechanisms, and marketing tools like Salesforce Marketing Cloud and Usercentrics CMP are integrated. Security headers are configured but undermined by missing HTTPS. Overall, the site is professional and trustworthy but requires urgent SSL/TLS implementation to improve security and user trust.

D

DACHSER

dachser.com

0

DACHSER is a well-established global logistics provider with a strong market position and comprehensive service offerings across multiple transport and warehouse networks. The website reflects a mature digital presence with multilingual support, rich content, and clear corporate governance and compliance information. Technically, the site uses modern tracking and consent management technologies but suffers from critical SSL certificate issues that undermine its security posture. Security headers and policies are well implemented, but the lack of valid HTTPS and modern TLS protocols is a significant risk. Overall, the site is professional and trustworthy but requires urgent remediation of SSL and TLS configurations to ensure secure user interactions and maintain compliance. Strategic recommendations include fixing SSL certificates, enabling modern TLS, and enhancing security mechanisms such as OCSP stapling and session resumption.

M

mac. brand spaces GmbH

mac.de

0

mac. brand spaces GmbH is a medium-sized company specializing in sustainable and innovative brand space design and live communication services. They offer comprehensive full-service solutions for events, trade shows, roadshows, and digital live communication, targeting businesses seeking to create immersive brand experiences. The company has an international presence with offices in Germany, China, Singapore, and Austria, emphasizing sustainability as a core value. Technically, the website is built using modern web technologies including React, Gatsby, and Chakra UI, hosted on Netlify. The site demonstrates excellent performance, mobile optimization, and accessibility. SEO practices are well implemented with proper meta tags and structured data. From a security perspective, the site enforces HTTPS with strong security headers such as HSTS, X-Frame-Options, and X-Content-Type-Options. OCSP stapling is enabled, and no vulnerabilities or exposed sensitive data were detected. However, improvements such as enabling HSTS for subdomains and DNSSEC could further enhance security. Overall, the website presents a professional and trustworthy digital presence with good privacy compliance, including GDPR-aligned cookie consent and privacy policies. The company provides clear contact information and maintains active social media channels, supporting strong business credibility.

F

Forstbaumschulen Stingel

forstbaumschule-stingel.de

0

Forstbaumschulen Stingel is a small forestry business based in Germany specializing in forest plants, forest protection materials, and comprehensive forestry services such as seed harvesting, planting, fencing, and forest maintenance. The company holds several certifications and memberships that support its market credibility. The website is built on WordPress with WooCommerce, indicating a moderate level of digital maturity with e-commerce capabilities. The site includes GDPR-compliant cookie consent mechanisms and a comprehensive privacy policy, reflecting good privacy practices. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness, exposing users to potential data interception risks. The lack of advanced security headers and incident response information further highlights areas for improvement. Overall, the website provides good content quality and business information but requires urgent security enhancements to protect user data and improve trust.

S

SPAX International GmbH & Co. KG

spax.com

0

SPAX International GmbH & Co. KG is a well-established German manufacturer specializing in screws and fastening technology, producing large volumes daily for a global market. Their website reflects a mature digital presence with comprehensive product information, multilingual support, and digital tools for professionals in construction and woodworking. The company demonstrates strong branding consistency and trust indicators including certifications and detailed contact information. Technically, the site is built on Adobe Experience Manager with modern marketing and consent management tools, offering good user experience and SEO optimization. However, a critical security issue exists due to an invalid or missing SSL certificate and lack of enabled TLS protocols, which significantly impacts the security posture. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the business credibility and content quality are high, but urgent remediation of SSL/TLS issues is recommended to ensure secure user interactions and maintain trust.

Xella International GmbH operates in the manufacturing and construction sectors, specializing in building materials and solutions. The company targets construction professionals and distributors, positioning itself as an established player in the industry. The website is built using Angular and hosted on Amazon Web Services, leveraging CloudFront and S3 for content delivery. However, the website content is minimal, primarily showing a loading preloader with no substantive content or metadata. Security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS, exposing the site to potential risks. Although security headers like Content Security Policy and HSTS are present, they are insufficient without proper SSL configuration. The site uses extensive third-party analytics and marketing tools, indicating a focus on user tracking and advertising, but lacks visible privacy or cookie policies, raising compliance concerns. Overall, the website's digital maturity is low, with significant gaps in security and privacy compliance.

T

TRUMPF SE + Co. KG

trumpf.com

0

TRUMPF SE + Co. KG is a leading high-tech manufacturing company specializing in machine tools, laser technology, electronics, and Industry 4.0 solutions. Established in 1923 and headquartered in Germany, the company serves industrial clients globally with a comprehensive portfolio of products and services including machines, lasers, software, and financial services. The website reflects a mature enterprise with professional design, clear navigation, and rich content targeting manufacturing professionals and technology buyers. Technically, the website is built on TYPO3 CMS with modern JavaScript frameworks and lazy loading techniques, hosted likely on Microsoft Azure infrastructure. It demonstrates good mobile optimization, accessibility, and SEO practices. However, the absence of a valid SSL certificate and HTTPS support is a significant security gap despite the presence of security headers and HSTS directives. Security posture is moderate with key headers implemented but critical issues due to lack of SSL/TLS encryption, which exposes users to risks and undermines trust. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Business credibility is high with verified contact information, corporate transparency, and trust signals such as customer success stories and social media presence. Overall, the website is professional and content-rich but requires urgent remediation of SSL/TLS to improve security and user trust.

K

KaVo Dental

kavo.com

0

KaVo Dental is a well-established manufacturer of dental devices and instruments with over 110 years of history, serving dentists and dental technicians worldwide. The company offers a broad portfolio including treatment units, handpieces, and laboratory equipment, positioning itself as a pioneer and innovator in the dental healthcare sector. The website reflects a professional and comprehensive digital presence with multiple language support and rich content tailored to dental professionals. Technically, the site is built on Drupal 10 with modern web technologies, providing good user experience and SEO optimization. However, the security posture is weakened by the absence of a valid SSL certificate and proper HTTPS configuration, which is a critical issue that must be addressed to protect user data and maintain trust. Privacy and cookie policies are present and appear compliant with GDPR standards. Overall, the site demonstrates strong business credibility and professionalism but requires urgent security improvements.

Deutsche Lufthansa AG operates a comprehensive airline website offering flight booking and travel management services to a global audience. The site reflects Lufthansa's position as a leading international airline with a broad network and premium service offerings. The technical infrastructure leverages modern web technologies including Adobe Helix, Maui Design System, and Akamai CDN, ensuring a responsive and accessible user experience. While the website is rich in content and professionally designed, the SSL certificate is currently invalid, which poses a security risk. Security headers are well implemented, but the absence of a cookie consent mechanism indicates partial privacy compliance. Overall, the site demonstrates a mature digital presence with room for improvement in security and privacy practices.

C

Checkdomain GmbH

usp-d.com

0

The website usp-d.com is currently a parked domain managed by Checkdomain GmbH, a German domain registrar and web hosting provider. The site content is minimal, serving primarily as a placeholder with promotional information about Checkdomain's services such as domain registration, web hosting, SSL certificates, and a homepage builder. The target audience includes individuals and businesses seeking domain and hosting services in Germany and Europe. The business model is straightforward, focusing on domain and hosting sales with a medium-sized company profile. Technically, the site runs on an outdated nginx 1.6.2 server and uses an old version of jQuery (1.4.2). There is no SSL certificate installed, resulting in no HTTPS support, which is a significant security shortfall. The site lacks modern security headers and DNS security features such as DNSSEC and CAA records. Performance data is unavailable, but the lack of optimization and outdated tech suggests slow loading and basic mobile responsiveness. From a security perspective, the absence of HTTPS and security headers, combined with no privacy or cookie policies, indicates a low security posture. No incident response or vulnerability disclosure information is present. The WHOIS data confirms the domain is legitimately registered without privacy protection, consistent with the parking status. There are no signs of malicious activity or suspicious domains linked. Overall, the site scores low on content quality, technical implementation, security, and privacy compliance due to its parked status and lack of active content or security measures. Strategic recommendations include implementing HTTPS with a valid SSL certificate, updating server software, adding security headers, and publishing privacy and cookie policies to improve trust and compliance.

The Würth Group is a globally recognized leader in the manufacturing and distribution of assembly and fastening materials, operating over 400 companies in 80 countries with more than 2,800 branches. Their website reflects a mature digital presence with comprehensive corporate information, career opportunities, and sustainability initiatives targeting B2B customers and industrial partners. Technically, the site employs modern frameworks such as Bootstrap and integrates advanced analytics via Piwik PRO, ensuring a responsive and user-friendly experience. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which poses risks to data confidentiality and user trust. Privacy and cookie policies are well implemented, demonstrating GDPR compliance. Overall, the site is professional and trustworthy but requires urgent SSL remediation to enhance security.

A

AVANSA International GmbH

avansa.eu

0

AVANSA International GmbH is a consulting and training company specializing in sales training, leadership development, and change management consulting. The company targets businesses across various sectors including banking, insurance, pharma, medtech, industry, and trade, aiming to foster sustainable growth and measurable performance improvements. Their business model focuses on delivering tailored training and coaching services to enhance leadership and sales capabilities. Technically, the website is built on WordPress with modern plugins such as Elementor and WP Rocket, hosted on Hostpoint AG infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support and exposing users to potential risks. The site implements cookie consent and uses Google Analytics for tracking, indicating moderate privacy compliance. Overall, the website is professionally designed with rich content and clear navigation, but the lack of HTTPS significantly impacts its security posture and trustworthiness.

D

Dipl.-Kfm. Michael Schröder, Steuerberater Berlin

steuerschroeder.de

0

Steuerschroeder.de is a comprehensive German tax advisory website operated by Dipl.-Kfm. Michael Schröder, a tax consultant based in Berlin. The site offers extensive tax-related content, including detailed explanations, tax calculators, downloadable forms, and online consultation services targeting private individuals, freelancers, and small to medium enterprises in Germany. The business positions itself as a knowledgeable and experienced tax advisory service with over 30 years of expertise. Technically, the website is built on a custom PHP platform using Bootstrap 4 and jQuery, hosted likely by Strato, and integrates Google Tag Manager, Google Analytics, and Google Adsense for marketing and analytics. However, the site lacks a valid SSL certificate, resulting in no HTTPS, which is a critical security flaw. Additionally, no explicit privacy or cookie policies are found despite the use of tracking and advertising technologies, indicating compliance gaps. The WHOIS data confirms the domain's legitimacy and consistency with the business claims, though domain protection measures are absent. Overall, the site provides rich, professional content but requires urgent security and privacy improvements to enhance trust and compliance.

P

POS Service Group

pos-sg.com

0

POS Service Group is a well-established service provider specializing in on-site repair and cleaning of upholstery, furniture, and related household items. With over 35 years of experience, the company holds a strong market position as a European leader in full-service on-site upholstery and furniture care, serving both private and business customers primarily in Germany and neighboring countries. Their key services include repair, cleaning, 3D laser measurement, and burglary protection, supported by a network of service technicians across multiple countries. Technically, the website uses modern front-end technologies and is mobile-optimized, but suffers from a critical lack of valid SSL/TLS certification, which severely impacts security posture. Security headers are present but cannot compensate for the absence of HTTPS. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is high, supported by certifications and professional content. Overall, the website is functional and professional but urgently needs to address SSL/TLS issues to improve security and trust.

U

Unitedprint SE

unitedprint.com

0

Unitedprint SE operates as a major European web-to-print service provider, offering a range of print-related services including web-to-print shops, print material supply, and production partnerships. The company maintains multiple brands and portals targeting print industry professionals and businesses seeking print solutions. The website is built on WordPress with a modern theme and multilingual support, reflecting a mature digital presence. However, the technical infrastructure lacks a valid SSL certificate, which impacts security and user trust. Security posture is basic with no advanced headers or HTTPS enforcement, and privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is functional and professional but requires improvements in security and privacy to meet modern standards.

ING-DiBa AG operates as a leading digital and universal bank in Germany, serving over 9 million customers with a broad portfolio including checking accounts, loans, mortgages, savings, investments, and insurance products. The website reflects a mature digital presence with modern web technologies such as Lit and web components, supported by a proprietary CMS and hosted on a Microsoft Azure/Akamai infrastructure. The site is well-structured, mobile-optimized, and rich in content, including comprehensive privacy and cookie policies, and clear contact information. However, the security posture is weakened by a critical failure in SSL/TLS configuration, with no valid certificate and no TLS protocols enabled, which poses a significant risk to user trust and data security. Despite strong security headers and privacy compliance, these SSL issues must be urgently addressed. Overall, the site demonstrates high business credibility and professionalism but requires immediate remediation of its SSL/TLS setup to ensure secure user interactions.

J

Jacqueline Pehlemann

jacquelinepehlemann.de

0

Jacqueline Pehlemann is a small architecture and interior design office based in Berlin, specializing in residential and hospitality projects such as apartments and hotels. The website serves as a portfolio showcasing detailed project descriptions and high-quality images, targeting clients interested in bespoke architectural and interior design services. The business operates primarily through professional service offerings with a local market focus. Technically, the website is hosted on the Cargo platform, utilizing standard web technologies including HTML5, CSS3, JavaScript, and jQuery. However, the site lacks HTTPS support, which is a critical security deficiency. Security headers are minimal, and no advanced DNS security features like DNSSEC or CAA are implemented. Privacy compliance is weak, with no cookie consent mechanisms and only a basic privacy policy page found. Contact information is not explicitly provided on the site, which may hinder user trust and engagement. Overall, the site demonstrates good content quality and professional design but requires significant improvements in security and privacy to meet modern standards.

A

Artaneon

artaneon.com

0

Artaneon is a small German-based company specializing in coaching and consulting services that help businesses integrate artificial intelligence into their marketing strategies. The website is hosted on WordPress.com and uses modern WordPress technologies such as Gutenberg and Jetpack. The content is well-structured and relevant, targeting marketing professionals interested in AI tools and techniques. However, the site lacks critical security configurations such as a valid SSL certificate and HTTPS enforcement, which significantly impacts its security posture. Privacy and cookie policies are absent, indicating compliance gaps with GDPR and related regulations. Social media presence is strong, providing trust signals and engagement channels. Overall, the business demonstrates a good level of digital maturity but requires urgent improvements in security and privacy compliance to enhance trust and protect users.

STADA is a leading German pharmaceutical company specializing in high-quality medicines, including consumer healthcare products, generics, and specialty pharmaceuticals. The company holds a strong market position as the fourth largest consumer healthcare company in Europe and is recognized as a Top Employer in Germany. Their website reflects a professional and comprehensive digital presence targeting consumers, healthcare professionals, and partners. Technically, the site uses modern JavaScript libraries, consent management tools, and is built on the Umbraco CMS platform. However, the website suffers from a critical security issue: the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines user trust and security. Performance is also suboptimal with slow load times and a large page size. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is high with detailed contact information and consistent WHOIS data. Overall, while the business and content quality are excellent, the security posture requires urgent improvement to protect users and maintain trust.

R

Roomle GmbH

roomle.com

0

Roomle GmbH operates a sophisticated 3D commerce platform named Rubens, specializing in product personalization, room designing, and augmented reality visualization. The company targets furniture manufacturers, retailers, and other industries seeking to enhance their e-commerce offerings with interactive 3D configurators and AR experiences. The platform integrates with e-commerce and ERP/CRM systems, providing a seamless customer experience and boosting sales. Technically, the website leverages modern web technologies including Vue.js, Storyblok CMS, and Google Cloud hosting, with performance and mobile optimization rated good. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, severely impacting the security posture. Privacy and cookie policies are present and GDPR compliant, but incident response and vulnerability disclosure mechanisms are lacking. Overall, Roomle presents a professional and trustworthy business with strong market positioning but must urgently address its SSL/TLS deficiencies to ensure secure user interactions.

Siltronic AG is a globally recognized leader in the manufacturing of hyperpure silicon wafers, serving major semiconductor manufacturers worldwide. The company operates production sites across Asia, Europe, and the USA, emphasizing quality, precision, and innovation. Their business model focuses on supplying essential silicon wafers for the semiconductor industry, positioning them as a key player in technology manufacturing. The website reflects a professional corporate presence with comprehensive investor relations and career information, targeting industry professionals, investors, and potential employees. Technically, the website is built on TYPO3 CMS and hosted via Amazon CloudFront, integrating modern tools such as Google Tag Manager and FriendlyCaptcha. The site is well-structured, mobile-optimized, and includes a GDPR-compliant cookie consent mechanism. However, the absence of a valid SSL certificate critically undermines the security posture, exposing users to risks and limiting the effectiveness of security headers. From a security perspective, while several best practices are implemented, the lack of HTTPS and TLS support is a major vulnerability. No incident response or vulnerability disclosure information is provided, which could be improved to enhance trust and readiness. Overall, the site is professional and trustworthy in content but requires urgent security improvements to protect visitors and maintain compliance. Strategically, Siltronic should prioritize obtaining a valid SSL certificate and enabling modern TLS protocols to secure communications. Enhancing transparency around incident response and vulnerability disclosure would further strengthen their security culture and stakeholder confidence.

T

TDK Electronics AG

epcos.com

0

TDK Electronics AG, formerly EPCOS, is a mature and established enterprise specializing in the manufacturing and sales of electronic components, primarily serving industrial, automotive, and energy sectors. The company operates under the TDK Group umbrella, with a strong European presence and a comprehensive product catalog that includes capacitors, sensors, inductors, transformers, and more. Their website reflects a professional and well-structured digital presence, targeting engineers, distributors, and industrial clients with detailed product information and design support resources. Technically, the website employs modern analytics and marketing tools such as Piwik PRO, Google Tag Manager, and OneTrust for cookie consent, indicating a good level of digital maturity. However, the absence of a valid SSL/TLS certificate and HTTPS implementation significantly undermines the security posture, exposing users to potential risks. Despite this, the domain is mature, well-registered, and consistent with the business claims, enhancing overall trustworthiness. Strategic improvements in security infrastructure are recommended to align with industry best practices and regulatory compliance.

I

INFOMOTION GmbH

infomotion.de

0

INFOMOTION GmbH is a medium-sized German technology consulting company specializing in data performance, AI, and analytics services. With over 20 years of experience, it holds a strong market position as a leader in data-driven business transformation and consulting. The website reflects a professional and comprehensive digital presence, showcasing a broad range of services, partner integrations, and client testimonials. Technically, the site uses TYPO3 CMS, PHP 8.1, and nginx, with integrations for marketing and consent management such as Google Tag Manager and Cookiebot. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, significantly impacting the security posture score. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and professionally maintained but requires urgent security improvements to protect user data and enhance trust.

H

Helvetia Versicherungen

helvetia.de

0

Helvetia Versicherungen is a well-established insurance provider in Germany offering a broad range of insurance and pension products for private and corporate customers. The company emphasizes customer service, sustainability, and innovative insurance solutions, supported by over 160 years of experience. The website is professionally designed, content-rich, and targets German-speaking customers with clear navigation and comprehensive service information. Technically, the site uses Adobe Experience Manager CMS and Cloudflare for DNS and CDN services, with Adobe DTM for marketing analytics. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Security headers are properly configured, but the lack of HTTPS and modern TLS protocols is a major vulnerability. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR compliance is evident. Business credibility is high, supported by awards and customer reviews. Overall, the site is trustworthy but urgently needs to address its SSL/TLS configuration to ensure secure user interactions.

D

DIS AG

dis-ag.com

0

DIS AG is a leading personnel placement and recruitment company operating primarily in Germany and Austria, with a strong market position supported by over 90 branches and a parent company, The Adecco Group. The website provides comprehensive information about their services, including temporary employment, personnel placement, and training programs, targeting job seekers and companies. Technically, the site uses modern JavaScript libraries and consent management tools but suffers from a lack of valid SSL/TLS configuration, impacting security posture. Privacy compliance is well implemented with clear cookie and privacy policies. Overall, the site is professional and trustworthy but requires urgent improvements in security infrastructure to protect user data and enhance trust.

C

CubeServ Group

cubeserv.com

0

CubeServ Group is a well-established consulting company specializing in SAP Business Intelligence, Advanced Analytics, and Business Analytics solutions. With over 21 years of domain presence and more than 5,000 analytics projects, CubeServ holds a strong market position in the technology sector, particularly focusing on SAP products and services. Their offerings include business analytics platforms, SAP analytics products, software development, and application management services, targeting companies seeking to leverage SAP for data-driven decision making. The website is professionally designed, content-rich, and well-structured, supporting a positive user experience and clear navigation. Technically, the site uses WordPress with Elementor and various modern plugins, hosted likely on AWS infrastructure. However, a critical security gap exists due to the absence of HTTPS/SSL, which significantly impacts the security posture and trustworthiness. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Overall, CubeServ demonstrates strong business credibility but must urgently address the lack of SSL to improve security and user trust.

W

Wellington Partners

wellington-partners.com

0

Wellington Partners is a well-established European venture capital firm specializing in early- and growth-stage life science companies. Founded in 1998 and based in Germany, the company focuses on investing in innovative healthcare technologies and supporting entrepreneurs in the life sciences sector. The website reflects a professional and content-rich platform targeting startups, investors, and partners within the European life science ecosystem. Technically, the site is built on WordPress with a modern theme and common plugins, but suffers from a critical lack of HTTPS, which severely impacts its security posture. While privacy and cookie policies are comprehensive and GDPR compliant, the absence of SSL/TLS encryption is a major vulnerability. Contact options are primarily via a contact form and LinkedIn, with no direct email or phone contacts publicly listed. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

H

H World International

deutschehospitality.com

0

H World International is a large hospitality group operating multiple hotel brands with a focus on cultural diversity, tradition, and sustainable growth. The company targets hotel guests, business partners, franchisees, and job seekers, offering hotel accommodation, franchising, business travel, and development services. The website is professionally designed with clear navigation and good content relevance, supporting the company's market position as an established international hospitality group. Technically, the site uses standard web technologies and is hosted on Amazon AWS, but lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Security headers are partially implemented, but the absence of TLS protocols and HSTS reduces the site's security posture significantly. Privacy compliance is supported by a comprehensive privacy policy, but no cookie consent mechanism is present. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and maintain trust.

H

HARTING Technology Group

harting.com

0

HARTING Technology Group is a globally recognized leader in industrial connectivity solutions, serving sectors such as manufacturing, energy, transportation, and automation. The company offers a broad portfolio of connectors and related products, emphasizing innovation, quality, and regional manufacturing capabilities. Their website reflects a mature digital presence with comprehensive content and professional design, targeting industrial engineers and businesses. Technically, the site leverages modern frameworks like Angular and Contentful CMS, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with clear policies and consent management. Security posture is weak due to missing SSL and security headers, exposing the site to potential risks. Overall, the business credibility is high, supported by a long domain history and consistent WHOIS data. Strategic improvements in security and performance are recommended to enhance trust and compliance.

D

Dr. Thomas Schneider

dr-thomas-schneider.com

0

Dr. Thomas Schneider operates a specialized medical practice focused on prevention, sports medicine, occupational and traffic medicine in Lauf a.d.P., Germany. The website presents a comprehensive range of healthcare services targeting health-conscious individuals, athletes, and local businesses. The practice emphasizes holistic health coaching, orthomolecular medicine, and complementary therapies such as acupuncture and chiropractic care. Technically, the site is built on TYPO3 CMS with common JavaScript libraries like jQuery and Slick Carousel, hosted likely by Ionos. However, the website suffers from critical security shortcomings, notably the absence of HTTPS and a valid SSL certificate, exposing visitors to potential risks. Privacy compliance is minimal, with no cookie consent mechanisms or detailed GDPR indicators. Overall, the site is professionally designed and content-rich but requires urgent security and privacy improvements to meet modern standards.

P

prentner engineering & consulting

prentner-ec.com

0

Prentner engineering & consulting is a small German-based engineering consultancy specializing in product development, design, FEM/MKS calculations, tooling technology, automation, assembly technology, and project management services. The company targets businesses requiring specialized engineering and consulting support in manufacturing and product innovation. Their website is built on WordPress with common plugins and provides content primarily in German with English alternatives. The site includes a cookie consent mechanism and a privacy policy, demonstrating GDPR compliance awareness. However, the absence of HTTPS is a critical security shortfall that undermines user trust and data protection. Technically, the website uses PHP 7.2.34 on an nginx server hosted by tele.net. The site employs popular WordPress plugins such as WPBakery Page Builder, LayerSlider, Contact Form 7, and Complianz GDPR. Performance data is missing or indicates slow loading, and SEO and accessibility optimizations are basic. Mobile optimization is good, and navigation is clear and professional. From a security perspective, the lack of SSL/TLS encryption is the most significant vulnerability, exposing users to potential data interception. No advanced security headers or incident response policies are found. Cookie consent is implemented properly, but no explicit security or incident response contacts are provided. WHOIS data aligns well with the website's business claims, indicating legitimacy. Overall, the website is functional and professional in content and design but requires urgent security improvements, especially enabling HTTPS and enhancing security headers. Privacy compliance is adequate, but business credibility could be improved by adding direct contact information and certifications.