Security Directory

A

Ambient-TV Sales & Services GmbH

ambient-tv.de

0

Ambient-TV Sales & Services GmbH operates a large Digital Out Of Home (DOOH) advertising network in Germany, offering advertisers access to over 50,000 screens across more than 10,000 locations nationwide. The company provides campaign customization and a creative simulator tool to help clients visualize their logos on various screens. Their market position is strong within the German outdoor advertising sector, supported by partnerships with major brands and media groups. Technically, the website is built on modern frameworks such as Next.js and React, hosted on AWS infrastructure, and employs security best practices like TLS 1.3 and OCSP stapling. However, there are areas for improvement in DNS security and HTTP security headers. The security posture is solid but could be enhanced by implementing DNSSEC, DMARC, and HSTS. Overall, the company demonstrates a professional online presence with good user experience and trust indicators, though explicit security and incident response policies are not publicly disclosed.

E

Edgar Ambient Media Group

edgarartscreen.de

0

Edgar Ambient Media Group operates the Edgar Art Screen, a digital communication channel targeting the gastronomy sector in Germany. The service provides free 42" LED screens to bars, bistros, cafes, and restaurants, allowing them to display their own content such as menus and events. The business model is supported by advertising and cultural content, positioning the company as a media provider within the hospitality industry. The website is professionally designed with consistent branding and good content quality, targeting primarily German-speaking users. Technically, the site uses modern web technologies including Webflow CMS, Google Tag Manager, and cloud hosting on AWS. However, the site performance is somewhat slow due to large page size and resource count. Security posture is basic with TLS 1.3 support and no critical vulnerabilities detected, but lacks advanced features like HSTS, DNSSEC, DMARC, and OCSP stapling. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the company demonstrates a solid digital presence with room for security and performance improvements.

E

Edgar Ambient Media Group GmbH

edgarfreecards.de

0

Edgar Ambient Media Group GmbH operates the Edgar Freecards platform, specializing in distributing free postcards as an innovative advertising medium targeting urban audiences, particularly generations Y and Z in Germany. With over 30 years of experience and a presence in more than 4000 locations, the company has established a strong market position in the media sector, leveraging creative and sustainable advertising solutions. The website reflects a mature digital presence with comprehensive content, structured data, and multiple analytics tools integrated for performance and user behavior insights. However, the absence of a valid SSL certificate and modern TLS protocols represents a significant security gap that undermines user trust and data protection. The company demonstrates compliance awareness through a dedicated privacy policy, cookie consent mechanisms, and a compliance hotline linked to its parent group, Ströer OOH. Strategic improvements in security infrastructure and performance optimization are recommended to enhance overall risk posture and user confidence.

S

Ströer

plakate-buchen.de

0

Plakate-Buchen.de is an online advertising booking platform operated by Ströer, focusing on poster and campaign advertising across Germany. The platform offers access to over 300,000 advertising locations with daily updated availability and convenient online payment options, targeting businesses seeking to promote their stores or campaigns locally. The website is primarily in German and provides a phone contact for customer inquiries but lacks visible email contacts or terms of service. Technically, the site runs on an Apache server with modern TLS protocols (TLS 1.3 and 1.2) and uses Google Tag Manager for analytics and tracking. Security headers such as Strict-Transport-Security and X-Content-Type-Options are present, but improvements are needed in HSTS configuration, OCSP stapling, DMARC, DNSSEC, and certificate transparency compliance. The site implements cookie consent with express consent type, aligning with basic GDPR requirements but lacks comprehensive privacy and security policies. Overall, the platform demonstrates a moderate security posture with room for enhancement in email security and transport layer protections.

P

Payconomy GmbH

payconomy.de

0

Payconomy GmbH is a small German technology company specializing in payment automation, order to cash consulting, and enterprise software engineering. The company positions itself as a neutral expert across industries, offering consulting and SaaS solutions primarily focused on billing, finance, and payment automation. Their SAP Silver Partner status enhances their market credibility and indicates a strong partnership with SAP, targeting businesses seeking to digitize and automate payment processes. The website content is professional and well-structured, targeting B2B clients in need of scalable and automated payment solutions. Technically, the website employs Bootstrap and jQuery for frontend development and is hosted on Hetzner infrastructure. Performance is moderate with basic mobile optimization and SEO practices. Security-wise, the site supports modern TLS protocols (TLS 1.3 and 1.2) and has a valid SPF record, but lacks advanced security features such as HSTS, DMARC, DNSSEC, and OCSP stapling. The SSL certificate is valid but not compliant with Certificate Transparency standards, indicating room for improvement in trust and security posture. Overall, the security posture is moderate with no critical vulnerabilities detected but missing several best practices that could enhance protection against phishing and DNS attacks. The absence of cookie consent and limited privacy policy details suggest partial GDPR compliance. The company provides physical contact information but no direct email or phone contacts on the main page, which may affect user engagement and trust. Strategic improvements in security headers, privacy compliance, and contact transparency would strengthen their digital maturity and customer confidence.

S

SoSafe

sosafe-awareness.com

0

SoSafe is a leading European provider specializing in security awareness training and human risk management solutions. The company offers a behavioral science-based platform that empowers organizations to enhance their cybersecurity posture by educating employees and managing human-related risks. Positioned as Europe's largest provider in this niche, SoSafe delivers personalized, gamified training, phishing simulations, an AI-powered chatbot, and a comprehensive human risk management platform. Their market presence is reinforced by multiple certifications including ISO 27001, TISAX, and GDPR compliance, alongside strong customer testimonials and industry recognitions. Technically, SoSafe's website is built on WordPress and integrates a robust set of analytics and marketing tools such as Google Analytics, Matomo, Cookiebot for consent management, HubSpot forms, and Visual Website Optimizer for A/B testing. The infrastructure is hosted on Amazon AWS with DNS managed via Route53. While the site supports modern TLS protocols and has valid SPF and DMARC records, it lacks DNSSEC, CAA records, and HSTS, which are recommended for enhanced security. The website performance is moderate to slow, with room for optimization. From a security perspective, SoSafe demonstrates good practices including strong SSL configuration, OCSP stapling, and comprehensive cookie consent mechanisms. However, there is no public vulnerability disclosure or security.txt file, and incident response contact details are not explicitly provided. The company maintains a strong security posture with certifications and compliance but could improve transparency and DNS security. Overall, SoSafe presents a mature digital presence with a focus on privacy and compliance, extensive integration with enterprise platforms, and a clear commitment to security awareness. Strategic improvements in DNS security and incident response transparency would further strengthen their security posture and trustworthiness.

L

Lineup

lineup.com

0

Lineup is a specialized software provider offering ERP and revenue management solutions tailored for the media and advertising industry. Their flagship product, Adpoint, integrates CRM, order management, finance, and analytics to streamline media sales processes and boost revenue. The company has a solid market presence with notable clients and significant ad revenue processed through their platform. Technically, the website is built on WordPress using the Salient theme and incorporates multiple marketing and analytics tools including HubSpot, Google Analytics, Hotjar, and LinkedIn Insight Tag. However, the site currently lacks a valid SSL certificate and modern TLS support, which poses a significant security risk. While SPF and DMARC email protections are properly configured, the absence of HTTPS undermines user trust and data security. The company demonstrates good privacy compliance with GDPR-aligned cookie consent mechanisms and detailed cookie categorization. Overall, Lineup presents a professional and trustworthy digital presence but must urgently address its SSL/TLS deficiencies to improve security posture and user confidence.

R

RTL+

rtlplus.de

0

RTL+ is a major German media streaming platform offering a wide range of entertainment content including live TV, movies, series, podcasts, music, and audiobooks. It operates under RTL interactive GmbH and provides tiered subscription packages to cater to diverse customer needs. The platform is well-positioned in the German media market with a strong brand presence and extensive content library. Technically, RTL+ utilizes modern web technologies such as Angular, Google Tag Manager, and Sourcepoint for consent management, hosted on EuroDNS infrastructure. The website demonstrates good SEO, mobile optimization, and accessibility standards, though performance is moderate due to resource load. Security-wise, the site employs TLS 1.2 with strong cipher suites and has valid SPF and DMARC records, but lacks TLS 1.3, HSTS, and OCSP stapling, which are recommended for enhanced security. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, RTL+ presents a professional, trustworthy, and user-friendly streaming service with room for security enhancements.

ProSieben is a leading German media and entertainment company providing live TV streaming, video on demand, and news content primarily targeting German-speaking audiences. The website demonstrates a mature digital presence with a modern tech stack including Next.js and React, delivering rich multimedia content and a well-structured user experience. Security posture is solid with strong TLS configurations and SPF email protections, though improvements in HSTS, OCSP stapling, and DNSSEC could enhance security further. Privacy compliance is well addressed with a consent management platform and comprehensive policies. Overall, ProSieben maintains a high level of professionalism and trustworthiness in its online presence.

P

ProSiebenSat.1 Media SE

commerceandventures.com

0

Commerce & Ventures is the investment business of ProSiebenSat.1 Media SE, focusing on supporting consumer-oriented start-ups and growth companies through a combination of media-for-equity, media-for-revenue, minority, and majority investments. The company leverages the extensive media reach of the ProSiebenSat.1 Group to build brand awareness and accelerate growth for its portfolio companies. Technically, the website is built on modern frameworks such as Next.js and React, hosted on AWS, and integrates marketing and tracking tools like Google Tag Manager. Security posture is adequate with support for TLS 1.2 and 1.3 and no major vulnerabilities detected, but lacks some best practices like HSTS and OCSP stapling. Overall, the site is professional, well-branded, and provides comprehensive information about its investment activities and portfolio. However, direct contact information and explicit security policies are not prominently available, which could be improved to enhance trust and compliance.

P

ParshipMeet Group

parshipmeet.com

0

ParshipMeet Group is a leading international dating and video communication company operating nine brands with over 500 employees and revenues exceeding 375 million Euros. The company supports individuals worldwide in finding meaningful connections through its apps available in over 190 countries and 25 languages. Technically, the website is built on WordPress, hosted behind Cloudflare, and uses modern web technologies including Usercentrics for consent management and Adobe Typekit for fonts. However, the SSL certificate is currently invalid, which poses a significant security risk. The company has implemented strong email authentication policies including SPF and DMARC with a reject policy, enhancing email security. Overall, the website demonstrates good content quality and branding consistency but requires urgent improvements in SSL configuration and security headers to ensure user trust and compliance.

A

Atom

nucomgroup.com

0

Atom operates a premium domain marketplace platform offering domain sales, branding, naming contests, trademark services, and audience research. The company positions itself as a trusted marketplace with strong buyer protections and flexible payment options. The website is professionally designed, mobile-optimized, and integrates modern web technologies and analytics tools. However, the absence of a valid SSL certificate is a critical security gap that undermines user trust and data protection. The platform demonstrates moderate digital maturity with extensive user tracking and marketing integrations but requires improvements in security posture to meet industry standards.

S

SevenVentures

sevenventures.de

0

SevenVentures is a strategic media investment arm of ProSiebenSat.1 Media SE, specializing in minority equity investments and media cooperations for established digital B2C companies. Their business model leverages media assets to accelerate growth and brand awareness in the German and Austrian markets. The website demonstrates a mature digital infrastructure using modern web technologies such as Next.js and integrates marketing and tracking tools like Google Tag Manager and trkkn.com. Security posture is solid with TLS 1.3 support and valid SPF records, though improvements such as enabling HSTS, DNSSEC, and DMARC would enhance protection. Overall, SevenVentures presents a professional and trustworthy online presence aligned with its market position as a leading media investor.

B

Bundesverband Green Software e. V.

bundesverband-green-software.de

0

Bundesverband Green Software e. V. is a German non-profit association dedicated to promoting sustainable and resource-efficient software development practices in Germany. The organization focuses on advancing green software standards, tools, training, and policy advocacy to reduce the ICT sector's carbon footprint. Their market position is that of a leading national association in the green software domain, targeting companies and digital actors interested in sustainability. The website content is well-aligned with their mission and audience, providing information on initiatives, working groups, events, and membership opportunities. Technically, the website employs modern web technologies including Tailwind CSS and JavaScript libraries such as Marquee3k, hosted behind Cloudflare DNS and leveraging email infrastructure from Scaleway and Outlook. While the site is responsive and optimized for mobile devices, performance is somewhat slow with a load time of nearly 7 seconds. SEO practices are good, but accessibility is basic. No CMS or advanced frameworks are detected. From a security perspective, the site has a valid SSL certificate (though with suspicious validity dates), SPF and DMARC records configured, but lacks advanced security headers like HSTS or DNSSEC. There is no visible security policy, incident response contact, or vulnerability disclosure mechanism. Privacy compliance is supported by a comprehensive privacy policy, but no cookie consent mechanism is present. The security posture is moderate with room for improvement in email security policies and HTTPS hardening. Overall, the website and organization present a trustworthy and professional front for their green software advocacy mission. Strategic improvements in security headers, DNS security, and transparency around incident response would enhance their security maturity and stakeholder confidence.

S

smartclip.net

smartclip.net

0

The website smartclip.net currently presents an empty HTML page with no visible content, metadata, or business information. The domain is registered and DNS is managed via AWS Route53 with multiple A records and a valid SPF record including mailgun.org. The SSL configuration is good, supporting modern TLS protocols without known vulnerabilities, but lacks advanced security headers and HSTS. No privacy, cookie, or terms of service policies are present, nor any contact or security policy information. Overall, the site lacks content and transparency, limiting its business and security posture visibility.

Q

qwertiko GmbH

navigate-it-services.de

0

qwertiko GmbH is a medium-sized German IT service provider specializing in professional hosting and Platform-as-a-Service (PaaS) solutions. With over 10 years of experience, the company offers tailored, high-performance cloud hosting, managed services, firewall solutions (notably pfSense®), and personalized consulting. Their market position is strengthened by official partnerships and a focus on personal customer service, targeting businesses and agencies requiring reliable and scalable IT infrastructure. Technically, the website is built on WordPress using WPBakery Page Builder and several plugins, hosted on infrastructure managed by nroute.de. While the site demonstrates good SEO and mobile optimization, the analyzed domain lacks a valid SSL certificate and modern TLS support, which is a critical security gap. The company maintains GDPR compliance with a comprehensive privacy and cookie policy and provides clear contact information and customer testimonials, enhancing trust. However, there is no explicit terms of service or security policy published, and incident response details are absent. Overall, qwertiko presents a professional digital presence with room for security improvements.

M

Mpirical Limited

mpirical.com

0

Mpirical Limited is a UK-based telecommunications training provider specializing in 5G, 4G LTE, and wireless network technologies. With over two decades of experience, the company offers certified and accredited training courses delivered online, live onsite, and on demand. Their market position is strong, supported by industry certifications such as ITP, CPD, and ISO standards, and a broad portfolio of learning aids including the proprietary NetX tool. The company targets individuals, teams, and enterprises seeking up-to-date telecoms knowledge and certification. Technically, the website is built on WordPress with a modern tech stack including Google Analytics, Hotjar, Zoho SalesIQ, and Vimeo integration. Performance is moderate to slow, with good mobile optimization and SEO practices. Security posture is good with valid SSL, SPF, and DMARC policies, but could be improved by enabling HSTS, DNSSEC, and OCSP stapling. No explicit security policy or incident response contacts were found. Overall, Mpirical demonstrates a mature digital presence with strong trust indicators and compliance with privacy regulations.

I

International Data Spaces Association (IDSA) / Associação Brasileira de Internet das Coisas (ABINC)

idsa-brasil.org

0

The IDSA Hub Brazil website represents a collaborative initiative between the International Data Spaces Association (IDSA) and the Associação Brasileira de Internet das Coisas (ABINC) to promote the future of the digital economy in Brazil through the creation and adoption of data spaces. The site serves as a knowledge transfer and community-building platform, targeting businesses and organizations interested in data sovereignty, IoT, and digital innovation. The business model is non-profit and partnership-driven, positioning itself as a key facilitator in the Brazilian technology ecosystem with global ties. Technically, the website is built on WordPress using Elementor and Astra theme, hosted by HostGator Brazil, with moderate performance and good mobile optimization. However, the security posture is weak due to the absence of a valid SSL certificate, lack of security headers, and missing DNS and email security records. No privacy or cookie policies are present, which may impact compliance and user trust. Overall, the site is professional and content-rich but requires significant improvements in security and compliance to enhance trust and protect user data.

M

Mondoni Press

mondonipress.com.br

0

Mondoni Press is a Brazilian PR and communication agency specializing in press advisory, institutional communication, digital marketing, and content creation. The company positions itself as a trusted partner for businesses seeking to enhance their credibility, media presence, and visibility. It has received recognition such as the PR Agency of the Year award in South America (Prestige Awards 2023/24) and serves a diverse client base across various sectors. Technically, the website is built on WordPress with a range of popular plugins and marketing tools, including Google Analytics, Facebook Pixel, and Hotjar, indicating a mature digital marketing infrastructure. However, the website suffers from a critical security issue: the SSL certificate is invalid or missing, which undermines user trust and data security. The cookie consent mechanism is implemented, but no explicit privacy policy or terms of service pages were found, which may pose compliance risks. Overall, the company demonstrates good branding and content quality but should urgently address security and compliance gaps to maintain trust and regulatory adherence.

E

Elo Criativo

elocriativo.com.br

0

Elo Criativo is a small Brazilian design and web strategy agency specializing in branding, web design, and graphic design services. The company targets businesses seeking to improve their digital presence through well-crafted design and web solutions. Their market position is that of a niche service provider with a portfolio showcasing diverse projects. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, Foundation, and various JavaScript libraries. The hosting is managed via Cloudez nameservers. Performance is moderate with a page load time of approximately 5.8 seconds and a page size of about 200KB. Security posture shows a valid SSL certificate but lacks advanced configurations such as HSTS, DNSSEC, and security headers. SPF and DMARC records are configured but with a relaxed DMARC policy. Analytics usage includes Google Analytics, Google Tag Manager, and RD Station, indicating moderate user tracking but no visible privacy or cookie policies, which is a compliance gap. Overall, the website is professional and functional but could improve security and privacy compliance to enhance trust and reduce risk.

H

Hubert Burda Media

burda.com

0

Hubert Burda Media is a large, established media and technology company based in Germany, focusing on media publishing, brand management, and equity investments. The company maintains a strong market position with a diverse portfolio and international presence. Their website reflects a mature digital infrastructure with modern JavaScript libraries, consent management, and structured data for SEO and business transparency. Security posture is solid with valid SSL, SPF, and DMARC configurations, though improvements such as enabling HSTS and additional security headers are recommended. The company demonstrates compliance awareness with GDPR-aligned privacy and cookie policies and a whistleblowing system. Overall, the website is professional, trustworthy, and well-optimized for users and search engines.

H

Hispasat

hispasat.com

0

Hispasat is a leading satellite telecommunications operator specializing in the distribution of audiovisual content in Spanish and Portuguese across Europe and Latin America. As a large enterprise and a subsidiary of Redeia, Hispasat offers a broad portfolio of satellite and data services including internet access, cellular backhaul, tele-education, and satellite programs. The website reflects a mature digital presence with multilingual support, modern UI frameworks, and a comprehensive content structure targeting telecommunications customers and partners. Technically, the infrastructure leverages Microsoft Azure hosting and AWS Route53 DNS, with a tech stack including jQuery, Bootstrap, and Google Tag Manager. Security posture is moderate with valid SSL certificates and SPF records but lacks advanced protections such as HSTS, DMARC, DNSSEC, and OCSP stapling. The site employs cookie consent mechanisms and analytics tools, indicating awareness of privacy compliance, though no explicit security or incident response policies are published. Overall, Hispasat demonstrates a professional and trustworthy online presence aligned with its market position.

A

Agência De Conteúdo Estratégico | FonteMidia Digital

fontemidiadigital.com.br

0

The website fontemidiadigital.com.br currently serves an error page indicating HTTP ERROR 429, which suggests the server is rate limiting or blocking access. The site lacks any visible business content, metadata, or contact information, and appears to be hosted on Wix with invalid SSL configuration. Technically, the site uses LitElement and Canvas API but suffers from slow performance and poor optimization. Security posture is weak due to missing SSL certificate, lack of security headers, and absence of DNSSEC and DMARC records. Overall, the site is not compliant with common privacy or security standards and provides no user or business trust signals.

I

Início | Streaming Academy Abotts

streamingacademy.com.br

0

The website streamingacademy.com.br currently serves an error page indicating HTTP ERROR 429, which suggests that the site is either rate-limited or temporarily blocked. The site lacks any visible business or contact information, privacy or cookie policies, or terms of service. Technically, the site uses modern JavaScript technologies including LitElement and web components, but the overall page content is minimal and does not provide business context or user engagement features. The SSL configuration is basic but supports strong TLS protocols without known vulnerabilities. However, security best practices such as HSTS, OCSP stapling, and DNSSEC are not implemented, which could be improved to enhance security posture. No analytics, advertising, or tracking technologies are detected, indicating minimal user tracking. Overall, the site appears to be in a limited or error state with poor content and minimal security and compliance features.

I

Início | Streaming Academy Abotts

streamingladies.com.br

0

The website streamingladies.com.br currently presents an HTTP 429 error indicating that it is not accessible due to too many requests or rate limiting. The site lacks any metadata, structured data, or business information, and does not provide contact details, privacy policies, or terms of service. Technically, the site uses JavaScript with the LitElement framework and includes a Chrome Dino game clone script, but the SSL certificate is invalid and no modern TLS protocols are enabled, resulting in a poor security posture. There are no security headers or DNS security configurations in place. Performance is slow and content is minimal, leading to a poor user experience and low trustworthiness. Overall, the site appears to be down or blocked, providing no meaningful business or user information.

K

KM Business Information Canada Ltd.

lawawards.ca

0

The Canadian Law Awards website serves as a digital platform for promoting and managing an annual legal industry awards event in Canada. It is operated by KM Business Information Canada Ltd. and closely associated with the Canadian Lawyer and Lexpert brands, positioning itself as a reputable media and event organizer within the legal sector. The site targets legal professionals, law firms, and sponsors, offering event information, winner announcements, and sponsorship opportunities. Technically, the website is built on WordPress with Bootstrap and uses various third-party marketing and analytics tools including Google Analytics, Google Tag Manager, HubSpot Forms, and Bombora. However, the site suffers from significant security shortcomings, including an invalid SSL certificate and lack of modern TLS support, which undermines user trust and data protection. Despite enabling HSTS, the absence of a valid certificate renders it ineffective. There is no visible privacy or cookie policy, and no direct contact emails or phone numbers are provided, limiting transparency. The site exhibits good design and user experience but is slow to load due to large page size and many resources. Overall, the website is a moderately professional media event site with room for improvement in security and privacy compliance.

K

KM Business Information Canada Ltd.

risingstarscanada.com

0

RisingStarsCanada.com is a media and event website dedicated to the Lexpert Rising Stars Awards, which recognize outstanding lawyers under 40 in Canada. The site is operated by KM Business Information Canada Ltd., a medium-sized media company specializing in legal industry events and publications. The platform targets legal professionals and law firms across Canada, providing nomination and award event information supported by established legal media partners. Technically, the website is built on WordPress with modern front-end frameworks like Bootstrap and uses multiple third-party marketing and analytics tools including Google Analytics, HubSpot, and Lytics. While the site supports strong TLS protocols and has some security best practices in place, it lacks critical security headers such as HSTS and DMARC, and does not publish a privacy or cookie policy, which impacts its compliance posture. The website performance is slow due to a large page size and numerous resources, but mobile optimization and SEO are adequate. Overall, the site is professional and trustworthy within its niche but requires improvements in security and privacy transparency to meet modern standards.

E

Email Service Provider — Amazon Simple Email Service (Amazon SES) — AWS

amazonses.com

0

Security assessment completed with an overall score of 50/100 (unknown risk). 9 high-priority issues should be addressed promptly. Total of 23 security findings identified across all modules.

P

Press Manager

pressmanager.com.br

0

Press Manager is a Brazilian technology company specializing in software solutions for press management and communication services. Positioned as a market leader in Brazil, it offers a comprehensive SaaS platform targeting marketing departments, public agencies, press offices, communication agencies, freelancers, and journalists. The platform provides key services including press mailing, release distribution, news monitoring, and online management, supported by a strong brand presence and client trust signals. Technically, the website is built on WordPress, hosted on AWS infrastructure, and employs modern web technologies and SEO best practices. However, the security posture is weakened by the absence of a valid SSL certificate and lack of advanced security configurations, despite proper email authentication records and cookie consent mechanisms. Overall, the company demonstrates a mature digital presence with room for critical security improvements.

J

JET e-Business

jetshopping.com.br

0

JET e-Business is a Brazilian e-commerce platform provider offering high-performance, customizable solutions for B2C, B2B, D2C, and B2B2C business models. The company positions itself as a strategic partner for businesses seeking to scale their online sales with integrated marketplace management, analytics, and shipping solutions. Their website reflects a mature digital presence with comprehensive marketing and analytics integrations, including Google Analytics, Facebook Pixel, Hotjar, and Bing Ads. However, the site lacks a valid SSL certificate and modern TLS support, which poses security risks. DNS configurations are properly set with SPF and DMARC policies, but DNSSEC and CAA records are absent. The company provides clear privacy and cookie policies with consent mechanisms, but no explicit security or incident response policies are publicly available. Overall, JET demonstrates a strong market position in the e-commerce technology sector but should urgently address its SSL/TLS deficiencies to improve security and trust.

R

Reclame Aqui

reclameaqui.com.br

0

Reclame Aqui is a prominent Brazilian consumer complaint platform that facilitates communication between consumers and companies to resolve disputes and manage reputations. The website is currently protected by Cloudflare's security services, which has blocked access to the provided URL, limiting direct content analysis. The platform likely serves a large user base in Brazil, focusing on consumer rights and corporate accountability. Technically, the site leverages Cloudflare for DNS and security, with Google MX servers handling email. The SSL certificate is valid but lacks advanced security configurations such as HSTS and DNSSEC. The absence of privacy, cookie, and terms of service policies on the analyzed page suggests these may be located elsewhere or not publicly accessible at this URL. Security posture shows basic email authentication practices with SPF and DMARC but lacks advanced web security headers and configurations. Overall, the site demonstrates moderate technical infrastructure but requires improvements in security best practices and transparency to enhance trust and compliance.

G

GBM Administradora de Activos S.A. de C.V. S.O.F.I.

gbmfondos.com.mx

0

GBMfondos is a well-established Mexican financial services company specializing in investment funds and personalized investment advisory through its GBMadvisor platform. With over 35 years of industry experience and recognition such as Morningstar Awards, it holds a strong market position in Mexico's finance sector. The company targets investors seeking accessible and intelligent investment solutions, supported by a mobile application and a comprehensive digital platform. Technically, the website is hosted on Amazon AWS and employs modern tracking and analytics tools including Google Analytics, Facebook Pixel, and Hotjar, indicating a mature digital marketing strategy. However, performance is slow and some SEO and accessibility aspects are basic. Security-wise, the site uses TLS 1.2 and 1.3 with a strict DMARC policy, but lacks advanced SSL features like HSTS and OCSP stapling, and does not have a published security policy or incident response contacts. Overall, the site is professional and trustworthy but could improve in security posture and privacy compliance.

G

GBM App

appgbm.com

0

The website appgbm.com appears to be a minimal React-based authentication portal with limited publicly visible content or business information. The site uses modern technologies such as React, Google Tag Manager, and New Relic for analytics and monitoring, hosted on Amazon AWS infrastructure. However, the site lacks essential compliance and security disclosures such as privacy policies, cookie policies, terms of service, and contact information. The SSL configuration is good with support for TLS 1.3 and 1.2 and no known vulnerabilities, but important security enhancements like HSTS, DNSSEC, DMARC, and OCSP stapling are missing. Performance is suboptimal with a high load time and large page size, indicating potential technical debt or unoptimized resources. Overall, the site demonstrates a basic technical maturity but lacks transparency and comprehensive security posture, which may impact user trust and regulatory compliance.

G

GBM

gbm.com

0

GBM is a leading financial services company in Mexico offering a broad range of investment products, trading platforms, and advisory services targeting both individual and institutional investors. The company positions itself as a comprehensive investment ecosystem with strong market presence and a wide product portfolio including stocks, ETFs, bonds, and alternative investments. Their digital platform is supported by WordPress CMS with advanced SEO and marketing integrations, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security concern. Marketing and analytics tools are extensively used, indicating a mature digital marketing strategy but raising privacy considerations. Legal and privacy documentation is comprehensive and available in Spanish, supporting regulatory compliance. However, explicit security policies and incident response information are not publicly disclosed.

R

Resonanz Digital

resonanz-digital.at

0

Resonanz Digital is a well-established digital agency based in Austria, specializing in WordPress websites, online shops, eCommerce solutions, online marketing, SEO, and Google Ads. With over 20 years of experience and a Google Partner certification, the company targets small and medium enterprises, founders, and individual entrepreneurs. Their service portfolio includes web design, WordPress development, maintenance, plugin development, and marketing services, positioning them as a trusted partner for digital presence creation. The website demonstrates a strong brand consistency and excellent content quality, supported by positive customer reviews from ProvenExpert. Technically, the site runs on WordPress with the Enfold theme and uses various performance and multilingual plugins. Hosting is provided via Google Cloud infrastructure. Security-wise, the site supports modern TLS protocols and has valid SPF and DMARC records but lacks advanced security features like HSTS, DNSSEC, and OCSP stapling, which could be improved. The cookie consent mechanism is implemented with opt-in for marketing and statistics cookies, reflecting good privacy compliance. Overall, the website is professional, trustworthy, and well-optimized for SEO and user experience, though performance could be enhanced.

S

SAE Institute

sae.edu

0

SAE Institute is a global education provider specializing in creative media courses with multiple regional campuses worldwide. The website analyzed serves as a regional selector landing page directing users to localized campus sites. The business model focuses on delivering specialized education in creative media to students internationally, positioning itself as a large, established educational institution. Technically, the site uses a lightweight design with jQuery and Matomo analytics, hosted on Amazon AWS infrastructure. However, the site lacks a valid SSL certificate, which severely impacts its security posture and user trust. Security configurations such as DNSSEC, HSTS, and CAA records are missing, and no privacy or cookie policies are present on this landing page. The use of Matomo indicates some level of user tracking without explicit consent mechanisms, raising privacy concerns. Overall, the site demonstrates moderate digital maturity but requires significant improvements in security and compliance to meet modern standards.

G

Greyd GmbH

greyd.de

0

Greyd GmbH operates the Greyd.Suite, an all-in-one WordPress platform designed to help freelancers, agencies, and enterprises scale their WordPress businesses efficiently. The company positions itself as a comprehensive solution provider with a unique block-based builder, centralized content and design management, and advanced features such as headless CMS capabilities and dynamic content management. Their market position is strengthened by a consistent brand presence, extensive feature set, and a focus on performance and accessibility. Technically, the website is built on WordPress 6.8.1 with a rich tech stack including custom plugins, Borlabs Cookie for GDPR-compliant consent management, and Chargebee for subscription billing. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocols, which poses risks to user data confidentiality and trust. The site demonstrates good SEO and accessibility practices, with comprehensive legal and privacy documentation. Overall, Greyd GmbH shows strong digital maturity but should urgently address SSL and TLS issues to improve security and user trust.

W

WP-Stars GmbH

wp-stars.com

0

WP-Stars GmbH is a well-established digital agency specializing in E-Commerce, web development, UX/UI design, and online marketing primarily serving clients in Austria and Germany. Founded in 2005, the company offers a comprehensive suite of digital services including website and online shop creation, platform development, and strategic digital consulting. Their market position is strengthened by certifications such as KMU.Digital and Trusted Shops Qualified Partner, alongside a portfolio of reputable clients. Technically, the website is built on WordPress with modern performance optimizations and integrates key tools like Gravity Forms and Borlabs Cookie for GDPR compliance. Security posture is solid with valid SSL, SPF, and DMARC records, though improvements like enabling HSTS and DNSSEC could enhance protection. Overall, WP-Stars demonstrates a mature digital presence with strong business and technical foundations, though explicit security policies and vulnerability disclosures are absent.

F

Formalize ApS

formalize.com

0

Formalize ApS is a Denmark-based technology company specializing in compliance software solutions designed to streamline governance, risk, and compliance operations for organizations. Their platform supports compliance with major regulatory frameworks such as NIS2, DORA, ISO 27001, and GDPR, offering customizable dashboards, automation, and a Trust Center for sharing compliance documentation. The company is positioned as a trusted provider with over 8,000 customers and strong partnerships with leading law and accounting firms. Technically, Formalize leverages modern web technologies including Alpine.js, AWS hosting, and integrates marketing and analytics tools such as Hubspot, Google Tag Manager, and Cookiebot for consent management. However, the website currently suffers from an invalid SSL certificate and lacks modern TLS protocol support, which poses a significant security risk. Despite this, the company demonstrates strong security practices with SPF, DMARC, and HSTS configurations, alongside certifications like ISO 27001 and ISAE 3000. Overall, Formalize presents a mature compliance platform with excellent user experience and comprehensive content, but should urgently address SSL and TLS issues to maintain trust and security.

K

Koelnmesse GmbH

koelnmesse.de

0

Koelnmesse GmbH is a leading international trade fair and event organizer based in Germany, with a strong market position and a comprehensive portfolio of over 80 trade fairs and events globally. The company serves a diverse audience including exhibitors, visitors, and business partners, providing key services such as exhibitions, conferences, and venue management. Technically, the website employs modern web technologies including jQuery, OneTrust for cookie consent, Google Tag Manager, and Plausible Analytics, hosted on Amazon AWS infrastructure. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocol support, which poses risks to secure communications. Despite these issues, the company demonstrates strong compliance with GDPR and provides clear privacy and cookie policies, along with active incident response contacts. Overall, Koelnmesse maintains a high level of professionalism and trustworthiness in its digital presence.

B

Bentley Systems, Incorporated

virtuosity.com

0

Bentley Systems, Incorporated is a leading global infrastructure engineering software company offering a comprehensive portfolio of software solutions for design, construction, and operations of infrastructure projects. Their e-commerce platform, Virtuosity, provides Bentley software subscriptions bundled with customizable expert training and support, targeting engineers, architects, constructors, and owner-operators. The company maintains a strong market position with a consistent brand presence and a large enterprise footprint. Technically, the website is built on the Magento Commerce platform with extensive use of JavaScript libraries and integrations including HubSpot, OneTrust, VWO, and New Relic. The site offers multi-language and multi-currency support, with good mobile optimization and accessibility features. However, the SSL configuration is currently invalid or missing, which poses a significant security risk. From a security perspective, the site implements SPF and DMARC for email protection and uses cookie consent mechanisms compliant with GDPR. Despite these strengths, the lack of a valid SSL certificate, absence of HSTS, and no evidence of a security policy or incident response plan indicate areas for urgent improvement. No explicit vulnerability disclosure or data protection officer contact information was found. Overall, while the business and technical infrastructure are robust and mature, the security posture requires immediate attention to protect user data and maintain trust. Strategic recommendations include securing the site with valid SSL/TLS, enhancing security headers, and formalizing security and incident response policies.

C

Cesium GS, Inc.

cesium.com

0

Cesium GS, Inc. operates a leading platform for 3D geospatial data visualization, data pipelines, and analytics, serving a broad range of industries including aerospace, defense, real estate, and smart cities. The company leverages an open source core and open standards to provide interoperable and precise geospatial solutions. Technically, the website employs modern frameworks such as React and Next.js, is hosted on AWS, and integrates accessibility and analytics tools, reflecting a mature digital infrastructure. Security posture is strong with valid TLS certificates, SPF and DMARC policies, and OCSP stapling, though improvements in HSTS and DNSSEC are recommended. Overall, Cesium demonstrates a high level of professionalism, community engagement, and technical sophistication, positioning it well in the competitive geospatial technology market.

S

Seequent

seequent.com

0

Seequent is a leading provider of geoscience analysis, modelling, and collaborative software solutions primarily serving the mining, civil, environmental, and energy sectors. As a subsidiary of Bentley Systems, it holds a strong market position with a comprehensive portfolio of products designed to help organizations understand subsurface data and make informed decisions. The company targets organizations requiring advanced geological and geotechnical data management and modelling capabilities. Technically, the website is built on WordPress with modern optimization and analytics tools such as NitroPack, Algolia, Segment, and Marketo, indicating a mature digital infrastructure. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent significant security gaps. The security posture is moderate with good email authentication (SPF, DMARC) but lacks HTTPS enforcement and advanced security headers. Overall, Seequent presents a professional and trustworthy online presence but should prioritize improving its SSL/TLS configuration and security policies to enhance user trust and compliance.

Cohesive Group is a globally recognized asset management solutions provider specializing in enterprise asset management, advisory, and data services. With a strong partnership ecosystem including IBM, Microsoft Azure, AWS, Bentley, and Planon, Cohesive delivers comprehensive digital transformation and asset lifecycle management solutions to complex infrastructure owners and operators. Their market position is reinforced by over 700 successful IBM Maximo implementations and a reputation as a stand-out leader in the industry. Technically, the website is built on WordPress with modern front-end technologies and hosted on Microsoft Azure infrastructure. While the site demonstrates good SEO and mobile optimization, performance is slow and there is room for improvement in accessibility and security headers. Security posture is solid with modern TLS support and no critical vulnerabilities detected, but enhancements such as HSTS, DNSSEC, and CAA records are recommended. Overall, Cohesive presents a professional and trustworthy digital presence aligned with its business objectives.

A

Attention Required! | Cloudflare

saily.com

0

Security assessment completed with an overall score of 50/100 (unknown risk). 11 high-priority issues should be addressed promptly. Total of 30 security findings identified across all modules.

N

NordProtect

nordprotect.com

0

NordProtect is a comprehensive identity theft and cyber protection service operated by Nord Security, targeting U.S. customers with a subscription-based model. The service offers a broad range of features including dark web monitoring, credit monitoring, security alerts, identity theft recovery coverage up to $1 million, cyber extortion protection, and online fraud coverage. The website is professionally designed with excellent content quality and clear branding consistent with the Nord Security group. Technically, the site uses modern web technologies such as the Astro framework and Solid-js, hosted on Cloudflare, with moderate performance and good mobile optimization. Security posture is solid with valid SSL, SPF, and DMARC policies, but lacks advanced DNS security features like DNSSEC and CAA records. No explicit security or incident response policies are published on the site. Advertising and analytics are managed primarily through Google services with a moderate level of user tracking and good privacy compliance. Overall, NordProtect presents a trustworthy and professional identity protection service with room for security enhancements.

W

Wake Experience

allin.com.br

0

Wake Experience, formerly All In, is a technology company specializing in customer data platforms and AI-driven marketing solutions. Positioned as a medium-sized enterprise in Brazil under the parent company LWSA, it offers services that enable businesses to capture, integrate, and leverage customer data to create personalized experiences across multiple channels. The website demonstrates a mature digital presence with integrations for consent management and analytics, reflecting a commitment to privacy compliance and data-driven marketing. However, the absence of a valid SSL certificate is a critical security gap that undermines data protection efforts. The DNS and email security configurations are well-managed, indicating operational security awareness. Overall, the company shows strong market positioning in technology-driven customer experience but needs to address fundamental security infrastructure to reduce risk and enhance trust.

S

Storytel AB (publ).

storytelgroup.com

0

Storytel AB operates one of the world's largest audiobook and e-book streaming platforms, serving over 2.3 million subscribers with a vast catalog in multiple languages. The company combines digital streaming with print publishing, positioning itself as a leading media entity in Sweden and internationally. Their website reflects a mature digital presence with strong investor relations and corporate governance transparency. Technically, the site is built on WordPress with Bootstrap, hosted via Cloudflare, and integrates Cookiebot for GDPR-compliant cookie management and Google Tag Manager for marketing analytics. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent significant security weaknesses. The site also exhibits slow load times, which could impact user experience and SEO. Security headers are minimal, with only SPF and DMARC configured, and no advanced protections like HSTS or CSP are present. Overall, while the business and content quality are excellent, the security posture requires urgent improvement to protect user data and maintain trust.

M

Mofibo

mofibo.com

0

Mofibo is a prominent Danish digital media platform specializing in subscription-based access to a vast library of over 600,000 audiobooks, e-books, and podcasts. As part of the Storytel group, it holds a strong market position in Denmark, offering tailored subscription plans including individual, family, and student options. The platform emphasizes user experience with features like offline downloads and exclusive content under the Mofibo Originals brand. Technically, Mofibo leverages modern web technologies such as Next.js, Cloudflare, and integrates multiple third-party services for analytics, marketing, and payment processing. The website demonstrates good digital maturity with a comprehensive cookie consent mechanism and GDPR compliance. Security-wise, Mofibo maintains a valid SSL certificate and implements SPF and DMARC policies, though improvements like enabling HSTS and DNSSEC are recommended. Overall, Mofibo presents a professional, trustworthy, and user-centric digital service with extensive tracking and marketing integrations.

D

DWS Group

dws.de

0

DWS Group is a leading global asset manager headquartered in Germany, offering a broad range of investment solutions including ESG, infrastructure, equity, bonds, and ETFs. The company has a strong market position with over 60 years of investment expertise and a large workforce. Their digital presence is built on modern web technologies such as Vue.js and integrates advanced video content delivery via Brightcove. The website demonstrates good SEO and user experience practices, with comprehensive privacy and cookie consent mechanisms in place. Security posture is solid with strict SPF and DMARC policies and use of TLS 1.3, though improvements such as enabling HSTS and OCSP stapling are recommended. Fraud warnings and clear contact information enhance user trust. Overall, the site reflects a mature digital infrastructure aligned with enterprise-grade asset management services.