Security Directory

A

ASSOCIATION OF EUROPEAN ATTORNEYS

aeuropea.com

0

The ASSOCIATION OF EUROPEAN ATTORNEYS (AEA) operates as a large international network of lawyers with extensive global coverage, boasting offices in 159 countries and approximately 9,000 lawyers. The organization provides membership services, referrals, arbitration court functions, and organizes international congresses. The website is professionally designed using WordPress and WooCommerce, enhanced with modern plugins such as Breakdance and Complianz for GDPR compliance. The technical infrastructure supports fast performance and mobile responsiveness. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though no explicit security policy or incident response information is published. WHOIS data for the domain is missing, which raises concerns about domain registration legitimacy despite the professional appearance and contact information consistency. Overall, the website presents a credible legal association with room for improvement in transparency and security documentation.

Merck KGaA, Darmstadt, Germany, is a leading global science and technology company operating primarily in Healthcare, Life Science, and Electronics sectors. The company maintains a strong market position with a comprehensive portfolio of products and services targeting a global audience. Their website reflects a mature digital presence with professional branding, clear navigation, and a focus on accessibility, demonstrating commitment to inclusivity and user experience. Technically, the website leverages modern technologies including Adobe Experience Manager CMS, Adobe DTM for tag management, Google Analytics for user insights, and ShareThis for social sharing. The site is well-optimized for mobile devices and incorporates advanced accessibility tools, indicating a high level of digital maturity and compliance with accessibility standards. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, there is room for improvement in implementing security headers and publishing explicit security policies or incident response information. The absence of publicly available WHOIS data introduces a minor transparency concern but does not detract significantly from the site's legitimacy given the professional presentation and corporate stature. Overall, the website presents a low-risk profile with strong business credibility, good privacy compliance, and a solid technical foundation. Strategic enhancements in security transparency and WHOIS data availability would further strengthen trust and compliance.

W

WWK Versicherungen

wwk.de

0

WWK Versicherungen is a well-established German insurance company founded in 1884, offering a broad range of insurance products including life, health, property, liability, and retirement solutions. The company positions itself as a strong community-focused insurer with a comprehensive portfolio targeting a wide audience. Their website reflects a mature digital presence with clear navigation, multiple customer and partner portals, and a strong emphasis on compliance and service quality. Technically, the site uses modern web technologies such as Vue.js and integrates privacy and consent management tools like OneTrust, alongside analytics via eTracker. Security posture is robust with HTTPS enforcement, security headers, and ISO 27001 certification, although explicit vulnerability disclosure and incident response contacts are not publicly detailed. Overall, the website is professional, secure, and compliant, supporting WWK's market position as a trusted insurer in Germany.

B

Boehringer Ingelheim

boehringer-ingelheim.com

0

Boehringer Ingelheim is a large global pharmaceutical company focused on improving life for people and animals through innovative healthcare products and research. The website reflects a mature digital presence with multilingual support and professional branding. Technically, the site uses Drupal CMS with modern web technologies and good performance optimizations. Security posture is strong with HTTPS, security headers, and secure forms, though explicit security policies and incident response details are not publicly disclosed. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The missing WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the website's quality and trust signals. Overall, the site is professional, secure, and compliant with minor areas for improvement in transparency and WHOIS data availability.

K

KISA

kisa.it

0

KISA is a well-established municipal IT service provider based in Saxony, Germany, founded in 2003. The company specializes in providing IT infrastructure, software solutions, data protection, and digitalization services tailored for public administration and municipal clients. Their market position is strong within the regional government sector, supported by a comprehensive service portfolio and positive client testimonials. Technically, the website is built on a modern stack including Bootstrap 4, jQuery, and a custom GeoCMS, with good mobile optimization and accessibility features. Security posture is solid with HTTPS, DNSSEC, and privacy-conscious analytics, though some advanced security headers and explicit security policies are missing. Overall, the site is professional, trustworthy, and compliant with GDPR, featuring clear cookie consent mechanisms. No blocking or WAF interference was detected, allowing full content access and analysis.

SlotMagie is a German online gambling platform specializing in slot games, including original Merkur Spielothek titles. The platform emphasizes legal and secure gaming with features such as PayPal payment integration and promotional free spins. The website targets German-speaking adult users interested in online casino gaming. Technically, the site uses modern web technologies including Angular and integrates tracking tools like Microsoft Clarity and SalesManago for analytics and marketing purposes. Hosting and DNS services are provided by Cloudflare, which also offers privacy protection for the domain registration. Security posture is moderate but lacks visible security headers and published policies, which are critical for compliance and user trust. The absence of explicit privacy, cookie, and terms of service policies, as well as contact information, represents compliance and transparency gaps. Overall, the site is functional and moderately optimized for mobile users but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

W

Whow Games GmbH

merkur24.com

0

Merkur24 is a social casino gaming platform operated by Whow Games GmbH, offering free-to-play casino games such as slots, blackjack, and roulette. The platform targets adult users across multiple European languages and markets, emphasizing entertainment without real money gambling. The website demonstrates a solid technical infrastructure with modern web technologies, fast performance, and mobile optimization. Privacy compliance is robust, featuring a comprehensive privacy policy and cookie consent mechanisms aligned with GDPR standards. Security posture is good with HTTPS enforcement and secure login forms, though explicit security policies and incident response details are absent. The absence of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy, but overall business credibility is supported by consistent branding and privacy practices.

W

WWK Lebensversicherung a. G.

wwkarena.com

0

WWK Lebensversicherung a. G. operates the WWK ARENA official website, providing comprehensive information about the stadium in Augsburg, Germany. The site serves fans and visitors with details on ticketing, hospitality, sustainability, and visitor services, positioning itself as a key digital touchpoint for the stadium experience. The business model focuses on information dissemination and enhancing visitor engagement, supported by strong branding aligned with the parent insurance company WWK. Technically, the website employs modern web technologies including JavaScript, CSS, and integrates third-party services like YouTube and eTracker analytics, with a cookie consent mechanism ensuring GDPR compliance. Accessibility is enhanced by tools such as Eye-Able, reflecting a commitment to inclusive design. Security posture is solid with HTTPS enforced and no evident vulnerabilities, though improvements like enabling DNSSEC and adding security headers are recommended. Overall, the website is professional, trustworthy, and well-structured, supporting the business's digital presence effectively.

S

Steuerberater Rüst Kämpfert Kaukereit Partnerschaftsgesellschaft mbB

stb-rkk.de

0

Steuerberater Rüst Kämpfert Kaukereit Partnerschaftsgesellschaft mbB is a well-established German tax consultancy firm with a strong regional presence in northern Germany, including offices in Rhauderfehn, Sögel, Aurich, and Oldenburg. Founded originally in 1989, the firm has evolved into a modern, paperless office environment leveraging digital communication and software tools to serve small and medium-sized enterprises, freelancers, and private clients. Their key services include general tax consulting, specialized healthcare sector advice, and business succession planning. The firm maintains a professional online presence with clear contact information and multiple branch offices, supported by social media channels.

M

MERKUR GASTRO

merkur-gastro.de

0

MERKUR GASTRO operates as a specialized partner in the placement and management of gaming machines within the hospitality sector across Germany. The company leverages decades of experience to integrate gaming solutions seamlessly into gastronomy, hotels, and rest stops, enhancing customer engagement and business value. Their business model emphasizes partnership without requiring investments from clients, focusing on providing tailored gaming experiences and activation solutions. The website reflects a professional and consistent brand presence with clear navigation and relevant content for their target audience. Technically, the website employs a modern tech stack including Bootstrap, jQuery, Font Awesome, and Usercentrics for cookie consent, alongside self-hosted Matomo analytics for privacy-conscious tracking. The site is mobile-optimized with moderate performance and basic accessibility features. Security posture is adequate with HTTPS enforced and cookie consent mechanisms, though lacking explicit security headers and published security policies. From a security and compliance perspective, the site demonstrates good GDPR compliance with a privacy policy and cookie consent but lacks visible incident response or vulnerability disclosure information. No critical vulnerabilities or suspicious content were detected. The WHOIS data is minimal but does not raise immediate concerns, supporting a moderate legitimacy score. Overall, MERKUR GASTRO presents a trustworthy and professional online presence aligned with its business focus. Strategic improvements in security headers, incident response transparency, and accessibility would further enhance their digital maturity and trustworthiness.

M

MERKUR CASINO GmbH

meingewinn.de

0

MERKUR CASINO GmbH operates a professional career portal targeting job seekers interested in casino and gaming employment opportunities in Germany. The website effectively promotes various job roles and career development options within the MERKUR GROUP, a recognized entity in the hospitality and gaming sector. The site demonstrates consistent branding and provides comprehensive information about employment opportunities, supported by links to related MERKUR group websites and social proof such as Kununu employer reviews. Technically, the website employs a modern tech stack including Bootstrap, jQuery, Google Maps API, and Usercentrics for consent management, ensuring a responsive and user-friendly experience. Analytics are implemented via Google Analytics and Matomo with proper consent mechanisms, reflecting a mature approach to data privacy. The site is well-optimized for SEO and mobile devices, though accessibility features are basic. From a security perspective, the site enforces HTTPS and integrates cookie consent management effectively. However, it lacks explicit security headers and does not publish a security policy or incident response contacts, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but could be enhanced with additional best practices. The website is safe for general audiences, with no adult or explicit content detected. The domain registration data aligns well with the business identity, supporting legitimacy and trustworthiness. Strategic recommendations include adding a terms of service page, publishing security policies, and implementing security headers to further strengthen the security and compliance posture.

T

TWIPLA

session-replays.io

0

TWIPLA is a technology company specializing in website analytics solutions, focusing on session recordings and visitor behavior analysis to help businesses optimize user experience and conversion rates. Positioned as a privacy-conscious alternative to mainstream analytics platforms, TWIPLA offers a comprehensive suite of tools including event tracking, heatmaps, and visitor communication features. The company targets businesses and website owners seeking detailed insights into user interactions with their websites. The website is built on the TYPO3 CMS platform, utilizing modern web technologies such as Bootstrap, jQuery, and various carousel libraries to deliver a responsive and user-friendly experience. The site demonstrates good SEO practices, accessibility, and mobile optimization, reflecting a mature digital infrastructure. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Security posture is solid with HTTPS enforced and privacy best practices observed; however, the absence of published security policies and vulnerability disclosure mechanisms suggests room for improvement. The missing WHOIS domain registration data raises concerns about domain legitimacy, although the professional presentation and structured data indicate a credible business presence. Overall, TWIPLA presents a trustworthy and professional analytics service with strong privacy focus. Strategic recommendations include enhancing transparency around security policies and verifying domain registration details to strengthen trust and compliance.

N

Nannen & Carls Steuerberatungsgesellschaft mbH

nannen-carls.de

0

Nannen & Carls Steuerberatungsgesellschaft mbH is a well-established tax consultancy firm based in Aurich, Germany, with a history dating back to 1982. The company offers a broad range of tax and economic advisory services, emphasizing digitalization, corporate succession, inheritance tax law, audits, restructuring, and business consulting. Their website reflects a professional and modern approach, leveraging Webflow CMS and Cookiebot for GDPR-compliant cookie management. The firm targets businesses and individuals in the Aurich region and Ostfriesland, focusing on personalized client service and employee development. Technically, the website is well-structured, mobile-optimized, and uses modern web technologies, although some security headers are missing. The security posture is solid with HTTPS and cookie consent mechanisms in place, but could be improved with additional security headers and explicit incident response policies. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy of the entity. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and continuous monitoring of third-party scripts.

M

MultiLog24 GmbH

multilog24.de

0

MultiLog24 GmbH currently operates a placeholder website indicating an upcoming launch. The site is minimalistic, with a 'Coming soon' message and no detailed business or contact information. The company appears to be based in Germany, as indicated by the domain and language. The website uses WordPress CMS with a maintenance plugin and is hosted on infrastructure using Google Cloud DNS name servers. The technical setup includes modern jQuery libraries but lacks advanced frameworks or platforms. Security posture is basic with HTTPS enabled but no security headers detected. There are no privacy or cookie policies, nor contact forms or business details, limiting trust and compliance. Overall, the site is in early development or pre-launch phase, requiring significant improvements in content, security, and compliance before full operation.

J

Jackpotpiraten

jackpotpiraten.de

0

Jackpotpiraten is a German online slot gaming platform specializing in legal PayPal-based slot games such as Merkur and Novoline. The website positions itself as a trusted and legal online casino alternative, offering promotions like free spins with low deposit requirements. Technically, the site is built on modern frameworks like Next.js and React, leveraging Cloudflare for DNS and CDN services, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit privacy and terms of service documents are not found in the provided content. No WAF or blocking mechanisms interfere with content access. Overall, the platform targets adult German users interested in online gambling, maintaining a professional and consistent brand presence.

M

Merkur Spielbanken Beteiligungs GmbH

merkur-spielbanken.de

0

Merkur Spielbanken Beteiligungs GmbH operates a network of state-licensed casinos across Germany, primarily in Nordrhein-Westfalen, Sachsen-Anhalt, and Niedersachsen. As part of the larger Gauselmann Gruppe, the company leverages decades of experience in the gambling industry, offering a mix of classic table games and modern slot machines. The website reflects a professional and comprehensive digital presence, targeting adult customers interested in legal and responsible gambling. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and includes a consent management platform to comply with privacy regulations. Security posture is solid with HTTPS and self-hosted analytics, though some security headers and explicit policies could be improved. Overall, the site is trustworthy and well-aligned with the company's market position.

M

MERKUR Casino

merkur-spielhalle.de

0

MERKUR Casino operates over 350 modern gaming halls primarily in Germany and eight other European countries, positioning itself as a market leader in the gambling and hospitality sector. The website serves as a portal for information about their locations, games, prevention measures, career opportunities, and corporate information. The business model focuses on physical gaming halls with strong regulatory compliance, including age verification and prevention information. The parent company is the Gauselmann Group, a well-established entity in the industry. Technically, the website employs a modern tech stack including jQuery, Bootstrap, Font Awesome, and integrates Usercentrics for GDPR-compliant cookie consent and Matomo for analytics. The site is mobile-optimized with good navigation and SEO practices. Hosting details are not explicit but the domain and name servers indicate stable professional hosting. From a security perspective, the site enforces HTTPS and uses a consent management platform, but lacks explicit published security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The site does not use privacy protection on WHOIS, enhancing trustworthiness. The gambling nature requires adult content warnings and age verification, which are implemented. Overall, the website is professional, secure, and compliant with privacy regulations, serving a mature audience in the gambling sector. Recommendations include publishing explicit security policies, adding security headers, and implementing a vulnerability disclosure mechanism to further enhance security posture.

M

Merkur Partners

cashpointpartners.com

0

Merkur Partners operates an affiliate marketing platform targeting affiliate marketers and partners, offering an award-winning affiliate program. The company appears to be a small-sized business founded in 2015, with a professional and consistent brand presence primarily in Germany. The website is built on WordPress using the GeneratePress theme and includes caching and slider technologies, indicating a moderate level of technical maturity. The site is mobile optimized and SEO friendly but lacks some advanced accessibility features. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks DNSSEC and security headers, and no explicit security or incident response policies are published. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is functional and professional but could improve in privacy and security transparency.

C

CaptchaFox

captchafox.com

0

CaptchaFox is a Germany-based technology company specializing in GDPR-compliant captcha and bot protection services for websites and mobile applications. Founded in 2020, it positions itself as a privacy-first alternative in the bot mitigation market, emphasizing compliance with European data protection standards and adaptive bot detection technologies. The website reflects a professional SaaS business model targeting companies seeking to protect their digital assets from malicious bot traffic while maintaining user privacy. Technically, the website is built using modern frameworks such as Next.js and React, hosted on bunny.net, and optimized for performance and accessibility. The site demonstrates good SEO practices and mobile responsiveness, with rich SVG graphics and structured data enhancing its digital maturity. However, explicit privacy and cookie policies are not directly found in the provided content, which could be improved to enhance transparency. From a security perspective, the site uses HTTPS and has domain transfer protections in place. There is no evidence of security.txt or vulnerability disclosure mechanisms, and security headers are not detected in the provided data. The absence of explicit contact information and security policies suggests areas for improvement in incident response readiness and user trust. Overall, CaptchaFox presents a credible and professional online presence with a strong focus on privacy and compliance. Strategic enhancements in policy disclosures, security headers, and contact transparency would further strengthen its security posture and compliance standing.

C

CADENAS GmbH

industry-forum.biz

0

CADENAS GmbH operates the Industry-Forum website, which promotes an established manufacturing and engineering event focused on Industry 4.0, cost optimization, and digital product data management. The forum attracts thousands of visitors, speakers, and exhibitors annually, positioning itself as a key networking and knowledge-sharing platform in the manufacturing sector. The website is professionally designed, uses modern web technologies, and complies with GDPR and cookie consent regulations. Technical infrastructure includes Contao CMS, jQuery, and various UI libraries, with analytics via Matomo and Google Tag Manager. Security posture is good with HTTPS enforced and cookie consent mechanisms, though security headers are not explicitly detected. WHOIS data is unavailable, likely due to privacy protection, but business legitimacy is supported by consistent branding, contact information, and social media presence. Overall, the website is a credible and professional platform for industry events.

3

3DFindit / CADENAS

bimcatalogs.net

0

3DFindit, operated by CADENAS, is a specialized online platform offering free access to an extensive collection of 3D CAD and BIM models, serving industries such as mechanical engineering and architecture. The platform supports multiple search methods including 3D geometric, 2D sketch, and color search, enhancing user experience for engineers, architects, and manufacturers. The website is professionally designed with consistent branding and integrates with CADENAS' corporate ecosystem, indicating a strong market position in digital product content services. Technically, the website employs modern web technologies including JavaScript, SVG, and web components, with external integrations such as consent management and Freshworks support widgets. The site is mobile optimized and SEO friendly, though accessibility features are basic. Performance is moderate, with room for improvement in security headers and incident response transparency. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security policies and incident response contacts, which are recommended for enhanced trust and compliance. Privacy compliance is strong, with comprehensive privacy and cookie policies and GDPR adherence. Contact information is limited to a web form, with no direct emails or phone numbers publicly listed. Overall, the website presents a low-risk profile with a high degree of professionalism and business credibility. The absence of WHOIS data suggests privacy protection, which is justified for this business type. Strategic recommendations include enhancing security headers, publishing security policies, and expanding contact options to improve user trust and compliance posture.

S

Stallergenes Greer

stallergenesgreer.de

0

Stallergenes Greer Deutschland operates as a specialized pharmaceutical company focusing on allergen immunotherapy, providing products and services for allergy diagnosis and treatment. The company targets medical professionals and patients, offering educational resources and scientific information. The website reflects a professional and consistent brand presence with clear contact information and compliance with GDPR and cookie regulations. Technically, the site is built on Drupal CMS with established frontend libraries, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS and reCAPTCHA integration, though lacking explicit security policies and some security headers. Overall, the site is trustworthy and well-maintained, supporting the company's market position in healthcare allergy treatment.

M

MERKUR.com AG

merkur.com

0

MERKUR.com AG operates a comprehensive German-language website focused on gaming, sports betting, and casino entertainment. The company is well-established with a domain age dating back to 1997, indicating a mature market presence. The website offers rich content including articles, news, and links to partner sites, targeting gaming enthusiasts and bettors. Technically, the site uses modern frameworks like Bootstrap and integrates advanced marketing and analytics tools such as Dynamic Yield, Matomo, and Google Tag Manager. Privacy compliance is supported by a Usercentrics consent management platform, although no explicit privacy policy or terms of service were found in the provided content. Security posture is generally good with HTTPS enforced and domain transfer protections, but could be improved by enabling DNSSEC and publishing security policies. Overall, the site is professional, content-rich, and trustworthy, serving a large audience in the gaming sector.

T

Tippspiel für Unternehmen

tippspiel-fuer-unternehmen.com

0

Tippspiel für Unternehmen is a specialized service provider offering customizable corporate football World Cup betting games for the 2026 men's tournament. The platform targets businesses aiming to engage employees and customers through branded, multi-language, and interactive betting games. The company operates a professional WordPress-based website with WooCommerce for e-commerce functionality and Elementor for design. The technical infrastructure includes hosting with netcup and analytics via Matomo, emphasizing privacy by disabling cookies. Security posture is strong with SSL encryption, ISO 27001 certification, and GDPR compliance claims, although explicit privacy and cookie policies are not found on the main page. The domain is relatively new, created in 2022, aligning with the upcoming 2026 World Cup event.

C

CADENAS GmbH

cadenas.de

0

CADENAS GmbH is a reputable German software company specializing in Strategic Parts Management and Electronic Product Catalogs, serving a broad range of engineering and manufacturing clients globally. The company holds a strong market position with significant adoption among top manufacturers and global players. Their website reflects a mature digital presence with comprehensive product information, multilingual support, and active social media engagement. Technically, the site uses modern web technologies including Contao CMS, jQuery, Plyr, and integrates analytics tools with GDPR-compliant consent management. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit security policies are absent. Overall, the domain and website content align well, indicating a trustworthy and professional business. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and compliance.

T

Tourismus Marketing Gesellschaft Sachsen mbH

sachsen-angebote.de

0

Tourismus Marketing Gesellschaft Sachsen mbH operates the website www.sachsen-angebote.de to promote tourism offers and facilitate accommodation bookings in the Saxony region of Germany. The site targets tourists and travelers interested in exploring Saxony, providing curated travel packages and booking options. The business is positioned as a regional tourism marketing entity with a medium-sized operational scale. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including JavaScript, CSS, and accessibility tools such as Eye-Able. Hosting is provided by SchlundTech, a reputable provider. The site demonstrates good mobile optimization and basic SEO practices, with consent management implemented for GDPR compliance. From a security perspective, the site enforces HTTPS and integrates consent management, but lacks explicit security headers and a published security policy. No vulnerabilities or malicious content were detected. Privacy compliance is partial due to the absence of a visible privacy policy and terms of service. Contact information is available via a clearly labeled phone number and booking form. Overall, the website presents a professional and trustworthy front for regional tourism marketing, with moderate technical maturity and security posture. Strategic improvements in privacy policy publication, security header implementation, and incident response readiness would enhance compliance and trustworthiness.

PXLRBLL is a small creative agency based in Germany, specializing in print, web design, and photography services since 2009. The company targets businesses and organizations primarily in Sachsen and Berlin, offering a portfolio of references that demonstrate their expertise in these areas. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site is built on WordPress using the Avada theme and jQuery, hosted via DomainControl (GoDaddy). Performance and mobile optimization are moderate to good, though accessibility and SEO optimizations are basic. Security posture is adequate with HTTPS enabled and secure form handling, but lacks important security headers and formal privacy and cookie policies, which are compliance gaps. No social media or direct contact emails/phone numbers are provided, limiting direct communication channels. Overall, the site is safe, professional, and trustworthy but could improve privacy compliance and security best practices.

M

MindMontan

mindmontan.de

0

MindMontan is a German-based environmental technology project focused on reducing water pollution caused by mining activities. The website presents the project as a collaborative effort with strong partners, funded by the German Federal Ministry of Education and Research (BMBF). It offers information about innovative technologies aimed at mitigating environmental impacts both regionally and globally. The site targets stakeholders interested in environmental protection and mining impact reduction. Technically, the website is built on WordPress with the Avada theme, employing modern web technologies and plugins for gallery and cookie management. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks advanced security headers and explicit incident response or vulnerability disclosure policies. Overall, the website is trustworthy, professional, and compliant with GDPR, though it could improve in security policy transparency and technical security headers.

L

Löwen Play

loewen-play.de

0

Löwen Play operates as a licensed German online casino platform specializing in virtual slot games and online gambling services. The website targets adult German-speaking users interested in legal and secure online gaming experiences. The platform emphasizes compliance with German licensing requirements and offers popular slot games with payment options such as PayPal. Technically, the site employs modern JavaScript frameworks, integrates Cookiebot for GDPR-compliant cookie consent, and uses Cloudflare for DNS and likely CDN services. Analytics and user engagement are tracked via etracker and Google Analytics, while customer support is facilitated through LiveChat. Security posture is solid with HTTPS enforced and CSRF protections in login forms, though explicit security headers and policies are not visible. Overall, the site presents a professional and trustworthy front with good mobile optimization and user experience.

P

PAUL HARTMANN AG

hartmann.info

0

PAUL HARTMANN AG operates a global healthcare business specializing in medical and hygiene products. Their website serves as a country selection portal, directing users to localized content and product information. The company maintains a strong market position with a professional online presence and comprehensive privacy and cookie policies, reflecting compliance with GDPR and other regulations. Technically, the site uses modern technologies including Sitecore CMS, Cloudflare hosting, and various analytics and marketing tools, ensuring good performance and user experience. Security posture is solid with HTTPS enforcement and consent mechanisms, though additional security headers could enhance protection. Overall, the website is trustworthy and professionally managed, with no signs of malicious activity or content blocking.

K

KISA

zv-kisa.de

0

KISA is a municipal IT service provider based in Saxony, Germany, offering a broad portfolio of IT infrastructure management, software solutions for municipal administration, data protection, IT security, and digitalization consulting. The organization targets public sector entities such as counties, cities, and municipalities, positioning itself as a key regional IT partner. The website reflects a professional and consistent brand image with comprehensive service descriptions and client testimonials, indicating a solid market presence. Technically, the website is built on GeoCMS with modern web technologies including jQuery, Bootstrap 4, and Matomo analytics configured for privacy. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security practices include HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. The security posture is good with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, with GDPR-aligned cookie consent and a detailed privacy policy. However, the absence of a terms of service page and vulnerability disclosure reduces transparency. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, KISA's website demonstrates a mature digital presence suitable for its public sector audience, with room for improvement in security transparency and direct contact information for incident response.

J

James Hardie Europe GmbH

jameshardie.eu

0

James Hardie Europe GmbH is a leading manufacturer and marketer of fiber cement cladding and fiber gypsum products in Europe, with a strong market position as the world’s number one producer in its sector. The company offers a range of high-performance building materials including Hardie® Plank and Hardie® Panel products, emphasizing durability, fire protection, and sustainability. Their operations span multiple continents with thousands of employees and several R&D and manufacturing sites. The website reflects a mature digital presence built on ASP.NET Kentico CMS, with modern tracking and cookie consent mechanisms in place. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit policies could be improved. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the site is professional, trustworthy, and well-structured, supporting the company’s strong brand and market leadership.

J

James Hardie Europe GmbH

fermacell.com

0

The website represents James Hardie Europe GmbH's fermacell® brand, a leading manufacturer of gypsum fibreboards and related building materials in Europe. The company has a strong market position as a European market leader with a broad product portfolio targeting construction professionals and distributors. The digital infrastructure is built on ASP.NET with Kentico CMS, supported by Cloudflare DNS and CDN services, and includes modern marketing and consent tools such as Google Tag Manager and OneTrust. Security posture is adequate with HTTPS enforced and domain transfer protections, but lacks DNSSEC and explicit security headers. Privacy compliance is partial with cookie consent but no visible privacy or terms policies. Overall, the site is professional, trustworthy, and content-rich, supporting a large enterprise manufacturing business.

F

Friedrich-Schiller-Universität Jena

uni-jena.de

0

Friedrich-Schiller-Universität Jena is a prominent German university focused on education, research, and community engagement. The institution offers a broad spectrum of academic programs and fosters interdisciplinary research under its key profiline themes "Light. Life. Liberty." The university serves approximately 17,000 students and 10,000 staff, positioning itself as a large, internationally connected academic entity. The website reflects this stature with rich content, professional design, and clear navigation tailored to students, researchers, and international audiences. Technically, the website employs modern web standards including HTML5, CSS, and JavaScript, with accessibility features such as ReadSpeaker integration. Hosting appears to be managed by DFN, a German research network, which aligns with the academic nature of the institution. Performance and mobile optimization are good, though no explicit CMS or frameworks were detected. SEO and accessibility are well addressed. From a security perspective, the site uses HTTPS with strong SSL configuration and deferred script loading. However, it lacks visible security headers and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is limited, with no explicit privacy or cookie policies found in the analyzed content, which is a notable gap. Overall, the website is trustworthy, professional, and content-rich, but could improve in privacy transparency and security policy disclosures. Strategic recommendations include implementing security headers, publishing privacy and cookie policies, and establishing a vulnerability disclosure process to enhance trust and compliance.

F

FAU Erlangen-Nürnberg

fau.eu

0

FAU Erlangen-Nürnberg is a large, well-established public research university in Germany, founded in 1743. It offers over 280 degree programs and maintains a strong research profile with international collaborations. The website reflects a mature digital presence with comprehensive content targeting students, researchers, staff, alumni, and corporate partners. Technically, the site is built on WordPress with modern plugins and frameworks, providing good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is robust, with clear policies and GDPR-aligned consent. Overall, the domain and website present a trustworthy and professional institution with no evident security or content risks.

W

Wendt & Kühn

wendt-kuehn.com

0

Wendt & Kühn is a well-established German manufacturer specializing in handcrafted wooden figurines and collectible items, with a heritage dating back to 1915. The company targets collectors and gift buyers globally, offering a diverse assortment of products including seasonal decorations and exclusive editions. Their website is professionally designed using TYPO3 CMS, featuring multilingual support and a customer magazine subscription service. Technically, the site employs modern frontend libraries and implements cookie consent mechanisms, reflecting a moderate to good level of digital maturity. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. The absence of WHOIS data limits domain registration trust verification, but the overall professional presentation and consistent branding support legitimacy. Privacy compliance is well addressed with clear policies and consent management. Overall, the site presents a trustworthy and user-friendly experience aligned with the company's artisanal brand identity.

F

Freiberger Brauhaus

freibergerpils.de

0

Freiberger Brauhaus is a well-established traditional brewery in Germany with a rich heritage spanning approximately 175 years. The company focuses on producing pilsner and other beer varieties, emphasizing authenticity, tradition, and regional pride. Their business model includes beer production, brewery tours, events, and an online merchandise shop, targeting adult consumers interested in quality beer and cultural experiences. The website reflects a consistent brand identity and good content quality, supporting their market position as a reputable regional brewery. Technically, the website employs modern web technologies including Google Tag Manager for analytics and Usercentrics for consent management, ensuring GDPR compliance. The site is mobile-optimized with good SEO practices and a moderate performance profile. However, no explicit CMS or hosting provider information is evident. Security best practices such as HTTPS and cookie consent are implemented, but security headers and incident response policies are not explicitly published. From a security perspective, the site demonstrates a solid baseline with HTTPS and age verification for alcohol-related content, indicating compliance with legal requirements. No vulnerabilities or suspicious content were detected. Privacy compliance is strong with clear privacy and cookie policies. However, the absence of a security policy, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement. Overall, the website is professional, trustworthy, and compliant with relevant regulations. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility features to further strengthen the security posture and user trust.

V

vianovis GmbH - web mapping solutions

vianovis.de

0

vianovis GmbH is a specialized German technology company providing advanced web mapping solutions primarily for municipalities, cities, counties, and regional authorities. With over 30 years of experience, they offer a comprehensive geoportal platform (touvia.MAPS) including data management, interactive maps, citizen participation tools, and full hosting and support services. Their market position is strong within Germany, serving over 200 customers with scalable solutions tailored to different sizes of communities and organizations. The website reflects a professional and trustworthy business with clear pricing and customer testimonials. Technically, the website is built on WordPress with modern plugins like Yoast SEO and Slider Revolution, leveraging HTML5 video and WebGL for interactive content. Hosting is provided by kasserver.com, and the site is well optimized for SEO and mobile devices. Security posture is good with HTTPS, SSL certificates, and hCaptcha for form protection, though some security headers could be improved. Privacy compliance is robust with a clear privacy and cookie policy and GDPR consent mechanisms. Overall, the site and business demonstrate a mature digital presence with strong security and privacy practices, suitable for their target audience. No critical vulnerabilities or blocking mechanisms were detected, indicating a reliable and accessible platform.

3

360GRAD-TEAM

360grad-team.com

0

360GRAD-TEAM is a German-language business website established in 2014, likely offering team-related services or consulting. The website uses WordPress with the Divi theme, indicating a standard CMS infrastructure. The technical setup is moderate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and DNSSEC. No explicit privacy policy, terms of service, or contact information is found, which limits transparency and user trust. The domain registration data is consistent and legitimate, supporting the business's credibility. Overall, the website is functional and professionally designed but could improve in content depth, security posture, and compliance documentation.

V

vianovis GmbH - web mapping solutions

touvia.de

0

vianovis GmbH is a specialized technology company focused on delivering advanced web mapping solutions primarily for municipalities, cities, and regions in Germany. With over 30 years of experience, the company offers a comprehensive suite of geoportal services including touvia.MAPS, touvia.geoCMS, and touvia.komMIT, enabling clients to create interactive, customizable online maps with integrated data management and citizen participation features. The company positions itself as a full-service provider with personalized support and transparent pricing, serving over 200 customers nationwide. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, leveraging WebGL for real-time data visualization. Hosting is likely provided by kasserver.com, and the site employs HTTPS with hCaptcha for form security. The site is well-optimized for SEO and mobile devices, though some security headers could be improved. Security posture is solid with HTTPS and spam protection, but lacks explicit security policies or incident response contacts. Privacy compliance is good, featuring GDPR-compliant cookie consent and a privacy policy. No critical vulnerabilities or suspicious activities were detected. Overall, vianovis GmbH presents a professional, trustworthy, and technically competent online presence aligned with its business focus. Strategic improvements in security headers and formal security policies would enhance its security maturity and trustworthiness further.

Bergstadtatelier is a small regional e-commerce business specializing in personalized and mining heritage-themed merchandise such as calendars, wall pictures, mugs, postcards, and gifts. The website is built on the Shopify platform using the Dawn theme, indicating a modern and scalable technical infrastructure. The site is well-structured with good design quality, mobile optimization, and clear navigation, targeting customers interested in regional culture and personalized products. Security posture is strong due to Shopify's hosting and SSL implementation, with standard security headers and no visible vulnerabilities. However, the site lacks visible privacy and cookie policies, which impacts GDPR compliance and privacy transparency. Contact information is not explicitly provided, which may affect customer trust and support accessibility. Overall, the website is functional, secure, and professionally presented but would benefit from enhanced privacy compliance and clearer contact channels.

L

lumipöllö®

lumipollo.com

0

lumipöllö® is a small boutique manufacturer and retailer specializing in unique headwear products, operating primarily through an e-commerce webshop and supported by a physical boutique manufacturing presence. The website reflects a niche market positioning targeting consumers interested in unique fashion headwear. The business appears to be established since 2012, consistent with domain registration data, and operates primarily in Germany. The digital presence is basic but functional, with limited interactive features and a focus on product presentation. Technically, the website uses older JavaScript libraries such as jQuery 1.11.0 and Lightbox, with styling through CSS and Google Fonts. Hosting and domain registration are managed by reputable providers, but there is no evidence of advanced CMS or modern frameworks. Performance and mobile optimization are basic, and SEO features are minimal. Security practices show room for improvement, including the absence of DNSSEC, lack of security headers, and use of outdated libraries that may expose vulnerabilities. Security posture is moderate with HTTPS assumed but no visible security headers or cookie consent mechanisms, which impacts GDPR compliance. No incident response or vulnerability disclosure information is provided. The website does not expose sensitive data but could benefit from enhanced security controls and privacy compliance features. Overall, the risk is moderate with recommendations to update technical components and improve compliance. Strategically, the company should focus on modernizing its technical stack, implementing security best practices, and enhancing privacy compliance to build greater trust with customers and meet regulatory requirements. The current digital maturity supports basic e-commerce operations but limits scalability and security resilience.

E

eBay Inc.

ebay-deine-stadt.de

0

eBay Deine Stadt is a localized e-commerce platform initiative by eBay Inc. targeting German cities and regions to support local retailers by integrating them into eBay's broader marketplace. The platform offers buyers access to local products online, enhancing visibility and sales for small and medium-sized local businesses. The website demonstrates a strong market position leveraging eBay's established brand and infrastructure. Technically, the website uses modern web technologies including Marko.js for rendering, SVG icons, and CDN-hosted static assets, ensuring fast performance and mobile optimization. The site is well-structured with good SEO and accessibility features, providing a professional user experience. From a security perspective, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact points for sellers and city participation. However, explicit security policies and incident response contacts are not publicly detailed. Overall, the website is trustworthy, professionally maintained, and compliant with relevant privacy regulations. Strategic recommendations include publishing explicit security and incident response policies and enhancing transparency around data protection officer contacts to further strengthen trust and compliance.

S

Syde GmbH

inpsyde.com

0

Syde GmbH is a leading European WordPress agency specializing in enterprise-grade, secure, and scalable web solutions. Established in 1998, the company holds a strong market position as a WordPress VIP Gold Agency and WooExpert partner, serving forward-thinking enterprises with services including multilingual WordPress solutions, WooCommerce payment gateways, website relaunches, and ongoing maintenance and support. Their client portfolio includes major brands such as Adidas, SAP, Mercedes-Benz, and PayPal, supported by strong testimonials and industry certifications. Technically, Syde operates on a modern WordPress 6.6.2 platform enhanced with Yoast SEO Premium and Borlabs Cookie for privacy compliance. Hosting is provided by Hetzner, a reputable German provider, and the site demonstrates good performance, mobile optimization, and accessibility. The company employs advanced cookie consent mechanisms and integrates Google Tag Manager for analytics, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS and employs domain transfer protection, though DNSSEC is not enabled. Security best practices are partially implemented, with room for improvement in publishing explicit security policies, incident response contacts, and security headers. No vulnerabilities or suspicious activities were detected, indicating a solid security posture. Overall, Syde presents a professional, trustworthy, and technically sound online presence with excellent content quality and business credibility. Strategic recommendations include enabling DNSSEC, publishing comprehensive privacy and security policies, and enhancing security headers to further strengthen their security posture.

W

Wirtschaftsförderung Erzgebirge GmbH

welcome-erzgebirge.de

0

The Welcome Center Erzgebirge, operated by Wirtschaftsförderung Erzgebirge GmbH, is a regional government-affiliated service center established in 2016 to support companies, immigrants, and returnees in the Erzgebirge region of Germany. It offers comprehensive assistance including integration support, bureaucratic guidance, and labor market services, positioning itself as a pioneering entity in Saxony for workforce integration. The website reflects a professional and consistent brand image with clear navigation and relevant content targeted at its audience. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and includes analytics and live chat functionalities, indicating a mature digital infrastructure. Security posture is solid with HTTPS, cookie consent, and secure forms, though formal security policies and incident response contacts are absent. Overall, the site is trustworthy, compliant with GDPR, and well-positioned to serve its community effectively.

L

LÖWEN PLAY

loewen-play-unternehmen.de

0

LÖWEN PLAY operates as a gaming and entertainment company based in Germany, offering both physical gaming locations and a state-licensed online gaming platform. The website targets general audiences interested in gaming, career opportunities, and corporate social responsibility. The company maintains a professional market position with investor relations and social media presence, indicating a medium-sized enterprise with consistent branding and trust signals. Technically, the website is built on WordPress with common plugins for cookie management and UI enhancements, leveraging jQuery and Font Awesome for frontend functionality. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though security headers are not explicitly detected and no incident response contacts are provided. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent banner implemented via Borlabs Cookie. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the website is safe, professional, and trustworthy, with no adult or NSFW content detected.

W

Wirtschaftsförderung Erzgebirge GmbH

odbornipracovnici-krusnohori.cz

0

The website www.odbornipracovnici-krusnohori.cz operates as a regional job portal branded as Fachkräfteportal Erzgebirge, targeting job seekers and employers within the Erzgebirge region of Germany. It provides a platform for posting and searching job offers across multiple industries, with a focus on local employment opportunities. The portal is managed by Wirtschaftsförderung Erzgebirge GmbH, a regional economic development entity, which lends credibility and a governmental association to the service. The site supports multiple languages including Czech, German, and English, enhancing accessibility for a diverse regional audience. Technically, the website employs a modern tech stack including JavaScript libraries such as jQuery and Select2 for UI enhancements, and integrates analytics and marketing tools like Matomo Analytics, Google Tag Manager, Google Analytics 4, and Facebook Pixel. The site uses HTTPS and has implemented a cookie consent mechanism compliant with GDPR, reflecting a mature approach to privacy and data protection. The content is well structured with clear navigation, job filtering options, and categorized listings, providing a good user experience. From a security perspective, the site enforces HTTPS and includes basic security headers, though it lacks advanced headers like Content-Security-Policy or Strict-Transport-Security. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. However, the absence of a published security policy or incident response contact limits transparency in security governance. The WHOIS data is unavailable or missing, which raises concerns about domain registration legitimacy and should be monitored. Overall, the website presents a professional and trustworthy regional job portal with good technical implementation and privacy compliance. The main risk lies in the lack of WHOIS transparency and limited published security governance documentation. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and improving accessibility compliance to further strengthen trust and security posture.

W

Wirtschaftsförderung Erzgebirge GmbH

specialists-erzgebirge.com

0

Wirtschaftsförderung Erzgebirge GmbH operates the Fachkräfteportal Erzgebirge, a regional job recruitment portal focused on the Erzgebirge region in Germany. The platform offers a comprehensive job board with numerous current and qualified job listings, targeting both job seekers and companies within the region. The website is professionally designed with consistent branding and clear navigation, supporting multiple languages and providing detailed filters for job searches. Technically, the site leverages modern JavaScript libraries, Matomo and Google Analytics for analytics, and Google Tag Manager for tag management, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and a robust cookie consent mechanism, though some security headers and explicit security policies are absent. The WHOIS data is notably missing or unavailable, which raises concerns about domain registration transparency despite the professional appearance and operation of the site. Overall, the site is trustworthy and well-positioned as a regional employment platform but would benefit from improved domain registration transparency and enhanced security policies.

D

Destillation und Likörfabrik Ernst F. Ullmann

lauterbacher-tropfen.de

0

The website www.lauterbacher-tropfen.de represents a small, family-owned German business specializing in the production and retail of traditional spirits and liqueurs since 1869. The company operates both physical locations including a museum and tasting events, as well as an online shop powered by Magento 2. The site is well-structured, professionally designed, and targets mature consumers interested in alcoholic beverages and regional heritage. Technically, the site uses modern eCommerce technologies with integrations such as Google Analytics, Google Tag Manager, and Amazon Pay, ensuring a functional and user-friendly experience. Security posture is good with HTTPS enforced and secure cookie settings, though some security headers could be improved. Privacy compliance is strong with GDPR-aligned cookie consent and privacy policies. Overall, the site is trustworthy and credible, with no signs of blocking or malicious activity.