Security Directory

D

Diese Domain ist bereits registriert.

ihk-saarland.de

0

The website ihk-saarland.de currently serves as a placeholder domain with minimal content, simply stating that the domain is already registered. There is no active business content, no contact information, and no policies related to privacy, cookies, or terms of service. The site does not utilize any advanced web technologies or frameworks and lacks SEO and accessibility features. Technically, the site is served over HTTPS with support for modern TLS protocols, but lacks important security enhancements such as HSTS, OCSP stapling, DNSSEC, and DMARC records. The absence of security headers and policies indicates a low security posture. Overall, the site appears to be inactive or parked, providing no business or user engagement value. The risk level is low from a security threat perspective but the lack of content and policies means it offers no trust or credibility to visitors.

V

VisiConsult

visiconsult.de

0

VisiConsult is a family-owned German company recognized as a global market leader in customized and standardized X-ray inspection solutions for non-destructive testing (NDT), quality assurance, and process optimization. The company operates multiple business divisions and subsidiaries, including VCxray, VCbattery, VCcount, and VC Inspection Services, as well as diondo X-ray Systems and Services. Their solutions serve diverse industries such as aerospace, automotive, defense, energy, and manufacturing. Technically, the website is built on WordPress with the Avada theme and uses modern web technologies including TLS 1.3 for secure communications. The site is well-optimized for SEO and mobile devices, with good accessibility features. Security posture is solid with no critical vulnerabilities detected, although improvements like enabling HSTS and OCSP stapling are recommended. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the website reflects a professional, trustworthy, and technically mature organization.

R

Rohmann GmbH

rohmann.de

0

Rohmann GmbH is a leading German manufacturer specializing in eddy current testing devices and systems for non-destructive testing (NDT). The company serves key industrial sectors including automotive, aerospace, energy, and steel manufacturing, offering a broad product portfolio ranging from handheld devices to inline systems and software solutions. Their market position is reinforced by strong partnerships and customer testimonials from globally recognized companies such as Siemens and Lufthansa Technik. Technically, the website is built on WordPress with WooCommerce and Gravity Forms, leveraging modern JavaScript libraries and frameworks. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts its security posture. Privacy compliance is well addressed with comprehensive policies and a consent mechanism. Overall, the site demonstrates good content quality and business credibility but requires urgent security improvements to protect user data and enhance trust.

K

KARL DEUTSCH Prüf- und Messgerätebau GmbH + Co KG

karldeutsch.de

0

KARL DEUTSCH Prüf- und Messgerätebau GmbH + Co KG is a medium-sized German manufacturing company specializing in nondestructive testing equipment, including ultrasonic, magnetic particle, and penetrant testing devices. Founded in 1949, the company has established a strong international market presence with a broad product portfolio and recognized brands. The website is built on WordPress with a professional design and clear navigation, supporting multilingual content in German and English. However, the site currently lacks a valid SSL certificate, exposing it to security risks and impacting trustworthiness. While cookie consent mechanisms and privacy policies are well implemented, the absence of HTTPS and security headers are critical vulnerabilities that need urgent attention. Contact information and social media presence are comprehensive, supporting business credibility.

K

Klar Webagentur GmbH

klar-webagentur.ch

0

Klar Webagentur GmbH is a Swiss-based digital agency specializing in web design, web development, content production including photography and video, and online marketing services targeted primarily at Swiss small and medium-sized enterprises (KMU) and organizations. The company positions itself as a provider of clear, practical web solutions that help clients achieve their digital goals efficiently. Their website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website is built on Joomla CMS and leverages modern JavaScript libraries such as jQuery and GSAP, along with Mapbox for map integration. The site uses Google Analytics and Google Tag Manager for analytics and marketing purposes. Hosting appears to be managed via sui-inter.net nameservers. Performance is somewhat slow due to a large page size and many resources, but mobile optimization is good. From a security perspective, the site uses HTTPS with TLS 1.3 and 1.2 protocols and has valid SPF and DMARC DNS records, although DMARC is set to a non-enforcing policy. There is no HSTS enabled, no DNSSEC, and no OCSP stapling, which are areas for improvement. No explicit security or incident response policies are published on the site. Cookie consent is implemented with a banner and opt-in mechanism, but GDPR compliance indicators are basic. Overall, the website is functional, professional, and credible but could benefit from enhanced security configurations and improved performance. Strategic recommendations include enabling HSTS, improving DMARC policy, implementing DNSSEC, and optimizing page load times to strengthen security posture and user experience.

C

CERTQUA GmbH

certqua.de

0

CERTQUA GmbH is a medium-sized German certification body specializing in certifications and accreditations for education and labor market organizations, including ISO 9001, ISO 21001, and AZAV. Founded in 1994, it holds accreditations under ISO 17021 and ISO 17065 and offers a comprehensive range of services including certification, training seminars, and a digital service center platform. The website is professionally designed, content-rich, and well-structured, targeting education providers and related stakeholders. Technically, the site uses modern web technologies and is hosted on Hetzner, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and valid certificates but lacks some best practices such as HSTS, OCSP stapling, DMARC, and DNSSEC. Privacy compliance is well addressed with clear cookie consent and privacy policies. Contact information and social media presence enhance business credibility. Overall, the site reflects a mature digital presence with room for security improvements.

J

Just a moment...

crunchboard.com

0

The website crunchboard.com is currently inaccessible due to a Cloudflare security challenge page that blocks access to actual content. The page served is a minimal interstitial requiring JavaScript and cookies to proceed, indicating a WAF protection mechanism is active. No business-related content, metadata, or contact information is available for analysis. The SSL configuration is basic with HTTPS enabled but lacks advanced features such as HSTS and OCSP stapling. DNSSEC is disabled and CAA records appear malformed. The site uses Cloudflare for hosting and security, with Cloudflare Insights for minimal analytics. Due to the blocking, the overall content quality and business credibility cannot be assessed, resulting in a low AI score. Strategic recommendations include disabling or properly configuring the WAF challenge for public access, adding privacy and cookie policies, and publishing business contact information to improve trust and compliance.

C

Christian Doppler Laboratory CDL-BOT

cdl-bot.at

0

The Christian Doppler Laboratory CDL-BOT is a research-focused institution specializing in blockchain technologies for the Internet of Things. It operates as a collaboration between academic institutions TU Hamburg and TU Wien, supported by Austria's Federal Ministry for Digital and Economic Affairs and industrial partners such as Pantos and the IOTA Foundation. The laboratory aims to advance Distributed Ledger Technologies to be practical and effective for IoT applications, including secure data exchange and payment mechanisms. The website reflects a professional research entity with clear academic and industrial partnerships but lacks direct contact information and comprehensive privacy or security policies. Technically, the website is built using modern web technologies including React and Next.js, providing a good user experience and mobile optimization. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. The DNS setup is standard but lacks advanced security features such as DNSSEC and CAA records. Performance is moderate with a page load time of approximately 4 seconds. Security-wise, the site does not implement essential best practices such as HTTPS, HSTS, or security headers, and lacks vulnerability disclosure or incident response information. Privacy compliance is minimal with a basic privacy policy present but no cookie consent mechanism or GDPR compliance statements. Overall, the site is functional and informative but requires urgent improvements in security and privacy to meet modern standards. Strategic recommendations include immediate deployment of a valid SSL certificate, enabling HTTPS, implementing security headers, adding cookie consent mechanisms, and publishing comprehensive security and privacy policies to enhance trust and compliance.

O

on-geo GmbH

lora.de

0

on-geo GmbH operates a suite of geospatial data service portals including LORA and Geoport, targeting professional users in real estate and related sectors primarily in Germany. The website serves as a secure login gateway for multiple branded services, providing access to geospatial data, consulting, and training. The technical infrastructure is based on Microsoft technologies with ADFS for authentication, delivering a fast and functional user experience with basic mobile optimization. Security posture is strong with HTTPS, modern TLS protocols, and multiple security headers, though improvements are recommended in HSTS configuration and email domain security. Privacy compliance is partial with a privacy policy present but lacking cookie consent mechanisms. Overall, the site demonstrates good business credibility and technical maturity with room for enhancements in privacy and security best practices.

1

11FREUNDE

11freunde.de

0

11FREUNDE is a well-established German digital magazine focused on football culture, providing comprehensive news, live tickers, video content, and subscription services. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, responsive design, and extensive content catering to football enthusiasts. However, the absence of a valid SSL/TLS certificate significantly impacts the site's security posture, exposing users to potential risks. While privacy and cookie policies are comprehensive and GDPR compliant, the lack of HTTPS and related security best practices are critical vulnerabilities. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

R

relxchat.link

relxchat.link

0

The website relxchat.link currently presents no accessible content, metadata, or business information, indicating it is likely blocked by a Cloudflare Web Application Firewall or similar security mechanism. The DNS records and hosting provider confirm Cloudflare usage, but the site returns a minimal HTML skeleton with no visible content or scripts. The SSL certificate is valid but lacks detailed configuration information, and no security headers or policies are implemented. Due to the lack of accessible content, no privacy, cookie, or terms of service policies are found, and no contact or business information is available. This severely limits the ability to assess the business model, market position, or services offered. The overall digital maturity appears very low with poor SEO, accessibility, and user experience.

R

relxcutt.link

relxcutt.link

0

The website relxcutt.link currently presents no accessible content, metadata, or business information, indicating it is either under construction or blocked by security mechanisms. The domain is hosted behind Cloudflare with valid but suspicious SSL certificate details and no security headers or DNS security extensions enabled. This results in a low security posture and poor technical implementation. No privacy, cookie, or terms of service policies are present, and no contact or business details can be extracted. Overall, the site is not functional or informative at this time, severely limiting any meaningful business or security assessment.

L

Lagutogel

rinconolon.com

0

Lagutogel operates as an online platform providing live Hong Kong lottery results and related data, targeting Indonesian lottery players and enthusiasts. The website positions itself as a trusted source for accurate and timely lottery information, supplemented by affiliate links for registration and login to gambling services. Technically, the site leverages AMP technology for optimized mobile performance and is hosted behind Cloudflare, ensuring basic content delivery and security. However, the SSL certificate validity dates appear unusual, and no advanced security headers or email authentication mechanisms like DMARC are implemented. Privacy compliance is minimal, with no visible privacy or cookie policies, which may pose regulatory risks. Overall, the site delivers relevant content with moderate technical maturity but lacks comprehensive security and privacy safeguards.

U

UCSfm

ucsfm.com.br

0

UCSfm is a regional radio station affiliated with the Universidade de Caxias do Sul, serving the Serra Gaúcha region in Brazil with music, news, and cultural content. The website is built on WordPress and uses common plugins such as Revolution Slider and Contact Form 7, indicating a standard digital infrastructure. The site actively publishes news articles and maintains community engagement through streaming links and social sharing tools. However, the lack of a valid SSL certificate and absence of HTTPS significantly weaken the security posture. The presence of a cookie consent banner and privacy policy shows some privacy awareness, but GDPR compliance is not evident. Overall, the site is functional and moderately professional but requires urgent security improvements to protect user data and enhance trust.

H

Hospital Geral de Caxias do Sul

hgcs.com.br

0

Hospital Geral de Caxias do Sul is a large healthcare institution in Brazil providing a comprehensive range of medical services including oncology, radiotherapy, intensive care, and specialized treatments. The hospital is a regional reference in high complexity care and is accredited by the ONA, reflecting its commitment to quality and safety. The website serves patients, healthcare professionals, and the local community, also offering educational programs such as medical residency and permanent education. Technically, the site uses a modern tech stack including Apache server, Laravel framework, and various JavaScript libraries for UI and analytics. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Security headers are minimal, and no privacy or cookie policies are found, indicating compliance gaps. The site includes multiple contact phone numbers, a physical address, and social media links, enhancing business credibility. Overall, the website is functional and content-rich but requires urgent improvements in security and privacy compliance to protect users and enhance trust.

U

Uniftec Online

unifteconline.com.br

0

Uniftec Online is a well-established Brazilian educational institution offering a broad portfolio of courses including undergraduate, postgraduate, technical, and extension programs, primarily delivered via online (EAD) and in-person modalities. The institution operates multiple campuses and learning centers across Brazil, supported by a robust digital infrastructure leveraging modern web technologies such as Next.js, React, and Material-UI, hosted on Amazon AWS. The website demonstrates a professional design with comprehensive course information and clear navigation, targeting students seeking flexible and diverse educational opportunities. Security posture is adequate with HTTPS enabled and no critical vulnerabilities detected, though improvements in SSL configuration and DNS security are recommended. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks explicit cookie consent mechanisms and GDPR compliance indicators. Overall, the website reflects a mature digital presence with room for technical and security enhancements to further strengthen trust and compliance.

S

Sof.IA

sofia.vc

0

Sof.IA is a Brazilian technology company offering an AI-powered personal assistant accessible via WhatsApp. The service integrates multiple AI platforms such as ChatGPT, OpenAI, Google, and Microsoft to provide features including image generation, translations, mathematical solutions, and audio-based Q&A. The business model is credit-based with free trial credits and paid packages, targeting smartphone users seeking practical AI assistance. Technically, the website is built on WordPress with Elementor and related plugins, hosted on AWS infrastructure. However, the site suffers from slow performance and lacks a valid SSL certificate, exposing users to security risks. Security posture is weak with no HTTPS, no security headers, and missing DNS security records. Privacy compliance is poor, with no privacy or cookie policies despite collecting user data via forms. Contact information is available via email and contact forms, but no formal security or incident response policies are found. Overall, the site is functional but requires significant improvements in security and privacy to enhance trust and compliance.

D

Design For a Better World

dfbwaward.com

0

Design For a Better World is a Brazilian award platform that celebrates design initiatives promoting positive social and environmental impact. The website showcases award categories, jury members, past winners, and partner organizations. It is built on WordPress with Elementor and uses Yoast SEO for optimization. The technical infrastructure is moderate but suffers from slow load times and lacks a valid SSL certificate, which impacts security and user trust. The security posture is weak due to missing HTTPS, lack of security headers, and absence of email authentication records like DMARC. Privacy compliance is minimal, with no visible privacy or cookie policies. Contact information and social media presence are clearly provided, supporting business credibility. Overall, the site is content-rich and professionally designed but requires urgent security and privacy improvements.

P

Página inacessível

apprbs.com.br

0

The website apprbs.com.br currently serves a minimal 'Página inacessível' (Page inaccessible) message with no accessible business content or user interaction features. The DNS configuration shows hosting on Google Cloud infrastructure and email services via Google Workspace with SPF records including Elastic Email. However, the site lacks a valid SSL certificate and does not support HTTPS, representing a critical security vulnerability. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available, indicating the site is either down, under maintenance, or improperly configured. From a technical perspective, the site uses basic HTML5 and CSS with JSON-LD structured data indicating the domain name but no further business details. Performance is moderate but limited by minimal content. SEO is poor due to a malformed robots meta tag set to noindex and lack of metadata. Accessibility and mobile optimization are basic at best. Security posture is weak with no HTTPS, no security headers, no HSTS, and a DMARC policy set to none, exposing the domain to email spoofing risks. No WAF or security challenge was detected, but the site is effectively inaccessible to users. Overall, the site scores very low on content quality, technical implementation, security, privacy compliance, and business credibility. Strategic recommendations include immediate installation of a valid SSL certificate, enabling HTTPS, improving security headers and policies, publishing privacy and cookie policies, and restoring accessible business content to improve trust and compliance.

A

Atria Design & Inovação

studioatria.com.br

0

Atria Design & Inovação is a Brazilian small design studio specializing in innovation, branding, and digital experience services. The company targets businesses seeking to enhance their brand and user experience through strategic design solutions. Their website showcases multiple client case studies and a clear service offering, positioning them as an innovative design partner in their market segment. Technically, the website uses modern frontend libraries such as Bootstrap, jQuery, and Owl Carousel, hosted on Locaweb, but suffers from slow load times and lacks a CMS or structured data for SEO enhancement. Security posture is weak due to the absence of a valid SSL certificate, no HTTPS support, and missing security headers, exposing the site to significant risks. Privacy compliance is basic with a cookie consent popup and a privacy policy page, but no GDPR-specific indicators or terms of service are present. Overall, the site is professional in design and content but requires urgent security improvements to protect user data and build trust.

M

Madri Lab

madriproducoes.com.br

0

Madri Lab is a Brazilian company specializing in educational technology services, particularly focused on EAD (distance education) and LMS (Learning Management System) platforms such as Moodle. They provide a range of services including hosting, platform customization, web development, and corporate training. The company positions itself as a specialized provider for educational institutions and corporate clients seeking to enhance their online course offerings. Technically, the website is built on WordPress with Elementor and several plugins, hosted likely on AWS infrastructure. However, the site lacks a valid SSL certificate, serving content over HTTP only, which is a significant security concern. The security posture is weak with no HTTPS, no HSTS, and missing security headers, exposing users to potential risks. Privacy compliance is partial with a privacy policy and terms of service present but no cookie consent mechanism. Overall, the site demonstrates moderate digital maturity but requires urgent improvements in security and privacy compliance to protect users and build trust.

L

leadlovers

leadlovers.app

0

Leadlovers is a technology company offering marketing automation and lead generation services primarily through a SaaS platform. The website targets digital marketers and businesses seeking to optimize email marketing and sales funnels. The platform integrates various third-party tools for analytics and user engagement, indicating a moderate level of digital maturity. However, the website suffers from a critical security issue due to the absence of a valid SSL certificate, resulting in no HTTPS protection. This significantly impacts the security posture and user trust. Additionally, the lack of privacy and cookie policies suggests poor privacy compliance. Performance is suboptimal with a slow load time and large page size, which may affect user experience. Overall, while the business model and content quality are good, the technical and security shortcomings present risks that should be addressed promptly.

F

FoccoERP - Sistema de Gestão

foccoerp.com.br

0

FoccoERP is a Brazilian ERP software provider specializing in management systems for manufacturing and distribution companies. The company offers integrated solutions that enhance operational efficiency, reduce costs, and support business growth with AI-driven planning tools. Their market position is strong with over 1000 clients and 20,000 active users, supported by a professional website and active social media presence. Technically, the website is built on WordPress with Elementor and hosted on Hostinger with Cloudflare DNS, but lacks a valid SSL certificate, which is a critical security gap. Security posture is basic with SPF and DMARC configured but no HTTPS or modern TLS protocols enabled. Privacy compliance is partial with a privacy policy and terms of service present but no cookie consent mechanism despite tracking pixels. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

Mozaik Software operates a UK-based e-commerce website offering software subscriptions and online training services. The company targets businesses and professionals seeking specialized software solutions and training. The website is built on WordPress with WooCommerce, indicating a standard e-commerce platform setup. However, the site suffers from slow performance and minimal content, with only a single product listed. Technically, the site uses common marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Microsoft Clarity, but lacks modern security configurations. Critically, the absence of an SSL certificate means the site is served over HTTP, exposing users to potential risks and undermining trust. Privacy and cookie policies are present but hosted on a third-party domain, which may affect compliance perception. Overall, the site demonstrates basic digital maturity but requires significant improvements in security and performance to enhance user trust and compliance.

A

Arztsuche24.at

arztsuche24.at

0

Arztsuche24.at is an Austrian online healthcare directory providing comprehensive listings of doctors, pharmacies, and health institutions across Austria. The platform offers detailed information including health insurance affiliations, opening hours, directions, and contact details, targeting patients and healthcare seekers within Austria. The site collaborates with Verlagshaus der Ärzte, enhancing its credibility and content quality. Technically, the website is built on WordPress with a custom theme and utilizes common web technologies such as jQuery, Bootstrap, and Leaflet.js for maps. However, the site suffers from a lack of a valid SSL certificate, resulting in no HTTPS support and outdated security protocols, which significantly impacts its security posture. Privacy compliance is addressed through a cookie consent banner and links to comprehensive privacy and terms policies hosted on a partner domain. Overall, while the site provides valuable healthcare information, its security shortcomings and slow performance present risks that should be addressed to improve user trust and compliance.

S

SoSafe

humanfirewallconference.com

0

SoSafe operates the Human Firewall Conference, a leading European cybersecurity event focused on the human factor in security. The company provides cybersecurity awareness training and human risk management services, positioning itself as a key player in the cybersecurity education and event space. The website is professionally designed, content-rich, and targets security professionals and CISOs. Technically, the site uses WordPress CMS, integrates with HubSpot for forms, Matomo and Google Analytics for tracking, and Cookiebot for GDPR-compliant cookie management. However, the site suffers from an invalid SSL certificate and lacks important security headers and DNS security features, which lowers its security posture. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Business credibility is strong with clear contact information, social media presence, and trust signals such as testimonials and speaker highlights. Overall, the site is functional and professional but requires improvements in security infrastructure to enhance trust and compliance.

S

SoSafe

sosafe.de

0

SoSafe is a leading European provider of security awareness training and human risk management solutions, serving over 4.5 million users. Their platform leverages behavioral psychology, gamification, and AI to empower employees to recognize and mitigate cyber threats effectively. The company offers a suite of products including personalized e-learning, phishing simulation tools, an AI chatbot named Sofie, and a comprehensive human risk management dashboard. Technically, the website is built on WordPress, uses Cloudflare for hosting and CDN, and integrates marketing and analytics tools such as Google Tag Manager and Visual Website Optimizer. While the site is content-rich, well-designed, and privacy compliant with GDPR and cookie consent mechanisms, it suffers from a critical security issue: an invalid SSL certificate and disabled TLS protocols, which significantly lowers its security posture. The company demonstrates strong trust signals through ISO 27001, TISAX certifications, customer testimonials, and industry awards. Overall, SoSafe presents a professional and credible online presence but must urgently address its SSL/TLS configuration to ensure secure communications and maintain trust.

1

1-2-3-Plakat.de GmbH

123plakat.de

0

1-2-3-Plakat.de GmbH operates a specialized online platform focused on poster advertising across Germany, providing a comprehensive service that includes location selection, printing, and campaign management. The company targets businesses and freelancers seeking effective outdoor advertising solutions, leveraging a large inventory of over 160,000 poster locations. The website is built on TYPO3 CMS and integrates modern marketing and analytics tools such as Google Tag Manager and Google Analytics. Despite a well-structured and content-rich site with good user experience and clear contact information, the absence of a valid SSL certificate and HTTPS significantly undermines the security posture. The site employs cookie consent mechanisms and maintains GDPR-compliant privacy policies, reflecting good privacy compliance. Overall, the business demonstrates solid credibility and market positioning but requires urgent security improvements to protect user data and enhance trust.

P

ProSiebenSat.1 Welt

prosiebensat1welt.de

0

ProSiebenSat.1 Welt was a German Pay TV channel operated under the ProSiebenSat.1 media group, offering entertainment content including TV programs, films, and series. The channel ceased operations at the end of 2023 after nearly two decades. The website serves primarily as an informational and redirect portal to partner channels and provides compliance and legal information. Technically, the site is built using modern web technologies including Next.js and React, hosted likely on AWS infrastructure, and uses Contentful as a CMS. However, the site suffers from a critical security issue: the SSL certificate is invalid or missing, resulting in no HTTPS support, which severely impacts security posture and user trust. No advanced security headers or TLS protocols are enabled, and DNSSEC is not configured. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, but no direct contact information or incident response details are provided. Overall, the site is functional and professionally designed but requires urgent security improvements to protect users and maintain credibility.

J

Joyn

joyn.at

0

Joyn.at is a regional streaming media platform targeting German-speaking users in Austria, Germany, and Switzerland. The service offers video content with geo-restrictions limiting access outside these countries. The website is built using modern web technologies including Next.js and React, hosted on AWS infrastructure. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Privacy and cookie policies are present, indicating some compliance with GDPR requirements, but no explicit security or incident response policies are found. Overall, the site provides a professional user experience but requires significant improvements in security posture to protect user data and enhance trust.

F

FRIDAY Versicherungen

friday.de

0

FRIDAY Versicherungen is a German digital insurance provider offering flexible and simple online insurance services, including a customer portal (MyFRIDAY) and claims reporting. The company is majority owned by Baloise and has recently ceased offering new insurance products, focusing on servicing existing contracts. The website is built on modern web technologies such as Next.js and Prismic CMS, hosted on AWS infrastructure. While the site provides good content quality, clear navigation, and GDPR-compliant privacy policies, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Email authentication is well configured with SPF and DMARC policies. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to ensure secure communications.

O

ottonova Krankenversicherung AG

ottonova.de

0

Ottonova Krankenversicherung AG is a digitally advanced private health insurance provider based in Germany, founded in 2015. The company offers a range of private health insurance products including full coverage, supplementary dental and hospital insurance, and corporate health insurance, all delivered through a modern app-based platform. Ottonova positions itself as an innovative market player with high customer satisfaction and multiple industry awards. Technically, the website is built on Craft CMS and hosted on AWS infrastructure, employing modern JavaScript frameworks and consent management tools. However, a critical security issue is the lack of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant. Overall, the website demonstrates strong business credibility and user experience but requires urgent security improvements to protect user data and maintain trust.

V

vedisys AG

vedisys.de

0

vedisys AG is a German software company specializing in providing modular, scalable software solutions for public transport companies (ÖPNV). Their flagship product, AMIS®7, supports multichannel sales, subscription management, ticketing, and customer dialogue platforms. The company has a strong market presence since 1996 and integrates with partner platforms such as mobilityportal® and payment services like Payone. The website reflects a professional and comprehensive digital presence with detailed product information, customer testimonials, and news updates. Technically, the site is built on WordPress with modern plugins and SEO optimizations, but lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security gap. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the security posture is basic and requires urgent improvements to SSL/TLS and security headers to protect user data and enhance trust.

U

Unit M GmbH

unit-m.de

0

Unit M GmbH is a German-based specialist company focused on automating routine tasks in B2B sales and customer service, leveraging over 30 years of industry experience. The company offers a comprehensive suite of services including B2B eCommerce webshops, spare parts shops for mechanical engineering, customer portals, configurators, and IT consulting services. Their market position is strengthened by a solid client portfolio featuring well-known brands and recognized innovation funding. Technically, the website is built on WordPress with the Divi theme, integrating modern tools like Cookiebot for privacy compliance and Matomo for analytics. However, the site suffers from a critical security issue due to an invalid SSL certificate and lack of modern TLS protocol support, which undermines its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is professional, content-rich, and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

L

Landitec GmbH

landitec.de

0

Landitec GmbH is a medium-sized German company specializing in high-quality, flexible, and high-performance appliance solutions and services for the B2B sector. They focus on tailored IT security and network solutions, including hardware appliances, virtualization, SD-WAN, and industrial applications. The company holds a strong market position as an OPNsense Platinum Partner and collaborates with several notable technology providers such as Barracuda, 6WIND, and SECUDOS. Their offerings include customized appliances, pre-installed systems, and comprehensive customer support through an online portal. Technically, the website is built on Joomla CMS with Helix Ultimate framework and utilizes modern web technologies including Bootstrap 5 and jQuery. They employ Google Tag Manager and Google reCAPTCHA for analytics and security. However, a critical security gap is the absence of HTTPS/SSL, which significantly impacts their security posture. The site is mobile-optimized with good content quality and SEO practices. From a security perspective, while some security headers are present, the lack of SSL/TLS encryption, HSTS, and modern TLS protocols exposes the site to potential risks. No explicit security or incident response policies were found. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism. Overall, the site is professional and trustworthy in content and business representation but requires urgent security improvements to protect data and enhance user trust.

E

E-MEDIAD GmbH

e-mediad.de

0

E-MEDIAD GmbH is a small, established creative agency based in Cologne, Germany, specializing in digital design, web development, and branding services since 2002. The company targets businesses and startups seeking professional digital and design solutions. Their website showcases a professional design with a rich portfolio and clear navigation, indicating a strong market position in the regional creative services sector. Technically, the website is built on WordPress using Elementor and LayerSlider, with additional plugins for SEO and cookie consent management. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Security headers are well implemented, but the absence of modern TLS protocols and strong cipher suites reduces overall security. Privacy compliance is good, with clear privacy and cookie policies and consent mechanisms in place. Contact information and social media presence are clearly provided, enhancing business credibility. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to meet modern security standards.

E

eCube GmbH

ecube.de

0

eCube GmbH is a German-based software development and consulting company specializing in sustainable software ecosystems and e-commerce architecture. They serve businesses seeking innovative, scalable digital solutions with a focus on technical excellence and long-term planning. Their market position is that of a trusted specialist with strong partnerships and a portfolio of successful case studies. Technically, the website is built on WordPress with modern SEO and multilingual support, though performance optimization is needed due to slow load times. Security posture is strong with HTTPS, valid SPF and DMARC policies, and no critical vulnerabilities detected, but improvements like HSTS and DNSSEC are recommended. Privacy compliance is well addressed with comprehensive cookie consent and GDPR-aligned privacy policies. Overall, eCube demonstrates a professional and trustworthy online presence with clear business and technical maturity.

V

VersicherungsCheck24

versicherungscheck24.de

0

VersicherungsCheck24 is a German-based online insurance comparison portal offering a wide range of insurance products for both private and business customers. The platform provides professional and independent comparisons, helping users find the best insurance tariffs tailored to their needs. The website is built on WordPress using Elementor and integrates modern web technologies such as Alpine.js and Google Tag Manager for analytics and marketing. While the site offers comprehensive content and good user experience, its performance is somewhat slow due to a large page size and many resources. Security posture is adequate with HTTPS and SPF/DMARC configured, but lacks advanced security headers like HSTS and OCSP stapling. Privacy compliance is present with a detailed privacy policy, though no explicit cookie consent mechanism was detected. Overall, VersicherungsCheck24 demonstrates a solid market position in the German insurance comparison sector with a trustworthy and professional online presence.

T

TelemaxX Telekommunikation GmbH

telemaxx.de

0

TelemaxX Telekommunikation GmbH is a well-established provider of high-security data center services, managed IT services, colocation, and telecommunications based in Karlsruhe, Germany. Founded in 1999, the company operates multiple certified data centers and owns a substantial fiber optic network, positioning itself as a regional leader with a strong shareholder base. Their service portfolio includes cloud services, secure telecommunications, and comprehensive managed services tailored to business customers. Technically, the website is built on TYPO3 CMS with modern frameworks and integrates analytics and marketing tools such as Matomo and Google Tag Manager. However, the security posture is impacted by an invalid SSL certificate and lack of advanced security headers, which should be addressed to enhance trust and compliance. Overall, the site demonstrates excellent content quality, professional design, and strong business credibility, though improvements in security and privacy mechanisms are recommended.

C

CyberForum e.V.

cyberlab-karlsruhe.de

0

CyberLab Karlsruhe is a well-established startup accelerator and community hub operating under CyberForum e.V. It offers comprehensive services including founding consulting, accelerator programs, coworking spaces, mentoring, coaching, and investment facilitation. The website targets startups and entrepreneurs primarily in Germany, positioning itself as a key regional player with over 28 years of experience and a large active network. Technically, the site is built on TYPO3 CMS, uses modern TLS protocols, and integrates various frontend libraries and APIs, though performance is hindered by a high number of resources and slow load times. Security posture is adequate with HTTPS and SPF records but lacks advanced features such as HSTS, OCSP stapling, DMARC, DNSSEC, and certificate transparency compliance. Privacy compliance is good with a clear privacy policy and cookie consent mechanism. Overall, the site is professional, trustworthy, and content-rich, but could improve technical and security aspects to enhance user experience and protection.

Security assessment completed with an overall score of 50/100 (unknown risk). 1 critical issues require immediate attention. Total of 12 security findings identified across all modules.

C

Colina Tech

colinatech.com.br

0

Colina Tech is a Brazilian digital marketing agency specializing in SEO, paid traffic, website development, and inbound marketing services. The company serves over 100 active clients across Brazil and holds multiple industry certifications such as Google Partner and Meta Business Partner, positioning itself as a technically proficient and data-driven marketing partner. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency. Technically, the site is built on WordPress with modern JavaScript libraries and performance optimizations, but lacks HTTPS, which is a critical security shortfall. Security posture is weak due to absence of SSL/TLS, HSTS, and modern TLS protocols, exposing the site to potential risks. Privacy compliance is basic, with no cookie consent mechanism despite use of tracking tools. Contact information is clearly provided, enhancing business credibility. Strategic recommendations include immediate SSL certificate installation, enabling security headers, and implementing privacy consent mechanisms to improve trust and compliance.

E

edu.za

edu.za

0

The edu.za domain is associated with the education sector in South Africa, likely serving as a domain registry or portal for educational institutions. However, the website is currently non-functional, displaying a database connection error that prevents access to any meaningful content or services. The technical infrastructure is minimal, running on Apache with PHP 7.4.33, but lacks modern security configurations such as a valid SSL certificate and TLS support. The absence of security headers, DNSSEC, and email authentication mechanisms further weakens the security posture. There are no visible privacy or cookie policies, contact information, or business details, indicating a lack of transparency and user engagement. Overall, the site exhibits poor performance, accessibility, and security maturity, posing risks to users and stakeholders.

S

SAE University College

sae.edu.au

0

SAE University College is a leading higher education provider specializing in creative media and technology courses across Australia and internationally. It offers a wide range of industry-led programs in Animation, Audio, Design, Film, Games, Music, and related fields. The institution is part of the Navitas Group and holds important accreditations such as TEQSA and CRICOS, positioning it as a reputable player in the education sector. Technically, the website is built on WordPress with modern technologies and integrates multiple marketing and analytics tools, reflecting a mature digital presence. Security-wise, the site supports modern TLS protocols and has some best practices in place but is vulnerable to subdomain takeover and lacks HSTS enforcement, indicating areas for improvement. Overall, SAE University College maintains a professional and trustworthy online presence with comprehensive content and good user experience, though it should enhance its security posture and privacy compliance mechanisms.

S

SoftBank Latin America Fund

latinamericafund.com

0

SoftBank Latin America Fund is a large investment fund established in 2019 by the SoftBank Group to partner with and support technology companies and entrepreneurs in Latin America. The fund focuses on providing capital and hands-on support including talent acquisition, product development, marketing, and governance to foster growth in the region. The website presents a professional and consistent brand image with clear business descriptions and physical office addresses in Miami, Mexico City, and São Paulo. Technically, the site is built on modern React and Gatsby frameworks, leveraging Google Tag Manager and Cookiebot for analytics and cookie consent management. However, the security posture is weak due to an invalid SSL certificate and lack of modern TLS protocols, which undermines trust and exposes visitors to risks. Security headers are partially implemented but critical improvements are needed to meet best practices. Overall, the site demonstrates good digital maturity but requires urgent remediation of SSL and security configurations to ensure safe user interactions and compliance with privacy regulations.

A

ABD – Associação Brasileira de Designers de Interiores

abd.org.br

0

ABD – Associação Brasileira de Designers de Interiores is a well-established Brazilian professional association serving over 15,000 members for more than 44 years. The organization focuses on supporting interior designers through professional development, consulting services, exclusive benefits, educational courses, and events. Their digital presence is built on WordPress with Elementor, providing a modern and user-friendly website experience. However, the site suffers from slow performance and lacks critical security configurations such as a valid SSL certificate and security headers. Analytics and marketing tools like Google Tag Manager and Facebook Pixel are actively used, indicating a moderate level of digital maturity. Despite a strong brand presence and social media engagement, the absence of privacy and cookie policies, as well as security policies, represents compliance and trust gaps.

P

Promob Softwares Solutions

promob.com

0

Promob Softwares Solutions is a leading software developer specializing in the furniture sector, recognized as the largest in the world for this industry. Their comprehensive suite of software solutions covers design, production, sales, and education, targeting a broad audience including carpentry shops, factories, furniture stores, designers, architects, and educational institutions. The company emphasizes innovation and integration across the furniture production and sales lifecycle. Technically, the website is built on a modern WordPress platform using Elementor, supported by a robust tech stack including jQuery, JetElements, and various marketing and analytics tools. The hosting infrastructure leverages Azure DNS services, and the site employs modern SSL protocols (TLS 1.3 and 1.2) with OCSP stapling, ensuring secure communications. Performance is moderate with good mobile optimization and accessibility. From a security perspective, the site implements SPF and DMARC (though with a 'none' policy), uses Cookiebot for GDPR-compliant cookie consent, and shows no major SSL vulnerabilities. However, improvements such as enabling HSTS, DNSSEC, and a stricter DMARC policy could enhance security. No explicit security or incident response policies were found. Overall, Promob demonstrates a mature digital presence with strong business positioning and technical infrastructure. The extensive use of third-party analytics and marketing tools indicates a sophisticated approach to user engagement and data-driven marketing, balanced with compliance mechanisms. Strategic recommendations include enhancing security headers, improving compliance policies, and establishing clear incident response protocols.

O

Outsite Media GmbH

outsite-media.de

0

Outsite Media GmbH is a medium-sized German company specializing in out-of-home (OOH) media advertising, offering services such as Riesenposter, Beamboards, Media walls, and Citybanner. Founded in 2007, the company positions itself strongly in the market with a focus on sustainability and green marketing solutions, catering to advertisers and property owners seeking impactful and environmentally conscious advertising options. The website reflects a professional and consistent brand image with good content quality and active social media engagement. Technically, the website is built on WordPress using the Divi theme and several plugins including Revolution Slider, Contact Form 7, and Usercentrics for cookie consent management. SEO is well addressed with Yoast SEO and structured data implementation. However, the site currently lacks a valid SSL certificate and does not support modern TLS protocols, which is a significant security concern. Performance is moderate with a page load time of about 5.5 seconds, and mobile optimization is good. From a security perspective, the absence of HTTPS and security headers, along with missing DMARC and CAA records, exposes the site to potential risks. The presence of a valid SPF record is a positive aspect for email security. Cookie consent is properly managed via Usercentrics, indicating GDPR compliance. No explicit security policies or incident response information are found on the site. Overall, while the business and technical infrastructure are solid for its market niche, urgent improvements in SSL/TLS configuration and security best practices are recommended to enhance trust and protect user data.

P

ProSiebenSat.1 Media SE

commerceandventures.com

0

Commerce & Ventures is the investment business of ProSiebenSat.1 Media SE, focusing on supporting consumer-oriented start-ups and growth companies through a combination of media-for-equity, media-for-revenue, minority, and majority investments. The company leverages the extensive media reach of the ProSiebenSat.1 Group to build brand awareness and accelerate growth for its portfolio companies. Technically, the website is built on modern frameworks such as Next.js and React, hosted on AWS, and integrates marketing and tracking tools like Google Tag Manager. Security posture is adequate with support for TLS 1.2 and 1.3 and no major vulnerabilities detected, but lacks some best practices like HSTS and OCSP stapling. Overall, the site is professional, well-branded, and provides comprehensive information about its investment activities and portfolio. However, direct contact information and explicit security policies are not prominently available, which could be improved to enhance trust and compliance.

I

International Data Spaces Association (IDSA) / Associação Brasileira de Internet das Coisas (ABINC)

idsa-brasil.org

0

The IDSA Hub Brazil website represents a collaborative initiative between the International Data Spaces Association (IDSA) and the Associação Brasileira de Internet das Coisas (ABINC) to promote the future of the digital economy in Brazil through the creation and adoption of data spaces. The site serves as a knowledge transfer and community-building platform, targeting businesses and organizations interested in data sovereignty, IoT, and digital innovation. The business model is non-profit and partnership-driven, positioning itself as a key facilitator in the Brazilian technology ecosystem with global ties. Technically, the website is built on WordPress using Elementor and Astra theme, hosted by HostGator Brazil, with moderate performance and good mobile optimization. However, the security posture is weak due to the absence of a valid SSL certificate, lack of security headers, and missing DNS and email security records. No privacy or cookie policies are present, which may impact compliance and user trust. Overall, the site is professional and content-rich but requires significant improvements in security and compliance to enhance trust and protect user data.