Security Directory

C

CP BAP

bankseminar.eu

0

CP BAP is a consulting company specializing in financial services and related sectors, offering tailored consulting, IT solutions, and blended learning services. The company positions itself as a trusted partner with a focus on sustainable success and regulatory compliance. The website is professionally designed with good content quality and SEO optimization, targeting financial institutions such as banks and IT service providers. Technically, the site is built on WordPress with Elementor and uses various plugins for search and cookie management. However, a critical security gap is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and enhance trust.

W

Weingut Michael Schroth

weingut-schroth.de

0

Weingut Michael Schroth is a small regional winery located in Grünstadt-Asselheim, Germany, specializing in a variety of wines including Winzersekt, Chardonnay, and Riesling. The website serves primarily as a digital presence showcasing the winery's offerings and regional identity. The business model focuses on wine production and sales targeted at wine consumers interested in the Pfalz region's specialties. Technically, the website uses basic HTML, CSS, JavaScript, and Adobe Typekit fonts, with jQuery for scripting. Hosting appears to be provided by Ionos, but the site suffers from slow load times and minimal mobile optimization. Security posture is weak, with no SSL/TLS certificate, no HTTPS, and absence of security headers or DNS security features. Privacy and compliance policies are missing, and no contact information is provided on the landing page, limiting user trust and regulatory compliance. Overall, the site is functional but lacks modern security and privacy standards, which poses risks to visitors and the business's credibility.

The website inaut.net is currently a parked domain managed by easyname GmbH, a domain parking and management service provider based in Germany. The site contains no active business content, serving only as a placeholder with links to easyname's main website and control panel for domain owners. The target audience is domain owners or potential buyers, and the business model revolves around domain parking services. The site is minimalistic with basic design and limited user engagement features. From a technical perspective, the site is hosted on an Apache server with no SSL/TLS certificate installed, resulting in HTTP-only access. The performance metrics indicate no measurable load time or resources, consistent with a simple parked page. The site lacks modern web technologies, frameworks, or CMS platforms and shows only basic mobile optimization and accessibility features. Security posture is weak due to the absence of HTTPS, lack of security headers beyond a minimal permissions policy, and no evidence of vulnerability management or incident response policies. The domain's WHOIS data is consistent with the parking service provider, showing no suspicious patterns or privacy protection. However, the lack of SSL/TLS and security best practices poses risks if the domain were to be used actively. Overall, the site scores low on content quality, technical implementation, security, privacy compliance, and business credibility due to its nature as a parked domain. Strategic recommendations include enabling HTTPS with a valid certificate, implementing comprehensive security headers, adding privacy and cookie policies if the domain becomes active, and improving content and user engagement to enhance trust and professionalism.

C

ConVista Consulting AG

convista.com

0

ConVista Consulting AG is a leading SAP and IT consulting firm based in Germany, specializing in digital transformation across multiple industries including insurance, energy, healthcare, and manufacturing. The company offers comprehensive end-to-end solutions, combining deep industry expertise with technological innovation. Their market position is strong, supported by multiple industry awards and certifications such as SAP Gold Partner and Great Place to Work recognitions. The website reflects a professional and well-branded presence targeting enterprise clients seeking SAP and IT consulting services. Technically, the website is built on WordPress with modern optimization tools like WP Rocket and uses a variety of JavaScript libraries including jQuery and Swiper.js. The site is mobile-optimized and accessible, with good SEO practices and structured data enhancing search visibility. However, the technical infrastructure shows weaknesses in security, notably the absence of a valid SSL certificate and lack of TLS protocol support, which critically undermines secure communications. Security posture is currently basic, with several HTTP security headers implemented but critical SSL/TLS deficiencies present. Privacy compliance is strong, with clear GDPR-aligned privacy and cookie policies and consent mechanisms in place. Contact information is transparent and comprehensive, including phone, email, physical address, and contact forms. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility. Strategically, the company should prioritize obtaining and maintaining a valid SSL certificate and enabling modern TLS protocols to secure all communications. Enhancing security best practices will improve trust and compliance, supporting their strong market position and client relationships.

M

MERKUR GAMING

merkur-gaming.com

0

MERKUR GAMING is an international sales and development brand under the German-based Gauselmann Group, specializing in gaming machines, linked progressive jackpots, and related gaming products. The website targets B2B clients in the gaming industry, offering a portfolio of games, cabinets, and linked solutions. The company maintains a consistent and professional brand presence with active social media channels and a corporate website featuring product showcases and news updates. Technically, the website uses a traditional Apache server with a variety of JavaScript libraries including jQuery and Bootstrap, and integrates a Usercentrics consent management platform along with Matomo analytics for privacy-conscious tracking. However, the site lacks HTTPS encryption, which is a critical security vulnerability. Security headers are partially implemented, but the absence of SSL/TLS severely impacts the security posture. Privacy compliance is supported by a cookie consent mechanism and a basic privacy policy, though no explicit security or incident response policies are found. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

B

BMTS Technology

bmts-technology.com

0

BMTS Technology is a medium-sized, globally active Tier 1 automotive supplier specializing in powertrain and clean mobility technologies including turbochargers, electric turbo systems, heat pump compressors, and fuel cell boosters. The company targets automotive manufacturers and suppliers focused on new energy vehicles and autonomous driving technologies. The website is built on WordPress with a modern tech stack including PHP 8.2 and popular plugins for SEO and multilingual support. However, the site lacks a valid SSL certificate, resulting in no HTTPS, which is a critical security vulnerability. Security headers and advanced security practices are minimal. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is primarily via a contact form with no direct emails or phone numbers visible. Overall, the site presents professional content and branding but requires urgent security improvements to protect user data and enhance trust.

R

rieg marketing

rieg-marketing.de

0

rieg marketing is a small German marketing consultancy specializing in creative marketing, communication, and promotional services primarily for the sporting goods, marine, and fashion industries. The company offers tailored marketing strategies, project management, public relations, promotions, and visual merchandising services. The website is built on WordPress and uses common plugins such as Contact Form 7 and Cookie Law Info for user interaction and compliance. While the website content is professional and well-structured, the technical infrastructure lacks a valid SSL certificate, resulting in no HTTPS support, which is a significant security concern. Cookie consent mechanisms and a privacy policy compliant with GDPR are present, indicating attention to privacy compliance. However, no incident response or security policy information is provided, and no terms of service page is found.

B

BORBET GmbH

borbet-austria.at

0

BORBET GmbH is a large, internationally oriented family-owned manufacturer specializing in aluminum alloy wheels for the automotive industry and specialist trade. The company offers a comprehensive product range including a 3D wheel configurator and operates both B2B and B2C sales channels. The website reflects a professional and consistent brand presence with clear navigation and relevant content targeting automotive customers and partners. Technically, the site uses a custom CMS with common JavaScript libraries but lacks modern SSL/TLS security, which is a critical vulnerability. Privacy compliance is well addressed with a cookie consent mechanism and clear privacy policy. Contact information and social media presence enhance business credibility. However, the absence of a valid SSL certificate and TLS protocols significantly undermines the security posture, exposing users to risks. Strategic improvements in SSL deployment and security best practices are urgently recommended.

E

Excellence AG

excellence.ag

0

Excellence AG is an international technology partner specializing in engineering and IT services with a strong focus on green technology and sustainability. The company operates multiple offices across Germany and the Netherlands, offering green tech job opportunities and supporting sustainable projects in energy and transportation sectors. Their website is professionally designed, content-rich, and targets professionals interested in green technology careers and partnerships. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, integrated with Google Tag Manager and social login plugins for LinkedIn and Xing. The hosting appears to be on AWS infrastructure. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Performance metrics are not available, but the site shows good mobile optimization and SEO practices. From a security perspective, the absence of HTTPS and modern TLS protocols significantly lowers the security posture. No advanced security headers or incident response policies are evident. Privacy compliance is partially met with a comprehensive privacy policy and GDPR consent statements on forms, but no cookie consent mechanism is detected. Business credibility is supported by ISO 9001 certification, multiple office locations, and professional content. Overall, the website presents a trustworthy and professional business front but requires urgent security improvements, especially enabling HTTPS and enhancing security headers, to protect user data and improve trustworthiness. Strategic recommendations include SSL implementation, security header enhancements, and adding explicit cookie consent mechanisms to align with privacy regulations.

M

Mark Heath

eventsassociate.com

0

Events Associate is a small education-focused business specializing in bespoke language and professional training services, including Business English, professional development, educational training for children, and translation work. The company targets non-native English speakers and organizations primarily in Austria, Spain, and Europe. The website is hosted and managed via IONOS MyWebsite, reflecting a modest technical infrastructure with basic digital maturity. The site lacks HTTPS, which significantly undermines security and user trust. Security headers are partially implemented but insufficient without SSL/TLS. Privacy and cookie policies are absent, indicating non-compliance with GDPR and related regulations. Contact information is clearly provided, but no forms or advanced interaction mechanisms are present. Overall, the website presents basic content and functionality with room for significant improvement in security, compliance, and technical sophistication.

P

Polizeichor Dortmund

polizeichor-dortmund.de

0

Polizeichor Dortmund is a small, local non-profit choir organization based in Germany, founded in 1909. The choir serves as a bridge between the police and the community, inviting all interested individuals to participate regardless of prior choral experience. Their website provides information about rehearsal times, locations, and upcoming events, targeting local citizens and choir enthusiasts. Technically, the website is built on WordPress with a standard Apache/PHP hosting environment and uses common plugins such as Yoast SEO for optimization. However, the site lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes visitors to potential risks and undermines trust. Security headers are minimal, and no advanced security policies or incident response information is provided. Privacy compliance is basic, with a privacy policy page present but no cookie consent mechanism or GDPR-specific notices. Overall, the website is functional and informative but requires significant improvements in security and privacy to meet modern standards.

W

Werner Kolb / KOLB DIGITAL AUDIO

werner-kolb.de

0

Werner Kolb operates a personal brand website focused on music production, performance, and authorship, particularly addressing musicians with tinnitus. The site presents a niche media business with a strong personal touch, targeting a broad audience interested in music and health. The technical infrastructure is based on WordPress with popular plugins like Elementor and Slider Revolution, hosted likely by 1&1 IONOS. While the site is well-structured and content-rich, it lacks a valid SSL certificate, which is a critical security gap. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy awareness. Social media integration and contact information enhance business credibility. Overall, the site is functional but requires urgent security improvements to protect user data and improve trust.

W

Webasto Group

webasto.com

0

Webasto Group is a mature, enterprise-level global automotive supplier specializing in innovative roof systems, battery solutions, heating, and cooling products. The company is positioned among the top 100 automotive suppliers worldwide, serving automotive manufacturers and end customers with a broad portfolio of products and services. The website is professionally designed, leveraging modern technologies such as Adobe Experience Manager and React, providing a rich user experience with clear navigation and relevant content. However, a critical security issue is the lack of a valid SSL certificate, resulting in no HTTPS enforcement, which significantly impacts the security posture. Privacy and cookie policies are present, indicating awareness of compliance requirements, but the absence of a cookie consent mechanism and security policy pages suggests room for improvement in privacy compliance and transparency. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

S

Sipwise GmbH

sipwise.com

0

Sipwise GmbH is a medium-sized telecommunications software company specializing in Class 5 VoIP softswitch solutions, unified communications, Cloud PBX, mobile VoIP clients, and WebRTC-based products. Their market position targets telecom operators, ISPs, and both B2B and residential customers, offering advanced and scalable communication platforms. The website is professionally designed with rich content and clear navigation, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and themes, hosted on Google Cloud infrastructure. However, the lack of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to risks and reducing trust. Security headers are present but their effectiveness is limited without proper SSL. Privacy and cookie policies are implemented with consent mechanisms, indicating good privacy compliance. Contact information is available primarily through a contact page and social media channels, but no direct emails or phone numbers are explicitly listed. Overall, the site demonstrates strong business credibility and content quality but requires urgent improvements in security configuration to meet modern standards.

L

Lebenshilfe Peine-Burgdorf GmbH

lhpb.de

0

Lebenshilfe Peine-Burgdorf GmbH is a regional non-profit organization dedicated to supporting people with disabilities and those requiring assistance in the Peine district and surrounding areas in Germany. The organization offers a broad range of services including counseling, childcare, residential support, employment and education programs, and leisure activities. Their business model focuses on social integration and empowerment of their target audience, which includes individuals with special needs, their families, and professional caregivers. Technically, the website is built on TYPO3 CMS and uses common web technologies such as Apache server, jQuery, and FontAwesome. While the site is well-structured, mobile-optimized, and content-rich, it lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. Performance data is unavailable, but the site appears to have good navigation and accessibility features. From a security perspective, the absence of HTTPS and modern TLS protocols significantly lowers the security posture. Although some security headers are present, key best practices like HSTS enforcement and OCSP stapling are missing. No explicit security or incident response policies are published on the site. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website demonstrates moderate business credibility and good content quality but suffers from critical security deficiencies. Strategic improvements in SSL/TLS deployment and privacy compliance are recommended to enhance trust and security.

A

ACP-Gruppe

acp.de

0

ACP-Gruppe is a well-established IT solutions provider operating primarily in Germany and Austria, specializing in hybrid cloud, modern workplace, network security, and digital solutions. The company positions itself as a market leader with a strong partner ecosystem including major technology vendors. The website is professionally designed, content-rich, and targets business customers seeking digital transformation services. Technically, the site is built on HubSpot CMS with modern JavaScript libraries and integrates marketing and analytics tools such as Google Tag Manager and HubSpot Analytics. However, the security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, which poses significant risks for secure communications. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security or incident response policies are found. WHOIS data aligns with the business claims, showing consistent registration without privacy protection but lacking domain locks. Overall, the website is credible and professional but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

Vebego Deutschland is a well-established facility services provider in Germany, offering a broad range of services including building cleaning, industrial cleaning, green care, facility management, and security services. The company positions itself as a reliable and innovative partner focused on enhancing client environments for better performance and quality of life. The website content is professional and well-structured, targeting business clients in need of comprehensive facility services. Technically, the website uses modern marketing and optimization tools such as Google Tag Manager and Visual Website Optimizer, but lacks a valid SSL certificate, which is a critical security shortfall. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Privacy compliance is partially addressed with a privacy policy present, but no cookie consent mechanism is detected, which may pose GDPR compliance risks. Business credibility is supported by multiple certifications and industry memberships, enhancing trust. Overall, the site is functional and professional but requires urgent security improvements to protect user data and comply with best practices.

C

CompuGroup Medical

cgm.com

0

CompuGroup Medical is a global healthcare technology company specializing in digital healthcare solutions and services. The website serves as a corporate portal providing information about the company, its vision, press releases, and localized country pages. The company targets healthcare providers and industry professionals with a B2B business model. The website is built on modern technologies including Neos CMS and Flow Framework, hosted behind Cloudflare, and uses Matomo for analytics. However, the site suffers from an invalid SSL certificate, which undermines its HTTPS security and overall trustworthiness. Security headers are well implemented but the lack of valid TLS protocols and HSTS reduces the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Social media presence is strong, supporting brand trust. Overall, the website is professional and content-rich but requires urgent SSL/TLS remediation to improve security and user trust.

F

FORTEC Group

fortecag.de

0

FORTEC Group is a medium-sized German technology company specializing in Display Technology, Embedded Systems, and Power Supplies. It operates as a B2B system supplier offering integrated solutions from distribution to development and production, targeting industrial and device manufacturers. The company maintains a consistent brand presence with multiple international subsidiaries and a clear investor relations focus. Technically, the website is built on the Shopware platform with modern JavaScript libraries and includes basic privacy and cookie consent mechanisms. However, the security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, which significantly impacts secure communications. The domain registration is consistent and legitimate, with no privacy protection or suspicious patterns, supporting the company's credibility. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

R

ratiopharm GmbH

ratiopharm.com

0

ratiopharm GmbH operates a comprehensive German pharmaceutical website focused on generics and health solutions. The company is a well-established player in the healthcare sector, supported by its parent company Teva Pharmaceutical Industries. The website provides extensive product information, health advice, and services targeted at consumers and healthcare professionals. Technically, the site uses TYPO3 CMS with modern JavaScript frameworks and integrates Google Analytics and Usercentrics for analytics and cookie consent. However, the SSL certificate is invalid or missing, which is a critical security concern. Security headers are mostly implemented, but TLS protocols are disabled, significantly impacting the security posture. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Contact information is clearly presented, enhancing business credibility.

syslab.com GmbH is a well-established German software company specializing in content management, risk assessment, and digital collaboration solutions. With over 25 years of experience, it holds a strong market position as a leading Plone and Python developer in Germany, serving a diverse clientele including enterprises, government agencies, and research institutions. The company emphasizes open source contributions and maintains strategic partnerships with notable organizations. Technically, the website is built on WordPress with modern themes and SEO plugins, offering a rich user experience and good mobile optimization. However, the security posture is currently weak due to the absence of a valid SSL certificate and lack of HTTPS support, which poses significant risks. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, syslab.com demonstrates strong business credibility and digital maturity but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

A

Andreas Knapp

knapp.de

0

The website knapp.de represents Andreas Knapp, a publicly appointed and sworn expert specializing in real estate valuation and related expert services in Germany. The business operates in a niche market providing property valuation, expert reports, and legal valuation services primarily targeting clients requiring official property assessments. The website content is minimal and primarily informational, focusing on the expert's credentials and service offerings without extensive interactive features or modern web design elements. Technically, the website is outdated, employing legacy technologies such as jQuery 1.7.1 and a frameset layout, which negatively impacts user experience, SEO, and accessibility. Performance is poor with a high load time and large page size. Critically, the site lacks a valid SSL certificate and does not support HTTPS, exposing visitors to security risks. No modern security headers or compliance mechanisms such as privacy or cookie policies are present, indicating a low level of digital maturity and GDPR compliance. From a security perspective, the absence of HTTPS and security headers, combined with no evidence of incident response or vulnerability disclosure policies, presents significant risks. The domain registration data aligns with the business claims, showing consistent and legitimate ownership without privacy protection. However, the lack of security best practices and compliance documentation suggests the need for urgent improvements to protect user data and enhance trust. Overall, the website scores low on security and privacy compliance, with basic content quality and business credibility. Strategic recommendations include immediate SSL implementation, updating the technology stack, adding privacy and cookie policies, and improving security headers and compliance frameworks to align with modern standards.

plenum AG Management Consulting is a well-established German management consulting firm specializing in transformation advisory services primarily for the finance, insurance, and energy sectors. With over 35 years of experience, the company holds a strong market position supported by industry awards and a professional digital presence. The website reflects a mature digital infrastructure built on TYPO3 CMS, featuring comprehensive content, clear navigation, and multi-channel engagement including social media and newsletters. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing the site to risks and undermining user trust. Privacy policies and cookie consent mechanisms are well implemented, aligning with GDPR requirements. Overall, the business demonstrates high credibility and professionalism but must urgently address its HTTPS deficiency to improve security posture and user confidence.

H

HESS Cash Systems GmbH & Co. KG

hess.de

0

HESS Cash Systems GmbH & Co. KG is a medium-sized German company specializing in cash processing system solutions, serving banks, public institutions, energy providers, libraries, and retail businesses. The company positions itself as a market leader with over 135 years of tradition, offering consulting, development, production, and service. The website reflects a professional B2B business model with clear branding and consistent messaging. Technically, the site uses a TYPO3 CMS platform with modern frontend frameworks like Bootstrap and jQuery, and integrates Google Tag Manager and Cookiebot for analytics and cookie consent. However, the site lacks HTTPS encryption, which is a critical security deficiency. Security headers are minimal, and no explicit security or incident response policies are published. The domain registration and DNS records align well with the parent company Gauselmann Group, supporting legitimacy. Overall, the website is functional and informative but requires urgent security improvements to protect user data and enhance trust.

BMW Group Careers website serves as a global recruitment portal for the BMW Group, a leading enterprise in the automotive transportation sector. The site offers extensive information about career opportunities worldwide, highlighting the company's commitment to innovation in autonomous driving, e-mobility, and AI. The website is well-branded, professionally designed, and targets job seekers globally with a focus on technology and automotive professionals. Technically, the site is built on Adobe Experience Manager and uses Akamai CDN and Google Maps API, reflecting a mature digital infrastructure. However, a critical security gap exists as the site lacks HTTPS, exposing users to potential risks. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. The absence of direct contact emails or phone numbers is noted, but social media channels are official and active. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect user data and maintain trust.

The website ae-net.info represents a small independent consulting business operated by Torsten A�, offering services in project management, marketing, coaching, and business consulting primarily targeting German-speaking clients. The business has a mature domain with 20 years of registration, consistent with the claimed experience and service offerings. The website content is static, primarily informational, and presented in German, with no interactive forms or contact details explicitly provided on the homepage. Technically, the site is hosted on Apache via IONOS SE, uses outdated HTML standards, and lacks modern web technologies or CMS platforms. Performance is slow, and mobile optimization is poor. Security posture is weak due to the absence of HTTPS and security headers, exposing visitors to potential risks. No privacy or cookie policies are present, indicating poor privacy compliance. Overall, the site reflects a basic digital presence with limited technical and security maturity.

The domain cindycut.de is registered and hosted by STRATO but currently serves only a placeholder page indicating the website is not available. There is no active business content, no contact information, and no privacy or security policies present. The technical infrastructure is minimal, with an Apache server serving HTTP content without SSL/TLS encryption. This results in a poor security posture and low trustworthiness. The domain registration is consistent and legitimate, but the lack of active content and security measures suggests the website is inactive or under development. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, and deploying security headers to improve trust and compliance.

N

NCT Heidelberg

nct-heidelberg.de

0

NCT Heidelberg is a prominent German healthcare and research institution specializing in oncology. The website serves multiple audiences including patients, physicians, and researchers, offering comprehensive information on patient care, clinical studies, and cancer research programs. The site is well-structured and professionally designed, reflecting its institutional nature and affiliations with major German research and medical organizations. Technically, the website is built on TYPO3 CMS and integrates modern consent management tools like Usercentrics, alongside Matomo for privacy-focused analytics. However, the absence of a valid SSL certificate is a critical security flaw that undermines user trust and data protection. Security headers are partially implemented, but DNSSEC and proper CAA records are missing, indicating room for improvement in DNS security. Privacy compliance is strong with clear GDPR mechanisms in place. Overall, the site demonstrates good business credibility and content quality but requires urgent security enhancements to meet modern standards.

SGL Carbon is a global technology leader specializing in carbon-based materials and solutions, serving key industries such as sustainable mobility, energy, semiconductor technology, and chemical manufacturing. The company operates worldwide with a strong presence in Europe, North America, and Asia, employing approximately 4,700 people and generating significant revenue. The website reflects a mature and professional business with comprehensive content, clear branding, and a focus on sustainability and innovation. Technically, the site is built on TYPO3 CMS and integrates modern marketing and analytics tools, but suffers from a critical lack of HTTPS and valid SSL certificates, severely impacting security posture. Privacy compliance is well addressed with cookie consent mechanisms and detailed policies. Overall, the site is trustworthy and professional but requires urgent security improvements to protect users and data.

S

Schäfer Shop Deutschland

schaefer-shop.de

0

Schäfer Shop Deutschland is a well-established e-commerce retailer specializing in office furniture, office supplies, and warehouse equipment, serving primarily business customers across Europe. With over 50 years of experience, the company offers a comprehensive product range exceeding 85,000 items, emphasizing quality, service, and fast delivery. The website reflects a mature digital presence with professional design, clear navigation, and multi-language support for various European markets. Technically, the site employs modern marketing and analytics tools including Usercentrics for consent management, Google Tag Manager, and Adobe Experience Cloud, ensuring compliance with privacy regulations and effective user tracking. However, a critical security concern is the absence of a valid SSL certificate and lack of HTTPS support, which significantly undermines the site's security posture and user trust. Despite this, the site maintains strong trust indicators such as ISO certifications, Trusted Shops membership, and sustainability awards. Overall, while the business and technical maturity are high, immediate remediation of SSL/TLS issues is essential to secure the platform and protect customer data.

W

Winterhalter Gastronom GmbH

winterhalter.biz

0

Winterhalter Gastronom GmbH is a well-established family-owned company specializing in professional warewashing technology, including commercial dishwashers, water treatment, chemicals, and accessories tailored for the hospitality industry. With a 75-year history, the company holds a strong market position as a quality and reliability leader serving diverse sectors such as restaurants, hotels, mass catering, and retail. The website is professionally designed, content-rich, and targets a global audience with multiple language versions and regional adaptations. Technically, the site is built on TYPO3 CMS and hosted behind Cloudflare, leveraging modern web technologies and cookie consent management via Usercentrics. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility and digital maturity are strong, but urgent remediation of SSL/TLS issues is recommended to enhance security and trust.

C

Comsysto Reply GmbH

comsysto.com

0

Comsysto Reply GmbH is a well-established German software engineering and IT consulting company founded in 2005, specializing in fullstack software development, cloud architecture, and DevOps. The company positions itself as a partner for digital transformation, leveraging agile methodologies and open source technologies to deliver tailored software solutions. It is part of the larger Reply network, which enhances its market credibility and resource availability. The website content is rich, professionally designed, and targets enterprise and medium-sized businesses seeking innovative IT solutions. Technically, the site is hosted on AWS and built with Webflow, using modern agile and cloud-native technologies. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which severely impacts the security posture. Privacy compliance is strong with a comprehensive GDPR-aligned privacy policy, though no cookie consent mechanism is detected. Contact information and social media presence are clearly provided, supporting business credibility. Overall, the site demonstrates a mature business with good digital maturity but requires urgent security improvements to protect user data and trust.

K

KLAFS GmbH

thermarium.com

0

KLAFS GmbH operates a comprehensive website focused on sauna manufacturing and wellness products, positioning itself as a market leader in Germany. The site offers detailed product information, showroom locations, and customer service options, targeting both private and professional customers. The business model integrates manufacturing, retail, and service with a strong emphasis on customer consultation and product innovation. Technically, the website is built on TYPO3 CMS and hosted on infrastructure linked to schalk-it.de, with modern marketing and consent management tools integrated. However, the security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS protocol support, which poses significant risks for user data protection and trust. Privacy compliance is well addressed with clear policies and a consent management platform. Overall, the site is professional and trustworthy but requires urgent security improvements to meet modern standards.

H&Z Unternehmensberatung AG is a well-established management consulting firm based in Munich, Germany, with a strong focus on strategy, procurement, transformation, sustainability, innovation, and technology. Founded in 1997, the company operates globally with over 600 consultants across 14 offices and is part of the larger H&Z Group and The Transformation Alliance. The website is professionally designed, content-rich, and targets leading organizations seeking strategic consulting services. Technically, the site uses modern frameworks such as Next.js and is hosted on Vercel, with cookie consent managed by Usercentrics and analytics via Google Tag Manager. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocol support, which poses risks to user trust and data security. Privacy compliance is partial, with cookie consent present but no visible privacy or terms of service policies. Overall, the site demonstrates high business credibility but requires urgent security improvements to align with best practices.

A

ADMIRAL Entertainment Holding Germany GmbH

admiral-games.de

0

ADMIRAL Entertainment Holding Germany GmbH operates as a prominent gaming and entertainment company in Germany, specializing in the operation of modern game halls and providing a wide range of gaming machines and services. As part of the reputable NOVOMATIC AG group, ADMIRAL leverages both tradition and innovation to deliver unique leisure experiences to its customers. The website reflects a professional and consistent brand image targeting German-speaking audiences, with clear navigation and relevant business content. Technically, the site is built on TYPO3 CMS and uses modern frameworks like Bootstrap, but suffers from critical security shortcomings due to the lack of a valid SSL certificate and HTTPS support. Security headers are implemented, and cookie consent mechanisms are in place, indicating a basic level of privacy compliance. However, the absence of HTTPS significantly undermines the site's security posture. Overall, the business appears legitimate and well-established, with clear contact information and social media presence, but the technical security gaps present a risk that should be addressed promptly.

V

VOQUZ Group

voquz.com

0

VOQUZ Group is a well-established international IT service provider headquartered in Germany, with over 40 years of experience and more than 300 employees. The company serves both private and public sectors, offering a broad range of IT services including software development, SAP consulting, infrastructure planning, project management, and software testing. It operates through specialized subsidiaries such as VOQUZ Public and VOQUZ IT Solutions, targeting public administration and private enterprises respectively. The website reflects a professional and consistent brand presence with good content quality and clear navigation.

G

Georg Fritzmeier GmbH & Co. KG

fritzmeier.com

0

The Fritzmeier Group is a large German manufacturing company specializing in driver cabs, composite parts, tooling, and environmental technology solutions primarily serving the Off-Highway and On-Highway industries. Their diversified business model includes multiple subsidiaries focused on specialized product areas such as cabs, composites, technology, and environmental solutions. The company maintains a strong market position with approximately 2,200 employees and a presence at major industry events. Technically, the website is built on TYPO3 CMS and served via Apache, with a moderate performance profile and good mobile optimization. Security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS, despite the presence of security headers and a content security policy. Privacy compliance is good with a comprehensive privacy policy and terms of service, but lacks a cookie consent mechanism. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

A

Allnex GMBH

allnex.com

0

Allnex GmbH is a global leader in the manufacturing of industrial coating resins, adhesives, sealants, and specialty coatings. The company targets industrial manufacturers and formulators in the chemical and coatings industries, offering a broad portfolio of products and technical support. The website reflects a mature enterprise-grade digital presence with comprehensive content, clear navigation, and multi-language support, indicating a global market reach. Technically, the site is built on ASP.NET with Kentico CMS, hosted likely on Microsoft Azure, and employs modern web technologies including lazy loading and SVG icons. However, the security posture is weak due to an invalid SSL certificate and lack of TLS protocol support, which critically impacts trust and data protection. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to ensure safe user interactions and data protection.

B

Bischöflich Münstersches Offizialat

bmo-vechta.de

0

The Bischöflich Münstersches Offizialat website serves as an official regional church institution platform providing a wide range of services including church law, pastoral care, education, and prevention of sexualized violence. It targets the Catholic community and church stakeholders in the Oldenburger Land region of Germany. The site is built on TYPO3 CMS and integrates various extensions for search and event management, reflecting a moderate level of digital maturity. However, the absence of HTTPS is a critical security flaw that undermines user trust and data protection. The website lacks a cookie consent mechanism and explicit security or incident response policies, which are important for GDPR compliance and overall security posture. Despite these issues, the site presents professional content with clear navigation and consistent branding, supported by links to reputable church partners.

A

Arzneiwerk AG

teles.com

0

Arzneiwerk AG is a healthcare company specializing in securing the supply of newly developed or rare specialty pharmaceuticals across Europe. The company maintains a professional online presence focused on investor relations and business transparency. The website is built on WordPress using Elementor and includes SEO and cookie consent tools, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS support represents a significant security gap, exposing users to potential risks. Privacy policies are present and GDPR compliant, but no explicit security or incident response policies are found. Overall, the business appears legitimate and consistent with its domain registration and content, but security improvements are critical to enhance trust and compliance.

C

Caterpillar Energy Solutions GmbH

mwm.net

0

MWM, operating under Caterpillar Energy Solutions GmbH, is a well-established company specializing in highly efficient and environmentally friendly combined heat and power plants and block heating power plants. With over 150 years of experience, the company offers a broad portfolio of gas engines and power generation solutions targeting industrial, commercial, and public utility sectors globally. The website reflects a mature digital presence with comprehensive product and service information, supported by a global service and sales network. Technically, the site is built on WordPress with common libraries and plugins, but suffers from a critical lack of a valid SSL certificate, which severely impacts its security posture. Privacy policies and GDPR compliance are well addressed, and contact is primarily via web forms. Overall, the site is professional and trustworthy but requires urgent security improvements.

W

Werner Mertz Professional

wmprof.com

0

Werner Mertz Professional is a medium-sized manufacturing company specializing in high-performance hygiene solutions for professional cleaning markets. With over 50 years of history and a strong commitment to sustainability, the company operates under well-known brands such as Green Care Professional and Tana Professional. The website reflects a mature digital presence with comprehensive content, professional design, and strong SEO practices. However, the lack of a valid SSL certificate and proper HTTPS configuration represents a significant security risk that undermines user trust and data protection. The company has implemented cookie consent mechanisms and privacy policies compliant with GDPR, indicating awareness of privacy regulations. Overall, the business is credible and well-positioned in its sector but must urgently address its security posture to meet modern standards.

A

AirBerlin PLC & Co. Luftverkehrs KG

airberlin.com

0

The website for airberlin.com currently serves as a minimal placeholder 'Coming Soon' page referencing insolvency information for AirBerlin PLC & Co. Luftverkehrs KG, a former airline company. The site lacks substantive business content, contact information, and user engagement features, reflecting the company's insolvency status and inactive operations. Technically, the site uses Tailwind CSS for styling and is hosted on Hetzner infrastructure, but suffers from poor performance with a high load time and lacks modern web optimizations. Critically, the site does not have a valid SSL certificate and is served over HTTP only, exposing users to security risks. No privacy, cookie, or terms of service policies are present, and no contact or social media links are provided, limiting transparency and user trust. Overall, the website's security posture is weak, with no HTTPS, no security headers, and no advanced DNS security features enabled.

Heidelberger Druckmaschinen AG (HEIDELBERG) is a globally recognized leader in the manufacturing and supply of printing and packaging solutions, including offset and digital printing technologies, post-press packaging machines, and related software and services. The company targets commercial, packaging, and label printing companies worldwide, positioning itself as a market leader with a comprehensive product and service portfolio. The website reflects a mature digital presence with rich content, clear navigation, and strong branding, supporting its enterprise-level stature. Technically, the site uses modern web technologies and tracking tools but lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security gap. Security headers are present but ineffective without SSL, and no explicit security or incident response policies are published. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism despite tracking scripts. WHOIS data confirms domain legitimacy and consistency with the company’s identity. Overall, the site is professional and trustworthy but requires urgent security improvements to meet modern standards.

V

Virtual Identity AG

virtual-identity.com

0

Virtual Identity AG is a well-established digital agency founded in 1999, specializing in AI integration, UX design, software engineering, and digital marketing services. The company targets businesses aiming for digital transformation and human-centered business growth. Their market position is strong, supported by a reputable client portfolio and consistent branding. Technically, the website is built on WordPress, hosted on AWS CloudFront, and uses modern JavaScript libraries and SEO tools, though performance is moderate. Security posture is currently weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which poses risks to data confidentiality and user trust. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional and trustworthy but requires urgent security improvements to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

OBI is a leading German home improvement and garden retailer with a strong online and physical presence. The website offers a comprehensive range of products and services including project planning, rental services, and loyalty programs. Technically, the site uses modern frameworks like Vue.js and Nuxt.js, hosted on AWS CloudFront, with extensive use of third-party analytics and marketing tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user data protection. The site is well-structured, mobile-optimized, and provides clear contact and business information, supporting a high level of trustworthiness. Strategic improvements in security and privacy compliance are recommended to enhance overall risk posture.

P

pheron technologies group GmbH

pheron.com

0

pheron technologies group GmbH is a specialized software house focused on providing uninterrupted IT infrastructure solutions primarily for German-speaking business customers. Their offerings include high availability and disaster recovery, monitoring, security and compliance, migration services, installation, training, product consulting, and managed services. The company positions itself as a platform- and vendor-independent IT service provider with a niche market focus. Technically, the website is built on Joomla CMS using the Helix framework and incorporates modern frontend libraries such as jQuery and Bootstrap, along with the Revolution Slider for visual presentation. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. The cookie consent mechanism and privacy policy indicate some level of GDPR compliance, but the absence of contact details and security policies limits transparency. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

D

Deutsche Lufthansa AG

ltt.aero

0

Lufthansa Technical Training (LTT) is a well-established aviation technical training provider affiliated with Deutsche Lufthansa AG. The company offers a broad range of training services including vocational, basic, and type training for aviation professionals worldwide. Their business model targets both individual trainees and corporate clients, leveraging customized training solutions to meet specific needs. The website reflects a professional and consistent brand image with comprehensive content and strong trust indicators such as EASA certification and Lufthansa Group affiliation. Technically, the site is built on the Scrivito CMS platform and hosted on Amazon S3 with CloudFront CDN, but suffers from a critical lack of HTTPS due to an invalid or missing SSL certificate, which severely impacts security posture. Privacy and cookie policies are well implemented and GDPR compliant, with moderate user tracking via Google Analytics and marketing tools like Intercom and Usercentrics. Overall, the website provides a good user experience and clear navigation but requires urgent security improvements to enable HTTPS and strengthen SSL/TLS configurations.

The website represents a small German engineering consultancy specializing in building physics, damage assessment, and related services for private clients, insurers, and courts. The business offers expert reports, simulations, and consulting in areas such as thermal protection, moisture protection, and building acoustics. The site is hosted on the Strato platform using the cm4all CMS and employs legacy JavaScript libraries. While the content is relevant and professionally presented, the technical infrastructure is outdated and lacks modern security features. Critically, the site does not support HTTPS, exposing visitors to security risks and undermining trust. Cookie consent mechanisms are implemented, but privacy compliance could be improved. Overall, the business appears legitimate and consistent with its domain registration data, but the website requires urgent security upgrades to meet modern standards.