Security Directory

P

PwC-Stiftung

galerie-pwc-stiftung.de

0

The PwC-Stiftung website galerie-pwc-stiftung.de serves as a digital gallery and archive showcasing 20 years of cultural and educational projects and programs supported by the PwC-Stiftung foundation in Germany. The foundation focuses on promoting cultural education and youth engagement through funding and running various initiatives. The website is professionally designed with good content relevance and navigation, targeting educational institutions, cultural organizations, and youth audiences. Technically, the site uses modern web technologies with deferred JavaScript and CSS, hosted on a provider identified as netzhaut. Security posture is moderate with valid TLS protocols but lacks advanced security features such as HSTS, DNSSEC, and DMARC, which are recommended for improvement. Privacy policy is present and GDPR compliant, but no cookie consent mechanism or terms of service are found. Overall, the site is trustworthy and well-positioned as a non-profit educational foundation's digital presence.

S

SOCIAL POINTS gemeinnützige GmbH

sops.de

0

SOCIAL POINTS gemeinnützige GmbH operates the SOPS platform, a German-language online service dedicated to supporting and promoting non-profit organizations, especially community and social engagement groups. The platform enables non-profits to present themselves, receive digital donations, and build a community with features like messaging and a social points system. The company holds a strong position in the German non-profit sector, supported by partnerships with reputable foundations and local government entities. Technically, the website is built on TYPO3 CMS with common web technologies such as jQuery and Slick Carousel, but suffers from performance issues and lacks a valid SSL certificate, which impacts security and user trust. The site implements GDPR-compliant cookie consent and uses Google Analytics and Google Tag Manager for analytics and marketing purposes. Security posture is weak due to missing HTTPS and modern security headers, though DNS records show good email authentication practices.

M

MSP Medien Systempartner GmbH & Co. KG

medien-systempartner.de

0

MSP Medien Systempartner GmbH & Co. KG is a specialized IT consulting and software development company serving the media industry, particularly in the DACH region. With approximately 25 years of experience, MSP offers SAP IS/Media solutions, application management, and integration of digital platforms such as Piano and Lineup. The company holds a strong market position as a trusted partner for media houses undergoing digital transformation. Technically, the website is built on WordPress with modern plugins and uses a valid SSL certificate, though security headers and advanced TLS configurations could be improved. The security posture is moderate with good SPF and DMARC email protections but lacks HSTS and other HTTP security headers. Overall, MSP demonstrates a professional online presence with good content quality and user experience but could enhance security and privacy compliance by implementing cookie consent and security policies.

S

Score Media Group

scoremedia.de

0

Score Media Group operates as a national marketing platform for regional media brands in Germany, focusing on over 420 regional daily newspaper titles and associated digital and print media. The company targets advertisers and agencies seeking crossmedia advertising solutions, leveraging a strong market position with a comprehensive portfolio and high audience reach. Technically, the website is built on WordPress with modern plugins and frameworks, but performance is slow and some technical optimizations are possible. Security posture is generally good with modern TLS support and valid SPF records, but lacks advanced protections such as HSTS, DNSSEC, and OCSP stapling. Privacy compliance is addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the company demonstrates a mature digital presence with room for security and performance improvements.

P

Paperform

dubble.so

0

Dubble is a technology company specializing in automated documentation tools that capture user workflows and convert them into step-by-step guides, videos, and screenshots. Positioned as a niche SaaS provider, Dubble targets individuals and teams seeking to simplify documentation and onboarding processes. The company operates under the parent company Paperform and offers its services primarily through a Chrome extension and web platform. The website demonstrates a strong brand presence with excellent content quality and user experience, supported by modern web technologies such as React and Next.js. Technical infrastructure leverages Cloudflare for DNS and likely CDN services, with integration of Google Analytics and Tag Manager for marketing and analytics purposes. Security posture is adequate with a valid SSL certificate and DMARC email protection, but lacks advanced security headers, DNSSEC, and HSTS enforcement. Privacy and terms of service policies are present and GDPR compliant, though no cookie consent mechanism was detected. Overall, the company shows a mature digital presence with room for security enhancements and improved transparency around incident response and vulnerability disclosure.

P

Paperform

papersign.com

0

Paperform operates Papersign, a secure and user-friendly electronic signature platform designed to simplify document signing for individuals and businesses. The company positions itself as a design-conscious and powerful solution that integrates seamlessly with its core form-building product, Paperform. The website demonstrates a mature digital presence with modern technologies such as React and Gatsby, hosted on AWS, and employs multiple analytics and marketing tools to optimize user engagement and conversion. Security is a key focus, with compliance to major eSignature regulations and SOC 2 certification, although some improvements in security headers and DNS configurations are recommended. Overall, Paperform maintains a strong market position with clear pricing, comprehensive content, and robust trust indicators, supporting a medium-sized technology business model.

F

Free email accounts with mail.com | Log in here or register today

mail.com

0

mail.com operates as a webmail service provider offering email hosting and access services to a broad audience. The website content analyzed is primarily a consent management page, indicating a focus on privacy compliance mechanisms, although no explicit privacy policy or terms of service were found on this page. The business appears to be established with a large user base, leveraging DNS infrastructure managed by GMX DNS servers and employing standard email security protocols such as SPF and DMARC with a quarantine policy. From a technical perspective, the website uses JavaScript-based consent management scripts and iframe sandboxing to handle cookie consent. However, the SSL/TLS configuration is critically lacking, with no valid certificate and no enabled TLS protocols, which severely impacts secure communications. DNSSEC is not enabled, and CAA records are malformed, indicating gaps in DNS security hardening. Performance is slow with a high page load time and moderate resource usage. Security posture shows strengths in email authentication (SPF, DMARC) and HSTS enforcement with preload, but major weaknesses in SSL/TLS deployment and DNS security. No security policy or incident response contacts are published, limiting transparency and readiness. Overall, the site demonstrates moderate trustworthiness but requires urgent improvements in SSL/TLS and DNS security to protect user data and maintain compliance. Strategic recommendations include immediate renewal and proper configuration of SSL certificates, enabling modern TLS protocols, fixing DNS CAA records, enabling DNSSEC, and publishing comprehensive privacy and security policies. Enhancing these areas will improve user trust, compliance posture, and reduce risk exposure.

G

GMX

gmx.de

0

GMX is a leading German FreeMail and media portal offering a wide range of services including free email accounts, cloud storage, news, entertainment, and affiliate cashback programs. The website targets German-speaking users and maintains a strong market position with comprehensive content and service offerings. Technically, the site employs modern JavaScript frameworks, modular scripts, and SVG graphics, hosted primarily by 1&1 IONOS. However, the SSL/TLS configuration is currently invalid, which poses a significant security risk. The site implements good privacy and cookie policies compliant with GDPR, but lacks explicit public security or incident response policies. Advertising and tracking are extensively used, including Adition and Criteo networks. Overall, the website is professionally designed with good user experience and content relevance, but requires urgent security improvements to protect user data and trust.

1

1&1 Telecommunication SE

1und1.com

0

1&1 Telecommunication SE is a major German telecommunications provider offering a wide range of services including internet (DSL and fiber), mobile phone services, TV, and device sales. As a subsidiary of United Internet AG, it holds a strong market position with comprehensive offerings for both private and business customers. The company integrates advanced digital technologies and maintains a modern, responsive website with extensive content and user-friendly navigation. However, the current SSL configuration is invalid, which poses a security risk. The company employs multiple analytics and marketing tools, ensuring data-driven business operations while maintaining GDPR compliance through detailed privacy and cookie policies. Overall, 1&1 demonstrates a high level of digital maturity and customer trust but should address its SSL and security header deficiencies promptly.

M

MMP Event GmbH

mmpevent.de

0

MMP Event GmbH is a medium-sized event agency operating as a 100% subsidiary of the Seven.One Entertainment Group in Germany. The company specializes in developing innovative event formats, managing event execution, marketing, and 360-degree communication, including TV event marketing and consulting in sports, media, and culture sectors. Their strong integration with the parent media group positions them uniquely to combine media and event marketing for maximum visibility and audience engagement. Technically, the website is built on WordPress using the Avada theme and Fusion Builder, with standard SEO and marketing tools such as Yoast SEO, Google Tag Manager, and UserCentrics CMP for cookie consent. However, the site suffers from an invalid SSL certificate and lacks advanced security configurations, which poses risks to user trust and data security. The company maintains GDPR compliance with a comprehensive privacy policy and cookie consent mechanism but lacks visible incident response or security policy documentation. Overall, the business is professionally presented with good content quality and consistent branding, but technical and security improvements are necessary to enhance trust and protect user data.

R

Redseven Entertainment

redseven.de

0

Redseven Entertainment is a prominent German media company specializing in the development and production of innovative entertainment formats for national and international TV and streaming markets. With offices in Munich, Cologne, and Berlin, the company offers a broad portfolio including TV productions, branded content, visual effects, and content development. Their market position is strong, supported by well-known brands such as Germany’s Next Topmodel and collaborations with major broadcasters and streaming platforms. Technically, the website infrastructure leverages Cloudflare for DNS and hosting, uses Matomo for privacy-conscious analytics, and employs Usercentrics for cookie consent management, reflecting a mature digital presence. However, performance is moderate with room for optimization.

S

Seven.One Starwatch

starwatch.de

0

Seven.One Starwatch is a German media company specializing in the marketing of music and live entertainment within the Seven.One Entertainment Group. Positioned as the leading media partner and independent label in the music industry and event production sector, it targets music industry professionals and live entertainment organizers. The website content is primarily in German with English alternatives, reflecting a regional focus with international accessibility. Technically, the site is built on WordPress using the Avada theme and Fusion Builder, integrating SEO and cookie consent tools such as Yoast SEO and UserCentrics CMP. However, the site suffers from a lack of a valid SSL certificate and slow performance, which impacts user trust and security posture. Security configurations are minimal with no DNSSEC, CAA, or strong DMARC policies, and no advanced security headers are implemented. The company provides contact via email and maintains a LinkedIn presence but lacks visible phone contact or incident response information. Strategic improvements in SSL deployment, security headers, and compliance documentation are recommended to enhance trust and security.

S

SevenVentures GmbH

sevencommerceandventures.com

0

SevenVentures GmbH, as the investment arm of ProSiebenSat.1 Media SE, operates a comprehensive media-for-equity and media-for-revenue investment platform targeting consumer-oriented start-ups and growth companies primarily in the DACH region. The company leverages the extensive media reach of ProSiebenSat.1's premium TV, digital, and influencer networks to boost brand awareness and accelerate growth for its portfolio companies. Technically, the website is built on modern frameworks like Next.js and React, hosted on AWS, and employs standard web performance and SEO practices. Security posture is moderate with support for TLS 1.3 and OCSP stapling but lacks some critical security headers and HSTS enforcement. No explicit security or incident response policies were found, indicating potential areas for improvement. Overall, SevenVentures presents a professional, well-branded, and content-rich platform with strong market positioning in media-driven venture investments.

S

Seven.One Studios

sevenonestudios.com

0

Seven.One Studios is a leading German-based media company specializing in the creation and distribution of entertainment content including scripted and unscripted TV shows, films, and branded content. It operates as part of the larger ProSiebenSat.1 Media SE group, positioning itself strongly in the European and global media markets. The company serves global networks and digital platforms with a diverse portfolio of popular formats and productions. Technically, the website is built on WordPress and integrates modern web technologies including Usercentrics for consent management and Tealium for tag management, reflecting a moderate level of digital maturity. Performance is moderate with good mobile optimization and SEO practices. Security-wise, the site supports modern TLS protocols and has SPF and DMARC email protections but lacks advanced SSL features such as HSTS, OCSP stapling, and DNSSEC, which are recommended for enhanced security. Overall, the company maintains a professional online presence with clear contact and compliance information, but could improve its security posture to reduce risk.

The website captify.com currently presents an empty HTML page with no visible content, metadata, or interactive elements. This severely limits the ability to assess the business, its services, or its market positioning from the website alone. DNS and SSL data indicate the domain is registered and secured with a valid certificate issued by GoDaddy, hosted on AWS infrastructure. However, the lack of security headers, DNSSEC, and email authentication records such as DMARC suggests a basic security posture with room for improvement. The website's slow load time despite minimal content points to potential hosting or configuration inefficiencies. Overall, the site lacks fundamental privacy, security, and compliance disclosures, which could impact user trust and regulatory compliance.

S

smartclip

smartclip.com

0

smartclip is a European adtech company specializing in advanced advertising technology solutions for TV broadcasters and media owners. Positioned as a leading provider in the European market, smartclip offers a fully integrated ad server and SSP platform tailored to meet the needs of broadcasters and publishers. Their business model focuses on enabling media owners to monetize their inventory effectively while maintaining the openness of the internet. The company targets European broadcasters and publishers, emphasizing technology partnerships and innovation in TV advertising. Technically, the website is built on WordPress and leverages modern front-end frameworks and libraries such as Bootstrap, Swiper.js, and Usercentrics for consent management. Hosting is provided by WP Engine, ensuring a reliable infrastructure, though performance metrics indicate room for improvement with a slow page load time. Security-wise, the site has critical issues including an invalid SSL certificate and lack of modern TLS protocol support, which undermines secure communications. However, it employs HSTS with preload and includes SPF records, indicating some adherence to security best practices. The presence of cookie consent and privacy policies demonstrates GDPR compliance efforts. Overall, smartclip exhibits a mature digital presence with strong branding and content quality but requires urgent security enhancements to protect user data and maintain trust.

Security assessment completed with an overall score of 50/100 (unknown risk). Total of 12 security findings identified across all modules.

B

BCN Brand Community Network GmbH

bcn.group

0

BCN Brand Community Network GmbH operates a crossmedia marketing network primarily serving brands and advertisers in Germany. The company offers a broad portfolio of print, digital, and event marketing services, leveraging a strong brand portfolio and advanced targeting technologies such as the BCN Smart Stack. Their market position is solid within the German media sector, focusing on quality reach and integrated campaign solutions. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates Google Tag Manager for analytics and tracking. Security measures include SPF and DMARC for email protection and TLS 1.2 with strong cipher suites for HTTPS, though improvements like enabling TLS 1.3 and HSTS are recommended. The site demonstrates good GDPR compliance with a consent management platform and clear privacy policies. Overall, BCN shows a mature digital presence with good content quality and user experience, but could enhance security posture and transparency further.

S

ScriptRunner Software GmbH

scriptrunner.com

0

ScriptRunner Software GmbH operates a specialized enterprise IT automation platform focused on PowerShell script automation, delegation, and compliance. The company targets IT directors, administrators, and partners, offering a comprehensive solution to streamline IT operations and enhance security. The website demonstrates a mature digital presence with extensive content, customer testimonials, and integration with major ITSM platforms. However, the current SSL/TLS configuration is invalid, which poses a significant security risk for users and should be addressed promptly. Marketing and analytics tools such as HubSpot, Google Tag Manager, and Facebook Pixel are actively used with consent mechanisms in place, indicating a moderate level of user tracking balanced with privacy compliance. Overall, the business shows strong market positioning in the technology sector with a medium-sized enterprise profile and a consistent, professional online brand.

T

TeamLinx42

teamlinx42.app

0

TeamLinx42 is a technology company offering a Microsoft Teams integrated app designed to facilitate quick and easy access to documents and information within teams. Positioned as a collaborative and decentralized knowledge management tool, it targets organizations using Microsoft Teams to improve information sharing and reduce knowledge silos. The company operates under the parent company AppSphere AG, based in Germany, and offers a SaaS model with a focus on ease of use and team collaboration. Technically, the website is built on WordPress with Elementor and Yoast SEO, but suffers from performance issues and lacks a valid SSL certificate, which impacts security posture. The security configuration is basic, with no advanced headers or TLS protocols enabled, and no published security or incident response policies. Privacy and cookie policies are present and GDPR compliant, with a cookie consent mechanism implemented. Overall, the website demonstrates moderate professionalism and trustworthiness but requires significant improvements in security and performance to enhance user trust and compliance.

S

SucesuSP

sucesusp.org.br

0

SucesuSP is a well-established technology user society based in São Paulo, Brazil, with a history dating back to 1967. The organization focuses on fostering technological development, digital transformation, and innovation through networking, educational events, and interest groups in areas such as cybersecurity, artificial intelligence, and IoT. Their business model revolves around membership and partnerships, providing value to technology professionals and companies in the region. Technically, the website is built on WordPress with Elementor and Yoast SEO, but suffers from performance issues and lacks a valid SSL certificate, which poses security risks. The presence of a cookie consent mechanism indicates some level of privacy compliance, though no explicit privacy or security policies are found. Overall, the security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Strategic improvements in security infrastructure and policy transparency are recommended to enhance trust and compliance.

A

Associação Brasileira de OTTs e Streamings

abotts.com.br

0

ABOTTS (Associação Brasileira de OTTs e Streamings) is a prominent Brazilian industry association that unites key leaders in the OTT and streaming sector. The organization focuses on fostering business opportunities, facilitating networking, and advocating for its members' interests in regulatory matters. Their services include hosting events, providing a platform for collaboration, and supporting innovation within the media and telecommunications industries. The website is built on the Wix platform, leveraging modern web technologies such as React 18 and various Wix apps to deliver a responsive and multilingual experience primarily in Portuguese, with English and Spanish options. Despite a well-structured digital presence, the site exhibits a critical security gap with an invalid SSL certificate and lacks advanced security configurations like HSTS and strict DMARC policies. The overall risk posture is moderate, with recommendations to enhance SSL implementation and security headers to improve trust and compliance.

A

Associação Brasileira de Internet das Coisas

abinc.org.br

0

Associação Brasileira de Internet das Coisas (ABINC) is a Brazilian technology association focused on the Internet of Things (IoT) sector. It provides membership services including access to digital materials, event participation, brand exposure, and committee involvement. The organization targets IoT industry stakeholders and professionals primarily in Brazil. The website is built on WordPress with Elementor and integrates event calendars and cookie consent mechanisms, reflecting a moderate level of digital maturity. However, the site suffers from critical security weaknesses, notably the absence of a valid SSL certificate and lack of modern TLS protocols, which exposes visitors to security risks. While cookie consent is implemented, no explicit privacy or security policies are published, indicating compliance gaps. Overall, ABINC maintains a good content quality and user experience but requires urgent improvements in security posture to protect its users and enhance trust.

A

ABCIS

abcis.org.br

0

ABCIS is a Brazilian association focused on digital transformation and improvement of the healthcare sector through integration and education of IT managers in health. It holds a strong market position as the largest community of healthcare CIOs in Brazil, offering services such as information dissemination, education, networking, certification, and events. The website reflects a medium-sized organization with a clear target audience of healthcare IT executives and professionals. Technically, the site is built on WordPress with common plugins and hosted on DreamHost, but suffers from slow performance and lacks some advanced security configurations. Security posture is basic with TLS 1.3 support and no critical vulnerabilities detected, but improvements are needed in security headers, HSTS, and certificate transparency. The site uses common marketing and analytics tools including Google Tag Manager and Facebook Pixel, with a GDPR-compliant cookie consent mechanism. Overall, the website is professional, trustworthy, and well-branded, but could benefit from technical and security enhancements.

K

KM Business Information Canada Ltd.

lawtimesnews.com

0

Law Times is a Canadian media publication specializing in legal news, analysis, and resources targeted at lawyers and legal professionals in Canada. It holds a trusted position in the Canadian legal media market, offering expert coverage and industry updates. The business model is primarily advertising-driven, supported by partnerships with related legal media brands. The website is operated by KM Business Information Canada Ltd., indicating a medium-sized enterprise with a focus on media and publishing in the Canadian legal sector. Technically, the website leverages a modern tech stack including Bootstrap, jQuery, Algolia search, and Google Tag Manager, hosted behind Cloudflare for DNS and CDN services. While the site includes multiple third-party advertising and tracking scripts, it implements a cookie consent mechanism via Termly and uses a valid SSL certificate. However, performance is slow with a large page size and long load times, and some security best practices like HSTS and DNSSEC are not enabled. From a security perspective, the site maintains a valid SSL certificate and uses Google site verification but lacks advanced security headers and DNS security features. No explicit security policy, incident response, or vulnerability disclosure information is found, indicating room for improvement in transparency and security posture. The extensive use of third-party trackers suggests moderate to extensive user tracking, which is partially mitigated by the cookie consent mechanism. Overall, Law Times presents a professional and trustworthy media platform with good content relevance and user experience but could enhance its security and privacy compliance to better protect users and improve trust.

K

KM Business Information Canada Ltd.

canadianlawyermag.com

0

Canadianlawyermag.com is a leading Canadian legal news website operated by KM Business Information Canada Ltd., providing comprehensive news, features, rankings, and resources targeted at legal professionals in Canada. The site offers premium subscription content alongside advertising-supported free content, positioning itself as a key media player in the Canadian legal sector. Technically, the website employs a modern tech stack including Bootstrap, jQuery, Algolia search, and integrates multiple third-party analytics and advertising services such as Google Tag Manager, Microsoft Application Insights, and Facebook Pixel. The site is hosted behind Cloudflare DNS with valid SSL certificates but lacks advanced security headers like HSTS and DNSSEC, indicating room for improvement in security posture. Privacy and cookie policies are present with a consent mechanism, and the site enforces strict email authentication via SPF and DMARC with a reject policy. Overall, the website demonstrates a good balance of content quality, user experience, and security practices, though performance optimization and enhanced security configurations are recommended.

H

Hostinger

hostinger.com.br

0

Hostinger is a well-established global web hosting and domain registration provider founded in 2004, serving over 3 million users worldwide. The company offers a comprehensive suite of services including shared hosting, VPS, cloud hosting, WordPress optimized hosting, domain registration, and AI-powered website builders. Their market position is strong, supported by numerous trust indicators such as WordPress.org recommendation, Trustpilot reviews, and a 30-day refund policy. Technically, Hostinger employs modern web technologies including Nuxt.js and Vue.js, with integrations for Google Tag Manager, Microsoft Clarity, and Bing Ads, indicating a mature digital infrastructure. Security measures include valid SSL certificates, SPF and DMARC records with strict policies, though improvements can be made by enabling HSTS and DNSSEC. Overall, Hostinger demonstrates a solid security posture with no evident vulnerabilities and a good compliance level. The website is professionally designed, optimized for mobile, and provides a seamless user experience with clear navigation and comprehensive content. Strategic recommendations include enhancing security headers, implementing DNSSEC, and maintaining regular audits of third-party scripts to further strengthen security and trust.

J

JET e-Business

jet.com.br

0

JET e-Business is a Brazilian e-commerce platform provider specializing in high-performance solutions for B2C, B2B, D2C, and B2B2C business models. The company offers a comprehensive suite of services including marketplace integration, storefront customization, search optimization, shipping facilitation, and analytics. Positioned as a strategic partner, JET supports e-commerce businesses with technology and expert guidance to enhance sales and operational efficiency. The website reflects a professional and consistent brand presence targeting Brazilian e-commerce companies. Technically, the site is built on WordPress with WPBakery Page Builder, hosted on Hostinger, and protected by Cloudflare. It integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, and Hotjar, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and lack of HTTPS enforcement represent significant security weaknesses. The site has basic privacy compliance with a privacy policy and SPF/DMARC DNS records configured, but lacks cookie consent mechanisms and security.txt disclosures. Overall, the security posture is basic and requires improvements to meet modern standards and regulatory requirements.

H

Hessischer Landtag

hessischer-landtag.de

0

The Hessischer Landtag website serves as the official online presence of the Hessian Parliament, the highest constitutional organ representing the citizens of the German state of Hessen. It provides comprehensive information about parliamentary activities, members, committees, events, educational programs, and public engagement opportunities. The site targets citizens, political stakeholders, educators, and visitors, offering multilingual and accessible content. Technically, the site is built on Drupal 10 with modern web standards including responsive images and Bootstrap 5, ensuring good mobile optimization and user experience. Security-wise, the site employs strong TLS protocols with OCSP stapling and no major SSL vulnerabilities detected. However, it lacks advanced security headers, DNSSEC, and a cookie consent mechanism, which are areas for improvement. Overall, the site demonstrates a high level of professionalism, trustworthiness, and content quality, reflecting its role as a government institution.

T

Trend Micro (FI) | Global Enterprise AI Cybersecurity Platform

trendmicro.eu

0

Security assessment completed with an overall score of 50/100 (unknown risk). 1 critical issues require immediate attention. Total of 25 security findings identified across all modules.

J

Johann Oberauer GmbH

medien-camp.com

0

Medien Camp is a well-established event platform focused on careers in the media industry, primarily targeting young talents and aspiring media professionals. The company operates under Johann Oberauer GmbH and organizes sessions, workshops, AMAs, career forums, and media tours to connect attendees with media professionals and provide insights into media careers. The website demonstrates strong SEO and content quality, supported by a professional design and consistent branding. Technically, the site is built on WordPress with modern performance optimizations but has room for improvement in security configurations such as DNSSEC, HSTS, and DMARC. The security posture is moderate with no critical vulnerabilities detected but lacks explicit security policies or incident response information. Overall, the site is trustworthy and professionally managed, with good privacy and cookie compliance.

H

Hi, I'm Tobias. | rixx.de

rixx.de

0

The website rixx.de serves as a personal hub for Tobias, an open source software author, conference speaker, and community organizer primarily in the technology sector. The site highlights his projects, blog posts, and involvement in events such as Chaos Communication Congress and DjangoCon Europe. The business model centers on personal branding and community engagement rather than commercial transactions. Technically, the site is built with standard web technologies including HTML, CSS, and JavaScript, with hosting provided by INWX. Performance is moderate, and SEO is well addressed through metadata, but mobile optimization and accessibility are basic. Security posture is weak due to the absence of a valid SSL certificate, lack of TLS support, missing security headers, and no DNSSEC. SPF is configured correctly, but other email authentication and security mechanisms are minimal. No privacy, cookie, or terms policies are published, and no contact information is explicitly provided on the site. Overall, the site is trustworthy for its niche audience but requires significant security and compliance improvements to enhance user trust and data protection.

W

WP-Network

wp-network.org

0

WP-Network is a non-profit association based in Austria that unites WordPress professionals, digital agencies, freelancers, and web developers primarily in the Austrian and DACH region. The organization offers networking opportunities through monthly WordPress meetups, an expert search platform, and a job board targeting WordPress-related roles. It is supported by sponsorships from recognized companies in the WordPress ecosystem and funded through membership fees and event revenues. The website is well-branded and professionally presented, targeting a niche community of WordPress professionals. Technically, the website is built on WordPress 6.8.1 using the Enfold theme and child theme customizations. It employs modern web technologies including jQuery, Font Awesome, and Matomo analytics for user tracking. The site is hosted with domaintechnik.at and uses structured data (JSON-LD) for SEO enhancement. However, the website suffers from a critical security weakness due to the absence of a valid SSL certificate and lack of HTTPS support, which undermines user trust and data security. From a security perspective, the site has implemented a GDPR-compliant cookie consent mechanism with detailed cookie categories and uses SPF records for email authentication. Nevertheless, it lacks essential security headers, modern TLS protocols, HSTS, and DMARC records. These gaps expose the site to potential risks such as data interception, phishing, and email spoofing. No explicit security policy, incident response contacts, or vulnerability disclosure statements are found. Overall, WP-Network is a valuable community resource with a solid business model and good digital maturity but requires urgent improvements in its security posture to protect its users and maintain trust. Strategic recommendations include immediate SSL certificate installation, enabling HTTPS, and implementing comprehensive security headers and email authentication policies.

L

LWND Kreativagentur GmbH

lwnd.com

0

LWND Kreativagentur GmbH is a small Austrian creative agency specializing in providing customized teams of specialists across various disciplines to drive brand success. The company positions itself as a modern and innovative agency with a strong focus on digital marketing, branding, campaigns, and UX design. Their website showcases a comprehensive portfolio of services, detailed case studies, and a professional team presentation, targeting brands and companies seeking tailored creative solutions. Technically, the website uses common web technologies such as jQuery, Swiper, and Google reCAPTCHA, hosted on Hetzner infrastructure. However, the site suffers from a critical security weakness due to the absence of a valid SSL/TLS certificate and lack of HTTPS support, which undermines user trust and data protection. DNS and email security configurations are properly implemented with SPF and DMARC policies. Overall, the website demonstrates excellent content quality and branding consistency but requires urgent security improvements to protect user data and comply with best practices.

D

DRVLESS

drvless.com

0

Drvless is a technology company specializing in AI-powered software solutions for test automation, test case generation, robotic process automation, and continuous monitoring to optimize quality assurance processes. The company positions itself as an innovative player with over 25 years of automation experience and recognized excellence by the European Commission. Their product suite targets software development and QA teams seeking efficient and easy-to-use automation tools. The website reflects a mature digital presence built on WordPress with Elementor, featuring clear product offerings, trial options, and partnership with Objentis consultancy for enhanced customer support. Technically, the website leverages modern web technologies and plugins such as Matomo for analytics and Borlabs for cookie consent management, indicating a commitment to privacy compliance. However, the absence of a valid SSL certificate and lack of modern TLS support represent significant security weaknesses that could undermine user trust and data protection. The DNS configuration is standard but lacks DNSSEC and CAA records, which could improve domain security. Security posture is moderate with good email authentication (SPF) but critical gaps in transport security and missing security policies or incident response information. The site implements GDPR-compliant privacy and cookie policies with consent mechanisms, but no explicit terms of service or vulnerability disclosure policies were found. Contact information is clearly provided, supporting user engagement and support. Overall, Drvless demonstrates a strong business and technical foundation with room for improvement in security hardening and transparency. Addressing SSL/TLS issues and publishing comprehensive security policies would enhance trust and compliance, supporting their market position as a reliable AI automation provider.

K

Koelncongress GmbH

koelncongress.de

0

Koelncongress GmbH is a well-established event management company based in Cologne, Germany, with a strong market position as the largest provider of exceptional event locations in the city. They offer full-service event planning and hosting for a wide range of events including conferences, corporate events, cultural and social gatherings. Their website reflects a mature digital presence built on WordPress, featuring detailed event calendars, news, and multiple location pages. Technically, the site uses modern TLS protocols and has implemented strong email authentication mechanisms such as SPF and DMARC, but lacks advanced SSL features like HSTS and OCSP stapling. The company demonstrates good privacy compliance with GDPR-aligned policies and cookie consent mechanisms. However, there are opportunities to enhance DNS security and SSL configurations. Overall, the security posture is moderate with room for improvement in certificate transparency and DNSSEC adoption.

G

GBM

gbm.com.mx

0

GBM is a leading Mexican financial services company offering a broad range of investment products, trading platforms, and advisory services to both individual and institutional clients. The company positions itself as a comprehensive investment ecosystem with over 6,000 financial instruments and a strong advisory network. Their website reflects a mature digital presence with extensive content, multiple service tiers, and integrated marketing and analytics tools. However, the site suffers from critical security shortcomings, notably the lack of a valid SSL certificate and absence of modern TLS protocols, which undermines user trust and data security. While privacy and cookie policies are present, explicit security policies and incident response information are not found, indicating potential compliance gaps. Overall, GBM demonstrates strong market positioning and digital maturity but requires urgent security improvements to safeguard client data and maintain regulatory compliance.

W

Wake Creators

wakecreators.com.br

0

Wake Creators is a Brazilian technology company specializing in influencer marketing data and solutions. With a decade of experience, it holds a leading market position by maintaining the largest influencer database and leveraging AI and machine learning to optimize marketing campaigns. The company operates as part of the LWSA group and integrates into the broader Wake ecosystem, targeting brands, advertisers, and influencers. Technically, the website is built on WordPress using Oxygen Builder, hosted on AWS with DNS managed by Cloudflare. However, the site lacks a valid SSL certificate and modern TLS support, which poses significant security risks. The presence of SPF and DMARC records indicates some email security awareness, but the DMARC policy is permissive. Analytics usage is moderate with Google Analytics and Tag Manager implemented, but no cookie consent mechanism is present, which may impact privacy compliance. Overall, the site demonstrates moderate digital maturity with room for security and compliance improvements.

R

Readly

readly.com

0

Readly is a digital media company offering a subscription-based magazine app that provides unlimited access to thousands of magazines globally. The company has a strong market position with a broad international footprint, targeting consumers who prefer digital reading experiences with features like offline access and family sharing. Technically, the website is built on Ruby on Rails and leverages modern web technologies and cloud hosting via AWS, with moderate performance and good mobile optimization. Security-wise, Readly employs strong TLS configurations, SPF and DMARC email protections, but lacks some advanced security features such as HSTS and OCSP stapling. Privacy and cookie policies are comprehensive and GDPR compliant, with a clear cookie consent mechanism. Overall, the company demonstrates a mature digital presence with room for security enhancements.

S

Storytel

storytel.com

0

Storytel is a leading digital media company specializing in subscription-based audiobook and e-book streaming services, primarily serving the Nordic market with over 2.3 million users globally. Their platform offers a wide range of content including exclusive Storytel Originals, targeting diverse audiences such as regular listeners, families, and students. The company demonstrates strong brand consistency and a comprehensive digital presence with localized content and multiple subscription tiers. Technically, Storytel employs modern web technologies including React and Next.js, supported by robust third-party services for analytics, marketing, and customer support. While their SSL configuration is valid, there are opportunities to enhance security by enabling HSTS, DNSSEC, and improving CAA records. The site features extensive cookie management and complies with GDPR, reflecting a mature privacy posture. However, explicit security policies and incident response information are not publicly available, indicating an area for improvement. Overall, Storytel maintains a high level of professionalism and trustworthiness, with a strong focus on user experience and content quality.

M

Münchener Hypothekenbank eG

mhb.de

0

Münchener Hypothekenbank eG is a specialized financial institution focused on long-term real estate financing, serving private customers, commercial clients, and investors primarily in Germany. The bank emphasizes sustainability in its lending practices and maintains a strong market position with a history dating back to 1896. The website reflects a mature digital presence built on Drupal 10, integrating modern frontend technologies and a comprehensive cookie consent mechanism via Cookiebot. Analytics are handled through Matomo, balancing user tracking with privacy compliance. Security posture is solid with modern TLS protocols and no known vulnerabilities, though improvements such as DNSSEC, DMARC, and HSTS could enhance protection. Contact information is clearly presented, supporting customer engagement. Overall, the site demonstrates professionalism and trustworthiness aligned with its financial services business.

B

Berenberg

berenberg.de

0

Berenberg is a historic private bank and financial services provider founded in 1590 in Hamburg, Germany. It offers wealth management, asset management, corporate banking, and investment banking services to a diverse clientele including wealthy private clients, corporations, and institutional investors. The bank maintains a strong market position in Europe and the US with multiple offices and a broad service portfolio. Technically, the website employs modern web technologies with good performance and mobile optimization, supported by a robust SSL configuration and DNS setup. Security practices include SPF and DMARC email protections, OCSP stapling, and strong cipher suites, though improvements such as enabling HSTS and DNSSEC could enhance security further. Overall, Berenberg demonstrates a mature digital presence with strong trust indicators and compliance with GDPR and cookie consent regulations.

D

Deutsche Bank AG

deutsche-bank.de

0

Deutsche Bank AG is a leading financial institution offering a wide range of banking and investment services primarily targeting private, corporate, and institutional clients in Germany and internationally. The website reflects a mature digital presence with comprehensive service offerings, strong branding, and user-centric design. The technical infrastructure leverages Adobe Experience Manager CMS, Adobe Launch for tag management, and integrates advanced customer interaction tools such as Genesys widgets and Usercentrics for consent management. Security configurations are solid with valid SPF and DMARC policies, TLS 1.2 encryption with strong cipher suites, but could benefit from enhancements like TLS 1.3 support, HSTS, and DNSSEC. Privacy and cookie policies are well implemented with GDPR compliance, though explicit security and incident response policies are not publicly found. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with regulatory requirements.

F

Forteil GmbH

bonify.de

0

bonify.de is a German financial technology platform operated by Forteil GmbH, specializing in credit management and financial fitness services. The company provides users with free and transparent access to their SCHUFA credit data, credit scores, and personalized financial insights. With over 2.5 million users and certifications from TÜV Saarland and BaFin, bonify holds a strong market position in Germany's finance sector. The platform offers a comprehensive suite of services including credit monitoring, tenant credit reports, contract management, and credit offers, targeting consumers seeking to improve their financial health. Technically, bonify employs modern web technologies such as React with Next.js, Prismic CMS, and Cloudflare for hosting and DNS. The site integrates various third-party services including Google Tag Manager, Usercentrics for cookie consent, and Adjust for app marketing. Performance is moderate with good mobile optimization and SEO practices. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. From a security perspective, bonify uses SSL encryption and domain verification but lacks advanced DNS security features like DNSSEC and HSTS. The DMARC policy is set to none, which could be strengthened to reduce email spoofing risks. The presence of a responsible disclosure page indicates security awareness, though no explicit incident response contacts were found. Overall, bonify.de demonstrates a mature digital presence with strong business and security fundamentals. Opportunities exist to enhance DNS and email security configurations and to publish more explicit security policies and incident response information to further build user trust and compliance posture.

D

DKB AG

dkb.de

0

DKB AG is a leading sustainable direct bank in Germany, offering a wide range of digital banking services including accounts, credit cards, loans, and investment products with a strong emphasis on renewable energy financing and social responsibility. The bank holds a prime ESG rating from ISS ESG, positioning it as a market leader in sustainable finance among the top 20 German banks. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, hosted on AWS infrastructure, and uses Contentful as its CMS. The site demonstrates good performance and excellent mobile optimization, with comprehensive SEO and accessibility features. Security-wise, the site has a valid SSL certificate and properly configured SPF and DMARC records, but lacks DNSSEC and HSTS, which are recommended for enhanced security. The website employs Usercentrics CMP for cookie consent management and integrates analytics tools like Mapp Intelligence and Google Tag Manager, maintaining good privacy compliance. Overall, DKB AG's digital presence reflects a mature and professional organization with a strong commitment to sustainability and customer trust.

N

N26 SE

n26.com

0

N26 SE is a leading mobile-first bank headquartered in Germany, operating with a full German banking license and serving over 8 million customers across 24 markets. The company offers a range of financial products including free and premium bank accounts, instant savings linked to the European Central Bank rate, stock and ETF trading, and crypto investment powered by Bitpanda. Their digital-first approach is supported by a modern technology stack including React, Contentful CMS, and AWS hosting, ensuring a seamless and mobile-optimized user experience. Security is a core focus, with BaFin supervision, deposit protection up to €100,000, and advanced payment authentication methods such as 3D Secure and biometric verification. The website demonstrates strong privacy compliance with GDPR-aligned policies and cookie consent management via OneTrust. However, there are areas for improvement such as enabling HSTS, OCSP stapling, DNSSEC, and publishing a security.txt for vulnerability disclosure. Overall, N26 presents a mature digital banking platform with a solid security posture and a high level of trustworthiness in the fintech market.

H

Hypothekarbank Lenzburg AG

hbl.ch

0

Hypothekarbank Lenzburg AG is a Swiss regional bank offering a hybrid model of digital and personal banking services targeting private and corporate customers. The website reflects a mature digital presence with comprehensive service offerings including e-banking, mortgages, savings, investments, and financial planning. The bank positions itself as a trusted regional financial institution with a focus on customer-centric solutions. Technically, the website is built on Umbraco CMS and leverages modern frontend libraries such as Swiper, GSAP, and Cookiebot for consent management. However, the current SSL/TLS configuration is invalid, which poses a significant security risk and undermines user trust. Security headers like SPF and DMARC are properly configured, but the absence of DNSSEC, CAA, and HSTS reduces the overall security posture. The site employs extensive tracking and advertising technologies including Google Analytics, TikTok, and Meta Platforms, with a robust cookie consent mechanism ensuring GDPR compliance. Overall, the bank demonstrates a strong market position with a professional and user-friendly website but must urgently address SSL/TLS issues to maintain security and trust.

F

finleap

finleap.com

0

finleap is a fintech company builder based in Germany, established in 2014, that has built or invested in multiple fintech ventures and corporate joint ventures with a significant market valuation. The company targets fintech investors, startups, and corporate partners, positioning itself as an important player in the fintech ecosystem. The website is built on WordPress and hosted on Amazon AWS infrastructure, utilizing modern web technologies including Google Tag Manager and Usercentrics for consent management. Performance is moderate with good mobile optimization and SEO practices. Security posture is adequate with valid SSL, SPF, and DMARC configurations, but lacks advanced features such as HSTS and OCSP stapling, and does not have DNSSEC or CAA enabled. The site employs a cookie consent mechanism compliant with GDPR, enhancing privacy compliance. Overall, finleap demonstrates a professional and trustworthy online presence with room for security improvements.

F

Finch Capital

finchcapital.com

0

Finch Capital is a European growth investor specializing in Business and Financial Technology sectors, supporting entrepreneurs with capital and strategic guidance to scale their businesses. The firm manages €450 million in assets and has a portfolio of over 45 companies. Their services include growth capital investment, active portfolio management, and support in areas such as hiring, M&A, go-to-market strategies, capital raising, regulation, and international expansion. Technically, the website is built on modern frameworks like React and Next.js, hosted on DigitalOcean, but suffers from an invalid SSL certificate and lacks several security headers, indicating room for improvement in security posture. The firm uses Google Tag Manager for analytics and tracking, but lacks a visible cookie consent mechanism. Overall, Finch Capital presents a professional and trustworthy image with strong domain expertise and a commitment to sustainable investment.