Security Directory

I

Institut Polytechnique de Paris

ip-paris.fr

0

Institut Polytechnique de Paris is a leading French higher education and research institution that unites five prestigious engineering schools to deliver world-class science and technology education. The website reflects a strong focus on education, research, innovation, and entrepreneurship, targeting students, researchers, entrepreneurs, and companies. The digital infrastructure is built on Drupal 10 with modern PHP and includes integrations for analytics and consent management. However, the security posture is weakened by the absence of a valid SSL certificate and proper HTTPS configuration, which is a critical vulnerability. Privacy compliance is well addressed with clear cookie management and privacy policies. Overall, the website is professionally designed, content-rich, and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

N

Niort Numeric

innn.fr

0

The website innn.fr represents Niort Numeric's flagship event focused on digital innovation, InsurTech, and risk management, held in Niort, France. It serves as a platform for networking, showcasing startups, and hosting conferences, targeting professionals and decision-makers in the insurance and technology sectors. The site is well-branded, content-rich, and optimized for SEO with structured data and social media integration. Technically, it is built on WordPress with modern JavaScript libraries for UI components and uses OVH as the hosting provider. However, a critical security gap is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. The site implements cookie consent via Piwik PRO, indicating good privacy compliance practices. Overall, the site is professional and functional but requires urgent security improvements.

P

Pix

pix.org

0

Pix.org is a multilingual website offering localized content primarily in English and French, including regional variants for Belgium and France. The site appears to be an educational or informational platform branded as 'Pix', targeting a broad audience seeking language-specific access. The technical infrastructure leverages modern JavaScript frameworks such as Nuxt.js and a headless CMS (Prismic), with analytics provided by Matomo and Plausible. However, the site suffers from significant security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which critically undermines user trust and data protection. Additionally, no privacy, cookie, or terms of service policies are present, indicating poor compliance with data protection regulations. The website's performance is slow, and DNS configurations reveal misconfigured CAA records and lack of DNSSEC. Overall, while the site demonstrates modern technical choices and multilingual support, its security posture and privacy compliance require urgent improvement to meet industry standards and user expectations.

S

Switzerland Innovation

switzerland-innovation.com

0

Switzerland Innovation is a Swiss innovation park ecosystem that facilitates collaboration between companies, startups, and universities to accelerate the transformation of research into marketable products and services. It holds a leading position in the Swiss innovation landscape, offering access to world-class research institutions and a broad range of support services. The website is built on Drupal 10 and integrates modern web technologies and marketing tools such as Google Analytics and HubSpot. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness that undermines user trust and data protection. The site features comprehensive cookie consent mechanisms and clear contact information, supporting good privacy compliance. Overall, the website presents a professional and trustworthy image but requires urgent improvements in security infrastructure.

M

Mantu

mantu.com

0

Mantu is a global consulting platform focused on providing guidance and services to businesses and entrepreneurs worldwide. With a large and diverse workforce spread across multiple continents, Mantu positions itself as a collaborative network of brands delivering transformative business solutions. The website reflects a professional and well-structured digital presence, leveraging WordPress CMS with modern tools such as Elementor and WP Rocket to optimize user experience and performance. However, the absence of a valid SSL certificate and lack of HTTPS support significantly weaken the site's security posture. While DNS records show good email authentication practices with SPF and DMARC, the lack of security headers and modern TLS protocols exposes the site to potential risks. Privacy compliance is partially addressed with a comprehensive privacy policy, but no cookie consent mechanism was detected. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

I

iliad

iliad.it

0

Iliad Italia S.p.A. is a major telecommunications provider in Italy offering mobile telephony services including 4G and 5G, fiber internet via FTTH technology, and smartphone sales both new and refurbished. The company positions itself as a competitive and transparent operator with no hidden costs, targeting both private consumers and businesses. The website reflects a mature digital presence with comprehensive service offerings and clear customer support channels. Technically, the site uses modern JavaScript libraries and responsive design to ensure good user experience across devices. However, a critical security gap is the absence of a valid SSL certificate and HTTPS support, which severely impacts the security posture and trustworthiness of the site. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, Iliad's website is professional and content-rich but requires urgent security improvements to protect user data and maintain trust.

A

appliedAI Institute for Europe gGmbH

ai-startups-europe.eu

0

The appliedAI Institute for Europe gGmbH is a non-profit organization focused on generating and disseminating high-quality knowledge about trustworthy Artificial Intelligence. It serves professionals and policymakers by providing educational formats, tools, community engagement, and regulatory guidance, positioning itself as a leading AI knowledge hub in Europe. Technically, the website employs modern JavaScript frameworks like Vue.js, Bootstrap for responsive design, and integrates marketing and analytics tools such as Google Tag Manager, HubSpot, and Usercentrics for consent management. However, the security posture is weakened by the absence of a valid SSL certificate, lack of HSTS, and missing DMARC records, which are critical for secure communications and email protection. Overall, the site is content-rich and professionally presented but requires urgent improvements in SSL/TLS configuration to enhance trust and security.

F

French Assurtech

french-assurtech.com

0

French Assurtech is a French-based accelerator and innovation platform focused on the insurance technology sector. Supported by eight leading mutual insurance companies, it offers a comprehensive program including startup acceleration, an innovation lab (Lab XP), and a training campus to foster digital transformation and new insurance business models. The website positions French Assurtech as a key player in the French insurtech ecosystem, targeting startups, insurance professionals, and innovation managers. Technically, the site is built on WordPress using Elementor and integrates SEO and multilingual capabilities. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which significantly impacts its security posture. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy, but no explicit security or incident response policies are found. Overall, the website is professional and content-rich but requires urgent improvements in security and performance to enhance trust and user experience.

The website jamespot.pro is currently inaccessible, serving only a default backend 404 error message with no visible content or metadata. This indicates the site is either offline, misconfigured, or a placeholder domain. The DNS records show hosting and mail services provided by OVH, but no active web content is available. The lack of a valid SSL certificate and absence of TLS protocols severely impact the security posture, despite the presence of an HSTS header which is ineffective without HTTPS. No privacy, cookie, or security policies are found, and no contact or business information is available on the site. Overall, the site is non-functional and does not provide any business or user-facing services at this time.

L

Laracon

laracon.us

0

Laracon.us is the official website for Laracon 2025, the flagship Laravel conference targeting Web Artisans and the global PHP developer community. The site provides comprehensive information about the event, including dates, venue, speakers, accommodations, and sponsors, positioning itself as a key industry event in the technology sector. The business model revolves around event organization and community engagement, with a strong emphasis on sponsorship and ticket sales through third-party platforms.

J

Just a moment...

laravel-news.com

0

The website laravel-news.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page that blocks direct access to the actual content. As a result, no business-related content, metadata, or contact information is available for analysis. The site appears to be protected by Cloudflare, but lacks a valid SSL/TLS certificate and proper HTTPS configuration, which is a critical security issue. The minimal HTML content indicates a security checkpoint rather than a functional website page. From a technical perspective, the site is hosted behind Cloudflare, which provides DNS and security services. However, the absence of a valid SSL certificate and modern TLS protocols severely impacts the security posture. Security headers are present but cannot compensate for the lack of HTTPS. Performance and SEO cannot be assessed due to the blocked content. Security-wise, the site shows strong indications of protection via Cloudflare's challenge mechanism, but the lack of HTTPS and SSL certificate compliance is a major vulnerability. No privacy, cookie, or terms of service policies are detectable, indicating poor privacy compliance. No contact or incident response information is available. Overall, the site is currently not analyzable beyond its security challenge layer, resulting in a low AI score and a recommendation to resolve SSL issues and allow content access for a full evaluation.

S

Switzerland Innovation Park Ost

startfeld.ch

0

Switzerland Innovation Park Ost operates a comprehensive startup support platform focused on the Eastern Switzerland region, providing services such as consulting, financing, infrastructure, and networking to ambitious startup founders. The organization holds a strong market position, recognized as the 3rd ranked startup hub in Switzerland within Europe’s Leading Start-Up Hubs 2024. The website is built on a modern WordPress stack with Elementor and WooCommerce, integrating advanced front-end libraries and marketing tools like Google Tag Manager and CleverReach for newsletters. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, exposing the site to potential risks and undermining user trust. Privacy and cookie policies are present and GDPR compliant, with clear contact information and social media presence enhancing business credibility.

F

Free

etre-free.fr

0

Free is a major French telecommunications company with a strong focus on innovation, customer service, and a diverse range of career opportunities. The website serves as a recruitment and corporate culture portal, targeting job seekers interested in various telecom-related professions. The site is well-branded and consistent with its parent company iliad, providing clear navigation and relevant content about the company's values and mission. Technically, the site uses modern web technologies such as React and Next.js, with multimedia content including videos and animations to engage visitors. However, performance is hindered by a large page size and slow load times. Security posture is weakened by the absence of a valid SSL certificate, lack of DNSSEC and DMARC, and missing advanced TLS features, which exposes the site to potential risks and reduces user trust. Privacy compliance is partially addressed with a privacy policy present, but no cookie consent mechanism is detected. Overall, the site is professional and credible but requires urgent improvements in security and privacy practices to enhance trust and compliance.

G

Groupe iliad

iliad.fr

0

Groupe iliad is a major telecommunications and technology group based in France, operating multiple subsidiaries that provide internet, mobile, and cloud services across Europe. The website reflects a professional and consistent brand presence targeting a broad audience including consumers, investors, and media. The technical infrastructure leverages modern frontend technologies such as React and Material-UI, but suffers from slow load times and lacks a valid SSL certificate, resulting in insecure HTTP connections. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. However, the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

J

Jamespot

jamespot.com

0

Jamespot is a French technology company specializing in SaaS collaborative digital workplace solutions, including enterprise social networks, intranet, and AI-powered collaboration tools. The company positions itself as a flexible and customizable provider with over 20 years of experience, targeting professional organizations seeking to enhance internal communication and teamwork. The website demonstrates strong business credibility with comprehensive content, customer testimonials, and recognized certifications such as ISO 27001 and RGAA 4.1 accessibility compliance. Technically, the site is built on WordPress with modern SEO and marketing tools, but suffers from slow performance and lacks a valid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with detailed cookie policies and consent mechanisms. Security practices include SPF and DMARC DNS records, but the absence of HTTPS and modern TLS protocols is a critical weakness. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

S

Swiss Federal Institute for Forest, Snow and Landscape Research WSL

wsl.ch

0

The Swiss Federal Institute for Forest, Snow and Landscape Research WSL is a prominent Swiss federal research institute focused on environmental sciences including forest, landscape, biodiversity, natural hazards, and snow and ice. It operates under the ETH Domain and serves a broad audience including researchers, forestry experts, policymakers, and the public. The website reflects a professional government research entity with comprehensive content and consistent branding. Technically, the site is built on TYPO3 CMS and uses Matomo for analytics, hosted likely by switch.ch. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. No privacy or cookie policies are explicitly found, and security headers are absent, indicating gaps in security best practices. Overall, the site is content-rich and trustworthy but requires urgent security improvements.

O

Open Research Data Portal

open-research-data-portal.ch

0

The Open Research Data Portal is a collaborative platform dedicated to implementing Open Research Data (ORD) practices within the ETH Domain, encompassing prominent Swiss research institutions such as ETH Zurich, EPFL, Eawag, PSI, WSL, and Empa. The portal provides comprehensive information on ORD projects, services, and training resources, targeting researchers and academic institutions. Technically, the website is built on WordPress using Elementor and various Jet plugins, with integration of Google Analytics for minimal user tracking. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. The presence of SPF and DMARC records indicates some email security awareness, though the DMARC policy is set to 'none', offering no enforcement. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the site offers good content quality and professional design but requires urgent security improvements to protect user data and enhance trust.

E

ETH Zürich Foundation

ethz-foundation.ch

0

ETH Zürich Foundation is a reputable non-profit organization dedicated to supporting education, research, and innovation at ETH Zürich through donations and strategic projects. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting donors, alumni, and organizations interested in philanthropy. The technical infrastructure is based on WordPress with modern JavaScript libraries and SEO optimizations, hosted likely within ETH Zürich's infrastructure. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with detailed cookie consent mechanisms and a comprehensive privacy policy. Contact information and social media presence further enhance business credibility.

B

Behamics

behamics.com

0

Behamics is an AI-driven platform specializing in enhancing e-commerce performance through behavioral science and advanced analytics. The company offers a suite of products including Nudge, Diagnostic, Organic SEO, Merchandise optimization, and Automations, targeting enterprise clients to boost revenue, conversions, and visibility. The website reflects a professional and modern design with comprehensive content and clear navigation, although performance is hindered by slow load times and a lack of HTTPS. Technically, the site is built on WordPress with Elementor and integrates multiple marketing and analytics tools. Security posture is weak due to the absence of a valid SSL certificate and missing security headers, which poses risks to data protection and user trust. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but lacks a cookie consent mechanism. Overall, Behamics demonstrates strong business credibility and market positioning but requires urgent improvements in security and technical performance to enhance trust and compliance.

Q

Quarkslab

quarkslab.com

0

Quarkslab is a cybersecurity company specializing in offensive and defensive security solutions, combining consulting, R&D, and proprietary software to help organizations protect their digital assets. The company is recognized in the Gartner Emerging Tech report and serves a target audience of companies and governmental organizations seeking advanced cyber defense. Technically, the website is built on WordPress with Elementor and integrates multiple analytics and marketing tools. However, the site lacks a valid SSL certificate and modern TLS support, which significantly impacts its security posture. While email authentication is well configured with SPF and DMARC, the absence of HTTPS and security headers exposes the site to risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

O

Open Source Technology Improvement Fund

ostif.org

0

The Open Source Technology Improvement Fund (OSTIF) is a small non-profit organization focused on improving the security of open source software through facilitating security audits and reviews. Their website positions them as a key community-driven entity with a large network of security experts and partner projects. Technically, the site is built on WordPress using the OceanWP theme and is hosted behind Cloudflare DNS and CDN services. However, the website suffers from a lack of a valid SSL certificate and does not properly enable HTTPS, which is a critical security shortfall. Security headers are minimal, with only HSTS enabled but without full recommended settings. Privacy and cookie policies are absent, and no contact information such as emails or phone numbers are provided, which impacts trust and compliance. The site has a slow load time and basic SEO and accessibility features. Overall, OSTIF's website provides good content and branding but requires urgent improvements in security and privacy compliance to enhance trustworthiness and user safety.

S

Smart reporting

smartreporting.eu

0

Security assessment completed with an overall score of 50/100 (unknown risk). 1 critical issues require immediate attention. Total of 28 security findings identified across all modules.

L

Les Sherpas

truzzer.fr

0

Les Sherpas is a French education platform specializing in personalized tutoring and online courses for students across various academic levels. The company positions itself as a flexible and quality-driven service provider, leveraging a proprietary platform that integrates messaging and videoconferencing to enhance the learning experience. The website is content-rich, featuring extensive user testimonials and structured data to boost SEO and trust. Technically, the site uses modern web standards and is hosted by o2switch, with moderate performance and good mobile optimization. Security is adequate with HTTPS and valid SPF records, but lacks advanced features such as HSTS and OCSP stapling, and no security headers are present. Privacy compliance is basic, with a privacy policy found but no cookie consent mechanism detected. Overall, the site demonstrates a strong business credibility and user trust, though security and privacy practices could be improved.

A

Applied Behavioural Science Academy by Affective Advisory Ltd.

behavioralscience.academy

0

The Applied Behavioural Science Academy by Affective Advisory Ltd. is a specialized education provider offering a unique three-day executive program in applied behavioural science and behavioural economics. The program targets executives, policy makers, and project leaders seeking practical insights to drive sustainable change. The academy operates with a small, exclusive cohort model, emphasizing quality and networking in a prestigious Zurich location. Technically, the website is built on Squarespace, leveraging modern web technologies and Google services for analytics and security. While the site is well-designed and content-rich, performance is somewhat slow due to large page size and resource count. Security posture is good with strong TLS configurations but lacks some advanced headers like HSTS and DMARC. Privacy compliance is basic with a cookie banner and privacy policy present but no explicit GDPR certification. Overall, the site projects high professionalism and trustworthiness, with clear contact channels and social media presence.

All Channels Communication Austria GmbH is a medium-sized marketing and communication agency operating primarily in Austria and the CEE region. The company offers a comprehensive range of services including campaign management, brand management, PR, digital strategies, and social media marketing. Positioned as one of the fastest growing and most awarded agencies in its region, it targets businesses seeking integrated multi-channel marketing solutions. The website content is well-structured and professionally presented in German, with clear navigation and mobile optimization. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and Google Analytics, but suffers from a lack of a valid SSL certificate, impacting security and trust. Security posture is basic with no advanced headers or policies implemented, and privacy compliance is minimal with only a basic disclaimer modal and cookie consent banner. Contact information is clearly provided including phone, email, physical address, and a contact form. Overall, the website is functional and professional but requires significant improvements in security and privacy compliance to meet modern standards.

K

KTHE | Team Farner

kthe.at

0

KTHE | Team Farner is a medium-sized Austrian communications company offering a comprehensive range of communication services including brand design, campaigns, PR concepts, and platforms. They position themselves as a leading provider in the Austrian market with a strong emphasis on creativity and international outlook. The website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and Yoast SEO, but suffers from slow performance and basic accessibility. Security posture is weak due to the absence of a valid SSL certificate and HTTPS, lack of security headers, and missing DNS security features. Privacy compliance is basic with a privacy policy and cookie notice present but no advanced GDPR indicators. Business credibility is moderate with clear contact information and social media presence but lacks certifications or detailed policies. Overall, the site is functional and professional but requires urgent security improvements.

S

Skills

skills.at

0

Skills is a well-established Austrian public relations and communication consultancy agency founded in 1984. The company specializes in full-service PR and communication consulting, focusing on sensitive and complex topics. It serves a broad business audience seeking expert communication services, supported by a strong network and quality certifications. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress with common frameworks like Bootstrap and uses jQuery and Yoast SEO for enhanced functionality and SEO. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts its security posture. Privacy compliance is partially addressed with a privacy policy and DMARC/SPF email protections, but lacks a cookie consent mechanism. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

R

Rod Kommunikation

rod.ag

0

Rod Kommunikation is a well-established communications agency based in Zurich, Switzerland, specializing in market, brand, and human-centered communication services. The website reflects a professional and creative business model targeting companies and brands seeking comprehensive communication and marketing solutions. The agency demonstrates strong market positioning with a portfolio of notable clients and industry memberships, supported by high-quality content and consistent branding. Technically, the site is built on Drupal 10, hosted by Hostpoint, and integrates modern marketing tools such as Google Tag Manager and HubSpot forms. However, the website suffers from an invalid SSL certificate and lacks modern TLS protocol support, which significantly impacts its security posture. While security headers are properly configured and no major vulnerabilities are detected, the absence of a valid SSL certificate and cookie consent mechanism are notable compliance and security gaps. Overall, the site offers excellent user experience, clear navigation, and trustworthy business information, but requires urgent improvements in SSL/TLS configuration and privacy compliance to enhance security and regulatory adherence.

M

MASSGESCHNEIDERT KOMMUNIKATIONSBÜRO GMBH

massgeschneidert.at

0

MASSGESCHNEIDERT KOMMUNIKATIONSBÜRO GMBH is a Vienna-based communications agency specializing in public relations, media, creative concepts, content, strategy, 360 communications, and partnerships. With approximately 10 years of experience, the company targets projects and brands seeking tailored communication strategies. The website reflects a professional branding approach with consistent messaging and a focus on creative communications services. Technically, the site is built on WordPress using the BeTheme theme and common plugins, but suffers from slow performance and lacks modern security configurations such as HTTPS. Security posture is weak due to the absence of a valid SSL certificate, missing security headers, and no cookie consent mechanism, which poses risks to user data protection and trust. Overall, the site is functional and informative but requires significant improvements in security and privacy compliance to meet modern standards.

K

komm.passion GmbH

komm-passion.de

0

komm.passion GmbH is a medium-sized full-service communication consultancy and creative agency operating primarily in Germany with offices in Düsseldorf, Hamburg, and Berlin. The company is affiliated internationally with Team Farner, enhancing its market position. Their service portfolio includes corporate communications, change management, digital health, employer branding, sustainability, and crisis communication among others. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting corporate clients seeking integrated communication solutions. Technically, the site is built on TYPO3 CMS and uses modern web technologies including Google Tag Manager and FontAwesome. However, a critical security gap exists as the website lacks HTTPS, exposing users to potential risks. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Social media presence and trust indicators such as Google Partner and BVDW membership support business credibility. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

Kirchhoff Consult GmbH is a specialized consulting firm focused on financial communication, corporate communications, sustainability, ESG, investor relations, and IPO advisory services. The company targets capital markets professionals and corporate clients seeking expert guidance in reporting and sustainability communication. The website reflects a strong market position supported by multiple industry awards and a consistent, professional brand presence. Technically, the site is built on TYPO3 CMS with Apache and PHP 8.3, but lacks proper HTTPS configuration, which is a critical security gap. Security posture is moderate with valid SPF and DMARC records but no SSL/TLS encryption, no HSTS, and no DNSSEC. Privacy compliance is partial with a comprehensive privacy policy but no cookie consent mechanism. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

J

jim & jim

jimjim.ch

0

jim & jim is a leading Swiss marketing agency specializing in NextGen Marketing, focusing on engaging young, hyperconnected customers through innovative digital and physical strategies. The company offers a wide range of services including content creation, community management, live execution, and strategic consulting, positioning itself as a comprehensive partner for brands targeting Millennials and Gen Z. The website reflects a professional and consistent brand image with strong client references and active social media presence. Technically, the site is built on WordPress with modern enhancements like Lottie animations and integrates marketing and analytics tools such as Google Tag Manager and HubSpot. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing the site to potential risks and undermining user trust. Privacy compliance is partially addressed with a comprehensive privacy policy, but lacks a cookie policy and explicit consent mechanisms. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to meet modern standards.

F

Farner Consulting AG

farner.ch

0

Farner Consulting AG is a well-established Swiss communication agency with over 70 years of experience and a large team of 300 experts. The company offers a broad range of communication services including public affairs, media relations, corporate communications, healthcare, financial services, technology communications, and more. Their target audience primarily consists of businesses and organizations in Switzerland seeking integrated communication solutions. The website is built on WordPress and leverages multiple modern JavaScript libraries and marketing tools such as HubSpot and Google Tag Manager. While the site is professionally designed with good SEO and mobile optimization, it suffers from a critical security issue due to the absence of a valid SSL certificate, which undermines HTTPS security. The presence of HSTS headers is positive but ineffective without proper SSL. Email authentication records like SPF have syntax errors, and the DMARC policy is minimal, indicating room for improvement in email security. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism despite tracking scripts. Overall, the website is functional and professional but requires urgent security enhancements to protect user data and improve trust.

E

eKomi Holding GmbH

ekomi.nl

0

eKomi Holding GmbH operates a global SaaS platform specializing in collecting and managing authentic customer and product reviews to enhance business trust and conversion rates. The company is positioned as a market leader with over 15,000 clients worldwide and integrates with major search engines and platforms such as Google to provide seller rating extensions and social commerce technology. Their services focus on increasing SEO, conversion, and customer engagement through verified feedback. Technically, the website is built on WordPress with common web technologies and includes modern marketing and analytics tools like Google Analytics and Intercom. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is supported by clear contact information, client testimonials, and industry awards. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

E

eKomi Holding GmbH

ekomi.pt

0

eKomi Holding GmbH operates a global SaaS platform specializing in authentic customer and product review collection and management, serving over 15,000 companies worldwide. The company is positioned as a leader in social commerce technology, integrating with major search engines and e-commerce platforms to enhance client conversion rates and SEO performance. Their services include seller and product ratings, review syndication, and social recommendation features. The website is built on WordPress with a modern tech stack including Bootstrap and jQuery, and integrates marketing and analytics tools such as Google Analytics and Intercom. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Cookie consent mechanisms are implemented, and privacy and terms policies are present and comprehensive. Contact information and social media presence are clearly provided, supporting business credibility.

E

eKomi Holding GmbH

ekomi.es

0

eKomi Holding GmbH operates a global SaaS platform specializing in authentic customer and product reviews to enhance business conversion rates and SEO performance. The company is well-positioned in the technology and e-commerce sectors, serving over 15,000 clients worldwide with recognized certifications and awards. Technically, the website is built on WordPress with modern frameworks and includes essential marketing and analytics integrations with user consent. Security posture is solid with HTTPS and SPF/DMARC email protections, though improvements like HSTS and OCSP stapling are recommended. Overall, the website demonstrates good professionalism, trustworthiness, and compliance with privacy regulations.

E

eKomi Holding GmbH

ekomi.fr

0

eKomi Holding GmbH operates a leading SaaS platform specializing in authentic customer and product review management, serving over 15,000 companies globally. The company leverages advanced technology integrations with major platforms like Google to enhance client conversion rates and SEO performance. Technically, the website is built on WordPress with Bootstrap and includes modern marketing and analytics tools such as Intercom and CookieScript. However, the absence of a valid SSL certificate and lack of HTTPS significantly undermine the site's security posture. While privacy compliance is strong with comprehensive policies and consent mechanisms, the security configuration requires urgent improvements to protect user data and maintain trust. Strategic recommendations include implementing proper SSL/TLS, enabling security headers, and publishing a vulnerability disclosure policy.

V

VRM Anna

vrm-anna.de

0

VRM Anna operates as an online platform facilitating ad submission and management for newspapers and weekly papers primarily in the Rhein-Main and Mittelhessen regions of Germany. The service targets both private and business customers, offering features such as ad drafting, personal ad archives, and payment method storage. The website reflects a regional media service provider with a moderate digital presence and a focus on user convenience for ad bookings. Technically, the site employs modern frontend technologies like React and integrates Google Analytics and Tag Manager for tracking, alongside a GDPR-compliant cookie consent mechanism. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture, exposing users to potential risks. No advanced security headers or DNS security features are implemented, and no explicit security or incident response policies are found. Overall, while the business model and content quality are solid, the technical and security implementations require urgent improvements to meet modern standards and build user trust.

V

VRM

vrm-trauer.de

0

VRM-Trauer.de is a regional German online platform specializing in obituary and mourning announcements, serving regions such as Rhein-Main, Rheinhessen, Südhessen, and Mittelhessen. The website offers comprehensive services including obituary searches, placing ads, memorial pages, grief support, and a directory of funeral service providers. It targets individuals seeking regional mourning information and related services. The platform demonstrates a consistent brand presence and good content quality with clear navigation and mobile optimization. Technically, it employs common web technologies such as jQuery, Bootstrap, and Select2, hosted on Versatel infrastructure. However, the website critically lacks HTTPS support, exposing users to security risks. Cookie consent and privacy policies are well implemented, reflecting GDPR compliance. Overall, the site is functional but requires urgent security improvements.

V

VRM

vrm-jobs.de

0

VRM-jobs.de is a regional job board platform operated by VRM, targeting job seekers and employers in the Rhein-Main area of Germany. It offers a wide range of job listings including full-time, part-time, internships, and student jobs, supported by employer services and candidate account management. The platform is positioned as a key regional player with a comprehensive job offering and partnerships with local companies. Technically, the site is built on modern web technologies such as React and Next.js, with integrations for analytics and consent management. However, the site suffers from a critical security issue due to the lack of a valid SSL certificate and disabled TLS protocols, which severely impacts its security posture. Privacy compliance is well addressed with a detailed cookie consent mechanism and links to comprehensive privacy and terms policies. Overall, the site provides good content quality and user experience but requires urgent security improvements to protect user data and enhance trust.

V

VRM

vrm-immo.de

0

VRM-Immo.de operates as a regional real estate marketplace focused on the Rhein-Main area in Germany, providing property listings for rent and purchase, along with expert advice and valuation services. The platform targets individuals and investors interested in residential and commercial properties within this economically significant region. The business is positioned as a trusted regional leader affiliated with the Rhein Main Presse media group, offering a comprehensive digital real estate service. Technically, the website employs modern JavaScript libraries and advertising/tracking tools such as Google Tag Manager, Google Analytics, Cxense, and Yieldlove, but suffers from a lack of HTTPS security due to an invalid or missing SSL certificate, which significantly impacts its security posture. The site is mobile-optimized and provides a good user experience, though performance is slow with a high page load time. Privacy compliance is strong with clear cookie consent mechanisms and comprehensive privacy policies. Overall, the site demonstrates moderate business credibility but requires urgent security improvements to protect user data and enhance trust.

V

VRM-Reisen

vrm-reisen.de

0

VRM-Reisen is a German travel portal specializing in curated travel experiences including bus tours, cruises, cultural trips, and wellness vacations. With over 20 years of market presence, it serves primarily German-speaking travelers seeking diverse travel options. The website is built on WordPress using the Divi theme and integrates multiple plugins for travel management and user experience enhancements. While the site offers rich content and good SEO practices, its technical infrastructure shows weaknesses, notably the absence of HTTPS encryption and lack of security headers, which pose significant security risks. Privacy compliance is well addressed through a comprehensive privacy policy hosted on a partner domain and a robust cookie consent mechanism. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and enhance trust.

E

empfehlio

empfehlio.de

0

empfehlio is a leading European provider specializing in NFC and QR code solutions designed to enhance customer engagement and online reputation management. The company offers a comprehensive range of products and services including NFC tags, QR code stickers, digital business cards, and software solutions aimed at generating Google and social media reviews, as well as increasing followers on platforms like Instagram and TikTok. Their market position as a leader in this niche is supported by a strong brand presence and partnerships with notable clients. Technically, the website is built on a modern WordPress and WooCommerce stack with extensive use of marketing and analytics tools such as Google Tag Manager and Facebook Pixel. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent significant security weaknesses that must be addressed to protect user data and maintain trust. Privacy compliance is well managed with clear privacy and cookie policies and consent mechanisms in place. Overall, empfehlio demonstrates a strong business model and digital maturity but requires urgent improvements in security infrastructure to align with best practices.

I

iwoca Deutschland GmbH

iwoca.de

0

iwoca Deutschland GmbH is a medium-sized fintech company specializing in providing fast and flexible business loans to small enterprises and self-employed individuals in Germany. The company positions itself as an alternative lender with a strong digital presence, offering loans up to 500,000 € with transparent, credit-based interest rates. Their website demonstrates a professional design with clear navigation and comprehensive content tailored to their target audience. Technically, the site leverages modern web technologies including Webflow CMS, Visual Website Optimizer for A/B testing, and integrates consent management tools to ensure privacy compliance. Security measures include HTTPS with TLS 1.3, SPF and DMARC email protections, though improvements such as enabling HSTS and DNSSEC could enhance their posture further. Overall, iwoca maintains a good balance of usability, compliance, and security, supporting their market position as a trusted fintech lender.

The VR-BankenPortal website is a secure login portal designed for cooperative banks affiliated with DZ BANK AG, one of Germany's leading cooperative central banks. It provides customers and members with access to online banking services, including account management and password reset functionalities. The portal is clearly branded with DZ BANK's identity and targets banking customers within the cooperative banking sector in Germany. The business model focuses on providing secure digital access to banking services rather than direct customer engagement or marketing. From a technical perspective, the website employs modern TLS protocols (TLS 1.3 and 1.2) and is hosted on Google Cloud infrastructure. However, the site exhibits slow load times and lacks advanced security headers and cookie consent mechanisms. The absence of structured data and analytics scripts suggests a minimalistic approach focused solely on secure login functionality. Mobile optimization and accessibility are basic, indicating room for improvement in user experience. Security posture is adequate but not robust. HTTPS is enforced with a valid certificate, but critical security enhancements such as HSTS, OCSP stapling, DMARC records, and security headers are missing. The login form posts credentials securely to a DZ BANK domain, reducing phishing risk. No vulnerabilities or exposed sensitive data were detected, but the lack of certain security best practices lowers the overall security score. Overall, the website is functional and trustworthy for its intended purpose but would benefit from performance optimization, enhanced security configurations, and improved privacy compliance measures. Strategic improvements in these areas would strengthen user trust and regulatory adherence.

V

VR Payment

vr-payment-webportalpos.de

0

VR Payment operates a specialized WebPortal POS login platform targeting users who require access to payment processing services. The website is primarily a login interface with minimal public-facing content, focusing on secure user authentication for its payment portal. The business appears to be positioned within the finance sector in Germany, serving merchants or payment service users. Technically, the site is built on ASP.NET WebForms with Telerik AJAX components and uses jQuery for client-side scripting. The performance is moderate, with a page load time of approximately 3.75 seconds and basic mobile optimization. Security-wise, the site uses HTTPS with modern TLS protocols but lacks important security headers, HSTS, and certificate transparency compliance, which reduces its security posture. Privacy compliance is minimal, with no visible cookie consent mechanisms and only a basic privacy policy linked externally. Overall, the site is functional but could benefit from enhanced security and privacy features to improve trust and compliance.

V

vr-pay-ecommerce.de

vr-pay-ecommerce.de

0

The website vr-pay-ecommerce.de currently presents an empty HTML page with no visible content, metadata, or business information. The domain is registered and uses Akamai for DNS hosting, with a valid SSL certificate and HSTS enabled, indicating a basic level of security infrastructure. However, the lack of any content, privacy policies, contact information, or terms of service severely limits the ability to assess the business or compliance posture. The site appears to be either under development or misconfigured, resulting in poor user experience and minimal digital maturity. Security posture is basic with HTTPS and HSTS but lacks other important headers and email authentication policies such as DMARC.

DZ PRIVATBANK S.A. is a specialized private banking and asset servicing institution operating primarily within the cooperative banking group Genossenschaftliche FinanzGruppe Volksbanken Raiffeisenbanken. The company offers a broad range of financial services including private banking, fund services, currency loans, and wealth management solutions. With headquarters in Luxembourg and multiple locations in Germany and Switzerland, it combines local presence with international expertise. The website reflects a professional business model targeting private banking clients, fund initiators, and institutional investors. Technically, the site employs modern JavaScript libraries and integrates consent management and tracking tools, but suffers from slow load times and lacks a valid SSL certificate, resulting in no HTTPS support. Security posture is weak due to missing HTTPS and security headers, though privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanism. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

A

Atruvia AG

fiduciagad.de

0

Atruvia AG operates as a large IT service provider focused on banking digital transformation, consulting, IT outsourcing, and related services primarily in Germany. The website presents a professional and consistent brand image with clear navigation and relevant content targeting professionals, students, and customers in the finance and technology sectors. Technically, the site uses modern web technologies including JavaScript modules and Craft CMS, but suffers from a lack of valid SSL/TLS configuration, resulting in no HTTPS support and weak security posture. The cookie consent mechanism and privacy policy indicate good privacy compliance, although no explicit incident response or vulnerability disclosure policies are found. Overall, the site is functional and trustworthy but requires urgent security improvements.

V

VRM Holding GmbH & Co. KG

vrm-datenschutz.de

0

VRM Datenschutz website serves as a centralized privacy information portal for the VRM media group, a large regional media company in Germany. The site provides links to privacy notices for various digital offerings including news portals, e-paper services, and subscription shops. The business operates primarily in the media sector, targeting users of its digital content platforms. The website content is basic but consistent with the company's branding and provides essential privacy information in German. Technically, the site is hosted by Versatel and lacks modern security configurations such as HTTPS, security headers, and DNS security extensions. Performance is slow with a load time exceeding 10 seconds, and mobile optimization is minimal but functional. Security posture is weak due to the absence of SSL/TLS and security headers, exposing the site to potential risks. Privacy compliance is partially met with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates moderate business credibility but requires significant improvements in security and technical implementation to enhance trust and compliance.