Security Directory

P

ProSiebenSat.1 Media SE

commerceandventures.com

0

Commerce & Ventures is the investment business of ProSiebenSat.1 Media SE, focusing on supporting consumer-oriented start-ups and growth companies through a combination of media-for-equity, media-for-revenue, minority, and majority investments. The company leverages the extensive media reach of the ProSiebenSat.1 Group to build brand awareness and accelerate growth for its portfolio companies. Technically, the website is built on modern frameworks such as Next.js and React, hosted on AWS, and integrates marketing and tracking tools like Google Tag Manager. Security posture is adequate with support for TLS 1.2 and 1.3 and no major vulnerabilities detected, but lacks some best practices like HSTS and OCSP stapling. Overall, the site is professional, well-branded, and provides comprehensive information about its investment activities and portfolio. However, direct contact information and explicit security policies are not prominently available, which could be improved to enhance trust and compliance.

S

SevenVentures

sevenventures.de

0

SevenVentures is a strategic media investment arm of ProSiebenSat.1 Media SE, specializing in minority equity investments and media cooperations for established digital B2C companies. Their business model leverages media assets to accelerate growth and brand awareness in the German and Austrian markets. The website demonstrates a mature digital infrastructure using modern web technologies such as Next.js and integrates marketing and tracking tools like Google Tag Manager and trkkn.com. Security posture is solid with TLS 1.3 support and valid SPF records, though improvements such as enabling HSTS, DNSSEC, and DMARC would enhance protection. Overall, SevenVentures presents a professional and trustworthy online presence aligned with its market position as a leading media investor.

B

Bundesverband Green Software e. V.

bundesverband-green-software.de

0

Bundesverband Green Software e. V. is a German non-profit association dedicated to promoting sustainable and resource-efficient software development practices in Germany. The organization focuses on advancing green software standards, tools, training, and policy advocacy to reduce the ICT sector's carbon footprint. Their market position is that of a leading national association in the green software domain, targeting companies and digital actors interested in sustainability. The website content is well-aligned with their mission and audience, providing information on initiatives, working groups, events, and membership opportunities. Technically, the website employs modern web technologies including Tailwind CSS and JavaScript libraries such as Marquee3k, hosted behind Cloudflare DNS and leveraging email infrastructure from Scaleway and Outlook. While the site is responsive and optimized for mobile devices, performance is somewhat slow with a load time of nearly 7 seconds. SEO practices are good, but accessibility is basic. No CMS or advanced frameworks are detected. From a security perspective, the site has a valid SSL certificate (though with suspicious validity dates), SPF and DMARC records configured, but lacks advanced security headers like HSTS or DNSSEC. There is no visible security policy, incident response contact, or vulnerability disclosure mechanism. Privacy compliance is supported by a comprehensive privacy policy, but no cookie consent mechanism is present. The security posture is moderate with room for improvement in email security policies and HTTPS hardening. Overall, the website and organization present a trustworthy and professional front for their green software advocacy mission. Strategic improvements in security headers, DNS security, and transparency around incident response would enhance their security maturity and stakeholder confidence.

Q

qwertiko GmbH

navigate-it-services.de

0

qwertiko GmbH is a medium-sized German IT service provider specializing in professional hosting and Platform-as-a-Service (PaaS) solutions. With over 10 years of experience, the company offers tailored, high-performance cloud hosting, managed services, firewall solutions (notably pfSense®), and personalized consulting. Their market position is strengthened by official partnerships and a focus on personal customer service, targeting businesses and agencies requiring reliable and scalable IT infrastructure. Technically, the website is built on WordPress using WPBakery Page Builder and several plugins, hosted on infrastructure managed by nroute.de. While the site demonstrates good SEO and mobile optimization, the analyzed domain lacks a valid SSL certificate and modern TLS support, which is a critical security gap. The company maintains GDPR compliance with a comprehensive privacy and cookie policy and provides clear contact information and customer testimonials, enhancing trust. However, there is no explicit terms of service or security policy published, and incident response details are absent. Overall, qwertiko presents a professional digital presence with room for security improvements.

H

Hubert Burda Media

burda.com

0

Hubert Burda Media is a large, established media and technology company based in Germany, focusing on media publishing, brand management, and equity investments. The company maintains a strong market position with a diverse portfolio and international presence. Their website reflects a mature digital infrastructure with modern JavaScript libraries, consent management, and structured data for SEO and business transparency. Security posture is solid with valid SSL, SPF, and DMARC configurations, though improvements such as enabling HSTS and additional security headers are recommended. The company demonstrates compliance awareness with GDPR-aligned privacy and cookie policies and a whistleblowing system. Overall, the website is professional, trustworthy, and well-optimized for users and search engines.

G

Greyd GmbH

greyd.de

0

Greyd GmbH operates the Greyd.Suite, an all-in-one WordPress platform designed to help freelancers, agencies, and enterprises scale their WordPress businesses efficiently. The company positions itself as a comprehensive solution provider with a unique block-based builder, centralized content and design management, and advanced features such as headless CMS capabilities and dynamic content management. Their market position is strengthened by a consistent brand presence, extensive feature set, and a focus on performance and accessibility. Technically, the website is built on WordPress 6.8.1 with a rich tech stack including custom plugins, Borlabs Cookie for GDPR-compliant consent management, and Chargebee for subscription billing. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocols, which poses risks to user data confidentiality and trust. The site demonstrates good SEO and accessibility practices, with comprehensive legal and privacy documentation. Overall, Greyd GmbH shows strong digital maturity but should urgently address SSL and TLS issues to improve security and user trust.

K

Koelnmesse GmbH

koelnmesse.de

0

Koelnmesse GmbH is a leading international trade fair and event organizer based in Germany, with a strong market position and a comprehensive portfolio of over 80 trade fairs and events globally. The company serves a diverse audience including exhibitors, visitors, and business partners, providing key services such as exhibitions, conferences, and venue management. Technically, the website employs modern web technologies including jQuery, OneTrust for cookie consent, Google Tag Manager, and Plausible Analytics, hosted on Amazon AWS infrastructure. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocol support, which poses risks to secure communications. Despite these issues, the company demonstrates strong compliance with GDPR and provides clear privacy and cookie policies, along with active incident response contacts. Overall, Koelnmesse maintains a high level of professionalism and trustworthiness in its digital presence.

D

DWS Group

dws.de

0

DWS Group is a leading global asset manager headquartered in Germany, offering a broad range of investment solutions including ESG, infrastructure, equity, bonds, and ETFs. The company has a strong market position with over 60 years of investment expertise and a large workforce. Their digital presence is built on modern web technologies such as Vue.js and integrates advanced video content delivery via Brightcove. The website demonstrates good SEO and user experience practices, with comprehensive privacy and cookie consent mechanisms in place. Security posture is solid with strict SPF and DMARC policies and use of TLS 1.3, though improvements such as enabling HSTS and OCSP stapling are recommended. Fraud warnings and clear contact information enhance user trust. Overall, the site reflects a mature digital infrastructure aligned with enterprise-grade asset management services.

B

BHW Bausparkasse AG

bhw.de

0

BHW Bausparkasse AG is a well-established German financial institution specializing in building savings and home financing products. The company operates a comprehensive website offering detailed information on its products, services, and customer support, targeting private customers interested in real estate financing and savings. The website is built on Adobe Experience Manager and integrates Webtrekk analytics for user tracking and marketing optimization. Security measures include a valid SSL certificate with TLS 1.2 and strong cipher suites, SPF and DMARC email authentication, and multiple domain verification records, although improvements such as enabling HSTS, OCSP stapling, and TLS 1.3 are recommended. The company maintains GDPR-compliant privacy and cookie policies with explicit consent mechanisms. Contact information is clearly provided with phone numbers and contact forms, but no explicit data protection officer contact or security policy page was found. Overall, the website demonstrates a mature digital presence with good usability and trust indicators, supported by strategic partnerships with Deutsche Bank and Postbank.

N

norisbank GmbH

norisbank.de

0

norisbank GmbH is a direct bank subsidiary of Deutsche Bank Gruppe, headquartered in Bonn, Germany. The company offers a range of financial products including credit, checking accounts (Girokonto), savings accounts (Tagesgeld), credit cards, and securities depot services. The website demonstrates a strong market position with multiple awards and certifications, targeting private customers, business clients, students, and youth. The business model focuses on digital banking services with an emphasis on online and mobile banking platforms. Technically, the website is built on Adobe Experience Manager with integrations for Adobe Analytics and Usercentrics for consent management, reflecting a mature digital infrastructure. However, the website currently lacks a valid SSL/TLS certificate, which is a critical security vulnerability. Email security is well configured with SPF and DMARC policies. Privacy and cookie policies are present and GDPR compliant, but no explicit security or incident response policies are found. Overall, the site is professional, trustworthy, and well-optimized for SEO and accessibility, but requires urgent improvements in SSL security to protect user data and maintain trust.

M

maxblue

maxblue.de

0

maxblue is the online brokerage platform of Deutsche Bank AG, offering a comprehensive suite of investment and trading services including securities trading, depot management, and savings plans. The website positions itself as a strong partner for both beginners and professional investors in Germany, providing extensive market data, analysis, and digital tools. Technically, the site is built on Adobe Experience Manager with Angular framework, leveraging modern web technologies and integrating Adobe Launch for marketing and analytics. Security measures include strong TLS 1.2 encryption, SPF and DMARC email policies, and absence of major SSL vulnerabilities, though improvements like enabling HSTS and TLS 1.3 could enhance security further. The site demonstrates good privacy compliance with clear policies and consent mechanisms. Overall, maxblue presents a professional, trustworthy, and well-structured online brokerage service with a solid digital infrastructure.

B

Berenberg

berenberg.com

0

Berenberg is a historic and well-established financial institution founded in 1590, headquartered in Hamburg, Germany, with a strong presence across Europe and the United States. The company offers a comprehensive suite of financial services including investment banking, corporate banking, asset management, and fund management. It is recognized as one of Europe's leading advisors with a large equity research team covering over 800 European companies. The website reflects a mature digital presence with detailed business information, multiple international office locations, and a focus on client service and sustainability. Technically, the website employs modern web technologies such as JavaScript frameworks, SVG graphics, lazy loading, and structured data for SEO. Hosting is on Microsoft Azure with DNS managed by Colt, and the SSL configuration is robust with TLS 1.2 and strong cipher suites. Cookie consent is managed via CookieFirst, ensuring compliance with privacy regulations. However, there is room for improvement in security headers and protocols, such as enabling HSTS, DNSSEC, and TLS 1.3. From a security perspective, the site demonstrates good practices including SPF and DMARC email protections, OCSP stapling, and no detected SSL vulnerabilities. The privacy policy and cookie consent mechanisms are comprehensive and GDPR compliant. No explicit incident response or vulnerability disclosure pages were found, which could be enhanced to improve transparency and security posture. Overall, Berenberg's website and digital infrastructure reflect a high level of professionalism and trustworthiness, supporting its position as a major player in the financial services sector. Strategic improvements in security protocols and transparency could further strengthen its risk management and client confidence.

S

SCHUFA

schufa.de

0

SCHUFA is a major German credit bureau specializing in credit scoring and risk assessment services for consumers and businesses. The website is currently protected by a FriendlyCaptcha challenge, indicating active bot mitigation measures. However, the site lacks visible privacy, cookie, or terms of service policies on the captcha landing page, and no direct contact information is provided. The DNS configuration shows strong email authentication with SPF and DMARC policies, but the SSL/TLS configuration is critically lacking, with no valid certificate or secure protocols enabled. This presents a significant security risk for users and the business. The technical infrastructure relies on external captcha services and is hosted via United Domains nameservers. Performance is moderate but user experience and content quality are poor due to the captcha gate and lack of accessible content.

D

DKB AG

dkb-bank.de

0

DKB AG is a large German direct bank focused on sustainable banking services including checking accounts, loans, investments, and renewable energy financing. It holds a strong market position as one of the top 20 banks in Germany by balance sheet size and is recognized for its sustainability leadership with ISS ESG Prime-Status. The website is built on modern web technologies including Nuxt.js and Contentful CMS, offering excellent mobile optimization and user experience. However, the SSL configuration is currently misconfigured with a self-signed certificate and no supported TLS protocols, representing a significant security risk. Security headers are present but could be enhanced with better SSL/TLS setup and HSTS configuration. Overall, the bank demonstrates strong trust indicators and compliance with GDPR and cookie policies, supported by comprehensive privacy and terms of service documentation.

D

DKB Grund GmbH

dkb-grund.de

0

DKB Grund GmbH is a German real estate company specializing in property sales, financing, insurance, and investment services. With over 25 years of experience, it serves private and commercial clients across Germany. The website presents a comprehensive portfolio of services including property valuation, financing certificates, and energy-saving advice, supported by a strong regional presence and recognized industry partnerships. Technically, the site uses modern web technologies and analytics tools but currently lacks a valid SSL certificate, which impacts its security posture. The company demonstrates good GDPR compliance with a clear privacy and cookie policy and employs consent management tools. However, there is no explicit security policy or incident response information available. Overall, the website is professionally designed, user-friendly, and trustworthy, but the lack of HTTPS is a critical security gap that should be addressed promptly.

F

Finance Forward

financefwd.com

0

Finance Forward operates as a leading German-language online media platform specializing in new finance topics such as fintech, blockchain, and banking. The website offers a comprehensive range of services including news articles, podcasts, newsletters, and event information, targeting professionals and enthusiasts in the finance sector. The business model is centered on digital content delivery with monetization through advertising and partnerships. The company maintains a strong market position as a trusted source for fintech and finance news in Germany, supported by consistent branding and high-quality content.

C

Contentserv

contentserv.com

0

Contentserv is an enterprise-level technology company specializing in AI-powered Product Experience Management (PXM) cloud solutions. Recently acquired by Centric Software, Contentserv offers a comprehensive suite of services including Product Information Management, Digital Asset Management, and Multichannel Publishing, targeting marketers, product teams, and IT professionals. The website is built on HubSpot CMS and integrates multiple marketing and analytics tools, demonstrating a mature digital infrastructure. However, the current SSL/TLS configuration is invalid, posing a significant security risk. While privacy and cookie policies are present and GDPR compliant, there is no explicit security policy or incident response information publicly available. Overall, the company maintains a strong market position with excellent branding and content quality but should urgently address its SSL/TLS issues and enhance transparency around security practices.

S

Spryker Systems GmbH

spryker.com

0

Spryker Systems GmbH operates a leading digital commerce platform tailored for enterprise B2B, B2C, and marketplace solutions. Recognized as a leader by Gartner and IDC, Spryker offers a modular, cloud-capable commerce stack that supports diverse business models and sophisticated commerce needs. The company targets enterprise clients seeking scalable and extensible commerce technology with a strong partner ecosystem. Technically, the website is built on WordPress with integrations including HubSpot, Google Analytics, and Cloudflare for hosting and DNS. While the site demonstrates good SEO and content quality, performance is slow with a high load time and large page size. Mobile optimization is good, but accessibility could be improved. From a security perspective, Spryker has implemented SPF and DMARC DNS records, indicating attention to email security and domain protection. However, the SSL certificate is invalid or missing, and no TLS protocols are enabled, which is a critical security concern. Other best practices like HSTS, DNSSEC, and OCSP stapling are not implemented, reducing the overall security posture. Overall, Spryker presents a strong market position and business model but should urgently address its SSL/TLS configuration and enhance security headers to protect its digital assets and customer trust. The website's comprehensive privacy and cookie policies, along with consent mechanisms, reflect good compliance with GDPR requirements.

G

group.one

jobs.one

0

group.one is a large technology company operating primarily in the DACH region, providing a broad range of IT services including domain registration, web hosting, cloud servers, digital marketing, and SaaS solutions. The company supports over 1,300 employees and serves more than one million customers through multiple brands. Their market position is strong with a diversified portfolio of partner brands and a focus on customer success and team development. Technically, the website uses modern web technologies including a Teamtailor recruitment widget and a consent management platform, but lacks a valid SSL certificate and several security best practices, which impacts the overall security posture. The cookie consent mechanism and privacy notice indicate good GDPR compliance, but the absence of security policies and incident response information suggests room for improvement in security governance. Overall, the website is professionally designed with good user experience and trust indicators, but the technical security gaps present a moderate risk that should be addressed.

P

Profihost GmbH

profihost-status.com

0

Profihost GmbH operates a status page providing real-time and historical operational information for its cloud and hosting services. The company targets its customers and subscribers who require transparency on service availability. The website leverages the Hund.io platform for status management and is hosted by Dogado GmbH. The technical infrastructure includes standard web fonts, cookie consent mechanisms, and Google Analytics for tracking. However, the website lacks a valid SSL certificate and modern TLS support, which poses security risks. Privacy policies and terms of service are linked but hosted externally, with GDPR compliance noted but not fully ensured. Overall, the site demonstrates moderate digital maturity but requires significant security improvements.

K

KAMP Netzwerkdienste GmbH

kamp.de

0

KAMP Netzwerkdienste GmbH is a medium-sized German IT service provider specializing in colocation, cloud services, and data center operations. The company holds multiple ISO certifications including ISO 27001 and ISO 14001, positioning itself as a trusted and certified provider in the German market, particularly in the Ruhr region. Their offerings include server housing, private server rooms, cloud-based virtual data centers, and specialized health-care IT services, targeting businesses requiring secure and flexible IT infrastructure solutions. The company enjoys a strong market position, recognized by industry awards and analyst reports such as ISG Provider Lens. Technically, the website is built on TYPO3 CMS with Bootstrap framework, employing modern web technologies and a cookie consent mechanism compliant with GDPR. Performance is moderate with good mobile optimization and SEO practices. Security posture is solid with strong TLS 1.2 configuration and no known vulnerabilities, though improvements are recommended in email authentication (DMARC), DNS security (DNSSEC), and HTTPS hardening (HSTS). Overall, KAMP demonstrates a mature digital presence aligned with its business focus on secure and certified IT infrastructure services.

A

AGIQON GmbH

agiqon-shopware.de

0

AGIQON GmbH is a specialized full-service Shopware agency based in Germany, focusing on B2B and medium-sized enterprises. They hold a strong market position as a Shopware Platinum Partner with extensive certifications and a portfolio of over 200 projects and 100 custom plugins. Their services encompass strategic consulting, technical implementation, and ongoing support for Shopware 6 e-commerce platforms. Technically, the website is built on HubSpot CMS with integrations for marketing and analytics tools such as Google Tag Manager and Facebook Pixel. However, the site currently suffers from critical security shortcomings including an invalid SSL certificate, lack of modern TLS protocols, and missing DNS security features like DNSSEC and DMARC. Despite these issues, the site demonstrates good privacy compliance with GDPR-aligned cookie consent mechanisms and a comprehensive privacy policy. The overall digital maturity is moderate with room for improvement in security and performance.

W

Webmatch

webmatch.de

0

Webmatch is a Cologne-based e-commerce agency with over 15 years of experience, specializing in tailored e-commerce strategies and platform implementations for B2C, D2C, and B2B clients. The company holds a strong market position as a Shopware Gold Partner and a trusted partner for major clients such as Toyota, TAMRON, ADAC, and Wolters Kluwer. Their service portfolio includes business consulting, UX & design, tech development, growth & engagement, and data management. Technically, Webmatch leverages modern technologies including Shopware, commercetools, Algolia, and Storyblok, hosted on specialized platforms like maxcluster, and employs best practices in web performance and accessibility. Security-wise, the website uses strong TLS configurations and SPF/DMARC email protections but lacks DNSSEC, CAA records, and HSTS enforcement. Cookie consent is managed via Usercentrics, ensuring GDPR compliance. Overall, Webmatch demonstrates a mature digital infrastructure with a professional and trustworthy online presence.

R

RegioHelden GmbH

stroeer-online-marketing.de

0

RegioHelden GmbH, operating under the brand Ströer Online Marketing, is a large German media company specializing in local and measurable online marketing services for small and medium-sized enterprises. They hold a strong market position as one of the largest providers in Germany, offering a broad portfolio including Google Ads, SEO, directory listings, website creation, and social media advertising. Their digital presence is supported by a modern WordPress-based infrastructure with integrated analytics and consent management tools, reflecting a mature digital marketing operation. Security-wise, the company employs good SSL configurations, DNS security records like SPF and DMARC, and a comprehensive cookie consent mechanism, although there is room for improvement in HTTP security headers and vulnerability disclosure practices. Overall, the company demonstrates a high level of professionalism and trustworthiness, with clear contact channels and strong branding.

S

Ströer X GmbH

stroeer-x.de

0

Ströer X GmbH is a large German-based outsourcing partner specializing in dialog marketing, sales, and customer experience services. As part of the Ströer Group, it leverages the strength of a major corporation combined with the agility of a mid-sized service provider. The company offers a broad portfolio including customer service, digital transformation, social media management, and value-added services such as chat software and AI automation. Their market position is strong within media and related sectors, serving clients across multiple industries including e-commerce, energy, financial services, telecommunications, and tourism. Technically, the website is built on TYPO3 CMS and integrates modern marketing and analytics tools like Google Tag Manager, TikTok Pixel, and HubSpot forms, with GDPR-compliant cookie consent managed by Cookiebot. However, the site currently lacks a valid SSL certificate and modern TLS support, which is a critical security concern. Security policies such as SPF and DMARC are properly configured, but DNSSEC and other advanced DNS security measures are absent. Overall, the company demonstrates good digital maturity but needs to address fundamental security gaps to protect user data and maintain trust.

E

Edgar Ambient Media Group GmbH

edgar.de

0

Edgar Ambient Media Group GmbH is a leading German media company specializing in integrated digital and analog advertising solutions across high-traffic indoor urban touchpoints. With over 60,000 advertising carriers, the company holds a strong market position as a premier provider of DOOH, Ambient, and Live Media campaigns. Their business model focuses on authentic communication solutions for advertisers targeting urban audiences. Technically, the website is built on Webflow with modern JavaScript libraries for animation and smooth user experience, supported by a managed hosting provider. However, the current SSL/TLS configuration is invalid, which poses a significant security risk despite the presence of HSTS and email authentication records. The company demonstrates good privacy compliance with GDPR-aligned policies and consent mechanisms. Overall, Edgar Ambient Media Group GmbH presents a professional and trustworthy digital presence with room for critical security improvements.

S

Ströer Media Deutschland GmbH

stroeer-direkt.de

0

Ströer Media Deutschland GmbH operates as a leading regional online and outdoor advertising provider in Germany, offering a broad portfolio of advertising media including street, station, shopping center, and airport placements, as well as digital marketing services such as Google Ads, SEO, and native advertising. The company holds a strong market position as a major German advertising marketer with exclusive media spaces across cities and municipalities. Technically, the website is built on WordPress with a custom theme and plugins, leveraging Matomo for privacy-conscious analytics and Klaro for cookie consent management. However, the site lacks a valid SSL certificate and modern TLS configurations, which poses a significant security risk. The DNS setup uses Cloudflare but does not implement DNSSEC or CAA records, further limiting DNS security. While privacy compliance is well addressed through cookie consent and a comprehensive privacy policy, the absence of terms of service, security policies, and incident response information indicates gaps in transparency and security governance. Overall, the website demonstrates good content quality, user experience, and branding consistency but requires urgent improvements in transport security and security headers to protect user data and enhance trust.

S

Ströer SE & Co. KGaA

stroeer.com

0

Ströer SE & Co. KGaA is a leading German media company specializing in Out-of-Home (OOH) advertising, digital advertising, dialog marketing, and e-commerce services. Listed on the MDAX, Ströer holds a strong market position in Germany with a comprehensive portfolio of advertising solutions supported by subsidiaries and partner companies. The company emphasizes sustainability and diversity, aiming for CO2 neutrality by 2025 and fostering an inclusive work environment. Technically, the website is built on TYPO3 CMS with modern frontend technologies like Alpine.js and uses Cloudflare for DNS and CDN services. Analytics are managed via Matomo, and cookie consent is handled by Cookiebot, ensuring GDPR compliance. Security posture is solid with valid SSL certificates, SPF and DMARC records, but lacks advanced DNS security features like DNSSEC and CAA records. The site does not currently publish a security policy or incident response plan publicly. Overall, the website demonstrates a professional, trustworthy, and well-maintained digital presence aligned with business goals and regulatory requirements.

P

PwC-Stiftung

galerie-pwc-stiftung.de

0

The PwC-Stiftung website galerie-pwc-stiftung.de serves as a digital gallery and archive showcasing 20 years of cultural and educational projects and programs supported by the PwC-Stiftung foundation in Germany. The foundation focuses on promoting cultural education and youth engagement through funding and running various initiatives. The website is professionally designed with good content relevance and navigation, targeting educational institutions, cultural organizations, and youth audiences. Technically, the site uses modern web technologies with deferred JavaScript and CSS, hosted on a provider identified as netzhaut. Security posture is moderate with valid TLS protocols but lacks advanced security features such as HSTS, DNSSEC, and DMARC, which are recommended for improvement. Privacy policy is present and GDPR compliant, but no cookie consent mechanism or terms of service are found. Overall, the site is trustworthy and well-positioned as a non-profit educational foundation's digital presence.

S

SOCIAL POINTS gemeinnützige GmbH

sops.de

0

SOCIAL POINTS gemeinnützige GmbH operates the SOPS platform, a German-language online service dedicated to supporting and promoting non-profit organizations, especially community and social engagement groups. The platform enables non-profits to present themselves, receive digital donations, and build a community with features like messaging and a social points system. The company holds a strong position in the German non-profit sector, supported by partnerships with reputable foundations and local government entities. Technically, the website is built on TYPO3 CMS with common web technologies such as jQuery and Slick Carousel, but suffers from performance issues and lacks a valid SSL certificate, which impacts security and user trust. The site implements GDPR-compliant cookie consent and uses Google Analytics and Google Tag Manager for analytics and marketing purposes. Security posture is weak due to missing HTTPS and modern security headers, though DNS records show good email authentication practices.

M

MSP Medien Systempartner GmbH & Co. KG

medien-systempartner.de

0

MSP Medien Systempartner GmbH & Co. KG is a specialized IT consulting and software development company serving the media industry, particularly in the DACH region. With approximately 25 years of experience, MSP offers SAP IS/Media solutions, application management, and integration of digital platforms such as Piano and Lineup. The company holds a strong market position as a trusted partner for media houses undergoing digital transformation. Technically, the website is built on WordPress with modern plugins and uses a valid SSL certificate, though security headers and advanced TLS configurations could be improved. The security posture is moderate with good SPF and DMARC email protections but lacks HSTS and other HTTP security headers. Overall, MSP demonstrates a professional online presence with good content quality and user experience but could enhance security and privacy compliance by implementing cookie consent and security policies.

S

Score Media Group

scoremedia.de

0

Score Media Group operates as a national marketing platform for regional media brands in Germany, focusing on over 420 regional daily newspaper titles and associated digital and print media. The company targets advertisers and agencies seeking crossmedia advertising solutions, leveraging a strong market position with a comprehensive portfolio and high audience reach. Technically, the website is built on WordPress with modern plugins and frameworks, but performance is slow and some technical optimizations are possible. Security posture is generally good with modern TLS support and valid SPF records, but lacks advanced protections such as HSTS, DNSSEC, and OCSP stapling. Privacy compliance is addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the company demonstrates a mature digital presence with room for security and performance improvements.

G

GMX

gmx.de

0

GMX is a leading German FreeMail and media portal offering a wide range of services including free email accounts, cloud storage, news, entertainment, and affiliate cashback programs. The website targets German-speaking users and maintains a strong market position with comprehensive content and service offerings. Technically, the site employs modern JavaScript frameworks, modular scripts, and SVG graphics, hosted primarily by 1&1 IONOS. However, the SSL/TLS configuration is currently invalid, which poses a significant security risk. The site implements good privacy and cookie policies compliant with GDPR, but lacks explicit public security or incident response policies. Advertising and tracking are extensively used, including Adition and Criteo networks. Overall, the website is professionally designed with good user experience and content relevance, but requires urgent security improvements to protect user data and trust.

1

1&1 Telecommunication SE

1und1.com

0

1&1 Telecommunication SE is a major German telecommunications provider offering a wide range of services including internet (DSL and fiber), mobile phone services, TV, and device sales. As a subsidiary of United Internet AG, it holds a strong market position with comprehensive offerings for both private and business customers. The company integrates advanced digital technologies and maintains a modern, responsive website with extensive content and user-friendly navigation. However, the current SSL configuration is invalid, which poses a security risk. The company employs multiple analytics and marketing tools, ensuring data-driven business operations while maintaining GDPR compliance through detailed privacy and cookie policies. Overall, 1&1 demonstrates a high level of digital maturity and customer trust but should address its SSL and security header deficiencies promptly.

M

MMP Event GmbH

mmpevent.de

0

MMP Event GmbH is a medium-sized event agency operating as a 100% subsidiary of the Seven.One Entertainment Group in Germany. The company specializes in developing innovative event formats, managing event execution, marketing, and 360-degree communication, including TV event marketing and consulting in sports, media, and culture sectors. Their strong integration with the parent media group positions them uniquely to combine media and event marketing for maximum visibility and audience engagement. Technically, the website is built on WordPress using the Avada theme and Fusion Builder, with standard SEO and marketing tools such as Yoast SEO, Google Tag Manager, and UserCentrics CMP for cookie consent. However, the site suffers from an invalid SSL certificate and lacks advanced security configurations, which poses risks to user trust and data security. The company maintains GDPR compliance with a comprehensive privacy policy and cookie consent mechanism but lacks visible incident response or security policy documentation. Overall, the business is professionally presented with good content quality and consistent branding, but technical and security improvements are necessary to enhance trust and protect user data.

R

Redseven Entertainment

redseven.de

0

Redseven Entertainment is a prominent German media company specializing in the development and production of innovative entertainment formats for national and international TV and streaming markets. With offices in Munich, Cologne, and Berlin, the company offers a broad portfolio including TV productions, branded content, visual effects, and content development. Their market position is strong, supported by well-known brands such as Germany’s Next Topmodel and collaborations with major broadcasters and streaming platforms. Technically, the website infrastructure leverages Cloudflare for DNS and hosting, uses Matomo for privacy-conscious analytics, and employs Usercentrics for cookie consent management, reflecting a mature digital presence. However, performance is moderate with room for optimization.

S

Seven.One Starwatch

starwatch.de

0

Seven.One Starwatch is a German media company specializing in the marketing of music and live entertainment within the Seven.One Entertainment Group. Positioned as the leading media partner and independent label in the music industry and event production sector, it targets music industry professionals and live entertainment organizers. The website content is primarily in German with English alternatives, reflecting a regional focus with international accessibility. Technically, the site is built on WordPress using the Avada theme and Fusion Builder, integrating SEO and cookie consent tools such as Yoast SEO and UserCentrics CMP. However, the site suffers from a lack of a valid SSL certificate and slow performance, which impacts user trust and security posture. Security configurations are minimal with no DNSSEC, CAA, or strong DMARC policies, and no advanced security headers are implemented. The company provides contact via email and maintains a LinkedIn presence but lacks visible phone contact or incident response information. Strategic improvements in SSL deployment, security headers, and compliance documentation are recommended to enhance trust and security.

S

SevenVentures GmbH

sevencommerceandventures.com

0

SevenVentures GmbH, as the investment arm of ProSiebenSat.1 Media SE, operates a comprehensive media-for-equity and media-for-revenue investment platform targeting consumer-oriented start-ups and growth companies primarily in the DACH region. The company leverages the extensive media reach of ProSiebenSat.1's premium TV, digital, and influencer networks to boost brand awareness and accelerate growth for its portfolio companies. Technically, the website is built on modern frameworks like Next.js and React, hosted on AWS, and employs standard web performance and SEO practices. Security posture is moderate with support for TLS 1.3 and OCSP stapling but lacks some critical security headers and HSTS enforcement. No explicit security or incident response policies were found, indicating potential areas for improvement. Overall, SevenVentures presents a professional, well-branded, and content-rich platform with strong market positioning in media-driven venture investments.

S

Seven.One Studios

sevenonestudios.com

0

Seven.One Studios is a leading German-based media company specializing in the creation and distribution of entertainment content including scripted and unscripted TV shows, films, and branded content. It operates as part of the larger ProSiebenSat.1 Media SE group, positioning itself strongly in the European and global media markets. The company serves global networks and digital platforms with a diverse portfolio of popular formats and productions. Technically, the website is built on WordPress and integrates modern web technologies including Usercentrics for consent management and Tealium for tag management, reflecting a moderate level of digital maturity. Performance is moderate with good mobile optimization and SEO practices. Security-wise, the site supports modern TLS protocols and has SPF and DMARC email protections but lacks advanced SSL features such as HSTS, OCSP stapling, and DNSSEC, which are recommended for enhanced security. Overall, the company maintains a professional online presence with clear contact and compliance information, but could improve its security posture to reduce risk.

S

smartclip

smartclip.com

0

smartclip is a European adtech company specializing in advanced advertising technology solutions for TV broadcasters and media owners. Positioned as a leading provider in the European market, smartclip offers a fully integrated ad server and SSP platform tailored to meet the needs of broadcasters and publishers. Their business model focuses on enabling media owners to monetize their inventory effectively while maintaining the openness of the internet. The company targets European broadcasters and publishers, emphasizing technology partnerships and innovation in TV advertising. Technically, the website is built on WordPress and leverages modern front-end frameworks and libraries such as Bootstrap, Swiper.js, and Usercentrics for consent management. Hosting is provided by WP Engine, ensuring a reliable infrastructure, though performance metrics indicate room for improvement with a slow page load time. Security-wise, the site has critical issues including an invalid SSL certificate and lack of modern TLS protocol support, which undermines secure communications. However, it employs HSTS with preload and includes SPF records, indicating some adherence to security best practices. The presence of cookie consent and privacy policies demonstrates GDPR compliance efforts. Overall, smartclip exhibits a mature digital presence with strong branding and content quality but requires urgent security enhancements to protect user data and maintain trust.

B

BCN Brand Community Network GmbH

bcn.group

0

BCN Brand Community Network GmbH operates a crossmedia marketing network primarily serving brands and advertisers in Germany. The company offers a broad portfolio of print, digital, and event marketing services, leveraging a strong brand portfolio and advanced targeting technologies such as the BCN Smart Stack. Their market position is solid within the German media sector, focusing on quality reach and integrated campaign solutions. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates Google Tag Manager for analytics and tracking. Security measures include SPF and DMARC for email protection and TLS 1.2 with strong cipher suites for HTTPS, though improvements like enabling TLS 1.3 and HSTS are recommended. The site demonstrates good GDPR compliance with a consent management platform and clear privacy policies. Overall, BCN shows a mature digital presence with good content quality and user experience, but could enhance security posture and transparency further.

T

TeamLinx42

teamlinx42.app

0

TeamLinx42 is a technology company offering a Microsoft Teams integrated app designed to facilitate quick and easy access to documents and information within teams. Positioned as a collaborative and decentralized knowledge management tool, it targets organizations using Microsoft Teams to improve information sharing and reduce knowledge silos. The company operates under the parent company AppSphere AG, based in Germany, and offers a SaaS model with a focus on ease of use and team collaboration. Technically, the website is built on WordPress with Elementor and Yoast SEO, but suffers from performance issues and lacks a valid SSL certificate, which impacts security posture. The security configuration is basic, with no advanced headers or TLS protocols enabled, and no published security or incident response policies. Privacy and cookie policies are present and GDPR compliant, with a cookie consent mechanism implemented. Overall, the website demonstrates moderate professionalism and trustworthiness but requires significant improvements in security and performance to enhance user trust and compliance.

H

Hessischer Landtag

hessischer-landtag.de

0

The Hessischer Landtag website serves as the official online presence of the Hessian Parliament, the highest constitutional organ representing the citizens of the German state of Hessen. It provides comprehensive information about parliamentary activities, members, committees, events, educational programs, and public engagement opportunities. The site targets citizens, political stakeholders, educators, and visitors, offering multilingual and accessible content. Technically, the site is built on Drupal 10 with modern web standards including responsive images and Bootstrap 5, ensuring good mobile optimization and user experience. Security-wise, the site employs strong TLS protocols with OCSP stapling and no major SSL vulnerabilities detected. However, it lacks advanced security headers, DNSSEC, and a cookie consent mechanism, which are areas for improvement. Overall, the site demonstrates a high level of professionalism, trustworthiness, and content quality, reflecting its role as a government institution.

J

Johann Oberauer GmbH

medien-camp.com

0

Medien Camp is a well-established event platform focused on careers in the media industry, primarily targeting young talents and aspiring media professionals. The company operates under Johann Oberauer GmbH and organizes sessions, workshops, AMAs, career forums, and media tours to connect attendees with media professionals and provide insights into media careers. The website demonstrates strong SEO and content quality, supported by a professional design and consistent branding. Technically, the site is built on WordPress with modern performance optimizations but has room for improvement in security configurations such as DNSSEC, HSTS, and DMARC. The security posture is moderate with no critical vulnerabilities detected but lacks explicit security policies or incident response information. Overall, the site is trustworthy and professionally managed, with good privacy and cookie compliance.

H

Hi, I'm Tobias. | rixx.de

rixx.de

0

The website rixx.de serves as a personal hub for Tobias, an open source software author, conference speaker, and community organizer primarily in the technology sector. The site highlights his projects, blog posts, and involvement in events such as Chaos Communication Congress and DjangoCon Europe. The business model centers on personal branding and community engagement rather than commercial transactions. Technically, the site is built with standard web technologies including HTML, CSS, and JavaScript, with hosting provided by INWX. Performance is moderate, and SEO is well addressed through metadata, but mobile optimization and accessibility are basic. Security posture is weak due to the absence of a valid SSL certificate, lack of TLS support, missing security headers, and no DNSSEC. SPF is configured correctly, but other email authentication and security mechanisms are minimal. No privacy, cookie, or terms policies are published, and no contact information is explicitly provided on the site. Overall, the site is trustworthy for its niche audience but requires significant security and compliance improvements to enhance user trust and data protection.

K

Koelncongress GmbH

koelncongress.de

0

Koelncongress GmbH is a well-established event management company based in Cologne, Germany, with a strong market position as the largest provider of exceptional event locations in the city. They offer full-service event planning and hosting for a wide range of events including conferences, corporate events, cultural and social gatherings. Their website reflects a mature digital presence built on WordPress, featuring detailed event calendars, news, and multiple location pages. Technically, the site uses modern TLS protocols and has implemented strong email authentication mechanisms such as SPF and DMARC, but lacks advanced SSL features like HSTS and OCSP stapling. The company demonstrates good privacy compliance with GDPR-aligned policies and cookie consent mechanisms. However, there are opportunities to enhance DNS security and SSL configurations. Overall, the security posture is moderate with room for improvement in certificate transparency and DNSSEC adoption.

M

Münchener Hypothekenbank eG

mhb.de

0

Münchener Hypothekenbank eG is a specialized financial institution focused on long-term real estate financing, serving private customers, commercial clients, and investors primarily in Germany. The bank emphasizes sustainability in its lending practices and maintains a strong market position with a history dating back to 1896. The website reflects a mature digital presence built on Drupal 10, integrating modern frontend technologies and a comprehensive cookie consent mechanism via Cookiebot. Analytics are handled through Matomo, balancing user tracking with privacy compliance. Security posture is solid with modern TLS protocols and no known vulnerabilities, though improvements such as DNSSEC, DMARC, and HSTS could enhance protection. Contact information is clearly presented, supporting customer engagement. Overall, the site demonstrates professionalism and trustworthiness aligned with its financial services business.

B

Berenberg

berenberg.de

0

Berenberg is a historic private bank and financial services provider founded in 1590 in Hamburg, Germany. It offers wealth management, asset management, corporate banking, and investment banking services to a diverse clientele including wealthy private clients, corporations, and institutional investors. The bank maintains a strong market position in Europe and the US with multiple offices and a broad service portfolio. Technically, the website employs modern web technologies with good performance and mobile optimization, supported by a robust SSL configuration and DNS setup. Security practices include SPF and DMARC email protections, OCSP stapling, and strong cipher suites, though improvements such as enabling HSTS and DNSSEC could enhance security further. Overall, Berenberg demonstrates a mature digital presence with strong trust indicators and compliance with GDPR and cookie consent regulations.