Security Directory

S

SerNet GmbH

samba.plus

0

SerNet GmbH operates the SAMBA+ website, offering enterprise-grade Samba software packages and identity and access management solutions for Linux and IBM AIX platforms. The company targets enterprise customers, appliance vendors, and cloud service providers globally, providing software subscriptions, support, and consulting services. The website is professionally designed, well-structured, and provides comprehensive contact and policy information, reflecting a mature business presence. Technically, the website is built on TYPO3 CMS, uses modern web technologies including JavaScript and CSS, and integrates Matomo analytics for user tracking. The site is mobile-optimized and accessible, with good SEO practices. Security posture is strong with HTTPS enforced and CAPTCHA protection on forms, though explicit security headers and incident response policies are not published. The WHOIS data is privacy protected, which is common for software companies, and no suspicious patterns were detected. The domain is linked to SerNet GmbH, a reputable entity in the Samba ecosystem. Overall, the website demonstrates a solid security and compliance posture with room for improvement in publishing security policies and headers. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure information, and continuing to maintain GDPR compliance and transparent contact channels.

ResearchGate GmbH operates a leading academic social networking platform designed to facilitate collaboration and knowledge sharing among researchers and scientists worldwide. The platform offers services such as research paper sharing, academic networking, and collaboration tools, targeting primarily the scientific and academic community. Founded in 2008 and headquartered in Germany, ResearchGate has established itself as a significant player in the technology sector focused on research and education. Technically, the website is protected by Cloudflare's Web Application Firewall (WAF) and employs Turnstile CAPTCHA to mitigate unusual or suspicious traffic. This security measure, while effective for protection, currently blocks direct access to the website content, limiting the ability to fully assess the site's technical maturity, performance, and SEO optimization. The site uses modern web technologies including JavaScript, HTML5, and CSS3, but no CMS or specific frameworks are identifiable from the blocked content. From a security perspective, the presence of a Cloudflare WAF and CAPTCHA indicates a proactive approach to mitigating automated threats and abuse. However, the lack of visible security headers, privacy policies, cookie consent mechanisms, and contact information on the accessible page reduces transparency and user trust. Additionally, the absence of WHOIS data for the domain raises concerns about domain registration transparency, although the domain is widely recognized and associated with a reputable company. Overall, the website's risk assessment is moderate due to the blocking of content by security mechanisms and missing publicly accessible compliance and contact information. Strategic recommendations include improving accessibility beyond the WAF challenge for legitimate users, publishing clear privacy and cookie policies, enhancing security header implementation, and ensuring WHOIS data transparency to strengthen trust and compliance.

A

Anoxinon e.V.

anoxinon.de

0

Anoxinon e.V. is a small non-profit organization based in Germany dedicated to promoting data privacy and free software. The organization provides community-oriented digital services including a social network (Anoxinon Social), a blog focused on data security and free software (Anoxinon Media), and a privacy-friendly messaging service based on the Jabber/XMPP standard (Anoxinon Messenger). Their mission emphasizes fostering a collaborative and privacy-respecting digital world. The website is well-structured, primarily in German, and targets users interested in privacy, free software, and community-driven internet services. Technically, the website is built using the Hugo static site generator, leveraging Bootstrap for layout and Fork Awesome for icons. Hosting is provided by servercow, as indicated by the nameservers. The site is mobile-optimized with good SEO practices and moderate performance. No advanced CMS or complex frameworks are detected, reflecting a straightforward and maintainable technical infrastructure. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks several security headers and does not provide explicit security or incident response policies. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks cookie consent mechanisms. No analytics or tracking scripts are detected, indicating a privacy-respecting approach. The absence of vulnerability disclosure or security.txt files suggests room for improvement in transparency and security maturity. Overall, Anoxinon e.V. presents a trustworthy and professional online presence consistent with its non-profit mission. The website is safe for general audiences, free of adult or questionable content, and demonstrates a solid foundation in privacy and community values. Strategic improvements in security headers, cookie consent, and incident response documentation would enhance their security posture and compliance standing.

I

Inxmail GmbH

inxmail.com

0

Inxmail GmbH operates a professional email marketing platform focused on delivering newsletters, automated campaigns, transactional emails, and SMTP mail relay services. The company targets businesses seeking GDPR-compliant, secure, and efficient email marketing solutions. Their platform supports integrations with CRM, CMS, and e-commerce systems, and offers marketing automation with visual workflows. The website reflects a mature digital presence with a modern TYPO3 CMS infrastructure, consent management, and tracking tools integrated for analytics and compliance. Security posture is strong, supported by ISO 27001 certification and adherence to GDPR standards, with no visible vulnerabilities or exposed sensitive data. Overall, Inxmail presents a trustworthy and professional brand with a solid market position in the technology and e-commerce sectors.

G

GlaxoSmithKline GmbH & Co. KG

gskpro.com

0

GSKpro.de is a professional portal operated by GlaxoSmithKline GmbH & Co. KG, targeting medical professionals in Germany. The website provides comprehensive product information, therapy area overviews, event registrations, and service content related to GSK's pharmaceutical and vaccine products. It serves as a B2B platform supporting healthcare providers with up-to-date information and educational resources. The site is well-branded, consistent with GSK's corporate identity, and integrates multiple partner portals specialized in niche medical topics.

N

NeoNephos Foundation

neonephos.org

0

NeoNephos Foundation is a recently established open source foundation under Linux Foundation Europe, focused on advancing cloud native sovereignty aligned with the EU's IPCEI-CIS strategic objectives. The foundation fosters collaboration among members, contributors, and end users to drive open source projects that support digital sovereignty in Europe. The website reflects a professional and consistent brand presence with clear navigation and relevant content for its target audience of cloud native enthusiasts and stakeholders. Technically, the website is built using modern static site generation technology (VitePress) with JavaScript modules and integrates HubSpot forms for community engagement. The site is mobile optimized, fast loading, and accessible, with good SEO practices. DNS is managed via DNSimple, though DNSSEC is not enabled, representing a minor security gap. The site uses HTTPS with a valid SSL configuration. From a security perspective, the website enforces HTTPS and has domain transfer protections but lacks explicit security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy linked via the parent organization but no cookie consent mechanism present. Contact information is limited to a web form without direct emails or phone numbers. Overall, the website presents a low-risk profile with good business credibility and technical maturity. Strategic recommendations include enabling DNSSEC, adding security headers, publishing security and incident response policies, and implementing cookie consent to improve privacy compliance and security posture.

V

Verband der Heilklimatischen Kurorte Deutschlands e.V.

heilklima.de

0

The website heilklima.de represents the Verband der Heilklimatischen Kurorte Deutschlands e.V., a non-profit association promoting health resorts with therapeutic climate benefits across Germany. It provides detailed information about member resorts, premium health resorts, and related tourism services. The site targets tourists and visitors seeking wellness and health-focused vacations in Germany. Technically, the website is built using the sitely.app CMS platform, employs modern HTML5 and CSS3 standards, and integrates Google Analytics with consent-based activation. The site is mobile-optimized and offers good user experience and navigation clarity. Security-wise, the site uses HTTPS but lacks explicit security headers and detailed privacy or cookie policies, which are areas for improvement. No vulnerabilities or suspicious content were detected, and the domain registration aligns well with the business purpose, indicating legitimacy. Overall, the website is professional and trustworthy but could enhance privacy compliance and security posture.

E

ERPNext Deutschland

erpnext-deutschland.org

0

ERPNext Deutschland is a small technology-focused business providing a modern, open source ERP system tailored for companies in the German-speaking region. The website promotes ERPNext as a comprehensive, customizable, and mobile-friendly ERP solution supported by an active community. Technically, the site is built on WordPress with the Divi theme, hosted with a reputable German registrar and using Cloudflare DNS. The site is accessible, well-designed, and mobile optimized, though it lacks privacy and cookie policies and explicit contact information. Security posture is moderate with HTTPS enabled but missing security headers and DNSSEC. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

EUROBAUSTOFF Handelsgesellschaft mbH & Co. KG operates a comprehensive cooperation platform for the building materials trade sector in Germany. The company provides a wide range of services including procurement, logistics, marketing, finance, personnel management, and IT services to its members and partners. The website reflects a mature digital presence with detailed service descriptions, partner links, and a professional design consistent with a large enterprise in the retail and manufacturing sectors. The company holds recognized industry awards such as the Plus X Award, reinforcing its market position. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and includes mobile optimization, accessibility features, and SEO best practices. The site uses HTTPS with good security headers and implements cookie consent mechanisms, indicating a solid privacy compliance posture. However, explicit security policies and incident response contacts are not found, which could be improved. Security-wise, the site shows good practices with secure forms and no obvious vulnerabilities. The absence of WHOIS data is a notable anomaly, possibly due to privacy protection or registrar issues, which slightly impacts trust but does not detract from the overall legitimacy based on content and external references. Overall, the website is professional, secure, and compliant with privacy regulations, serving a clear business purpose with a strong brand presence. Strategic recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure information to enhance trust and security transparency.

I

Infokom GmbH

infokom.info

0

Infokom GmbH is a medium-sized German IT company specializing in software and digital solutions for the building materials trade sector. With over 40 years of experience, they provide modular ERP systems, financial accounting, document management, and cloud telephony services, integrated closely with the EUROBAUSTOFF cooperative. Their website demonstrates a professional digital presence built on TYPO3 CMS, with good SEO and mobile optimization. Security practices include HTTPS and cookie consent with Matomo analytics, though formal security and incident response policies are not publicly documented. Overall, the company presents a credible and trustworthy profile with comprehensive contact information and clear business focus.

I

i&M Bauzentrum

i-m.de

0

i&M Bauzentrum is a well-established Fachhandelsmarke (specialist retail brand) under the EUROBAUSTOFF group, serving the German building materials market with over 130 locations. The company focuses on providing high-quality building materials, expert advice, and comprehensive services to both private customers and professional builders. Their digital presence is powered by TYPO3 CMS with a modern Bootstrap-based design, offering good mobile optimization and user experience. The website includes multimedia content and a cookie consent mechanism aligned with GDPR requirements. Security posture is adequate with HTTPS and cookie management, but lacks some advanced HTTP security headers. No direct contact details are visible on the homepage, but social media channels are active. Overall, the site reflects a professional retail business with strong market positioning in Germany.

H

Hochwasser-Ratgeber

hochwasser-ratgeber.de

0

Hochwasser-Ratgeber is a German-language informational website focused on flood preparedness and building materials, serving homeowners and professionals in Germany. It acts as a partner platform for the Eurobaustoff Fachhändler network, providing comprehensive guidance on flood risk, prevention, and damage mitigation. The site offers key services such as flood preparedness advice, specialist dealer search, and educational content. Technically, the website is built on TYPO3 CMS with a modern tech stack including jQuery, FontAwesome, Google Fonts, and integrates Matomo analytics and Echobot marketing widgets. The site demonstrates good mobile optimization, clear navigation, and solid SEO practices. Security-wise, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR, but lacks explicit security headers and documented security policies or incident response contacts. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though it could improve its security posture and transparency. The domain WHOIS data is limited but shows no suspicious indicators, supporting the site's legitimacy.

O

OPUS1

opus-1.eu

0

OPUS1 is a German-based company specializing in innovative paint and coating products for both interior and exterior applications. The website presents a professional image with a focus on quality products such as interior paints, facade paints, and lacquers, targeting DIY enthusiasts and professional painters. The company leverages a modern TYPO3 CMS platform with Bootstrap for responsive design, ensuring a good user experience across devices. The presence of a cookie consent mechanism and use of privacy-respecting Matomo analytics indicate a commitment to privacy compliance. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements in security headers and explicit policies could enhance trust further. Overall, the website is well-structured, content-rich, and trustworthy, reflecting a medium-sized retail business in the home improvement sector.

E

EUROBAUSTOFF Handelsgesellschaft mbH & Co. KG

cerabella.de

0

Cerabella is a German-based retailer specializing in high-quality ceramic tiles and related accessories, operating under the EUROBAUSTOFF Handelsgesellschaft mbH & Co. KG umbrella. The company targets both retail customers and professional tile buyers, offering a broad product range including floor and wall tiles, mosaics, and tile accessories. The website reflects a well-structured and professionally designed digital presence, leveraging TYPO3 CMS and Bootstrap frameworks, with moderate performance and good mobile optimization. Matomo analytics is used for user tracking with a compliant cookie consent mechanism in place. Security posture is adequate but could be improved by implementing standard security headers and publishing explicit security policies. Contact information and company details are clearly presented, enhancing business credibility. No critical vulnerabilities or suspicious content were detected, and the site is fully accessible without WAF or blocking mechanisms.

F

FULLHAUS GmbH

gartenkatalog.com

0

The website www.gartenkatalog.com is a professionally designed German-language platform operated by FULLHAUS GmbH, offering a free garden catalog for the 2025 season. It targets homeowners and garden enthusiasts in Germany, providing inspiration and connecting users with EUROBAUSTOFF Fachhändler, a cooperative of specialist dealers in house and garden products. The business model centers on catalog distribution and lead generation for these dealers. Technically, the site is built on TYPO3 CMS, employs Usercentrics for consent management, and uses Matomo for analytics, indicating a modern and privacy-conscious infrastructure. Security posture is moderate with HTTPS implied but lacking explicit security headers and published security policies. The absence of WHOIS registration data is a notable anomaly, reducing domain trustworthiness despite the professional presentation and GDPR compliance. Overall, the site is functional, trustworthy in content, but would benefit from improved transparency in domain registration and enhanced security practices.

S

SerNet GmbH

sambaxp.org

0

The website sambaxp.org represents the official platform for the sambaXP conference, an established international event dedicated to the Samba open source software ecosystem. Organized by SerNet GmbH, the site provides comprehensive information about the upcoming 25th conference scheduled for April 2026, targeting developers, IT professionals, and businesses involved with Samba. The business model centers on event organization and community engagement, supported by reputable sponsors such as Microsoft. The site is well-branded, professionally designed, and content-rich, reflecting a mature and trusted presence in the technology conference space. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and includes responsive design elements for mobile optimization. Performance is moderate with good SEO and accessibility basics. The site employs HTTPS with a secure SSL configuration, though DNSSEC is not enabled. Cookie consent mechanisms and a comprehensive privacy policy linked to SerNet's data protection declaration demonstrate good privacy compliance. Analytics are handled via Matomo, indicating a preference for privacy-respecting tracking. From a security perspective, the site shows solid fundamentals with HTTPS enforcement and domain transfer protection. However, it lacks advanced security headers and published security or incident response policies. No vulnerability disclosure or security.txt files are present. WHOIS data confirms domain longevity and legitimacy, supporting trustworthiness. Overall, the site scores well on content quality, business credibility, and privacy compliance, with room for improvement in security posture. Strategically, the site should consider enabling DNSSEC, implementing security headers, and publishing formal security policies to enhance trust and resilience. Maintaining transparent privacy practices and expanding incident response readiness will further strengthen its security culture and compliance posture.

S

Sovereign Tech Agency

sovereign.tech

0

Sovereign Tech Agency is a German-based organization focused on securing and investing in open digital infrastructure critical for the 21st century economy and society. Their market position is that of a strategic investor and supporter of open source ecosystems, targeting startups, SMEs, and the broader digital infrastructure community in Germany and Europe. The website presents a professional and modern technical infrastructure using modern JavaScript modules, SVG graphics, and privacy-respecting analytics (Fathom). Security posture is strong with HTTPS and security headers implemented, though explicit privacy and cookie policies are missing. No forms or direct contact information are provided on the main site, limiting direct user engagement. Overall, the site is trustworthy and well-designed but could improve privacy compliance and contact transparency.

S

Scholl Communications AG

scholl.de

0

Scholl Communications AG is a German software manufacturer and web service provider specializing in the Weblication® CMS platform. With over 37 years in the market, the company serves a broad range of business customers including corporations, medium-sized enterprises, and agencies. Their key offerings include CMS software, web development services, and technology partnerships. The website reflects a professional and consistent brand presence targeting German-speaking business clients. Technically, the site is built on their proprietary CMS and uses modern web standards with responsive design, though performance is moderate and accessibility is basic. Security posture is limited due to lack of visible security headers and policies, and privacy compliance is weak as no privacy or cookie policies are found. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims.

S

Scholl Communications AG

weblication.de

0

Weblication® CMS, developed by Scholl Communications AG, is a well-established XML-based content management system with a significant customer base and specialized products targeting web agencies, enterprises, and municipalities. The website presents a professional image with detailed product offerings and a bug bounty program indicating a commitment to security. Technically, the site uses a proprietary CMS platform with modern web technologies and demonstrates good mobile optimization and accessibility. However, the absence of explicit privacy and cookie policies, security headers, and incident response contacts indicates areas for improvement in compliance and security transparency. Overall, the website is credible and functional but would benefit from enhanced privacy and security disclosures to align with best practices.

EUROBAUSTOFF Handelsgesellschaft mbH & Co. KG operates a cooperative network serving the building materials retail sector in Germany. The company provides a broad range of services including procurement, logistics, marketing, finance, personnel management, and IT support to its members. It holds a strong market position as a leading cooperation in the German building materials trade, supported by recognized awards such as the Plus X Award and a robust partner ecosystem including subsidiaries like i&M Bauzentrum. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and delivering a professional, mobile-optimized user experience. The site demonstrates good SEO and accessibility practices, with a moderate performance profile. Privacy compliance is well addressed through comprehensive privacy and cookie policies, including consent mechanisms. From a security perspective, the website enforces HTTPS and implements standard security headers, though explicit security and incident response policies are not publicly available. No vulnerabilities or exposed sensitive data were detected. However, the WHOIS data for the domain is missing or inaccessible, which raises concerns about domain registration transparency and trustworthiness. Overall, the website presents a professional and trustworthy front for the business, but the lack of WHOIS data and explicit security policies suggest areas for improvement in transparency and security governance.

H

Hetzner Online GmbH

hetzner.com

0

Hetzner Online GmbH is a well-established German hosting provider offering a wide range of services including dedicated servers, cloud hosting, web hosting, managed servers, colocation, and storage solutions. The company emphasizes GDPR compliance and sustainability by using 100% green energy. Their market position is strong in Europe, supported by multiple industry awards and a professional online presence. The website is designed with excellent usability, mobile responsiveness, and clear navigation, targeting businesses and individuals seeking reliable hosting services. Technically, the site uses modern frameworks such as Bootstrap and SilverStripe CMS, with Matomo analytics integrated respecting user privacy through consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers are not detected in the HTML content. The absence of WHOIS domain registration data is a notable anomaly, but the overall trustworthiness remains high due to consistent branding and transparency in legal and privacy policies.

H

Hetzner Online GmbH

hetzner.de

0

Hetzner Online GmbH operates a professional and comprehensive hosting and cloud services website primarily targeting German and European customers. The company offers a wide range of IT infrastructure services including dedicated servers, cloud servers, web hosting, managed servers, colocation, and storage solutions. The website is well-designed, mobile-optimized, and provides clear navigation and pricing information. The presence of multiple industry awards and a strong brand identity positions Hetzner as a reputable player in the European hosting market. Technically, the website leverages modern web technologies including Bootstrap and SilverStripe CMS, with privacy-conscious analytics via Matomo. The site is fast, accessible, and SEO-optimized. Security practices include HTTPS enforcement and cookie consent mechanisms, although explicit HTTP security headers are not evident in the provided data. The company maintains comprehensive legal and privacy policies, demonstrating GDPR compliance and providing abuse contact channels. The WHOIS data for the domain www.hetzner.com is incomplete or unavailable, which is unusual for a major provider but may be due to querying the subdomain or registry issues. Despite this, the website content and external signals strongly indicate legitimacy. Overall, Hetzner Online GmbH presents a mature digital presence with solid security and privacy postures, suitable for business customers seeking reliable hosting services.

K

Kur- und Bäder GmbH Bad Dürrheim

solemar.de

0

Kur- und Bäder GmbH Bad Dürrheim operates the Solemar wellness and spa center located in Bad Dürrheim, Germany. The website presents a professional and comprehensive digital presence showcasing their wellness services including the Sole-Therme, Schwarzwald-Sauna, Totes-Meer-Salzgrotte, and WellnessCenter. The company targets general wellness and spa visitors, positioning itself as a regional leader in hospitality and health tourism. The site includes detailed information on services, events, and visitor information, supported by certifications such as ISO 9001 and Wellness Stars, enhancing trust and credibility. Technically, the website is built on WordPress with modern plugins for SEO (Yoast), cookie consent (Borlabs Cookie), and user experience enhancements. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Hosting is via a commercial provider consistent with the domain's WHOIS data. Privacy compliance is well addressed with clear policies and consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the site lacks explicit security policies or incident response contacts, which could be improved. No WAF or blocking mechanisms are detected, allowing full content access. Overall, the site is trustworthy, professional, and compliant with relevant regulations. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen security and compliance posture.

N

nupian GmbH

unser-ferienprogramm.de

0

Unser-ferienprogramm.de is an online platform operated by nupian GmbH that facilitates the organization and booking of holiday programs primarily targeting parents, municipalities, clubs, and event organizers in Germany. The platform offers centralized management of holiday programs, participant data, and registrations, positioning itself as a niche service provider in the education sector. The website is professionally designed with a clear focus on usability and accessibility for its target audience. Technically, the website employs standard web technologies such as Bootstrap and jQuery, hosted via INWX nameservers, indicating a stable and reliable infrastructure. The site is mobile-optimized and SEO-friendly, though performance is moderate. Security practices include HTTPS enforcement and secure form handling, but lack advanced security headers and cookie consent mechanisms, which are recommended for compliance and enhanced protection. From a security perspective, the website shows a good baseline posture with no visible vulnerabilities or exposed sensitive data. However, the absence of security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in security maturity. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain and business. Overall, the website is trustworthy and professionally maintained, with recommendations focusing on enhancing privacy compliance, security headers, and transparency to strengthen user trust and regulatory adherence.

cEasy Steffen Hemberger is a small German technology business specializing in Content Management Systems (CMS). The website presents a basic but relevant description of its CMS offerings, targeting small to medium businesses or individuals seeking CMS solutions. The market position appears niche and local, with limited digital maturity evident from the website's minimal content and basic technical implementation. The technical infrastructure relies on standard web technologies such as HTML, CSS, JavaScript, and jQuery, with Cloudflare providing DNS services. However, there is no evidence of advanced CMS platforms or frameworks, and performance and mobile optimization are basic. Security posture is limited, with no detected HTTPS enforcement, security headers, or incident response policies. Privacy compliance is minimal, with a privacy policy page present but no cookie consent mechanism. Overall, the website is functional but lacks modern security and privacy best practices, which could impact trust and compliance.

H

hitcom gmbh

hitcom.de

0

hitcom gmbh is a well-established digital agency and software house based in Germany, specializing in digital transformation solutions for municipalities, local governments, and energy providers. With over 28 years of experience, the company offers a comprehensive portfolio including websites, intranets, apps, AI-driven platforms, and government branding services. Their flagship software, disgovery, is designed to enhance online citizen services and streamline communication between administrations and citizens. The company holds multiple industry awards and certifications, reinforcing its market leadership in the public sector digitalization space. Technically, the website is built on the cEasy CMS platform and leverages modern web technologies such as lazy loading, SVG graphics, and responsive design to ensure excellent performance and user experience across devices. Analytics are implemented via Google Analytics and Matomo, with a clear cookie consent mechanism in place, demonstrating a commitment to privacy compliance. Hosting is managed through DomainControl, a reputable provider, ensuring reliable infrastructure. From a security perspective, the site enforces HTTPS and employs cookie consent banners, but lacks explicit security policy documentation and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The overall security posture is strong but could be enhanced by adding security headers and formalizing incident response information. Overall, hitcom gmbh presents a professional, trustworthy, and technically sound online presence aligned with its business focus. The website is well-structured, content-rich, and compliant with GDPR requirements, making it a reliable digital partner for public sector clients.

L

Lufthansa Group

lufthansagroup.careers

0

The Lufthansa Group Careers website serves as a professional portal for employment opportunities within the Lufthansa Group, a major global aviation company headquartered in Germany. The site presents a clear business focus on connecting talent with diverse aviation-related career paths. The content is primarily in German, with structured data and Open Graph metadata supporting SEO and social sharing. The technical infrastructure is modern, leveraging Angular 15 with server-side rendering, ensuring a responsive and performant user experience. However, the site lacks visible privacy, cookie, and terms of service policies, which are critical for compliance and user trust. Security headers and SSL configuration details are not available from the provided data, indicating potential areas for improvement in security posture. Overall, the domain appears legitimate and consistent with the Lufthansa brand, though WHOIS data is privacy protected, which is typical for large enterprises. The site is safe for general audiences and does not contain any adult or questionable content.

L

Lufthansa Technik

lufthansa-technik.com

0

Lufthansa Technik is a leading aviation technology company based in Germany, specializing in comprehensive aircraft maintenance, repair, overhaul, and modification services globally. The company serves a broad customer base including airlines, lessors, governments, and private jet owners, positioning itself as a premier independent MRO provider with a strong market presence and extensive service portfolio. The website reflects a mature digital infrastructure using modern CMS and search technologies, with good mobile optimization and user experience. Privacy compliance is robust, featuring a consent management platform and clear privacy policies. Security posture is solid with HTTPS and no exposed sensitive data, though explicit security headers and published incident response policies are absent. The absence of WHOIS data for the domain introduces some uncertainty about domain registration legitimacy, but the strong branding and parent company association mitigate concerns. Overall, the site is professional, trustworthy, and well-structured, supporting Lufthansa Technik's market leadership in aviation services.

Lufthansa Cargo operates a comprehensive and professionally designed website serving as a global air freight expert platform. The site offers extensive eServices such as booking, tracking, and freight management, targeting business customers worldwide. The technical infrastructure is built on a modern Liferay CMS platform with React and AlloyUI components, enhanced by consent management and tag management tools to ensure privacy compliance. Security posture is strong with HTTPS enforcement, nonce-based script security, and form validation, although explicit security policies and incident response details are not publicly disclosed. Overall, the website reflects a mature digital presence consistent with a leading enterprise in the transportation sector.

B

bioC

bioc.info

0

bioC operates a specialized online platform providing certification status information for over 130,000 organic suppliers and their products. The website serves as a trusted resource for operators, certification bodies, and consumers interested in organic certification. It is supported by numerous certification bodies and government agricultural departments, positioning it as a reputable player in the organic certification ecosystem. The platform offers search functionality, lists of operators, and detailed certification information, catering primarily to the organic product sector in Germany and other countries. Technically, the website uses a custom Blitz.Bioc package, jQuery 1.11.3, and etracker analytics, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enforced and secure form handling, but lacks advanced security headers and explicit security policies. Privacy compliance is basic with a privacy policy and cookie consent banner present. Overall, the site is professional, trustworthy, and safe for general audiences.

M

Messe Düsseldorf GmbH

compamed-tradefair.com

0

COMPAMED Trade Fair is a leading international event focused on high-tech solutions for the medical technology supplier sector, organized by Messe Düsseldorf GmbH. The website serves as a comprehensive platform for exhibitors and visitors, providing detailed information about the event, participation, services, and program. The business is well-positioned in the healthcare and technology sectors, targeting medical suppliers and product developers globally. The site demonstrates a professional digital presence with good content quality and user experience.

V

Virtual Minds GmbH

theadex.com

0

Virtual Minds GmbH is a well-established European adtech company specializing in programmatic advertising solutions for publishers, broadcasters, agencies, and advertisers. As a 100% subsidiary of ProSiebenSat.1 Media SE, it holds a strong market position with a modular full-stack offering comprising multiple technology brands. The company targets B2B clients in the digital advertising ecosystem, providing enterprise marketing platforms, DSPs, SSPs, data management, and media management solutions. The website reflects a professional and consistent brand image with good content quality and clear messaging. Technically, the site is built on WordPress with Elementor, leveraging modern JavaScript libraries and integrating third-party marketing and analytics tools such as HubSpot and Piwik PRO. The presence of a comprehensive cookie consent mechanism demonstrates GDPR compliance and privacy awareness. Security posture is solid with HTTPS enforced and domain registration protections, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected, and the domain registration details align well with the business claims, supporting legitimacy. Overall, the website is a credible digital presence for a medium-sized enterprise in the adtech industry.

E

EUREF-Event GmbH

euref-event.de

0

EUREF-Event GmbH operates sustainable and climate-neutral event locations primarily on the EUREF campuses in Berlin and Düsseldorf. The company targets event organizers and businesses focused on sustainability, offering innovative venues aligned with climate goals. The website is built on a modern WordPress infrastructure using Elementor and integrates privacy-compliant cookie consent and analytics via Matomo. Security posture is strong with HTTPS and privacy mechanisms in place, though explicit security policies and incident response contacts are absent. Overall, the site presents a professional and trustworthy digital presence with room for enhanced security documentation and direct contact information.

Lufthansa AG operates a comprehensive airline service platform, offering flights to over 200 destinations worldwide. The website serves as a primary digital channel for flight booking, travel preparation, and customer account management. It targets global travelers seeking premium air travel services. The platform integrates advanced search capabilities, personalized flight information, and ancillary services such as baggage management, upgrades, and travel insurance. Lufthansa maintains a strong market position as a leading global airline with a well-established brand. Technically, the website leverages modern JavaScript frameworks, Adobe Experience Manager CMS, and enterprise-grade hosting with Akamai CDN support. It demonstrates excellent mobile optimization, accessibility, and SEO practices. The use of advanced analytics and consent management tools reflects a mature digital infrastructure focused on user experience and compliance. From a security perspective, the site enforces HTTPS, employs security headers, and integrates secure OAuth2 login flows. Privacy policies and cookie consent mechanisms align with GDPR requirements, enhancing user trust. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policy and incident response information could be improved. Overall, Lufthansa's website exhibits a high level of professionalism, security, and compliance, supporting its enterprise-scale operations. Strategic recommendations include publishing detailed security policies, establishing a vulnerability disclosure program, and enhancing transparency around data protection officer contacts to further strengthen trust and compliance.

The Lufthansa Group is a leading global aviation conglomerate operating a diversified portfolio of passenger airlines, cargo, and aviation services. The website reflects a mature, enterprise-level organization with a strong market position in the transportation sector. The digital infrastructure is built on TYPO3 CMS with modern JavaScript libraries, providing a responsive and accessible user experience. Security posture is strong with HTTPS enforcement and security headers, though some enhancements are recommended. Privacy compliance is well addressed with clear policies and consent mechanisms. The WHOIS data is unavailable or protected, which slightly reduces trust but the extensive corporate content and investor relations presence support legitimacy. Overall, the website is professional, secure, and trustworthy, serving a broad audience including investors, customers, and job seekers.

D

dwif-Consulting GmbH

dwif.de

0

dwif-Consulting GmbH is a well-established German tourism consultancy with a 75-year history, specializing in tourism research, market data, and strategic consulting for destinations and hospitality sectors. The website is professionally designed using Joomla CMS and modern frameworks, providing a rich user experience with clear navigation and mobile optimization. Security posture is solid with HTTPS, GDPR-compliant cookie consent, and CSRF protections, though some security headers could be improved. The site uses Google Analytics and Tag Manager for user tracking with moderate privacy compliance. Overall, the website reflects a credible and trustworthy business with strong market positioning in the tourism consulting industry.

S

Salzquell Shop

salzquell.de

0

Salzquell.de is a German e-commerce website specializing in certified natural cosmetics based on refreshing brine and healing water from Bad Dürrheim, combined with pure plant substances. The site targets consumers interested in natural skincare products and operates a professional online shop using the Shopware platform. The business model focuses on direct online sales with additional customer engagement via a WhatsApp newsletter. Technically, the website employs modern web technologies including Google Analytics 4, Facebook Pixel, and accessibility tools like Eye-Able, indicating a mature digital infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and product presentation. Security posture is solid with HTTPS enforced and secure form handling, though it lacks some advanced security headers and explicit security policies. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages, representing a compliance gap. Overall, the domain appears legitimate with consistent WHOIS data and no signs of malicious activity. Strategic improvements in privacy disclosures and security policies would enhance trust and compliance.

B

Biohacking Bad Dürrheim

biohacking-bd.com

0

Biohacking Bad Dürrheim is a small, specialized business focused on natural and sustainable biohacking practices, offering workshops, events, and community engagement primarily in the Bad Dürrheim region of Germany. Their website is well-structured, content-rich, and professionally designed, targeting individuals interested in health optimization through natural methods such as breathwork, cold exposure, and mindfulness. The business leverages WordPress with modern technologies and SEO best practices to maintain a strong digital presence. Security posture is good with HTTPS and domain transfer protection, though DNSSEC is not enabled and no explicit security policies are published. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the website and business demonstrate high professionalism and trustworthiness.

W

Wellness Stars Deutschland GmbH

wellness-stars.de

0

Wellness Stars Deutschland GmbH operates a well-established online platform specializing in wellness tourism within Germany, offering a quality certification (Wellness Stars Qualitätssiegel) for hotels, spas, and health resorts. Founded in 2004, the company positions itself as a trusted intermediary providing wellness vacation offers, vouchers, and expert wellness tips. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content in German, targeting wellness travelers and health-conscious customers. Technically, the site uses modern JavaScript libraries, asynchronous script loading, and cookie consent mechanisms to comply with privacy regulations. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers and explicit security policies could be improved. The domain registration is consistent with the business identity, and no suspicious elements were detected. Overall, the website demonstrates a mature digital presence with good privacy compliance and business credibility.

S

Stadt Bad Dürrheim

bad-duerrheim.info

0

The website www.bad-duerrheim.info represents the official municipal portal for the city of Bad Dürrheim, Germany, a prominent spa town located between the Black Forest and the Swabian Jura. It serves as a comprehensive information hub for residents, tourists, and businesses, offering details on city services, events, economic development, and community engagement. The site positions the city as a desirable living and economic location with a focus on quality of life and sustainable growth. Technically, the site is built on the cEasy CMS platform, leveraging modern web standards including HTML5, CSS3, and JavaScript. It integrates Matomo analytics for visitor tracking with a strong emphasis on privacy, disabling cookies by default and providing a detailed cookie consent mechanism. The site is mobile-optimized and accessible, with clear navigation and structured content. From a security perspective, the site enforces HTTPS and implements cookie consent aligned with GDPR requirements. However, it lacks explicit security headers and does not publicly disclose incident response or vulnerability disclosure policies. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website demonstrates a mature digital presence appropriate for a municipal government entity, balancing user experience, privacy, and security. The absence of WHOIS data due to privacy protection is typical for such entities and does not detract from the site's legitimacy. Strategic improvements could focus on enhancing security headers and publishing formal security policies to further strengthen trust and compliance.

K

Kur- und Bäder GmbH

kurundbaeder.de

0

Kur- und Bäder GmbH is a municipal subsidiary of the city of Bad Dürrheim, Germany, focused on tourism marketing and wellness services. The company employs approximately 300 people and offers a wide range of job opportunities. The website is professionally designed with excellent content quality, targeting job seekers and local residents interested in wellness and regional development. Technically, the site uses WordPress with modern plugins and frameworks, ensuring good performance, mobile optimization, and accessibility. Security posture is good with HTTPS and cookie consent mechanisms, though lacking explicit privacy and security policies and some security headers. Overall, the domain registration is consistent and trustworthy, matching the business claims. The site integrates social media and marketing tools such as Facebook Pixel and Google Analytics, with moderate user tracking. Strategic improvements include publishing privacy and terms of service pages and enhancing security headers to improve compliance and trust.

N

NEW WORK SE

onlyfy.io

0

onlyfy.io is a recruiting software platform operated by NEW WORK SE, a German technology company. The platform offers a SaaS solution enabling recruiters to post jobs to over 200 boards and manage candidate applications online. The website is integrated with the XING ecosystem, leveraging its branding and infrastructure. The business targets HR professionals and recruiters seeking efficient hiring tools. The domain registration and WHOIS data align well with the business claims, indicating legitimacy and transparency. Technically, the site uses modern JavaScript frameworks, AWS hosting, and marketing tools like Braze and Matomo, reflecting a mature digital infrastructure. However, some security best practices such as DNSSEC and security headers are missing, and no public privacy or cookie policies were found in the analyzed content. The login form includes CSRF protection, indicating attention to secure user authentication. Overall, the site is professional and trustworthy but could improve privacy compliance and security posture.

The Fachgesellschaft für Palliative Geriatrie (FGPG) is a specialized non-profit professional society dedicated to advancing palliative care for elderly patients. The organization provides a range of services including membership, professional publications, educational courses, and events targeted at healthcare professionals in geriatrics and palliative care. The website is well-structured, professionally designed, and primarily in German, serving a niche healthcare audience in Germany. Technically, the site is built on WordPress with modern plugins and frameworks, offering good mobile optimization and moderate performance. Security posture is solid with HTTPS enforced, though improvements can be made by adding security headers and a cookie consent mechanism to enhance GDPR compliance. WHOIS data is privacy protected by EURid, which is typical for EU domains and justified for this type of organization. Overall, the site demonstrates a high level of professionalism and trustworthiness with no signs of malicious activity or content blocking.

T

Thermengruppe Josef Wund

wund.de

0

Thermengruppe Josef Wund is a leading German company specializing in the development, planning, and operation of unique thermal and bathing experience worlds. With a history spanning over half a century, the company operates multiple locations attracting millions of visitors annually. Their business model focuses on delivering exceptional architectural and experiential bathing facilities, positioning them as a market leader in the hospitality sector within Germany. The website reflects a professional digital presence with good content quality and user experience, targeting end consumers interested in wellness and bathing experiences. Technically, the website employs modern JavaScript technologies, integrates HubSpot for analytics and marketing, and uses Cookiebot for GDPR-compliant cookie consent management. The site is mobile-optimized and demonstrates moderate performance. However, no explicit CMS or hosting provider information is discernible. SEO and accessibility are adequately addressed. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include enhancing security posture by adding security headers, publishing security and incident response policies, and considering a vulnerability disclosure program to further strengthen trust and resilience.

M

Messe Düsseldorf GmbH

aplusa-online.com

0

The website aplusa-online.com represents the official online presence for the A+A 2025 trade fair, a world-leading event focused on safety and health at work, organized by Messe Düsseldorf GmbH. The site provides comprehensive information for exhibitors, visitors, and media, including event details, programs, and services. The business is positioned as a major player in the occupational safety and health trade fair sector, targeting professionals and companies in manufacturing and related industries. The website is well-structured, multilingual, and professionally branded, reflecting a mature digital presence. From a technical perspective, the site employs modern JavaScript frameworks and tracking technologies, including Usercentrics for cookie consent, Matomo for analytics, and various advertising and retargeting services. The site is mobile-optimized and accessible, with good SEO practices. However, explicit CMS or hosting provider details are not evident. Performance is moderate, with room for optimization. Security posture is generally good with HTTPS enforced and no exposed sensitive data detected. However, the absence of explicit security headers and lack of published security policies or incident response contacts indicate areas for improvement. Privacy compliance is partially addressed through cookie consent, but no clear privacy policy or terms of service pages were found in the analyzed content. Overall, the site is trustworthy and professional but would benefit from enhanced transparency in privacy and security policies, improved WHOIS data availability, and stronger security header implementation to bolster user trust and compliance.

M

Messe Düsseldorf GmbH

medica-tradefair.com

0

MEDICA is a leading international trade fair for medical technology and healthcare, organized by Messe Düsseldorf GmbH in Germany. The website serves as a comprehensive portal for exhibitors, visitors, and partners, providing detailed information about the event, participation, programs, and services. The site targets professionals in the healthcare and medical technology sectors, offering tools such as online registration, exhibitor profiles, and event schedules. Technically, the website employs modern JavaScript libraries, privacy consent management via Usercentrics, and integrates multiple analytics and advertising platforms. The site is well-optimized for mobile and accessibility, with good SEO practices. Security posture is solid with HTTPS and privacy compliance, though explicit security headers and incident response information are lacking. WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency but does not detract from the site's professional presentation and trustworthiness. Overall, the site is a reliable and authoritative source for MEDICA event information.

M

Messe Düsseldorf GmbH

medicalliance.global

0

MEDICAlliance is a professional platform operated by Messe Düsseldorf GmbH, focusing on organizing and promoting international medical trade fairs worldwide. The website serves as a central hub for information on multiple medical exhibitions across various countries, targeting medical industry professionals and exhibitors. The business model revolves around event organization and facilitation, leveraging Messe Düsseldorf's global network to maintain a strong market position in the healthcare trade fair sector. The site demonstrates consistent branding and provides comprehensive event details, supporting its credibility. Technically, the website employs modern JavaScript libraries such as jQuery and integrates a consent management platform (Usercentrics) for GDPR compliance. It uses Matomo Tag Manager and Google Tag Manager for analytics and tracking, indicating a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices evident from meta tags and structured navigation. From a security perspective, the site enforces HTTPS and uses a consent management platform to handle cookies responsibly. However, explicit security headers are not evident in the HTML source, suggesting room for improvement. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is common and justified for corporate domains, though it limits direct verification of registrant details. Overall, the website presents a low-risk profile with strong business credibility and good technical and privacy compliance. Strategic recommendations include enhancing security headers, publishing explicit security policies, and maintaining regular audits of third-party scripts to sustain a robust security posture.

E

EUREF AG

euref.de

0

EUREF AG operates the EUREF-Campus in Berlin-Schöneberg, a pioneering real-world laboratory focused on renewable energy, sustainable mobility, and smart urban development. The campus hosts over 150 companies, research institutions, and start-ups, employing around 7,000 people. It serves as a collaborative hub for innovation, research, and education in energy transition and sustainability, positioning itself uniquely in the European market. Technically, the website is built on WordPress with the Enfold theme and integrates modern SEO and analytics tools such as Yoast SEO and Matomo. The site is mobile-optimized, accessible, and performs moderately well. Security practices include HTTPS enforcement and cookie consent mechanisms, though formal security policies and incident response contacts are not publicly detailed. The security posture is solid with no evident vulnerabilities or exposed sensitive data. Privacy compliance is strong, with clear cookie and privacy policies and GDPR adherence. The business credibility is high, supported by professional content, testimonials, and consistent branding. WHOIS data is minimal but does not raise concerns. Overall, the website and business present a trustworthy, professional, and well-maintained digital presence aligned with their sustainability mission.

D

D.LIVE

d-live.de

0

D.LIVE is a regional event management and venue service provider based in Düsseldorf, Germany. The company offers a platform for concerts, shows, sports events, and corporate events, positioning itself as the go-to contact for event organization in the region. The website is professionally designed using TYPO3 CMS, indicating a moderate level of digital maturity. Integration of Google Tag Manager and Usercentrics CMP shows awareness of marketing and privacy compliance requirements, although explicit privacy policies are not found on the main page. Security posture is adequate with HTTPS enabled but lacks visible security headers and formal security policies. Overall, the website is functional and professional but could improve transparency and security practices.

D

Düsseldorf Congress GmbH

duesseldorfcongress.de

0

Düsseldorf Congress GmbH operates the CCD Congress Center Düsseldorf, a premier international congress and event venue located in Düsseldorf, Germany. The company offers flexible event spaces, technical support, catering, and exhibitor services, targeting event planners, corporations, and exhibitors. The venue is strategically positioned near major transport hubs and the Messe Düsseldorf, enhancing its market appeal. The website demonstrates a high level of professionalism, with comprehensive content and clear navigation, supporting its strong market position in the hospitality sector. Technically, the site is built on WordPress with modern technologies and includes privacy compliance mechanisms such as cookie consent. Security posture is good with HTTPS and some security best practices, though some HTTP security headers could be improved. Overall, the domain registration and website content are consistent and legitimate, with no blocking or WAF interference detected.