Security Directory

P

Papoo Software & Media GmbH

ccm19.de

0

Papoo Software & Media GmbH operates CCM19, a European-focused cookie consent management software solution designed to help website owners comply with GDPR, TDDDG, and other privacy regulations. The company positions itself as a German alternative to major international CMP providers, emphasizing data hosting exclusively in Germany and compliance with European privacy laws. CCM19 offers both cloud and on-premise deployment options, catering to a broad range of customers including agencies and hosting providers. The website demonstrates a strong market presence with over 228,000 websites served and a comprehensive suite of features including cookie scanning, Google Fonts checking, and multi-language support. Technically, the website employs modern web technologies such as jQuery, Foundation CSS framework, and FontAwesome, ensuring a responsive and accessible user experience. The infrastructure is hosted on German servers with DNS pointing to ns5.kasserver.com and ns6.kasserver.com, consistent with the company's claims. The site is well-optimized for performance and SEO, with clear navigation and professional design. From a security perspective, the site uses HTTPS and enforces privacy best practices, including no data transfer to US servers and detailed consent logging. However, explicit security headers are not detected, and no formal security policy or incident response contacts are published. The company holds memberships in recognized privacy and security organizations, enhancing trustworthiness. Overall, CCM19 presents a mature, trustworthy, and compliant cookie consent solution with strong business credibility and technical maturity. The website is professional, content-rich, and fully accessible without any blocking or WAF interference.

C

camindu GmbH

aktion-barrierefrei.org

0

Aktion Barrierefrei, operated by camindu GmbH, is a specialized provider of digital accessibility solutions focused on helping organizations comply with legal standards such as WCAG, BITV, and EN301549. Their offerings include assistive widgets, automated audits, AI-powered language simplification, and certification services, targeting public authorities, companies, agencies, and associations. The website demonstrates a high level of professionalism, with clear navigation, comprehensive content, and strong branding consistency. Technically, the site uses modern frameworks like Bootstrap and integrates Matomo for analytics, ensuring good performance and accessibility. Security posture is solid with HTTPS and CSRF protections, though DNSSEC is not enabled and some security headers could be improved. The WHOIS data shows a domain creation date in the future, which is unusual and should be verified, but overall the domain and website content are consistent and trustworthy. No adult or questionable content is present, and the site is fully accessible without WAF or blocking mechanisms.

The website faq.agenturserver.de serves as a FAQ page for Agenturserver but currently only displays a message indicating that the FAQ is no longer available and instructs users to contact their agency. The content is minimal and lacks substantive information, policies, or contact details. The technical infrastructure is basic, with no advanced frameworks or CMS detected, and limited mobile optimization and SEO features. Security posture is weak due to absence of HTTPS confirmation, security headers, and privacy compliance mechanisms. The WHOIS data shows domain status as 'connect' with name servers aligned to the brand, suggesting legitimacy but lacking detailed registrant information. Overall, the site presents a low trust and professional level, with significant room for improvement in content, security, and compliance.

K

Kundenadministrationssystem (KAS), technische Verwaltung

kasserver.com

0

The website kasserver.com serves as a login portal for a Kundenadministrationssystem (Customer Administration System) focused on technical management, likely related to domain or hosting services. The business appears to be a small, technology-focused service provider based in Germany, with a domain registration dating back to 2002, indicating a mature presence. The site content is minimal and primarily functional, targeting customers who require access to technical administration tools. From a technical perspective, the website uses basic technologies including an outdated version of jQuery and standard JavaScript. The site enforces HTTPS on its login form, which is a positive security measure, but lacks modern security headers and uses no visible advanced frameworks or CMS. Performance and mobile optimization are basic, and SEO features are minimal. Security posture is moderate; while HTTPS is enforced, the use of outdated libraries and absence of security headers present potential risks. No privacy, cookie, or terms of service policies are publicly available, which impacts compliance and trust. No contact or incident response information is provided, limiting transparency. WHOIS data is consistent and transparent, supporting legitimacy. Overall, the site is functional but basic, with room for improvement in security, privacy compliance, and user experience. Strategic recommendations include updating technology stacks, implementing security headers, publishing privacy and cookie policies, and enhancing transparency with contact and security information.

N

No-Q

no-q.info

0

No-Q is a German-based software company specializing in cloud-based, capacity- and resource-driven online appointment booking solutions tailored for healthcare institutions, businesses, and public administration. The company offers a comprehensive SaaS platform with additional PaaS reseller options, focusing on optimizing service delivery, resource management, and digital transformation. Their product suite includes online appointment coordination, resource and capacity management, course booking, rental management, personnel management, and add-ons such as locator solutions, video consultations, and online payments. The website is professionally designed, well-structured, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, the site runs on WordPress with Elementor and integrates modern libraries and consent management tools, ensuring compliance with GDPR and cookie regulations. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response details are absent. WHOIS data is privacy-protected, common for SaaS providers, and does not raise immediate concerns. Overall, No-Q presents as a credible, professional business with a strong market position in appointment and resource management software.

K

Krankenpflege Hilde Ubben

hildeubben.de

0

Krankenpflege Hilde Ubben is a small, established healthcare provider in Germany specializing in home nursing and related services since 1996. The company offers comprehensive patient care including medical and housework support, focusing on compassionate end-of-life care. Their website reflects a professional and consistent brand presence with clear service descriptions and contact information. Technically, the site is built on WordPress with popular plugins and themes, hosted on rzone.de, and employs HTTPS with a cookie consent mechanism, indicating basic GDPR compliance. However, the WordPress version and plugins appear outdated, and no privacy policy or terms of service pages are present, which are compliance gaps. Security headers are missing, representing an area for improvement. Overall, the site is safe, trustworthy, and well-positioned for its target audience but would benefit from enhanced security and compliance measures.

A

AOK

aok.de

0

AOK is a leading statutory health insurance provider in Germany, offering comprehensive health coverage, services, and health advice to a broad audience. The website reflects a mature digital presence with a modern tech stack based on React and Gatsby, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS, DNSSEC, and modern security headers, although explicit security policies and incident response information are not prominently published. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Overall, the domain and website present a trustworthy and professional image consistent with a large enterprise healthcare provider.

S

Schüt-Duis Fenster & Türentechnik GmbH & Co.KG

schuet-duis.de

0

Schüt-Duis Fenster & Türentechnik GmbH & Co.KG is a well-established family-owned business specializing in window and door technology, based in Aurich, Ostfriesland, Germany. With over 185 years of history, the company serves primarily the craft sector with a broad portfolio including insulating glass, winter gardens, roller shutters, terrace roofs, insect protection systems, and smart home-ready products. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive product and company information. Technically, the site is built on WordPress with Elementor and uses modern plugins such as Yoast SEO Premium and Slider Revolution, indicating a commitment to SEO and user experience. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be enhanced. Overall, the site is compliant with GDPR and provides clear contact and legal information, supporting trustworthiness and business credibility.

D

DESIGNSTUUV® Werbeagentur GmbH & Co. KG

designstuuv.de

0

DESIGNSTUUV® Werbeagentur GmbH & Co. KG is a well-established advertising agency operating primarily in Germany with offices in Aurich, Leer, and Konstanz. The company specializes in strategic communication, consulting, design, online marketing, website development, social media management, and public relations. Their market position is reinforced by multiple awards and certifications, including a Creditreform certificate, indicating financial reliability and trustworthiness. The website reflects a professional and consistent brand image targeting businesses seeking comprehensive marketing solutions.

S

Schuhhaus + Orthopädieschuhtechnik Gembler GmbH

gembler-schuhe.de

0

Schuhhaus + Orthopädieschuhtechnik Gembler GmbH is a small, well-established regional retailer in Aurich, Germany, specializing in footwear and orthopaedic shoe technology since 1958. The company offers a broad range of products including fashion shoes, orthopaedic services, running analyses, and a master workshop for shoe adjustments. Their website reflects a professional and customer-focused business with clear contact information and social media engagement. Technically, the site is built on WordPress with Elementor and uses modern web technologies, SEO tools, and cookie consent mechanisms, indicating a mature digital presence. Security posture is good with HTTPS and hCaptcha integration, though some security headers could be improved. Overall, the website is trustworthy, well-maintained, and compliant with GDPR requirements.

E

Enginsight GmbH

enginsight.com

0

Enginsight GmbH operates a cybersecurity platform tailored for the German SMB market, focusing on IT security automation, monitoring, pentesting, and ISMS solutions. Founded in 2016, the company positions itself as a niche provider leveraging AI and automation to enhance IT security for mid-sized businesses. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. The technical infrastructure includes modern technologies and is hosted with Amazon Registrar DNS services, ensuring reliable performance and security. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. Privacy compliance is evident through Cookiebot integration, but explicit privacy policy and terms of service pages were not found in the provided content. Overall, the site is trustworthy, professional, and well-aligned with its business goals.

S

SYMPLASSON Informationstechnik GmbH

symplasson.de

0

SYMPLASSON Informationstechnik GmbH is a well-established IT service provider based in Hamburg, Germany, with over 30 years of experience. The company specializes in comprehensive IT services including system administration, IT security, cloud computing, managed services, software development, and training seminars. Their target audience primarily consists of small and medium-sized enterprises (SMEs) in the Hamburg region. The website reflects a professional and consistent brand image, supported by customer testimonials and partnerships with recognized technology vendors.

L

Landkreis Aurich

landkreis-aurich.de

0

Landkreis Aurich operates as a local government authority in Germany, providing a wide range of public services including social welfare, health, environmental management, and administrative support to residents. The website serves as an official portal for information dissemination, citizen engagement, and access to government services. It targets local residents, businesses, and stakeholders within the district. The business model is that of a public sector entity focused on governance and community services. Technically, the website is built on TYPO3 CMS, leveraging Bootstrap for responsive design and various JavaScript libraries such as jQuery, Swiper.js, and DataTables to enhance user experience. The site demonstrates moderate performance and good mobile optimization, with a clear navigation structure and professional design. Cookie consent is implemented with user choice, reflecting GDPR compliance. From a security perspective, the site uses HTTPS and has implemented cookie consent mechanisms, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is minimal but consistent with the domain's purpose, supporting legitimacy. Social media presence and external partnerships further reinforce trust. Overall, the website is a well-maintained government portal with good content quality and technical implementation. Strategic improvements in security headers and transparency around security policies would enhance its security posture and trustworthiness.

The domain www.papa-carlucci.de is currently a parked domain with no active website content or business presence. The placeholder page indicates the domain is parked by GlobalFood and hosted on Oracle Cloud infrastructure. There are no privacy policies, cookie banners, contact information, or business details available on the site. The technical footprint is minimal, consisting mainly of font loading and a performance monitoring script. No security headers or HTTPS status information is provided, and no forms or user data collection mechanisms are present. Overall, the site lacks any substantive content or security posture, resulting in a low trust and credibility score.

M

Martens

martens-gartencenter.info

0

Martens is a small local German business specializing in gardening center services, landscaping, and tree nursery. The website presents a professional and consistent brand image targeting local customers interested in gardening and landscaping solutions. The business offers consultation and retail services with clear contact details and social media presence. Technically, the website is built on WordPress using common libraries such as jQuery and Google Fonts, with moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled but lacking security headers and cookie consent mechanisms. WHOIS data is unavailable due to TLD restrictions, but no suspicious indicators are present on the site. Overall, the website is functional and trustworthy for its business scope.

Carsten Röpkes | Straßen- und Tiefbau is a small local construction business specializing in road and civil engineering services in the Ostfriesland region of Germany. The company offers a range of services including street and deep construction, paving with natural and concrete stones, driveway and terrace construction, and pipeline construction. The website serves as an informational portal targeting local customers and businesses seeking specialized construction and landscaping services. Technically, the website is built with basic HTML, CSS, and JavaScript, incorporating Google Analytics for visitor tracking. The site is hosted on servers associated with kasserver.com, consistent with the domain's WHOIS data. The website lacks modern CMS frameworks and shows basic mobile and accessibility optimization. SEO is reasonably addressed through meta tags and structured navigation. From a security perspective, the website lacks HTTPS, which is a critical vulnerability for user data protection and trust. No security headers are present, and there are no visible privacy or cookie policies, indicating non-compliance with GDPR requirements. The use of Google Analytics without a consent mechanism further highlights privacy compliance gaps. Contact information is clearly provided, but no incident response or security policies are disclosed. Overall, the website is functional and informative but requires significant improvements in security, privacy compliance, and technical modernization to enhance trustworthiness and protect user data. Strategic implementation of HTTPS, security headers, privacy policies, and consent mechanisms is recommended to align with best practices and regulatory requirements.

I

IEL GmbH

iel-gmbh.de

0

IEL GmbH is a small German company specializing in environmental noise measurement and consulting services, including noise emission and immission assessments and wind energy consulting. The company holds accreditation from the DAkkS, indicating recognized competence in measurement services. Their website is professionally designed using Fork CMS and Bootstrap, providing clear navigation and relevant content targeted at businesses and organizations requiring noise and environmental consulting services. The technical infrastructure is moderate with standard web technologies and hosting through kasserver.com. Security posture is basic with no advanced security headers detected and no explicit incident response or security policies published. Privacy compliance is adequate with a privacy policy and cookie consent mechanism in place. Overall, the website is trustworthy and professional, though improvements in security practices and transparency could enhance their digital maturity and risk posture.

M

MTV Aurich von 1862 e.V.

mtv-aurich.de

0

MTV Aurich von 1862 e.V. is a medium-sized local sports club based in Germany offering a wide range of sports activities across 50 disciplines. The website serves as an informational and community portal for members and prospective members, highlighting courses, events, and membership options. The technical infrastructure is built on WordPress with the Divi theme, incorporating modern UI elements such as image carousels and responsive design, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies, which are critical for compliance and trust. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security best practices.

G

GS data business OHG

gsdb.de

0

GS data business OHG is a small IT system house based in Aurich, Ostfriesland, Germany, offering comprehensive IT services including IT service, telecommunication, IT security, ERP solutions, time tracking, and document management systems. The company targets businesses and organizations seeking reliable IT system house solutions. The website is professionally designed using WordPress with Astra theme and includes SEO optimizations and structured data for enhanced search engine visibility. The technical infrastructure is modern, leveraging popular plugins and Matomo analytics with privacy-conscious settings. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though the absence of security headers and incident response information suggests room for improvement. Overall, the website is trustworthy and well-positioned in its local market segment.

S

Sparkasse Aurich-Norden

sparkasse-aurich-norden.de

0

Sparkasse Aurich-Norden is a regional German savings bank providing a broad range of financial services including retail banking, loans, investments, insurance, and digital banking solutions. The website targets both private and business customers with a strong emphasis on secure online banking and local presence in Aurich and Norden. The bank is part of the well-established Sparkassen-Finanzgruppe, which enhances its market credibility and trustworthiness. The site features comprehensive product information, legal disclosures, and customer support channels, reflecting a mature digital presence. Technically, the website is built on a modern web stack likely supported by Adobe Experience Manager or a similar CMS, with React components and standard web technologies. It is mobile-optimized, accessible, and integrates analytics and marketing tools such as Google Analytics and PAYBACK. The site uses HTTPS exclusively and shows good security practices, although explicit security policies and incident response information are not publicly disclosed. From a security perspective, the site demonstrates a solid posture with secure login forms, cookie consent mechanisms, and no visible vulnerabilities or suspicious content. WHOIS data aligns well with the website's claims, showing consistent registration and no privacy protection masking, supporting high legitimacy. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website is professional, trustworthy, and compliant with GDPR and other relevant regulations. It effectively supports the bank's business model and customer engagement strategies while maintaining a good security and privacy standard.

C

Cube 5

cube-five.de

0

Cube 5 is a technology-focused startup accelerator and incubator based in Germany, affiliated with Ruhr-Universität Bochum and the Horst-Goertz-Institute for IT Security. The organization specializes in supporting startups in cybersecurity and future communication technologies such as 6G by providing access to government funding programs, coaching, and a strong network of research institutions and investors. Their business model centers on facilitating sustainable success for innovative startups through tailored programs like sCUBE, preCUBE, inCUBE, and xCUBE. The website reflects a professional and well-structured digital presence with clear navigation and comprehensive content targeting technology entrepreneurs. Technically, the website is built on modern frameworks including Next.js and React, hosted on Hetzner servers, and uses Matomo for analytics, indicating a mature digital infrastructure. The site is optimized for performance, mobile responsiveness, and SEO, with a clean and consistent branding approach. Security-wise, the site enforces HTTPS and follows good practices, although explicit security headers and a cookie consent mechanism are not clearly present. No critical vulnerabilities or exposed sensitive data were detected. Overall, Cube 5 demonstrates a strong security posture and business credibility, with transparent contact information and trust signals such as government affiliations and social media presence. The absence of a cookie consent banner and explicit security policies are areas for improvement. The domain registration and hosting align well with the organization's academic and governmental ties, supporting legitimacy and trustworthiness.

A

aovo Touristik AG

get2fairs.com

0

Get2fairs is a specialized online platform providing affordable hotel accommodation and travel services for international B2B trade fairs in Hannover, Germany. It operates through an exclusive partnership between Deutsche Messe AG and aovo Touristik AG, targeting trade fair visitors and exhibitors. The platform offers a user-friendly booking experience with a wide selection of hotels, travel arrangements including train and shuttle bus options, and priority access to exhibition grounds. The website is professionally designed, mobile-optimized, and built on WordPress with modern web technologies. Privacy and cookie policies are present and GDPR compliant, though direct contact details are limited to a contact form. Security posture is solid with HTTPS and no exposed sensitive data, but lacks explicit security headers and published security policies. WHOIS data confirms legitimacy and consistency with the business claims. Overall, the site is trustworthy, functional, and well-positioned in its niche market.

Zentiva operates as a pharmaceutical company specializing in generic medicines and healthcare products primarily serving the German market. The website reflects a professional and well-structured digital presence, targeting healthcare professionals, pharmacies, and consumers. The company positions itself as an established player in the generic pharmaceuticals sector with a comprehensive product database and customer service offerings. Technically, the website employs modern JavaScript libraries, Google Tag Manager for analytics, and Cookiebot for GDPR-compliant cookie management, indicating a mature digital infrastructure. The hosting and DNS setup via UltraDNS nameservers suggests a reliable hosting environment. Security-wise, the site enforces HTTPS and uses security tokens in cookies to prevent CSRF attacks, but lacks explicit security headers and a public security policy or incident response contact, which are areas for improvement. Overall, the website is accessible, professional, and compliant with privacy regulations, with moderate tracking and advertising practices primarily through Google and Facebook. The domain WHOIS data aligns with the website content, supporting legitimacy and trustworthiness.

L

Language Documentation and Archiving Conference – Just another WordPress site

langdoc.org

0

The Language Documentation and Archiving Conference website serves as an informational platform for an academic and cultural preservation event organized jointly by ELAR and PARADISEC. It targets researchers, linguists, and indigenous language communities, providing conference announcements, training sessions, and archival resources. The site is built on WordPress using Elementor and Astra theme, hosted by Cronon GmbH in Germany, reflecting a moderate level of technical maturity with good mobile optimization and basic SEO. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC, indicating room for improvement. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professionally presented, though it could enhance security and privacy features to better protect users and comply with regulations.

W

Walter de Gruyter GmbH

degruyterbrill.com

0

De Gruyter Brill is a well-established, independent academic publisher with a rich history spanning over 300 years. The company specializes in publishing scholarly books, journals, and online resources primarily in the humanities and related academic fields. Their business model includes both traditional subscription and open access publishing, targeting authors, librarians, researchers, and academic institutions globally. The website reflects a professional and comprehensive digital presence, supporting various user roles with dedicated resources and clear navigation. Technically, the website employs modern web technologies including Bootstrap, FontAwesome, and Google Tag Manager, ensuring a responsive and accessible user experience. The site is well-optimized for SEO and mobile devices, with good performance metrics. Security best practices are observed with HTTPS enforcement and multiple security headers, although explicit security and incident response policies are not prominently published. The security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is addressed with clear privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. However, WHOIS data for the domain is unavailable or privacy protected, which is common for enterprises but slightly reduces transparency. Overall, the website and business demonstrate a high level of professionalism, trustworthiness, and digital maturity. Strategic recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure information to further enhance trust and compliance.

Library Stack is a specialized digital library and archival platform focusing on digital media and e-books in the arts, architecture, media studies, design, philosophy, sound, and film studies. It emphasizes unconventional publication formats and operates a consortium model with German institutions. The website is built on WordPress with WooCommerce and uses modern technologies including Matomo analytics and hCaptcha for security. The content is rich and professionally presented, targeting academic and institutional audiences. Security posture is good with HTTPS and bot mitigation, but lacks visible privacy and cookie policies. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for such organizations.

A

AirtimeUX GmbH

airtimeux.com

0

AirtimeUX GmbH operates a specialized SaaS platform focused on AI-powered user interview research and survey analysis. Their service enables users to transcribe interviews in over 100 languages, detect speakers automatically, and extract instant insights, targeting product teams and user researchers. The company is positioned as a niche player supported by notable partners such as Techstars and TechCrunch, indicating credible market presence. Technically, the website is built on Webflow with modern technologies including Matomo analytics for privacy-conscious tracking, Google Fonts, and embedded YouTube videos. The site is performant, mobile-optimized, and professionally designed, though it lacks some advanced accessibility features and cookie consent mechanisms. Security posture is solid with HTTPS enforced, but missing security headers and absence of a vulnerability disclosure policy are areas for improvement. WHOIS data is missing or unavailable, which raises some concerns about domain legitimacy and age, though the website content and business information are consistent and professional. Overall, the site scores well on content quality and technical implementation but should address privacy compliance and security best practices to enhance trust and compliance.

1

1API GmbH

1api.net

0

1API GmbH is a well-established European domain registrar and developer of domain name platforms, operating since 2006 and managing over 3 million domains. The company targets domain registrants, resellers, and businesses requiring domain registration and management services. Their business model includes direct domain registration and reseller partnerships, positioning them as a leading player in the European domain registration market. The website reflects this professional positioning with clear branding and relevant content. Technically, the website uses modern web technologies such as Bootstrap, jQuery, FontAwesome, and Google Tag Manager. It is mobile-optimized and provides a good user experience with clear navigation. However, some technical improvements are possible, including enabling DNSSEC, adding security headers, and implementing cookie consent mechanisms to enhance privacy compliance. From a security perspective, the site enforces HTTPS and uses domain status locks to prevent unauthorized transfers. The presence of an abuse warning notice indicates awareness of phishing risks. However, the absence of security headers and DNSSEC reduces the overall security posture. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy and professional with a solid business foundation. Strategic improvements in security headers, DNSSEC, and privacy compliance would further strengthen their security and compliance posture.

I

IMAGO

imago-images.com

0

IMAGO is a leading independent photo agency based in Germany, recognized as the largest producer of sports content in Europe. The company offers a broad portfolio of visual content including editorial, sports, creative images, archival photos, and videos, targeting media professionals, sports organizations, and brands. Their market position is strong, supported by reputable partnerships and memberships in industry associations. Technically, the website is built on modern frameworks such as React and integrates advanced analytics and consent management tools, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS and a strict Content-Security-Policy, though additional headers and a formal security policy could enhance their posture. Overall, the website is professional, well-branded, and trustworthy, though the lack of publicly available WHOIS data slightly reduces domain trust. Strategic recommendations include improving security headers, publishing incident response contacts, and adding vulnerability disclosure mechanisms.

S

Splint Invest

splintinvest.com

0

Splint Invest is a German-based online investment platform specializing in alternative assets such as rare whisky, fine wine, and luxury watches. Founded in 2021, the company targets private investors seeking portfolio diversification with relatively low entry points starting at €50. The platform offers a secure and transparent investment experience, supported by mobile applications available on both Android and iOS with positive user ratings. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its target audience. Technically, the site leverages modern frameworks like Next.js and React, hosted under Amazon Registrar, Inc., with appropriate security headers and HTTPS enforcement. However, DNSSEC is not enabled, which is a recommended improvement. Privacy compliance is addressed with dedicated privacy and cookie policies, including consent mechanisms, and a data protection officer contact is provided. Security posture is strong with no evident vulnerabilities or exposed sensitive data, though formal security and incident response policies are not publicly detailed. Overall, the website demonstrates a mature digital presence with good business credibility and security practices.

B

Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin)

bafin.de

0

The Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) is the German Federal Financial Supervisory Authority responsible for overseeing banks, financial service providers, insurance companies, and securities markets. The website serves as an authoritative platform providing regulatory information, consumer protection resources, and updates on financial supervision. It targets financial institutions, consumers, and regulated entities, positioning itself as a key government regulator in the German financial sector. Technically, the site is built on the Government Site Builder CMS, hosted by Colt Technology Services, and employs modern web standards with good mobile optimization and accessibility. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site is professional, trustworthy, and compliant with GDPR, offering minimal user tracking and transparent communication channels.

T

Tangany GmbH

tangany.com

0

Tangany GmbH is a German-based regulated digital asset custody provider specializing in secure, compliant, and flexible custody solutions for digital assets. Positioned as a trusted partner for institutions, brokers, fintechs, corporations, and asset managers, Tangany offers an API-first, cloud-based, and 100% white-label custody platform. The company holds a BaFin license and has received multiple industry awards, reinforcing its strong market position in the European crypto custody space. Their key services include core custody solutions, customer compliance, crypto accounting, and staking services, targeting a broad range of financial sector clients.

S

Startnext

startnext.com

0

Startnext is a well-established German crowdfunding platform focused on supporting creative, sustainable, and community-oriented projects. The platform offers a comprehensive suite of services including project hosting, community engagement, and a marketplace, positioning itself as a key player in the non-profit crowdfunding sector since 2010. The website demonstrates a good level of digital maturity with modern JavaScript technologies, analytics integration via Matomo, and a responsive design optimized for mobile devices. Privacy and cookie policies are clearly presented with active consent mechanisms, reflecting compliance with GDPR requirements. Security posture is solid with HTTPS enforced and error monitoring via New Relic, although explicit security headers and incident response contacts could be improved. The absence of public WHOIS data suggests privacy protection for the domain registration, which is common for platforms of this nature. Overall, Startnext presents a professional, trustworthy, and user-friendly online presence with moderate technical performance and good privacy practices.

X

X-School

xschool.io

0

X-School is an innovative educational initiative focused on designing and implementing the school of the future. It aims to create a global network of schools that provide sustainable, inclusive education for future leaders and changemakers. The website presents a comprehensive framework emphasizing diversity, excellence, and well-being, supported by a team of experts and promoters. The business model is based on a state-approved alternative school in Germany with plans for international expansion. The site is professionally designed, mobile-optimized, and rich in content, targeting students, parents, and educators interested in modern education concepts. Technically, the website uses modern front-end technologies such as Alpine.js and Tailwind CSS, with embedded Vimeo videos and social media integration. It is hosted on infrastructure linked to GoDaddy and uses HTTPS with good SSL configuration. However, some security best practices like security headers and cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. From a security perspective, the site shows a good baseline with HTTPS and secure form handling but lacks explicit security policies, incident response contacts, and vulnerability disclosure information. The domain WHOIS data is privacy protected but consistent with the business timeline and type, indicating legitimacy. No suspicious or malicious content was detected. Overall, the website is trustworthy, professionally maintained, and focused on education innovation. Strategic improvements in privacy compliance and security headers would further strengthen its posture.

X

X-Schule

xschule.io

0

X-Schule is a German-based innovative educational initiative focused on founding and operating future-oriented schools that emphasize diversity, potential development, and holistic well-being. The organization targets parents, educators, and education experts interested in transforming traditional schooling to meet 21st-century challenges. The website presents a professional, content-rich platform with detailed team profiles and educational frameworks, positioning X-Schule as a credible emerging player in the education sector in Germany. Technically, the site uses modern frontend technologies such as Alpine.js and AOS animations, hosted on AWS infrastructure, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and domain locking, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is partial, with a comprehensive privacy policy but no cookie consent mechanism. Overall, the site is trustworthy, well-branded, and professionally maintained, suitable for its educational mission.

X

XVentures

xventures.de

0

XVentures is a German-based venture fund and venture studio specializing in transformative entrepreneurship with a focus on Web3 and education innovation. The company leverages nearly a century of combined entrepreneurial experience among its partners, having raised over $500 million in equity and supported numerous startups to successful exits. Their business model combines funding with hands-on expertise, accelerator programs, and access to a global network of industry leaders, positioning them uniquely in the venture capital landscape. Technically, the website is built on Webflow with modern web technologies, offering good performance and mobile optimization, though it lacks advanced security headers and privacy compliance mechanisms. Security posture is solid with HTTPS but could be improved with additional headers and published policies. Overall, the site is professional and trustworthy, though it lacks explicit privacy and cookie policies, which impacts compliance scoring.

C

Codeberg e.V.

forgejo.org

0

Forgejo is a self-hosted, lightweight software forge platform developed and maintained by the non-profit organization Codeberg e.V. It targets developers and organizations seeking a privacy-focused, federated alternative to proprietary platforms like GitHub. The website demonstrates a high level of professionalism with excellent design, clear navigation, and comprehensive content focused on collaboration and open source values. Technically, the site uses modern web technologies including Astro framework, SVG icons, and responsive design, hosted by OVH sas. Security posture is solid with HTTPS enabled and domain protections in place, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is strong with a clear privacy policy and minimal tracking, but lacks a cookie consent mechanism. Overall, the domain registration and WHOIS data align well with the organization's identity, supporting high legitimacy and trustworthiness.

H

Hartmann IT Solutions GmbH

hartmann-it.de

0

Hartmann IT Solutions GmbH is a small German IT services company specializing in software development, IT consulting, e-commerce solutions, digital modernization, graphic and web design, and blockchain consulting. The company presents itself professionally with a well-structured website featuring multimedia content and detailed team profiles. Their market position is that of a specialized boutique IT provider targeting businesses seeking tailored IT solutions. Technically, the website uses modern frameworks such as UIkit and FontAwesome, is hosted by a reputable provider (1&1 IONOS SE), and is mobile optimized with good SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and cookie consent mechanisms are missing. Privacy compliance is strong with a comprehensive GDPR-aligned privacy policy and a named data protection officer. Overall, the website is trustworthy and professional, with clear contact information and certifications enhancing credibility.

D

Deutsche Bank

db.com

0

Deutsche Bank is a leading global financial services provider offering a broad range of banking and investment services to corporate, institutional, and private clients. The website reflects a mature digital presence with comprehensive content covering products, services, corporate responsibility, and investor relations. The technical infrastructure employs modern web technologies and a consent management platform to ensure privacy compliance. Security posture is strong with HTTPS enforcement and security headers, though explicit incident response and vulnerability disclosure information are limited. The absence of WHOIS data for the domain is unusual but likely due to privacy or query scope issues. Overall, the website demonstrates high professionalism and trustworthiness consistent with a major financial institution.

H

Hartmann IT Solutions GmbH

chain49.com

0

Chain49, operated by Hartmann IT Solutions GmbH, is a technology company specializing in providing blockchain API services for enterprise and developer use. Their platform offers access to a network of cryptocurrency nodes supporting multiple blockchains, enabling clients to build crypto wallets, exchanges, payment processors, and block explorers. Positioned as a niche provider with a strong emphasis on German data protection laws, Chain49 targets startups and enterprises seeking cost-effective and scalable blockchain infrastructure solutions. The company offers tiered subscription plans including free and enterprise options, facilitating flexible adoption. Technically, the website employs a modern JavaScript-based tech stack with libraries such as jQuery, Bootstrap, and various UI/UX enhancement tools. Hosting is inferred to be in Germany, leveraging Hetzner datacenters, which aligns with their data protection claims. The site is mobile-optimized with good SEO and accessibility basics, though some advanced accessibility features could be improved. Performance is moderate, with no critical technical issues detected. From a security perspective, the website enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policy documentation and incident response contact details. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is consistent with the business claims, showing transparent registration without privacy protection, enhancing trustworthiness. Overall, Chain49 presents a professional and trustworthy online presence with solid privacy compliance and a clear business focus. Strategic improvements in security documentation and incident response transparency would further strengthen their security posture and customer confidence.

Chainflip Labs GmbH operates Chainflip.io, a specialized decentralized finance platform enabling cross-chain swaps primarily involving Bitcoin, Ethereum, and Solana. The platform emphasizes fast, native Bitcoin swaps with transparent pricing and no hidden fees, targeting cryptocurrency traders and developers seeking seamless cross-chain trading solutions. The business is positioned as a niche player in the DeFi ecosystem with a focus on trust and security, supported by claims of $1.4 billion traded securely. Technically, the website is built using Framer, hosted and registered via Cloudflare, and employs Google Analytics for user tracking. The site demonstrates good design quality, mobile optimization, and SEO practices, though accessibility features are basic. The technical infrastructure is modern but lacks advanced security headers and DNSSEC, which are recommended for enhanced protection. From a security standpoint, the site uses HTTPS but does not publish privacy or cookie policies, nor does it provide incident response or vulnerability disclosure information. No security headers were detected, and DNSSEC is not enabled, indicating room for improvement in security posture. No WAF or blocking mechanisms were detected, and no adult or questionable content is present, making the site safe for general audiences. Overall, Chainflip.io presents a professional and credible business with consistent domain registration data. However, it should enhance its privacy compliance and security practices to improve trust and regulatory adherence. Strategic recommendations include publishing comprehensive privacy and cookie policies, enabling DNSSEC, implementing security headers, and providing clear incident response contacts.

H

Heliad AG

heliad.com

0

Heliad AG is a publicly listed venture capital firm based in Germany, specializing in bridging investors and founders with capital markets. The company offers unique support to founders navigating financial markets and democratizes access to venture capital for public investors. The website is professionally designed using WordPress and Elementor, featuring modern web technologies and good mobile optimization. Security posture is solid with HTTPS and clientTransferProhibited domain status, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Contact information is transparent and includes email, phone, and physical address. Overall, the website reflects a credible and trustworthy business with a clear market position in finance and venture capital.

F

Flatiron Health GmbH

flatiron.de

0

Flatiron Health GmbH is a healthcare technology company specializing in oncology data curation and the generation of Real-World Evidence (RWE) to support cancer research and treatment improvements. The company collaborates with hospitals, clinics, life science companies, regulatory authorities, and academic institutions to transform routine medical data into valuable research insights. Their market position is that of an innovative leader in oncology data services, leveraging advanced technology and medical expertise to enhance cancer care outcomes. The website reflects a professional and comprehensive digital presence, built on HubSpot CMS and hosted on AWS, with a strong focus on GDPR compliance and user privacy. Security posture is robust with HTTPS and security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the site demonstrates high content quality, excellent user experience, and trustworthy business credibility.

T

Theemin Software UG (haftungsbeschränkt)

li.fi

0

LI.FI, operated by Theemin Software UG, is a technology company specializing in blockchain interoperability solutions, specifically bridging and decentralized exchange (DEX) aggregation across multiple blockchain ecosystems. The company targets developers and businesses seeking to integrate cross-chain asset swaps and liquidity aggregation, positioning itself as a leading multichain protocol in the DeFi space. The website reflects a mature digital presence with a modern tech stack including Next.js and Cloudflare DNS, optimized for performance and mobile responsiveness. Security posture is strong with HTTPS, DNSSEC, and security headers implemented, though explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is well addressed with GDPR-aligned policies and privacy-respecting analytics. Overall, LI.FI demonstrates a high level of professionalism, technical maturity, and business credibility, suitable for its target audience in the blockchain industry.

O

Oracle NetSuite

netsuite.de

0

Oracle NetSuite operates a leading cloud-based ERP and business management software platform, targeting enterprise and medium to large businesses primarily in Germany and globally. The website presents a comprehensive portfolio of integrated solutions including ERP, CRM, e-commerce, human capital management, and professional services automation. The company positions itself as the number one cloud ERP provider worldwide, emphasizing its extensive customer base and advanced cloud platform capabilities. Technically, the website leverages modern frameworks such as Bootstrap 5 and jQuery, hosted on Akamai CDN infrastructure, ensuring good performance and mobile responsiveness. The use of TrustArc for cookie consent and Google Tag Manager for analytics reflects a mature digital marketing and compliance posture. Security-wise, the site enforces HTTPS and employs consent management but lacks explicit security headers and a public security policy, indicating room for improvement in transparency and defense-in-depth. Overall, the site is professional, trustworthy, and well-structured, with no signs of blocking or malicious content.

S

Statista

statista.org

0

Statista is a leading online statistics portal specializing in aggregating market data, consumer surveys, and industry studies from over 22,500 sources. The platform targets business professionals, researchers, and marketers, offering subscription-based access to a vast repository of statistical data. The website demonstrates a strong market position as a trusted source for market research and data analytics, primarily serving the media sector in Germany. Technically, the site employs modern web technologies including JavaScript frameworks, Google Tag Manager, and consent management tools like OneTrust, ensuring a responsive and performant user experience across devices. Security-wise, the website enforces HTTPS, implements key security headers, and manages cookie consent effectively, reflecting a mature security posture. However, the absence of publicly available WHOIS data due to privacy protection limits domain registration transparency. Overall, Statista presents a professional, secure, and privacy-conscious digital presence with high trustworthiness and excellent content quality.

S

Statista

statista.net

0

Statista is a leading statistics portal providing market data, consumer survey results, and industry studies aggregated from over 22,500 sources covering more than 60,000 topics. The platform targets business professionals, researchers, marketers, and academics, offering subscription-based access to comprehensive market intelligence and data visualization tools. Statista holds a strong market position as a trusted data provider with a large global user base. Technically, the website employs a modern tech stack including JavaScript frameworks, Segment analytics, Hotjar, Braze, and Google Tag Manager, supported by a CDN for fast content delivery. The site is well-optimized for performance, mobile responsiveness, accessibility, and SEO, reflecting a mature digital infrastructure. From a security perspective, Statista enforces HTTPS with strong SSL configurations and implements security headers such as Content Security Policy and Strict-Transport-Security. The use of OneTrust for consent management demonstrates compliance with GDPR and privacy best practices. No significant vulnerabilities or exposed sensitive data were detected, indicating a robust security posture. Overall, Statista presents a low-risk profile with high trustworthiness, professional content, and strong privacy compliance. The absence of WHOIS data is likely due to privacy protection, which is justified for a commercial data provider. Strategic recommendations include maintaining regular security audits, enhancing incident response visibility, and publishing a security.txt file to facilitate vulnerability disclosures.

S

Statista

statista.ch

0

Statista is a leading statistics portal providing market data, market research, and industry studies from over 22,500 sources covering more than 60,000 topics. The company targets business professionals, researchers, marketers, and academics with a subscription-based business model offering extensive data and analytics services. Statista holds a strong market position as a trusted source for statistical data and insights, primarily operating from Germany. The website reflects a mature digital presence with excellent content quality and professional branding consistency. Technically, Statista employs a modern technology stack including advanced analytics platforms such as Segment, Hotjar, Braze, and Pendo, alongside Google Tag Manager and OneTrust for consent management. The site is well-optimized for performance and mobile responsiveness, with good accessibility and SEO practices. Hosting and CMS details are not explicitly identified but the infrastructure supports fast loading and a seamless user experience. From a security perspective, the website enforces HTTPS with strong SSL configuration and implements multiple security headers including CSP and HSTS. Privacy compliance is robust, featuring comprehensive privacy and cookie policies with GDPR adherence and active consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a public security policy or incident response page suggests room for improvement in transparency and preparedness. Overall, Statista presents a low-risk profile with a high level of trustworthiness and professionalism. The lack of WHOIS data is likely due to privacy protection, which is justified given the business nature. Strategic recommendations include enhancing security transparency, publishing a vulnerability disclosure policy, and continuous monitoring of third-party scripts to maintain security posture.

S

Statista

statista.mx

0

Statista is a leading statistics portal providing market data, consumer survey results, and industry studies from over 22,500 sources covering more than 60,000 topics. The platform targets business professionals, researchers, marketers, and academics, offering subscription-based access to comprehensive statistical data and market research. The website is professionally designed, mobile-optimized, and features consistent branding with strong trust indicators such as HTTPS and structured data markup. Technically, Statista employs modern web technologies including JavaScript frameworks, Google Tag Manager, OneTrust for consent management, and analytics tools like Hotjar and Braze. The site demonstrates good performance and accessibility standards, with a comprehensive cookie consent mechanism and GDPR compliance. However, explicit security policies and incident response information are not publicly disclosed. From a security perspective, the site enforces HTTPS, uses multiple security headers, and integrates consent management to comply with privacy regulations. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The absence of WHOIS registration details slightly reduces trust but is likely due to privacy protection services common among large enterprises. Overall, Statista presents a low-risk profile with a mature digital presence, strong privacy compliance, and a professional business model. Strategic recommendations include publishing explicit security and incident response policies, adding vulnerability disclosure mechanisms, and enhancing transparency around data protection officer contacts and certifications.

P

PERBILITY GmbH

mein-helix.de

0

PERBILITY GmbH operates the HELIX platform, a comprehensive HR management software suite designed for German-speaking enterprises. The platform offers modular solutions covering recruiting, employee development, digitalization of HR processes, e-learning, and AI-assisted HR functionalities. Positioned as a modern B2B SaaS provider, HELIX targets HR professionals and organizations seeking flexible and efficient digital HR management tools. The website reflects a mature digital presence with professional design and clear business focus. Technically, the site is built using the Hugo static site generator, integrates Matomo analytics for privacy-conscious tracking, and employs Cloudflare Turnstile captcha for form security. Security posture is strong with HTTPS enforcement and standard security headers, though some compliance gaps exist such as missing cookie consent mechanisms and terms of service. Overall, the domain registration and DNS setup align with the German business identity, supporting legitimacy and trustworthiness.