Security Directory

illumos.org is the official website for the illumos open source Unix operating system project. The project provides advanced system debugging, next generation filesystem, networking, and virtualization features for downstream distributions. It is developed by a community of volunteers and companies, targeting developers and organizations interested in Unix-based operating systems. The website serves as a hub for downloads, source code access, community engagement, and documentation. Technically, the site is built with clean HTML and CSS, is mobile responsive, and uses minimal external dependencies, reflecting a lightweight and efficient design. Security posture is moderate with domain transfer protection and HTTPS assumed but lacks DNSSEC and security headers. Privacy compliance is limited, with no cookie or privacy policies explicitly presented. Overall, the site is trustworthy, professional, and safe for general audiences, but could improve in security and privacy transparency.

F

Faustball Deutschland e.V.

faustball-liga.de

0

Faustball Deutschland e.V. operates as the official governing body for the sport of Faustball in Germany, providing comprehensive information on leagues, national and international competitions, training, and community engagement. The website serves players, coaches, fans, and the broader Faustball community with news, event details, and resources. It maintains a strong market position as the authoritative source for Faustball in Germany. Technically, the website is built on WordPress with a modern tech stack including jQuery, WooCommerce, NextGEN Gallery, and Jetpack. Hosting is provided by IONOS, and the site demonstrates good mobile optimization and moderate performance. Privacy compliance is well addressed with GDPR-compliant privacy and cookie policies, including a consent mechanism. From a security perspective, the site uses HTTPS with excellent SSL configuration and implements cookie consent. However, it lacks explicit security headers and published security or incident response policies. No critical vulnerabilities or exposed sensitive data were detected. The site integrates analytics tools such as Google Analytics and Jetpack Stats with moderate user tracking. Overall, the website is professional, trustworthy, and well-maintained, with good content quality and user experience. Strategic improvements could focus on enhancing security headers, publishing security policies, and expanding contact information transparency.

K

KAMMACHI Consulting GmbH

kammachi.com

0

KAMMACHI Consulting GmbH is a medium-sized German company specializing in SAP consulting, development, and smart SAP add-ins, primarily serving the construction and manufacturing sectors. Established in 1999 and part of the KIAG Unternehmensgruppe, it serves over 600 clients ranging from mid-sized businesses to multinational corporations. The company emphasizes human-centric consulting alongside technical expertise, offering tailored SAP solutions including integration with Lotus Notes and mobile devices. Their website reflects a professional and consistent brand image with clear navigation and relevant content for their target audience. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries such as jQuery and Swiper.js. It is hosted with a reputable registrar and DNS provider linked to their parent group. The site is mobile-optimized and implements GDPR-compliant cookie consent mechanisms. SEO and accessibility are adequately addressed, though some improvements in accessibility could be made. From a security perspective, the site enforces HTTPS and uses domain transfer protection. However, it lacks DNSSEC and explicit security headers, and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the business claims, indicating a legitimate and stable domain. Overall, the website presents a trustworthy and professional digital presence with moderate to good security posture. Strategic improvements in security headers, DNSSEC, and publishing security policies would enhance their security maturity and compliance posture.

D

Die Finals GmbH

diefinals.de

0

DieFinals.de is the official website for Die Finals 2025, a major multi-sport event held in Dresden, Germany. The site provides comprehensive information about the event including sports disciplines, venues, schedules, news, and ticketing. It targets sports fans, athletes, media, and the general public interested in German national championships. The business model centers on event organization and promotion with strong media partnerships and government support, positioning it as a key national sports event organizer. Technically, the website employs modern web technologies such as Font Awesome for icons, Flickity for carousels, and Usercentrics for GDPR-compliant cookie consent management. It is hosted behind Cloudflare, ensuring good performance and security. The site is mobile-optimized and offers a professional user experience with clear navigation and relevant content. From a security perspective, the site uses HTTPS and Cloudflare DNS/CDN services, enhancing security and availability. However, explicit security headers and policies are not detected, and there is no public incident response or vulnerability disclosure information. Privacy compliance is well addressed through Usercentrics consent management and a privacy policy page. No critical vulnerabilities or suspicious content were found. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. Strategic improvements include adding security headers, publishing security policies, and providing incident response contacts to enhance security posture and user trust.

The website https://999eagle.moe/ represents a personal and technical online presence for unit ⛧-440729, known by callsigns [sophie] and [raven]. This entity describes itself as a synthetic mind existing within a human-shaped biological chassis, focusing on software, cybersecurity, and open source contributions. The site serves as a hub for sharing technical musings, hosting infrastructure, and community engagement within the fediverse and open source ecosystems. The market position is niche, targeting technically inclined users and contributors. Technically, the site is built with standard HTML5 and CSS, uses HTTPS with a good SSL configuration, and is hosted on infrastructure indicated by the nameservers (Desec.io). The site is moderately optimized for performance and mobile devices, with basic SEO and accessibility features. No CMS or advanced frameworks are detected, indicating a lightweight and manually maintained site. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks advanced security headers and DNSSEC. There is no published security policy, vulnerability disclosure, or incident response information, which limits transparency and readiness. Privacy and cookie policies are absent, impacting compliance with GDPR and related regulations. No tracking or advertising technologies are present, reflecting a privacy-conscious approach. Overall, the website is safe, professional, and trustworthy within its niche but could improve compliance and security posture by adding formal policies and security disclosures. The domain registration is stable and privacy-protected, consistent with the personal nature of the site. Strategic improvements in security headers, DNSSEC, and privacy documentation would enhance trust and compliance.

pkgsrc.pub is a small technology-focused website operated by SkyLime, providing services related to the pkgsrc open source package management system. The site offers mirrors of binary packages for multiple operating systems, a searchable index of all pkgsrc packages, and a work-in-progress search over distfiles. The business targets developers and system administrators who rely on pkgsrc for software distribution. The domain has been registered since 2014, indicating a mature presence in its niche. Technically, the website is minimalistic, built with basic HTML and CSS, and hosted with DNS services provided by core.io domains. There is no evidence of a CMS or advanced frameworks. The site lacks modern security features such as DNSSEC and security headers, and no SSL/TLS configuration details were provided. The website is moderately optimized for mobile and accessibility but lacks advanced SEO and analytics tools. From a security perspective, the site does not present any immediate red flags such as malware or phishing indicators. However, the absence of privacy policies, cookie consent mechanisms, and incident response information indicates a low maturity in compliance and security posture. The domain registration is consistent and legitimate, but improvements in DNS security and published policies are recommended. Overall, pkgsrc.pub is a niche technical service with moderate trustworthiness and basic web presence. Strategic improvements in security, privacy compliance, and transparency would enhance its credibility and user trust.

F

Faustball Deutschland e.V.

faustball.de

0

Faustball Deutschland e.V. operates as the official governing body for the sport of Faustball in Germany, providing comprehensive information on leagues, national and international competitions, events, and organizational resources. The website serves a dedicated community of players, clubs, fans, and stakeholders with up-to-date news, event highlights, and educational content. It holds a strong market position as the authoritative source for Faustball in Germany. Technically, the website is built on a modern WordPress platform with a robust tech stack including WooCommerce, NextGEN Gallery, and Cookiebot for privacy compliance. Hosting is provided by IONOS, and the site demonstrates good mobile optimization, accessibility, and SEO practices. Analytics and marketing tools such as Google Analytics, Google Tag Manager, and Mailchimp are integrated with user privacy respected through consent mechanisms. From a security perspective, the site enforces HTTPS and employs cookie consent but lacks explicit security headers and a public security policy or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data confirms domain legitimacy and consistency with the business identity. Overall, the website presents a professional, trustworthy, and user-friendly platform with strong content quality and privacy compliance. Strategic improvements in security headers and formal security policies could further enhance its security posture and trustworthiness.

F

Faustball Deutschland

faustball.com

0

Faustball.com is a German-language sports community website dedicated to the sport of Faustball, providing news, competition results, and links to related associations and tournaments primarily in Germany and Europe. The site targets Faustball players, clubs, and fans, serving as an information hub with regular updates and official association endorsements. Technically, the site uses a somewhat dated but functional tech stack including AngularJS and jQuery, with moderate performance and basic mobile optimization. Security posture is average, with HTTPS implied but lacking visible security headers and cookie consent mechanisms. The absence of WHOIS data for the domain raises concerns about domain legitimacy and trustworthiness, although the website content and external links suggest a legitimate sports community presence. Overall, the site is professional and trustworthy in content but could improve in technical security and privacy compliance.

A

ATU Auto-Teile-Unger

atu.de

0

ATU Auto-Teile-Unger operates a comprehensive e-commerce platform specializing in automotive parts, tires, rims, and workshop services primarily targeting the German market. The company holds a strong market position as a large retailer with extensive service offerings including online sales, workshop appointments, and customer loyalty programs. The website demonstrates a mature technical infrastructure utilizing modern web technologies such as jQuery, Bootstrap, Adobe DTM for tag management, and Google Maps API for location services. Security posture is robust with HTTPS enforcement, CSRF protection, and bot mitigation via DataDome, although explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.

K

kfzteile24

kfzteile24.de

0

kfzteile24 is a leading German online retailer specializing in automotive spare parts and accessories, offering over 3 million products for various vehicle brands. The company provides a comprehensive e-commerce platform with features such as same-day shipping, extensive product catalogs, vehicle selection tools, and customer support via hotline and help center. Their market position is strong within the automotive retail sector in Germany, supported by physical stores and workshops in Berlin and a mobile app for enhanced customer experience. Technically, the website leverages modern technologies including Google Tag Manager, Exponea for customer data management, and AWS infrastructure with WAF protection, ensuring a secure and scalable environment. The site demonstrates good privacy compliance with clear cookie consent mechanisms and GDPR-aligned privacy policies. Security posture is robust with HTTPS enforcement and WAF usage, though some security headers could be explicitly confirmed. Overall, the website is professional, trustworthy, and well-optimized for user experience and SEO.

S

Samsung

samsung.de

0

Samsung Germany's official website presents a comprehensive e-commerce platform offering smartphones, TVs, household appliances, and related services. The site reflects Samsung's strong market position as a leading global technology brand, targeting general consumers in Germany with localized content and exclusive offers. The technical infrastructure leverages Adobe Experience Manager and integrates advanced analytics and consent management tools, indicating a mature digital presence. Security posture is robust with HTTPS and modern security practices, though explicit privacy and cookie policies are not clearly found in the provided content. Overall, the site is professional, trustworthy, and well-optimized for mobile and desktop users.

D

Handyanbieter für günstige Handys mit & ohne Vertrag

deinhandy.de

0

The website www.deinhandy.de operates as an e-commerce platform specializing in the sale of mobile phones and mobile tariff plans in Germany. It targets consumers seeking affordable handsets with or without contracts, offering a variety of manufacturers and network options. The business model focuses on online retail and tariff comparison, positioning itself as a competitive player in the German telecommunications market. The site uses modern web technologies including React and Next.js, hosted on Amazon AWS infrastructure, and integrates marketing and analytics tools such as Google Tag Manager and AB Tasty. While the website demonstrates good design quality, mobile optimization, and user experience, it lacks visible privacy, cookie, and terms of service policies, which impacts its privacy compliance score. Security posture is moderate with no detected WAF or blocking mechanisms, but absence of security headers and incident response information suggests room for improvement. Overall, the site is professional and functional but would benefit from enhanced transparency and security practices to increase trust and compliance.

A

Alternate GmbH

alternate.de

0

Alternate GmbH operates a leading German e-commerce platform specializing in electronics, computer hardware, household appliances, and related products. The company targets both general consumers and business customers, offering a wide product range and specialized B2B services. The website is professionally designed, mobile-optimized, and provides a seamless user experience with clear navigation and rich content. Technically, the site leverages modern frameworks such as Jakarta Faces and integrates third-party services like Usercentrics for GDPR-compliant cookie management and Epoq for personalized recommendations. Hosting and DNS are managed via Cloudflare, ensuring robust performance and security. Security posture is strong with HTTPS enforcement, security headers, and secure form handling, though explicit security policies and incident response contacts are not published. Overall, the site demonstrates high business credibility, compliance with privacy regulations, and a trustworthy online presence.

M

MMOGA Limited

mmoga.de

0

MMOGA Limited operates a large-scale e-commerce platform specializing in the sale and distribution of digital game keys, virtual currencies, and game-related products. The company positions itself as a market leader in virtual goods for popular online games such as FIFA, World of Warcraft, and Path of Exile. The website is professionally designed, mobile-optimized, and offers a broad product catalog with fast delivery via email. Technically, the site leverages modern JavaScript libraries and Cloudflare DNS for performance and security. Security posture is solid with HTTPS and cookie consent mechanisms, although explicit security headers and incident response policies are not publicly detailed. Overall, MMOGA presents a trustworthy and compliant digital marketplace with strong customer engagement through social media and Trustpilot reviews.

Faustball Westerstetten is a local sports club website dedicated to the Faustball division of TSV Westerstetten in Germany. The site provides information about teams, match results, training schedules, event calendars, and news updates targeted at community members and sports enthusiasts. The business model is community-focused, offering informational and engagement services without commercial transactions. The website is hosted by Hetzner and built with basic HTML, CSS, and JavaScript, featuring a mobile-responsive design and clear navigation. However, it lacks advanced technical frameworks or CMS platforms. Security posture is minimal with no detected security headers or privacy policies, and the SSL status is unknown, indicating potential risks. There are no signs of tracking or advertising, reflecting a privacy-conscious but basic implementation. Overall, the site is functional and trustworthy for its purpose but requires improvements in security and compliance to meet modern standards.

envs.sh is a small technology service providing file hosting and URL shortening functionalities primarily targeted at developers and users seeking lightweight, ephemeral file sharing solutions. The service emphasizes decentralization and open source principles, encouraging users to self-host and contribute via its public GitHub repository. The website content is well-structured, providing clear usage instructions and an explicit acceptable use policy to prevent misuse. Technically, the site uses basic HTML and CSS with external stylesheets and icon fonts. It supports HTTPS and employs token-based file management for security. However, DNSSEC is not enabled, and no advanced security headers are detected, indicating room for improvement in security hardening. The site does not implement privacy or cookie policies, which may pose compliance risks. From a security perspective, the service enforces file type restrictions and expiration controls, with a clear abuse contact channel. No WAF or blocking mechanisms are detected, and no adult or questionable content is present, making the site safe for general audiences. The domain registration data is consistent and appropriate for the service age and type, enhancing trustworthiness. Overall, envs.sh presents a functional and transparent service with moderate technical maturity and security posture. Strategic improvements in privacy compliance, security headers, and DNS security would enhance its trust and resilience.

Illuna-minetest.tk operates as a niche community gaming website providing dedicated Minetest servers with custom mods and texture packs. The business targets Minetest players seeking a unique and advanced gaming experience, supported by a small but experienced team since 2014. The website reflects a community-driven model with emphasis on server reliability and custom content. Technically, the site is built using modern frontend technologies including Bootstrap, jQuery, and the Zola static site generator, delivering a responsive and user-friendly experience. Performance is moderate with good mobile optimization and SEO practices. Security posture is adequate with HTTPS usage and no exposed sensitive data, but lacks explicit security headers and cookie consent mechanisms, indicating room for improvement in compliance and security best practices. Overall, the domain registration data supports the legitimacy and maturity of the business. The site is safe for general audiences with no adult or questionable content detected.

M

Milan Ihl

milan-ihl.de

0

Milan Ihl operates as a small, self-employed service provider specializing in IT hosting, web development, and creative media services such as photography and video editing. The business targets regional clients in Germany, particularly local businesses and associations, and has been active since 2020. The website presents a professional and consistent brand image with clear service offerings and contact information. Technically, the site uses modern JavaScript libraries including jQuery and Bootstrap, and is hosted on INWX nameservers, indicating a stable infrastructure. Performance and mobile optimization are good, though accessibility and SEO are basic. Security posture is moderate with HTTPS implied but lacking explicit security headers and incident response contacts. Privacy compliance is partially met with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and safe for general audiences.

K

koyu's personal website

koyu.space

0

The website 'koyu's personal website' is a personal portfolio and blog for Leonie, a programmer and system administrator based in Northern Germany. The site focuses on personal branding and sharing principles and services related to programming and sysadmin work. The market position is that of an individual professional offering internet services and promoting cyberspace liberation. The technical infrastructure is modern, built on Next.js and React, with Cloudflare DNS services. The site is mobile optimized and has good design and navigation, though accessibility and SEO are basic. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are absent, and no contact emails or phone numbers are provided, limiting compliance and business credibility. Social media presence is strong across multiple platforms. Overall, the site is safe, professional, and suitable for general audiences, but would benefit from enhanced privacy compliance and security practices.

F

FileZilla

filezilla-project.org

0

FileZilla is a well-established open source software project providing free FTP client and server solutions, with an additional paid Pro offering supporting cloud storage protocols. The website is professionally designed, with clear navigation and relevant content targeting IT professionals and end users needing reliable file transfer tools. The technical infrastructure is based on standard web technologies with active development and recent security updates, reflecting a mature digital presence. Security posture is solid with HTTPS usage and participation in a bug bounty program, though improvements in security headers and cookie consent mechanisms are recommended. Overall, the domain registration data aligns well with the website content, supporting legitimacy and trustworthiness.

The website random-projects.net is a personal portfolio and blog site owned by an individual named Felix, a demoscener and coder from Germany. The site focuses on sharing coding projects, personal interests in software optimization, and hobby cooking recipes. It targets a general audience interested in technology and cooking, without commercial or enterprise positioning. The domain is well-established since 2013, indicating a stable online presence. Technically, the site uses basic modern web technologies including HTML5, CSS3, SVG graphics, and external font hosting from rsms.me. The site is moderately optimized for mobile devices and has a clear navigation structure, but lacks advanced SEO and accessibility features. There is no detected CMS or complex backend platform, suggesting a static or simple site architecture. From a security perspective, the site lacks critical security headers and privacy-related policies such as GDPR compliance, cookie consent, or incident response contacts. The domain registration is consistent and legitimate, but DNSSEC is not enabled, and no SSL/TLS details were provided to confirm HTTPS usage. No forms or data collection mechanisms are present, reducing attack surface but also limiting user interaction. Overall, the site is safe for general audiences with no adult or questionable content. The security posture is basic and could be improved by implementing HTTPS, security headers, and privacy policies. The business credibility is moderate given the personal nature of the site and lack of formal contact information. Strategic recommendations include enhancing security measures, adding privacy and cookie policies, and providing clear contact channels to improve trust and compliance.

U

unit ⛧-440729 ["sophie"]

catgirl.cloud

0

Catgirl Cloud is a small, privacy-focused platform hosting a variety of free and open source services such as matrix, mastodon, invidious, searxng, and others. The services are maintained by an individual operator known as unit ⛧-440729 ["sophie"]. The platform emphasizes privacy, minimal data retention, and community support through donations. The website is well-structured with clear navigation and provides transparent rules and privacy policies for hosted services. Technically, the platform uses modern containerized deployments managed via Nix and Docker, with a good SSL configuration and no detected security blocking mechanisms. However, some security best practices like DNSSEC and security headers are missing. Privacy compliance is moderate with privacy policies present but no cookie consent or terms of service. Overall, the platform is trustworthy and serves a niche audience of privacy-conscious users seeking open source alternatives.

E

European Financial Certification Organisation (eficert) e.V.

eficert.org

0

Eficert is a European non-profit organization focused on unifying educational standards and certifications within the European insurance industry. It operates as a network of insurance education institutions, providing certification services to facilitate workforce mobility across Europe. The organization hosts annual conferences and advocates for quality standards in insurance education. The website is professionally designed using the Neos CMS and Flow PHP framework, reflecting a moderate to good level of digital maturity. It is mobile-optimized and provides clear navigation and relevant content for its target audience of insurance education professionals and institutions. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and cookie consent mechanisms are areas for improvement. The WHOIS data is incomplete, which slightly reduces domain trustworthiness, but the website content and contact information support legitimacy. Overall, the site presents a trustworthy and professional front for eficert's mission and services.

C

CrediMaxx® GmbH

credimaxx.de

0

CrediMaxx® GmbH is a German financial services company specializing in credit mediation with a strong emphasis on social responsibility and personalized customer service. The company offers a variety of loan products including credit without Schufa, instant loans, refinancing loans, modernization loans, and digital loans with online completion. Positioned as a niche player with TÜV-certified customer satisfaction and strong online presence, CrediMaxx targets individuals who face challenges obtaining credit through traditional banks due to negative credit scores or other factors. The website is professionally designed, mobile-optimized, and SEO-friendly, leveraging modern technologies such as WordPress, Yoast SEO, and Cloudflare for performance and security. Privacy and cookie policies are comprehensive and GDPR-compliant, supported by a consent mechanism. Security posture is solid with HTTPS and SSL encryption, though explicit security headers and incident response information are not publicly detailed. Overall, the website and business demonstrate high trustworthiness and professionalism, with room for improvement in explicit security disclosures and direct contact information.

P

ProtoArc

protoarc.com

0

ProtoArc operates an e-commerce platform specializing in ergonomic and foldable workspace peripherals such as keyboards, mice, and combos designed to enhance productivity and comfort. The company targets consumers and professionals who value wellness and portability in their workspace setup. The website is built on Shopify, leveraging modern web technologies and integrates multiple marketing and analytics tools to optimize user engagement and sales performance. Despite the lack of publicly available WHOIS data, the website presents a professional and trustworthy front with comprehensive privacy and cookie policies aligned with GDPR requirements. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response details are absent, representing an area for improvement. Overall, the site is well-structured, mobile-optimized, and provides a positive user experience with clear navigation and relevant content.

B

Berliner CSD e.V.

csd-berlin.de

0

Berliner CSD e.V. is a non-profit organization dedicated to organizing the Berlin Pride event (CSD Berlin), one of the largest demonstrations advocating for the rights of LGBTIQA* individuals. The website serves as an informational and promotional platform for the upcoming event scheduled for July 26, 2025. The organization maintains a consistent brand presence across social media channels and employs modern web technologies including WordPress with the Divi theme, Yoast SEO, and Cookiebot for privacy compliance. The technical infrastructure is moderately optimized for performance and mobile responsiveness, with a focus on user experience and accessibility. Security posture is adequate with HTTPS enforced and privacy-conscious tracking configurations, though improvements could be made by adding security headers and formal security policies. Overall, the website reflects a trustworthy and professional digital presence aligned with its advocacy mission.

O

OIA TRANS GmbH / OIA TRANS S.R.L.

oiatrans.com

0

Oia Trans is a European logistics company specializing in container and road transport services, with branches in Germany, Romania, and Bulgaria. The company emphasizes over 20 years of experience and holds ISO 9001 certification, positioning itself as a reliable and efficient transport provider in the European market. Their services include maritime container transport and road transport with a modern fleet adhering to EURO 6 standards. The website is professionally designed using WordPress and Elementor, optimized for SEO with Yoast, and supports multiple languages including English, Romanian, and German. Social media presence on Facebook, LinkedIn, YouTube, and Google Maps enhances their digital footprint. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and visible incident response policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the website reflects a credible and professional business with room for improvement in security and privacy transparency.

A

AKCENTA CZ a.s.

akcenta.de

0

AKCENTA CZ a.s. is a well-established financial services provider specializing in foreign exchange, international payments, and hedging solutions for businesses primarily in Central Europe, with a localized German website presence. The company offers tailored currency exchange services, forward contracts, and an online broker platform, serving over 54,000 customers across six markets with more than 25 years of experience. Their business model focuses on providing cost-effective, reliable, and efficient payment and currency risk management solutions to corporate clients. Technically, the website is built on modern frameworks such as Next.js and React, hosted on GTS infrastructure, and integrates Google Tag Manager and Cookiebot for analytics and compliance. The site is fast, mobile-optimized, and accessible, reflecting a mature digital presence. Security posture is strong with HTTPS enforcement, security headers, and secure form handling, although explicit security policies and incident response details are not publicly disclosed. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with GDPR and cookie regulations, making it a credible platform for its target audience.

S

SALESmanago

salesmanago.de

0

SALESmanago is a medium-sized technology company based in Germany specializing in AI-driven customer data platforms and omnichannel marketing automation solutions. Their platform targets B2B, B2C, and eCommerce businesses, offering a comprehensive suite of services including customer data management, marketing automation, personalization, analytics, and campaign management. The website is professionally designed, multilingual, and provides extensive product and company information, reflecting a mature digital presence. Technically, the site is built on WordPress with modern integrations such as Google Tag Manager, HubSpot, and Facebook SDK, supported by CDN infrastructure for performance. Security posture is good with HTTPS enforced and reCAPTCHA usage, though some security headers and explicit policies are missing. Privacy compliance is strong with GDPR adherence and cookie consent mechanisms in place. Overall, the site demonstrates high professionalism and trustworthiness with no critical security issues detected.

V

Verkehrsverbund Oberelbe GmbH (VVO)

vvo-mobil.de

0

VVO Mobil is a regional public transportation platform serving the Oberelbe region in Germany. It offers trip planning, real-time departure information, ticket purchasing, and network maps. The website is built on a modern Angular framework and integrates trusted third-party services such as Google Maps and PayPal for enhanced user experience and payment processing. The platform targets public transport users in the region, providing essential mobility services with a focus on usability and accessibility. The business operates in the transportation sector with a medium-sized footprint and maintains a consistent brand presence online. Technically, the website demonstrates a mature digital infrastructure with a strict Content-Security-Policy, HTTPS enforcement, and integration of analytics via Matomo. The site is mobile-optimized and provides a good user experience, though some accessibility features could be improved. The absence of a cookie consent mechanism and terms of service pages indicates room for enhancement in privacy compliance. Security posture is strong with no evident vulnerabilities or exposed sensitive data. From a security perspective, the site employs best practices such as HTTPS and CSP headers, but lacks explicit security policies and incident response contacts. No vulnerability disclosure or security.txt files were found, which could be added to improve transparency and trust. The WHOIS data aligns well with the website's claims, showing consistent domain registration and authoritative name servers. Overall, VVO Mobil presents a trustworthy and professional online presence for a regional transportation service. Strategic improvements in privacy compliance, security transparency, and accessibility would further strengthen its position and user trust.

V

ver.di - Vereinte Dienstleistungsgewerkschaft

dju.social

0

The website dju.social is a Mastodon-based decentralized social network instance operated by the German trade union ver.di, specifically its Deutsche Journalistinnen- und Journalisten-Union (dju) division. It provides a platform for media professionals and interested parties to engage in friendly and constructive social exchange. The platform leverages the open-source Mastodon software (version 4.2.17) and offers features such as user profiles, content discovery, and hashtag exploration. The domain registration is consistent with the organization's identity and country, indicating legitimacy and trustworthiness. Technically, the site uses modern web technologies including React and WebSockets, with a moderate performance profile and good mobile optimization. However, some security best practices such as enabling DNSSEC and implementing security headers are missing. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information and security policies are not explicitly provided on the explored page. The security posture is generally good with HTTPS enforced and domain transfer protection enabled, but improvements are recommended to enhance DNS security and security headers. The content is safe for general audiences, focusing on media and journalism without any adult or explicit content. Overall, the site is professionally designed, trustworthy, and serves a niche community effectively.

K

KÜS Service GmbH

kues-service.de

0

KÜS Service GmbH is a German-based full-service provider specializing in operational safety and compliance services for businesses. Their offerings include occupational safety, occupational medicine, accident prevention, electrical inspections, fire protection, and data protection. The company is part of the larger KÜS group, which includes several related subsidiaries and service domains. The website is professionally designed using WordPress with Elementor and Astra theme, providing a good user experience and clear navigation. Social media presence and contact information are prominently displayed, enhancing trust and accessibility. Technically, the website employs modern web technologies and plugins such as Yoast SEO and Borlabs Cookie for privacy compliance. The site is HTTPS secured with no visible security vulnerabilities or exposed sensitive data. However, security headers are not explicitly detected, and no dedicated security or incident response policies are published. Cookie consent mechanisms are implemented, indicating GDPR awareness. Overall, the security posture is solid but could be improved by adding security headers and formal incident response information. The business credibility is high, supported by consistent branding, clear contact details, and a comprehensive service portfolio. No adult or questionable content is present, making the site safe for general audiences. Strategic recommendations include enhancing security headers, publishing security policies, and considering a vulnerability disclosure program to further strengthen trust and compliance.

K

KÜS DATA GmbH

kues-data.de

0

KÜS DATA GmbH is a German IT service provider specializing in secure data center operations and managed IT services. The company operates one of the most modern and secure data centers in Germany, offering colocation, managed servers, cloud services, backup solutions, and hosting. Their market position is strengthened by certifications such as ISO 27001 and DIN EN 50600, emphasizing their commitment to data security and compliance. The website targets business clients requiring high-security IT infrastructure and data protection services. Technically, the website is built on WordPress with Elementor and Yoast SEO plugins, indicating a modern and maintainable digital infrastructure. The site is mobile-optimized, uses HTTPS, and implements cookie consent mechanisms, reflecting a mature digital presence. Performance is moderate with good SEO and accessibility basics. From a security perspective, the company demonstrates strong practices including certified data center operations, HTTPS enforcement, and cookie consent compliance. However, explicit security headers could be improved, and no public incident response or vulnerability disclosure policies were found. No vulnerabilities or suspicious indicators were detected in the website content. Overall, KÜS DATA GmbH presents a trustworthy and professional online presence with a solid security posture and compliance awareness. Strategic improvements in security header implementation and incident response transparency would further enhance their security maturity.

K

KÜS Akademie GmbH

kues-akademie.de

0

KÜS Akademie GmbH operates as the educational and training arm of the KÜS group, a well-established German vehicle inspection organization with over 30 years of experience. The website offers comprehensive information on career opportunities, training programs, and dual study options in automotive and vehicle inspection fields. The company maintains a strong market position in the transportation and education sectors within Germany, supported by a network of subsidiaries and partner domains. Technically, the website is built on a modern WordPress CMS with Elementor and Borlabs Cookie for privacy compliance, delivering a good user experience with mobile optimization and accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

K

KÜS Automotive GmbH

kues-automotive.de

0

KÜS Automotive GmbH is a specialized service provider in the automotive sector, focusing on expert damage assessment reports, vehicle valuations, and evaluations of historical vehicles. The company operates as part of the larger KÜS group, which includes several related subsidiaries offering complementary automotive services. Their market position is that of an important regional player in Germany, serving vehicle owners, insurance companies, and automotive professionals. The website reflects a professional and consistent brand image with clear communication of services and contact information. Technically, the website is built on a modern WordPress platform using Elementor and the Astra theme, ensuring good mobile optimization and user experience. The presence of Borlabs Cookie plugin indicates attention to GDPR compliance and user privacy. Performance is moderate, with room for optimization. No hosting provider details were identified. From a security perspective, the site uses HTTPS with a good SSL configuration and implements cookie consent mechanisms. However, there is a lack of explicit security headers and no visible security or incident response policies published. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is limited but consistent with the business branding, supporting legitimacy. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements in security headers and incident response transparency would further enhance trust and security posture.

K

KÜS Technik GmbH

kues-technik.de

0

KÜS Technik GmbH is a specialized technical service provider in the automotive sector, officially recognized by the German Kraftfahrt-Bundesamt. The company offers expert services including part approvals, individual vehicle approvals, and technical assessments for manufacturers, importers, and private individuals. Their market position is supported by official designations and a broad portfolio of services related to vehicle parts and modifications. The website reflects a medium-sized enterprise with consistent branding and professional content tailored to a German-speaking audience. Technically, the site is built on WordPress with modern plugins and themes, optimized for SEO and mobile use, and includes privacy and cookie compliance mechanisms. Security posture is good with HTTPS and reCAPTCHA usage, though some security headers and policies could be enhanced. Overall, the site is trustworthy, professional, and well-maintained.

K

KÜS Fahrzeugüberwachung

kues-fahrzeugueberwachung.de

0

KÜS Fahrzeugüberwachung is a well-established German organization specializing in vehicle inspection and certification services. With a network of approximately 1,600 inspectors and experts, it provides a broad range of services including main vehicle inspections, emission testing, safety checks, and specialized certifications for gas-powered vehicles and hazardous goods transport. The website reflects a professional and comprehensive service offering targeted at vehicle owners and operators within Germany. The business operates within the transportation sector and is part of a larger corporate group with several related subsidiaries.

S

SachsenEnergie

sachsenenergie.de

0

SachsenEnergie is a regional energy provider based in Saxony, Germany, offering a broad range of services including electricity, natural gas, heating solutions, internet, and e-mobility products. The company targets private customers, business clients, municipalities, and the real estate sector, positioning itself as a comprehensive energy and telecommunications service provider with a strong regional focus. Their website reflects a mature digital presence with multiple customer portals and service options, supporting a modern business model centered on customer engagement and energy solutions. Technically, the site uses IBM WebSphere Portal technology combined with modern JavaScript frameworks and Google Tag Manager for analytics and marketing. The site is well-structured, mobile-optimized, and includes privacy and cookie consent mechanisms aligned with GDPR requirements. Security posture is good with HTTPS enforced and no obvious vulnerabilities detected, though some security headers could be improved. Overall, SachsenEnergie demonstrates a professional and trustworthy online presence consistent with its business sector and regional market.

V

Verkehrsverbund Oberelbe

vvo-online.de

0

Verkehrsverbund Oberelbe (VVO) operates as a regional public transportation authority providing integrated ticketing and mobility services for Dresden and its surrounding areas. The website serves as a comprehensive mobility portal offering timetable information, ticket sales, service updates, and accessibility features. The target audience includes residents and visitors relying on buses, trams, S-Bahn, and ferries within the VVO region. The business model focuses on facilitating seamless public transport usage through digital tools and customer service. Technically, the website employs a modern JavaScript stack with accessibility enhancements such as Eye-Able tools and uses Matomo analytics for privacy-conscious user tracking. The site is served over HTTPS with no visible security vulnerabilities and demonstrates good SEO and accessibility practices, though mobile optimization is basic. The content is well-structured, multilingual, and professionally presented, supporting a positive user experience. From a security perspective, the site benefits from HTTPS and secure form handling but lacks explicit security policies, incident response contacts, and a cookie consent mechanism, which are areas for improvement to enhance compliance and user trust. No critical vulnerabilities or suspicious content were detected, and WHOIS data aligns well with the business identity, supporting legitimacy. Overall, the website is a trustworthy and functional platform for regional public transport users, with recommendations to improve privacy compliance and security transparency to further strengthen its posture.

T

teilAuto

teilauto.net

0

teilAuto is a well-established carsharing provider operating primarily in the German states of Sachsen, Sachsen-Anhalt, and Thüringen. Founded in 1998, the company offers a range of vehicle classes with a pay-per-use model that includes fuel costs, accessible via a dedicated mobile app and web platform. The website reflects a professional and consistent brand image, emphasizing sustainability and community values, including a notable Gemeinwohl certification. Technically, the site is built on the Contao CMS with modern JavaScript libraries and integrates privacy-conscious analytics via Matomo. Security posture is solid with HTTPS enforced and domain transfer protections, though some enhancements like DNSSEC and security headers could improve resilience. Privacy compliance is strong, featuring a comprehensive privacy policy and cookie consent mechanism. Overall, the site is user-friendly, mobile-optimized, and trustworthy, with no signs of malicious content or vulnerabilities.

STIEBEL ELTRON GmbH & Co. KG is a large enterprise operating internationally in the energy sector, specializing in efficient solutions for hot water, room heating, air conditioning, and renewable energy technologies such as heat pumps and ventilation systems. The company maintains a professional and comprehensive website that targets both general consumers and professionals in building services. Their market position is strong with subsidiaries and agencies in over 120 countries, reflecting a broad global footprint. Technically, the website is built on a modern stack including RequireJS, Modernizr, and Piwik PRO analytics, likely managed via Adobe Experience Manager CMS. The site is mobile optimized with good SEO and accessibility features, though some improvements in security headers could be made. Performance is moderate, with a well-structured navigation and rich content. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR compliance. However, the absence of WHOIS registration data raises concerns about domain transparency and trustworthiness. No critical vulnerabilities or exposed sensitive data were detected, but the lack of explicit security headers and incident response information suggests room for enhancement. Overall, the website presents a low risk with strong business credibility and privacy compliance, but domain registration opacity slightly reduces trust. Strategic recommendations include improving domain WHOIS transparency, adding security headers, and publishing a vulnerability disclosure policy to strengthen security posture and stakeholder trust.

Doepke Schaltgeräte GmbH is a well-established German manufacturer specializing in electrical safety products, particularly residual current devices (FI-Schalter), circuit breakers, and differential current monitoring systems. With nearly 70 years of experience, the company holds a strong market position as a leading expert in fault current protection technology. Their website offers comprehensive product information, training, downloads, and customer support, targeting professionals and businesses in the energy and electrical safety sectors. The company maintains a professional digital presence with multilingual support and active social media channels. Technically, the website is built on the TYPO3 CMS platform, utilizing modern frameworks like Bootstrap and FontAwesome. It integrates Google Analytics and Google Tag Manager with privacy-conscious configurations such as IP anonymization and user opt-out options. Cookie consent is managed via CookieFirst, ensuring GDPR compliance. The site is mobile-optimized and well-structured, providing a good user experience and SEO performance. From a security perspective, the site enforces HTTPS and implements privacy best practices but lacks explicit security headers and a published security or incident response policy. No vulnerabilities or suspicious elements were detected. The WHOIS data aligns with the company's claims, showing consistent domain registration without privacy protection, supporting the legitimacy of the business. Overall, Doepke's website demonstrates a mature digital infrastructure with strong business credibility and privacy compliance. Strategic improvements could include enhancing security headers, publishing a security policy, and establishing a vulnerability disclosure process to further strengthen trust and security posture.

T

Theben AG

theben.de

0

Theben AG is a well-established German company specializing in building automation products including KNX systems, DALI lighting control, presence and motion detectors, smart home solutions, time switches, and climate control devices. Founded in 1921, it holds a strong market position as an expert and innovator in energy-efficient building technology. The website reflects a professional and comprehensive digital presence targeting professional installers, OEM partners, and smart home users. Technically, the site uses SilverStripe CMS, integrates modern marketing and consent management tools, and demonstrates good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response details are absent. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy, well-branded, and content-rich, supporting Theben AG's credibility and market leadership.

STIEBEL ELTRON is a well-established international company specializing in building technology and renewable energy solutions, particularly heat pumps and ventilation systems. The company holds a strong market position as a technology leader with a comprehensive product and service portfolio targeting both end consumers and professional partners. Their website reflects a mature digital presence with extensive content, clear navigation, and professional branding. Technically, the site uses modern JavaScript libraries and analytics tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit incident response contacts and vulnerability disclosure policies could be improved. Overall, the website and business demonstrate high credibility and compliance with GDPR.

Roll..Profi is a German-based company specializing in professional cable reel systems, targeting industrial and commercial customers requiring cable management solutions. The website presents a basic but functional design using modern CSS frameworks, indicating a moderate level of digital maturity. However, the site lacks critical privacy and security policies, contact information, and security headers, which limits its security posture. The domain registration data is consistent and indicates a legitimate business presence. Overall, the website is safe and professional but requires improvements in privacy compliance and security best practices to enhance trust and compliance.

G

GEMA

gema.de

0

GEMA is a prominent collective rights management organization in Germany, serving over 100,000 members and millions of music users. The website reflects a professional and well-structured digital presence, leveraging modern technologies such as Liferay CMS, React, and Usercentrics for GDPR compliance. The content is primarily in German with English alternatives, targeting music creators and users. The site offers comprehensive information about membership, rights management, and licensing services, positioning GEMA as a key player in the German music industry. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security policies or incident response information publicly. Overall, the website is trustworthy, well-maintained, and compliant with privacy regulations, though it could improve transparency by publishing privacy policies and security contact details.

M

MSH Medical School Hamburg – University of Applied Sciences and Medical University

arts-and-social-change.de

0

The website represents the Arts and Social Change faculty of the MSH Medical School Hamburg, an educational institution offering interdisciplinary Bachelor and Master programs focused on art therapy, music therapy, social work, and related fields. The site targets prospective students and professionals interested in the intersection of arts, health, and social sciences. It provides detailed program information, events, and further education opportunities, positioning itself as a niche academic faculty within the German higher education sector. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern web technologies including jQuery, Google Analytics, Google Tag Manager, and Hubspot for marketing and analytics. The site is hosted on servers associated with rzone.de and employs HTTPS with a good SSL configuration. Mobile optimization and SEO are well addressed, though accessibility features are basic. From a security perspective, the site enforces HTTPS, uses CSRF tokens in forms, and implements a GDPR-compliant cookie consent mechanism. However, it lacks visible security headers and does not provide explicit incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies. Overall, the website is professional, trustworthy, and well-suited for its educational purpose. Strategic improvements in security headers and incident response transparency could enhance its security posture and trustworthiness further.

Dresdner Verkehrsbetriebe AG operates the MOBI platform, a comprehensive multimodal mobility service in Dresden, Germany. The website presents a well-structured and professional digital presence highlighting integrated public transport, bike- and carsharing, and electric vehicle charging services. The company positions itself as a local leader in sustainable urban mobility, supported by partnerships with local government and recognized organizations. The site targets residents and visitors seeking flexible and environmentally friendly transportation options. Technically, the website employs modern web standards including responsive design, SVG icons, and optimized images with WebP support. While no explicit CMS or frameworks are detected, the site demonstrates good mobile optimization and SEO practices. However, there is room for improvement in accessibility and performance tuning. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. No security headers or incident response policies are visible, and no cookie consent mechanism is implemented despite GDPR relevance. The WHOIS data aligns with the business claims, showing consistent domain registration without privacy protection, indicating legitimacy. Overall, the website is trustworthy and professionally maintained, though enhancements in security policies and privacy compliance would strengthen its posture. The absence of tracking scripts suggests a privacy-conscious approach. Strategic recommendations include implementing security headers, cookie consent, and publishing security and incident response policies.

G

GIT SECURITY

git-sicherheit.de

0

GIT SECURITY is a specialized media portal focused on security-related topics including management, IT security, fire protection, and safety. It serves security professionals and decision-makers by providing news, articles, product information, events, webinars, whitepapers, and videos. The portal is affiliated with Wiley-VCH, a reputable publishing company, enhancing its credibility and market position within the security media niche. The website is professionally designed with consistent branding and good content quality, targeting a medium-sized audience primarily in Germany.

A

Alumni Association

alumni-association.de

0

The website represents an Alumni Association based in Germany, likely serving a small community of alumni members. The business appears to be a non-commercial or community-focused entity with limited public-facing services. The website is powered by TYPO3 CMS and integrates Cookiebot for cookie consent management, indicating a basic level of digital maturity and compliance with cookie regulations. However, the absence of explicit privacy and terms of service pages limits its compliance posture. Technically, the site uses modern web technologies but lacks visible security headers and SEO optimization, which could impact discoverability and security. The security posture is moderate with HTTPS implied but no advanced security practices evident. Overall, the site is functional but would benefit from enhanced compliance documentation and security hardening.