Security Directory

L

Lekkerland SE

lekkerland.de

0

Lekkerland SE is a leading convenience wholesaler and logistics provider in Germany, serving approximately 40,000 retail points with a broad product assortment and tailored services. The company is part of the REWE Group, a major European retail conglomerate. The website reflects a mature digital presence with comprehensive business information, structured data, and multi-language support. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate and HTTPS support, which exposes users to risks and undermines trust. Privacy compliance is well managed with cookie consent via Usercentrics and a comprehensive privacy policy. The site uses modern marketing and analytics tools but suffers from slow load times and lacks advanced security headers. Strategic improvements in SSL deployment and security hardening are essential to elevate the security posture and user trust.

E

E.ON Energie Österreich GmbH

eon-energie.at

0

E.ON Energie Österreich GmbH is a leading energy provider in Austria, offering reliable electricity and natural gas supply with a strong emphasis on renewable energy, particularly 100% green electricity from Austrian hydropower. The company also provides e-mobility solutions and comprehensive customer service including online portals and live chat support. Their market position is reinforced by multiple industry awards and certifications, reflecting a commitment to quality and sustainability. Technically, the website is built on Adobe Experience Manager with modern web components and integrates various third-party services such as Google Tag Manager for analytics and Usercentrics for consent management. The site is hosted via Cloudflare and uses a valid DigiCert SSL certificate, though some security enhancements like HSTS and DNSSEC are not yet implemented. Performance is moderate with room for improvement. Security posture is solid with no critical vulnerabilities detected, proper use of HTTPS, and SPF records for email protection. Privacy compliance is strong with clear privacy and cookie policies and a consent mechanism in place. Contact information is readily available, enhancing business credibility. Overall, the website demonstrates a mature digital presence with good content quality, technical implementation, and security practices, positioning E.ON as a trustworthy and professional energy provider in the Austrian market.

G

Grazer Wechselseitige Versicherung AG

grawe.at

0

Grazer Wechselseitige Versicherung AG (GRAWE) is a well-established Austrian insurance company founded in 1828, offering a broad range of insurance products including private, business, and agricultural insurance, alongside financial services. The company maintains a strong market position in Austria with a large customer base and extensive service network. Their website reflects a mature digital presence with comprehensive content, clear navigation, and multi-language support. Technically, the site is built on TYPO3 CMS, uses modern JavaScript and CDN services, but suffers from slow load times due to high resource count and page size. Security posture is good with valid SSL, strong cipher suites, and proper DNS security records like SPF and DMARC, though improvements such as enabling HSTS and OCSP stapling are recommended. Privacy compliance is robust with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the site demonstrates high professionalism and trustworthiness, suitable for its large enterprise status.

F

Firstlead GmbH

firstlead-server.de

0

Firstlead GmbH operates the website firstlead-server.de as a service platform in partnership with the affiliate network ADCELL. The site primarily serves as an informational landing page providing company contact details and links to the ADCELL affiliate network. The business model focuses on affiliate marketing services targeting advertisers and affiliates in Germany. The website content is minimal and presented in both German and English, reflecting a small-sized technology sector company with a basic online presence. Technically, the website uses Cloudflare for DNS hosting but lacks a valid SSL certificate, resulting in no HTTPS support. The site includes Google Analytics and Google Tag Manager scripts for tracking but does not implement cookie consent mechanisms or advanced SEO features. Performance is moderate with basic mobile optimization and accessibility. The meta robots tag is set to noindex, indicating the site is not intended for public search engine indexing. From a security perspective, the absence of a valid SSL certificate is a critical vulnerability, exposing users to potential data interception risks. No security headers or advanced security policies are implemented. Privacy compliance is partial, with a privacy policy and terms of service linked externally on the ADCELL domain but no cookie consent or explicit GDPR compliance indicators on the site itself. Overall, the website presents a low-risk profile due to its limited functionality and content but requires urgent improvements in SSL configuration and privacy compliance to enhance trustworthiness and security posture.

W

Weiterbildungsportal Saarland

weiterbildungsdatenbank-saar.de

0

Weiterbildungsportal Saarland is a regional educational information platform focused on providing comprehensive resources about continuing education for individuals, companies, and educational providers within the Saarland region of Germany. The platform is supported by governmental and institutional partners, offering detailed course databases, funding information, and thematic content tailored to various user groups. Technically, the website is built on TYPO3 CMS with Bootstrap for responsive design, ensuring good accessibility and user experience. Security-wise, the site employs HTTPS with modern TLS protocols and a valid SPF record, though it lacks some advanced HTTP security headers such as HSTS and DMARC, which are recommended for enhanced protection. The use of Matomo analytics reflects a moderate user tracking approach with privacy compliance in mind. Overall, the site demonstrates a solid balance of content quality, technical implementation, and security posture, positioning it as a trustworthy and professional resource in its domain.

H

Handwerkskammer des Saarlandes

hwk-saarland.de

0

Handwerkskammer des Saarlandes is a regional government institution dedicated to supporting the craft and trade sector in Saarland, Germany. The organization provides comprehensive services including vocational training, further education, business start-up consulting, and operational support to handcraft businesses and individuals. The website reflects a well-established entity with a strong regional presence and a focus on quality and accessibility. Technically, the site is built on WordPress with modern JavaScript frameworks like Vue.js, ensuring a responsive and user-friendly experience. Security measures such as HTTPS, HSTS, and SPF are properly implemented, though there is room for improvement in OCSP stapling and certificate transparency. Privacy compliance is robust with a clear privacy policy and cookie consent mechanism. Overall, the site demonstrates a mature digital infrastructure aligned with its public service mission.

I

IHK Saarland

ihksaarland.de

0

IHK Saarland operates as a regional chamber of commerce and industry serving the Saarland region in Germany. The organization provides a broad range of services including business consulting, education and training, legal and regulatory guidance, and digital services to support local enterprises, founders, and various business stakeholders. The website reflects a well-structured and professional digital presence with comprehensive content tailored to its target audience of businesses and professionals in the region. Technically, the site uses a traditional JavaScript and CSS stack with jQuery libraries and is hosted via epag.net DNS infrastructure. While the site supports modern TLS protocols ensuring secure HTTPS connections, it lacks advanced security headers and DNS security features, indicating room for improvement in its security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and accessible privacy policies. The website is not blocked by any WAF or security challenge, allowing full content access. Overall, the site scores well in business credibility and privacy compliance but could enhance technical and security aspects to improve performance and resilience.

V

Verband Deutscher Hidden Champions

vdhc-ev.de

0

VDHC e.V. is a German-based association representing medium-sized enterprises known as Hidden Champions. The organization focuses on networking, knowledge exchange, and advocacy for SMEs that are market leaders in niche sectors. Their business model centers on exclusive membership, offering events, webinars, and international business trips to foster collaboration and visibility. Technically, the website is built on WordPress with modern plugins and supports HTTPS with strong TLS protocols, though it lacks some advanced security headers and DMARC. The security posture is solid with no detected vulnerabilities, and privacy compliance is well implemented with a cookie consent mechanism and a comprehensive privacy policy. Overall, the site demonstrates a professional and trustworthy presence with good content quality and technical implementation.

D

Deutsche Gesellschaft für Zerstörungsfreie Prüfung e.V.

dgzfp.de

0

The Deutsche Gesellschaft für Zerstörungsfreie Prüfung e.V. (DGZfP) is a German professional association specializing in non-destructive testing (ZfP). The organization provides extensive training, certification, networking opportunities, and research support to professionals and industries such as automotive, construction, railway, and aviation. The website reflects a mature digital presence with rich content, event listings, and comprehensive privacy and cookie policies compliant with GDPR. Technically, the site is built on WordPress with modern plugins for SEO and cookie management, but suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support. This significantly impacts the security posture and user trust. The site is well-branded, professionally designed, and targets industry professionals and organizations in Germany.

W

Wuppertaler Kreis e.V.

wuppertaler-kreis.de

0

Wuppertaler Kreis e.V. is a well-established German association representing leading providers of corporate continuing education. Founded in 1955, it serves as a key voice for the industry, promoting workforce qualification, innovation, and competitiveness through quality assurance and advocacy. The website reflects a mature organization with a clear focus on education and professional development, targeting companies and training providers in Germany. Technically, the site is built on TYPO3 CMS, hosted via Deutsche Telekom infrastructure, and delivers moderate performance with good mobile optimization. Security posture is basic with a valid SSL certificate but lacks advanced security headers and email protection mechanisms like DMARC. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information and business credibility are well presented, supported by testimonials and partner logos. Overall, the site is professional and trustworthy but could improve in security and privacy practices.

Security assessment completed with an overall score of 50/100 (unknown risk). 1 critical issues require immediate attention. Total of 13 security findings identified across all modules.

F

Fraunhofer-Verbund Mikroelektronik in Kooperation mit den Leibniz-Instituten FBH und IHP

forschungsfabrik-mikroelektronik.de

0

The Fraunhofer-Verbund Mikroelektronik (FMD) is a leading German research consortium specializing in micro- and nanoelectronics, collaborating closely with Leibniz institutes FBH and IHP. The website serves as a comprehensive portal offering information on technology platforms, funding programs, cooperation opportunities, and current projects, targeting industry players, startups, SMEs, and academic institutions. The business model focuses on providing a one-stop-shop for microelectronics R&D, supported by strong institutional backing and federal funding. Technically, the site is built on Adobe Experience Manager with modern JavaScript libraries, delivering a moderate performance and good mobile optimization. Security posture is solid with HTTPS and strong cipher suites, though improvements like HSTS, DNSSEC, and TLS 1.3 support are recommended. Privacy compliance is good with a clear privacy policy but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-positioned in its market niche.

V

Videmi GmbH & Co. KG

videmi.de

0

Videmi GmbH & Co. KG is a small, established media company based in Germany specializing in integrated communication, film production, design, and photography services. With over 10 years of experience, the company serves a diverse clientele seeking enhanced visibility and communication strategies. Their website reflects a professional and consistent brand presence with clear service offerings and active social media engagement. Technically, the site is built on WordPress using the Enfold theme and incorporates modern technologies such as TLS 1.3 and Yoast SEO for optimization. However, some security enhancements like HSTS, DNSSEC, and advanced security headers are absent, which could improve their security posture. The site includes a GDPR-compliant privacy policy and cookie consent mechanism, demonstrating good privacy compliance. Overall, the website is well-designed, user-friendly, and trustworthy, though there is room for technical and security improvements.

D

DIN

din.one

0

DIN.ONE is a German-based community platform powered by Atlassian Confluence, designed to facilitate expert collaboration on standardization and norming projects. The platform hosts thematic communities, events, and news, targeting professionals engaged in these sectors. Technically, the site leverages Confluence 8.5.21 with a Refined theme, hosted likely on Google Cloud infrastructure. While the site uses HTTPS with modern TLS protocols, it lacks advanced security headers and mechanisms such as HSTS and OCSP stapling, which could enhance its security posture. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website provides good content quality and business credibility but suffers from slow performance and basic technical implementation.

D

DIN Solutions GmbH

dinsolutions.de

0

DIN Solutions GmbH is a medium-sized technology company operating within the DIN group, specializing in the development and operation of software, platforms, and databases for norming and standardization. The company serves DIN, DIN Media, and their customers and partners by delivering tailored technical solutions and engaging in innovative research and development, including artificial intelligence applications. Their market position is strong within the German norming ecosystem, supported by ISO 9001 certification and partnerships with recognized entities such as TÜV Rheinland. Technically, the website employs modern technologies including MarkLogic NoSQL database, X-Swift framework, and Swift programming language for transformation processes. The site is well-designed, mobile-optimized, and uses etracker for analytics. Performance is moderate with a page load time of about 3 seconds. However, the SSL certificate is nearing expiration, and security headers are minimal, indicating room for improvement in security hardening. Security posture is adequate with HTTPS, SPF, and DMARC configured, but lacks HSTS, DNSSEC, and advanced security headers. No vulnerabilities or malware were detected, but urgent SSL renewal is needed to maintain trust and secure communications. Privacy compliance is good with a comprehensive privacy policy and GDPR adherence, though no cookie consent mechanism was found. Overall, the website is professional and trustworthy with strong business credibility. Strategic recommendations include immediate SSL renewal, enhancing security headers, implementing DNSSEC and CAA, and adding cookie consent mechanisms to improve privacy compliance and security posture.

V

VCxray Inspection Services GmbH - X-ray inspection, testing services

xray-testing.com

0

The website xray-testing.com is currently inaccessible due to an HTTP 500 server error, which prevents normal content delivery. The site appears to host an offline dinosaur game script but lacks any meaningful business or contact information. The technical infrastructure supports modern TLS protocols but lacks important security features such as HSTS, OCSP stapling, and DNSSEC. No privacy, cookie, or terms of service policies are present, indicating poor compliance posture. Overall, the site is minimal, with poor content quality and limited technical maturity, resulting in a low trust and security rating.

4

404 Not Found

sigmacutt.link

0

The website sigmacutt.link currently serves only a 404 Not Found error page, indicating that the requested resource or site content is unavailable. There is no accessible business or marketing content, no metadata, no forms, and no contact information. The site is hosted behind Cloudflare with valid SSL, but the SSL certificate dates appear unusual and security headers are absent. Performance is slow with minimal resources loaded. Overall, the site lacks any visible business presence or user engagement features, making it impossible to assess business operations or market positioning. Security posture is minimal with no advanced protections enabled. Privacy and compliance policies are not present, indicating a lack of GDPR or similar regulatory adherence. The site is not blocked by a WAF or security challenge but is effectively inaccessible due to the missing content.

F

Firstlead GmbH

adcell.de

0

ADCELL, operated by Firstlead GmbH, is a well-established affiliate marketing network founded in 2003, targeting the German-speaking markets of Germany, Austria, and Switzerland. The platform connects publishers, advertisers, and agencies, offering a performance-based affiliate marketing model with no setup fees or monthly charges. The company enjoys a strong market position with over 64,000 active publishers and 2,426 partner programs, supported by multiple industry awards and certifications. The website content is rich, professionally designed, and targets a broad audience including publishers, advertisers, and agencies. Technically, the site uses common web technologies such as jQuery, Bootstrap, and slick sliders, hosted behind Cloudflare DNS services. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security shortfall. Privacy compliance is addressed with a consent management platform and clear privacy and cookie policies. Overall, the site demonstrates good business credibility but requires urgent security improvements.

N

news aktuell

zimpel.de

0

Zimpel.de is a German PR software and media database platform operated as a product of news aktuell, a subsidiary of the German Press Agency (dpa). The website targets PR professionals and media relations specialists by providing tools for managing journalist contacts and media distribution lists. The business model is SaaS-oriented, focusing on the media and public relations sector within Germany. The site content is minimal and primarily driven by JavaScript, with no visible contact or policy pages on the main HTML content. Technically, the site uses nginx as the web server and employs modern TLS protocols (TLS 1.2 and 1.3) with a valid SSL certificate. DNS hosting is managed by Colt, and email services are routed through news aktuell mail servers. Security headers are present but some are misconfigured or only in report-only mode, such as the Content Security Policy and X-XSS-Protection header. No DMARC record is configured, which is a gap in email security. No privacy or cookie policies are found, indicating low privacy compliance. Overall, the site demonstrates a moderate security posture but lacks transparency and completeness in privacy and contact information.

G

Grupa Pracuj

pracujwgp.pl

0

Grupa Pracuj operates as a leading HR technology platform in Europe, connecting job seekers with employers through a suite of recruitment and HR management products. The company maintains a strong market position with multiple subsidiary brands including Pracuj.pl, eRecruiter, and Softgarden. The website reflects a professional and comprehensive approach to employer branding and recruitment, targeting candidates and HR professionals primarily in Poland. Technically, the site is built on the Softgarden platform, leveraging modern JavaScript libraries and hosted via Cloudflare and Azure infrastructure. While the SSL certificate is valid and security policies such as DMARC are strictly enforced, there is room for improvement in HTTPS security by enabling HSTS and DNSSEC. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a mature digital presence with good content quality, though performance optimization could be enhanced.

S

Sheltr

sheltr.eu

0

Sheltr is a technology company specializing in compliance solutions for privacy-focused businesses, offering leading whistleblower and data discovery platforms. Their services target HR, compliance, and GDPR teams, helping organizations comply with regulations such as GDPR and the EU Whistleblower Directive. The company positions itself as a trusted provider with a user-friendly SaaS model, including free and paid offerings. Technically, Sheltr employs a modern web stack based on the Astro framework, integrates Piwik Pro for analytics, and uses Cookie Information for consent management. The site is hosted on Azure DNS with valid TLS certificates, supporting modern protocols like TLS 1.3. Security posture is solid with SPF and DMARC records, but could be improved by enabling HSTS, DNSSEC, and additional security headers. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism. Overall, the website is professional, well-branded, and trustworthy, with good content quality and user experience. No critical security issues or blocking mechanisms were detected.

D

Diese Domain ist bereits registriert.

ihk-saarland.de

0

The website ihk-saarland.de currently serves as a placeholder domain with minimal content, simply stating that the domain is already registered. There is no active business content, no contact information, and no policies related to privacy, cookies, or terms of service. The site does not utilize any advanced web technologies or frameworks and lacks SEO and accessibility features. Technically, the site is served over HTTPS with support for modern TLS protocols, but lacks important security enhancements such as HSTS, OCSP stapling, DNSSEC, and DMARC records. The absence of security headers and policies indicates a low security posture. Overall, the site appears to be inactive or parked, providing no business or user engagement value. The risk level is low from a security threat perspective but the lack of content and policies means it offers no trust or credibility to visitors.

V

VisiConsult

visiconsult.de

0

VisiConsult is a family-owned German company recognized as a global market leader in customized and standardized X-ray inspection solutions for non-destructive testing (NDT), quality assurance, and process optimization. The company operates multiple business divisions and subsidiaries, including VCxray, VCbattery, VCcount, and VC Inspection Services, as well as diondo X-ray Systems and Services. Their solutions serve diverse industries such as aerospace, automotive, defense, energy, and manufacturing. Technically, the website is built on WordPress with the Avada theme and uses modern web technologies including TLS 1.3 for secure communications. The site is well-optimized for SEO and mobile devices, with good accessibility features. Security posture is solid with no critical vulnerabilities detected, although improvements like enabling HSTS and OCSP stapling are recommended. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the website reflects a professional, trustworthy, and technically mature organization.

R

Rohmann GmbH

rohmann.de

0

Rohmann GmbH is a leading German manufacturer specializing in eddy current testing devices and systems for non-destructive testing (NDT). The company serves key industrial sectors including automotive, aerospace, energy, and steel manufacturing, offering a broad product portfolio ranging from handheld devices to inline systems and software solutions. Their market position is reinforced by strong partnerships and customer testimonials from globally recognized companies such as Siemens and Lufthansa Technik. Technically, the website is built on WordPress with WooCommerce and Gravity Forms, leveraging modern JavaScript libraries and frameworks. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts its security posture. Privacy compliance is well addressed with comprehensive policies and a consent mechanism. Overall, the site demonstrates good content quality and business credibility but requires urgent security improvements to protect user data and enhance trust.

K

KARL DEUTSCH Prüf- und Messgerätebau GmbH + Co KG

karldeutsch.de

0

KARL DEUTSCH Prüf- und Messgerätebau GmbH + Co KG is a medium-sized German manufacturing company specializing in nondestructive testing equipment, including ultrasonic, magnetic particle, and penetrant testing devices. Founded in 1949, the company has established a strong international market presence with a broad product portfolio and recognized brands. The website is built on WordPress with a professional design and clear navigation, supporting multilingual content in German and English. However, the site currently lacks a valid SSL certificate, exposing it to security risks and impacting trustworthiness. While cookie consent mechanisms and privacy policies are well implemented, the absence of HTTPS and security headers are critical vulnerabilities that need urgent attention. Contact information and social media presence are comprehensive, supporting business credibility.

K

Klar Webagentur GmbH

klar-webagentur.ch

0

Klar Webagentur GmbH is a Swiss-based digital agency specializing in web design, web development, content production including photography and video, and online marketing services targeted primarily at Swiss small and medium-sized enterprises (KMU) and organizations. The company positions itself as a provider of clear, practical web solutions that help clients achieve their digital goals efficiently. Their website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website is built on Joomla CMS and leverages modern JavaScript libraries such as jQuery and GSAP, along with Mapbox for map integration. The site uses Google Analytics and Google Tag Manager for analytics and marketing purposes. Hosting appears to be managed via sui-inter.net nameservers. Performance is somewhat slow due to a large page size and many resources, but mobile optimization is good. From a security perspective, the site uses HTTPS with TLS 1.3 and 1.2 protocols and has valid SPF and DMARC DNS records, although DMARC is set to a non-enforcing policy. There is no HSTS enabled, no DNSSEC, and no OCSP stapling, which are areas for improvement. No explicit security or incident response policies are published on the site. Cookie consent is implemented with a banner and opt-in mechanism, but GDPR compliance indicators are basic. Overall, the website is functional, professional, and credible but could benefit from enhanced security configurations and improved performance. Strategic recommendations include enabling HSTS, improving DMARC policy, implementing DNSSEC, and optimizing page load times to strengthen security posture and user experience.

C

CERTQUA GmbH

certqua.de

0

CERTQUA GmbH is a medium-sized German certification body specializing in certifications and accreditations for education and labor market organizations, including ISO 9001, ISO 21001, and AZAV. Founded in 1994, it holds accreditations under ISO 17021 and ISO 17065 and offers a comprehensive range of services including certification, training seminars, and a digital service center platform. The website is professionally designed, content-rich, and well-structured, targeting education providers and related stakeholders. Technically, the site uses modern web technologies and is hosted on Hetzner, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and valid certificates but lacks some best practices such as HSTS, OCSP stapling, DMARC, and DNSSEC. Privacy compliance is well addressed with clear cookie consent and privacy policies. Contact information and social media presence enhance business credibility. Overall, the site reflects a mature digital presence with room for security improvements.

J

Just a moment...

crunchboard.com

0

The website crunchboard.com is currently inaccessible due to a Cloudflare security challenge page that blocks access to actual content. The page served is a minimal interstitial requiring JavaScript and cookies to proceed, indicating a WAF protection mechanism is active. No business-related content, metadata, or contact information is available for analysis. The SSL configuration is basic with HTTPS enabled but lacks advanced features such as HSTS and OCSP stapling. DNSSEC is disabled and CAA records appear malformed. The site uses Cloudflare for hosting and security, with Cloudflare Insights for minimal analytics. Due to the blocking, the overall content quality and business credibility cannot be assessed, resulting in a low AI score. Strategic recommendations include disabling or properly configuring the WAF challenge for public access, adding privacy and cookie policies, and publishing business contact information to improve trust and compliance.

C

Christian Doppler Laboratory CDL-BOT

cdl-bot.at

0

The Christian Doppler Laboratory CDL-BOT is a research-focused institution specializing in blockchain technologies for the Internet of Things. It operates as a collaboration between academic institutions TU Hamburg and TU Wien, supported by Austria's Federal Ministry for Digital and Economic Affairs and industrial partners such as Pantos and the IOTA Foundation. The laboratory aims to advance Distributed Ledger Technologies to be practical and effective for IoT applications, including secure data exchange and payment mechanisms. The website reflects a professional research entity with clear academic and industrial partnerships but lacks direct contact information and comprehensive privacy or security policies. Technically, the website is built using modern web technologies including React and Next.js, providing a good user experience and mobile optimization. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. The DNS setup is standard but lacks advanced security features such as DNSSEC and CAA records. Performance is moderate with a page load time of approximately 4 seconds. Security-wise, the site does not implement essential best practices such as HTTPS, HSTS, or security headers, and lacks vulnerability disclosure or incident response information. Privacy compliance is minimal with a basic privacy policy present but no cookie consent mechanism or GDPR compliance statements. Overall, the site is functional and informative but requires urgent improvements in security and privacy to meet modern standards. Strategic recommendations include immediate deployment of a valid SSL certificate, enabling HTTPS, implementing security headers, adding cookie consent mechanisms, and publishing comprehensive security and privacy policies to enhance trust and compliance.

O

on-geo GmbH

lora.de

0

on-geo GmbH operates a suite of geospatial data service portals including LORA and Geoport, targeting professional users in real estate and related sectors primarily in Germany. The website serves as a secure login gateway for multiple branded services, providing access to geospatial data, consulting, and training. The technical infrastructure is based on Microsoft technologies with ADFS for authentication, delivering a fast and functional user experience with basic mobile optimization. Security posture is strong with HTTPS, modern TLS protocols, and multiple security headers, though improvements are recommended in HSTS configuration and email domain security. Privacy compliance is partial with a privacy policy present but lacking cookie consent mechanisms. Overall, the site demonstrates good business credibility and technical maturity with room for enhancements in privacy and security best practices.

1

11FREUNDE

11freunde.de

0

11FREUNDE is a well-established German digital magazine focused on football culture, providing comprehensive news, live tickers, video content, and subscription services. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, responsive design, and extensive content catering to football enthusiasts. However, the absence of a valid SSL/TLS certificate significantly impacts the site's security posture, exposing users to potential risks. While privacy and cookie policies are comprehensive and GDPR compliant, the lack of HTTPS and related security best practices are critical vulnerabilities. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

R

relxchat.link

relxchat.link

0

The website relxchat.link currently presents no accessible content, metadata, or business information, indicating it is likely blocked by a Cloudflare Web Application Firewall or similar security mechanism. The DNS records and hosting provider confirm Cloudflare usage, but the site returns a minimal HTML skeleton with no visible content or scripts. The SSL certificate is valid but lacks detailed configuration information, and no security headers or policies are implemented. Due to the lack of accessible content, no privacy, cookie, or terms of service policies are found, and no contact or business information is available. This severely limits the ability to assess the business model, market position, or services offered. The overall digital maturity appears very low with poor SEO, accessibility, and user experience.

R

relxcutt.link

relxcutt.link

0

The website relxcutt.link currently presents no accessible content, metadata, or business information, indicating it is either under construction or blocked by security mechanisms. The domain is hosted behind Cloudflare with valid but suspicious SSL certificate details and no security headers or DNS security extensions enabled. This results in a low security posture and poor technical implementation. No privacy, cookie, or terms of service policies are present, and no contact or business details can be extracted. Overall, the site is not functional or informative at this time, severely limiting any meaningful business or security assessment.

L

Lagutogel

rinconolon.com

0

Lagutogel operates as an online platform providing live Hong Kong lottery results and related data, targeting Indonesian lottery players and enthusiasts. The website positions itself as a trusted source for accurate and timely lottery information, supplemented by affiliate links for registration and login to gambling services. Technically, the site leverages AMP technology for optimized mobile performance and is hosted behind Cloudflare, ensuring basic content delivery and security. However, the SSL certificate validity dates appear unusual, and no advanced security headers or email authentication mechanisms like DMARC are implemented. Privacy compliance is minimal, with no visible privacy or cookie policies, which may pose regulatory risks. Overall, the site delivers relevant content with moderate technical maturity but lacks comprehensive security and privacy safeguards.

U

UCSfm

ucsfm.com.br

0

UCSfm is a regional radio station affiliated with the Universidade de Caxias do Sul, serving the Serra Gaúcha region in Brazil with music, news, and cultural content. The website is built on WordPress and uses common plugins such as Revolution Slider and Contact Form 7, indicating a standard digital infrastructure. The site actively publishes news articles and maintains community engagement through streaming links and social sharing tools. However, the lack of a valid SSL certificate and absence of HTTPS significantly weaken the security posture. The presence of a cookie consent banner and privacy policy shows some privacy awareness, but GDPR compliance is not evident. Overall, the site is functional and moderately professional but requires urgent security improvements to protect user data and enhance trust.

H

Hospital Geral de Caxias do Sul

hgcs.com.br

0

Hospital Geral de Caxias do Sul is a large healthcare institution in Brazil providing a comprehensive range of medical services including oncology, radiotherapy, intensive care, and specialized treatments. The hospital is a regional reference in high complexity care and is accredited by the ONA, reflecting its commitment to quality and safety. The website serves patients, healthcare professionals, and the local community, also offering educational programs such as medical residency and permanent education. Technically, the site uses a modern tech stack including Apache server, Laravel framework, and various JavaScript libraries for UI and analytics. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Security headers are minimal, and no privacy or cookie policies are found, indicating compliance gaps. The site includes multiple contact phone numbers, a physical address, and social media links, enhancing business credibility. Overall, the website is functional and content-rich but requires urgent improvements in security and privacy compliance to protect users and enhance trust.

U

Uniftec Online

unifteconline.com.br

0

Uniftec Online is a well-established Brazilian educational institution offering a broad portfolio of courses including undergraduate, postgraduate, technical, and extension programs, primarily delivered via online (EAD) and in-person modalities. The institution operates multiple campuses and learning centers across Brazil, supported by a robust digital infrastructure leveraging modern web technologies such as Next.js, React, and Material-UI, hosted on Amazon AWS. The website demonstrates a professional design with comprehensive course information and clear navigation, targeting students seeking flexible and diverse educational opportunities. Security posture is adequate with HTTPS enabled and no critical vulnerabilities detected, though improvements in SSL configuration and DNS security are recommended. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks explicit cookie consent mechanisms and GDPR compliance indicators. Overall, the website reflects a mature digital presence with room for technical and security enhancements to further strengthen trust and compliance.

S

Sof.IA

sofia.vc

0

Sof.IA is a Brazilian technology company offering an AI-powered personal assistant accessible via WhatsApp. The service integrates multiple AI platforms such as ChatGPT, OpenAI, Google, and Microsoft to provide features including image generation, translations, mathematical solutions, and audio-based Q&A. The business model is credit-based with free trial credits and paid packages, targeting smartphone users seeking practical AI assistance. Technically, the website is built on WordPress with Elementor and related plugins, hosted on AWS infrastructure. However, the site suffers from slow performance and lacks a valid SSL certificate, exposing users to security risks. Security posture is weak with no HTTPS, no security headers, and missing DNS security records. Privacy compliance is poor, with no privacy or cookie policies despite collecting user data via forms. Contact information is available via email and contact forms, but no formal security or incident response policies are found. Overall, the site is functional but requires significant improvements in security and privacy to enhance trust and compliance.

D

Design For a Better World

dfbwaward.com

0

Design For a Better World is a Brazilian award platform that celebrates design initiatives promoting positive social and environmental impact. The website showcases award categories, jury members, past winners, and partner organizations. It is built on WordPress with Elementor and uses Yoast SEO for optimization. The technical infrastructure is moderate but suffers from slow load times and lacks a valid SSL certificate, which impacts security and user trust. The security posture is weak due to missing HTTPS, lack of security headers, and absence of email authentication records like DMARC. Privacy compliance is minimal, with no visible privacy or cookie policies. Contact information and social media presence are clearly provided, supporting business credibility. Overall, the site is content-rich and professionally designed but requires urgent security and privacy improvements.

P

Página inacessível

apprbs.com.br

0

The website apprbs.com.br currently serves a minimal 'Página inacessível' (Page inaccessible) message with no accessible business content or user interaction features. The DNS configuration shows hosting on Google Cloud infrastructure and email services via Google Workspace with SPF records including Elastic Email. However, the site lacks a valid SSL certificate and does not support HTTPS, representing a critical security vulnerability. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available, indicating the site is either down, under maintenance, or improperly configured. From a technical perspective, the site uses basic HTML5 and CSS with JSON-LD structured data indicating the domain name but no further business details. Performance is moderate but limited by minimal content. SEO is poor due to a malformed robots meta tag set to noindex and lack of metadata. Accessibility and mobile optimization are basic at best. Security posture is weak with no HTTPS, no security headers, no HSTS, and a DMARC policy set to none, exposing the domain to email spoofing risks. No WAF or security challenge was detected, but the site is effectively inaccessible to users. Overall, the site scores very low on content quality, technical implementation, security, privacy compliance, and business credibility. Strategic recommendations include immediate installation of a valid SSL certificate, enabling HTTPS, improving security headers and policies, publishing privacy and cookie policies, and restoring accessible business content to improve trust and compliance.

A

Atria Design & Inovação

studioatria.com.br

0

Atria Design & Inovação is a Brazilian small design studio specializing in innovation, branding, and digital experience services. The company targets businesses seeking to enhance their brand and user experience through strategic design solutions. Their website showcases multiple client case studies and a clear service offering, positioning them as an innovative design partner in their market segment. Technically, the website uses modern frontend libraries such as Bootstrap, jQuery, and Owl Carousel, hosted on Locaweb, but suffers from slow load times and lacks a CMS or structured data for SEO enhancement. Security posture is weak due to the absence of a valid SSL certificate, no HTTPS support, and missing security headers, exposing the site to significant risks. Privacy compliance is basic with a cookie consent popup and a privacy policy page, but no GDPR-specific indicators or terms of service are present. Overall, the site is professional in design and content but requires urgent security improvements to protect user data and build trust.

M

Madri Lab

madriproducoes.com.br

0

Madri Lab is a Brazilian company specializing in educational technology services, particularly focused on EAD (distance education) and LMS (Learning Management System) platforms such as Moodle. They provide a range of services including hosting, platform customization, web development, and corporate training. The company positions itself as a specialized provider for educational institutions and corporate clients seeking to enhance their online course offerings. Technically, the website is built on WordPress with Elementor and several plugins, hosted likely on AWS infrastructure. However, the site lacks a valid SSL certificate, serving content over HTTP only, which is a significant security concern. The security posture is weak with no HTTPS, no HSTS, and missing security headers, exposing users to potential risks. Privacy compliance is partial with a privacy policy and terms of service present but no cookie consent mechanism. Overall, the site demonstrates moderate digital maturity but requires urgent improvements in security and privacy compliance to protect users and build trust.

L

leadlovers

leadlovers.app

0

Leadlovers is a technology company offering marketing automation and lead generation services primarily through a SaaS platform. The website targets digital marketers and businesses seeking to optimize email marketing and sales funnels. The platform integrates various third-party tools for analytics and user engagement, indicating a moderate level of digital maturity. However, the website suffers from a critical security issue due to the absence of a valid SSL certificate, resulting in no HTTPS protection. This significantly impacts the security posture and user trust. Additionally, the lack of privacy and cookie policies suggests poor privacy compliance. Performance is suboptimal with a slow load time and large page size, which may affect user experience. Overall, while the business model and content quality are good, the technical and security shortcomings present risks that should be addressed promptly.

F

FoccoERP - Sistema de Gestão

foccoerp.com.br

0

FoccoERP is a Brazilian ERP software provider specializing in management systems for manufacturing and distribution companies. The company offers integrated solutions that enhance operational efficiency, reduce costs, and support business growth with AI-driven planning tools. Their market position is strong with over 1000 clients and 20,000 active users, supported by a professional website and active social media presence. Technically, the website is built on WordPress with Elementor and hosted on Hostinger with Cloudflare DNS, but lacks a valid SSL certificate, which is a critical security gap. Security posture is basic with SPF and DMARC configured but no HTTPS or modern TLS protocols enabled. Privacy compliance is partial with a privacy policy and terms of service present but no cookie consent mechanism despite tracking pixels. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

Mozaik Software operates a UK-based e-commerce website offering software subscriptions and online training services. The company targets businesses and professionals seeking specialized software solutions and training. The website is built on WordPress with WooCommerce, indicating a standard e-commerce platform setup. However, the site suffers from slow performance and minimal content, with only a single product listed. Technically, the site uses common marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Microsoft Clarity, but lacks modern security configurations. Critically, the absence of an SSL certificate means the site is served over HTTP, exposing users to potential risks and undermining trust. Privacy and cookie policies are present but hosted on a third-party domain, which may affect compliance perception. Overall, the site demonstrates basic digital maturity but requires significant improvements in security and performance to enhance user trust and compliance.

A

Arztsuche24.at

arztsuche24.at

0

Arztsuche24.at is an Austrian online healthcare directory providing comprehensive listings of doctors, pharmacies, and health institutions across Austria. The platform offers detailed information including health insurance affiliations, opening hours, directions, and contact details, targeting patients and healthcare seekers within Austria. The site collaborates with Verlagshaus der Ärzte, enhancing its credibility and content quality. Technically, the website is built on WordPress with a custom theme and utilizes common web technologies such as jQuery, Bootstrap, and Leaflet.js for maps. However, the site suffers from a lack of a valid SSL certificate, resulting in no HTTPS support and outdated security protocols, which significantly impacts its security posture. Privacy compliance is addressed through a cookie consent banner and links to comprehensive privacy and terms policies hosted on a partner domain. Overall, while the site provides valuable healthcare information, its security shortcomings and slow performance present risks that should be addressed to improve user trust and compliance.

S

SoSafe

humanfirewallconference.com

0

SoSafe operates the Human Firewall Conference, a leading European cybersecurity event focused on the human factor in security. The company provides cybersecurity awareness training and human risk management services, positioning itself as a key player in the cybersecurity education and event space. The website is professionally designed, content-rich, and targets security professionals and CISOs. Technically, the site uses WordPress CMS, integrates with HubSpot for forms, Matomo and Google Analytics for tracking, and Cookiebot for GDPR-compliant cookie management. However, the site suffers from an invalid SSL certificate and lacks important security headers and DNS security features, which lowers its security posture. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Business credibility is strong with clear contact information, social media presence, and trust signals such as testimonials and speaker highlights. Overall, the site is functional and professional but requires improvements in security infrastructure to enhance trust and compliance.

S

SoSafe

sosafe.de

0

SoSafe is a leading European provider of security awareness training and human risk management solutions, serving over 4.5 million users. Their platform leverages behavioral psychology, gamification, and AI to empower employees to recognize and mitigate cyber threats effectively. The company offers a suite of products including personalized e-learning, phishing simulation tools, an AI chatbot named Sofie, and a comprehensive human risk management dashboard. Technically, the website is built on WordPress, uses Cloudflare for hosting and CDN, and integrates marketing and analytics tools such as Google Tag Manager and Visual Website Optimizer. While the site is content-rich, well-designed, and privacy compliant with GDPR and cookie consent mechanisms, it suffers from a critical security issue: an invalid SSL certificate and disabled TLS protocols, which significantly lowers its security posture. The company demonstrates strong trust signals through ISO 27001, TISAX certifications, customer testimonials, and industry awards. Overall, SoSafe presents a professional and credible online presence but must urgently address its SSL/TLS configuration to ensure secure communications and maintain trust.

1

1-2-3-Plakat.de GmbH

123plakat.de

0

1-2-3-Plakat.de GmbH operates a specialized online platform focused on poster advertising across Germany, providing a comprehensive service that includes location selection, printing, and campaign management. The company targets businesses and freelancers seeking effective outdoor advertising solutions, leveraging a large inventory of over 160,000 poster locations. The website is built on TYPO3 CMS and integrates modern marketing and analytics tools such as Google Tag Manager and Google Analytics. Despite a well-structured and content-rich site with good user experience and clear contact information, the absence of a valid SSL certificate and HTTPS significantly undermines the security posture. The site employs cookie consent mechanisms and maintains GDPR-compliant privacy policies, reflecting good privacy compliance. Overall, the business demonstrates solid credibility and market positioning but requires urgent security improvements to protect user data and enhance trust.

P

ProSiebenSat.1 Welt

prosiebensat1welt.de

0

ProSiebenSat.1 Welt was a German Pay TV channel operated under the ProSiebenSat.1 media group, offering entertainment content including TV programs, films, and series. The channel ceased operations at the end of 2023 after nearly two decades. The website serves primarily as an informational and redirect portal to partner channels and provides compliance and legal information. Technically, the site is built using modern web technologies including Next.js and React, hosted likely on AWS infrastructure, and uses Contentful as a CMS. However, the site suffers from a critical security issue: the SSL certificate is invalid or missing, resulting in no HTTPS support, which severely impacts security posture and user trust. No advanced security headers or TLS protocols are enabled, and DNSSEC is not configured. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, but no direct contact information or incident response details are provided. Overall, the site is functional and professionally designed but requires urgent security improvements to protect users and maintain credibility.