Security Directory

S

Spring Studio GmbH

spring.studio

0

Spring Studio GmbH is a small German company specializing in garden design, planning, construction, and maintenance services primarily targeting private clients in Berlin. Their website is professionally designed using Squarespace, featuring modern technologies such as embedded YouTube videos, Google Tag Manager, Facebook Pixel, and multilingual support via Weglot. The company maintains a clear online presence with contact details, social media integration, and GDPR-compliant privacy and cookie policies. Security posture is strong with HTTPS and HSTS enabled, though additional security headers and incident response information could improve their resilience. Overall, the website reflects a trustworthy and credible business with good technical implementation and privacy compliance.

AF Hausbau is a well-established regional construction company in Germany specializing in turnkey solid houses with a strong emphasis on customer collaboration and customized solutions. The company operates multiple subsidiaries covering residential, commercial, and engineering construction sectors, reflecting a diversified construction group. The website is built on the Contao CMS platform and uses modern JavaScript libraries to provide a responsive and user-friendly experience. While the site is well-structured and professionally designed, it lacks visible direct contact details such as phone numbers or emails on the main pages, relying primarily on contact forms. Security posture is solid with HTTPS and secure forms, but could be improved by adding security headers and explicit privacy consent mechanisms. No blocking or WAF challenges were detected, allowing full content access and analysis.

Albert Fischer Gewerbebau is a medium-sized German construction company specializing in commercial and industrial building projects, including hall construction and office buildings. With over 25 years of experience, the company offers turnkey solutions with fixed-price guarantees and timely delivery, targeting industrial and commercial clients primarily in Germany. The website is professionally designed using the Contao CMS platform and incorporates modern JavaScript libraries for enhanced user experience. While the site is mobile-optimized and SEO-friendly, it lacks some privacy compliance features such as cookie consent mechanisms. Security posture is solid with HTTPS enforced, but could be improved by adding security headers and explicit incident response policies. Overall, the company presents a credible and trustworthy digital presence consistent with its business claims.

M

Milchwerke Berchtesgadener Land Chiemgau eG

frischdienst-bgl.de

0

Frischdienst Berchtesgadener Land Chiemgau eG operates as a regional supplier specializing in fresh and local food products, offering delivery services and an online shop targeting customers in the Berchtesgadener Land and Chiemgau regions of Germany. The website presents a professional and consistent brand image with clear navigation and relevant content focused on their product offerings and services. Technically, the site is built on the Neos CMS platform using the Flow PHP framework, with moderate performance and good mobile optimization. Security measures include HTTPS enforcement and a comprehensive cookie consent mechanism, although some security headers and incident response information are not explicitly present. Privacy compliance is strong, with a detailed privacy policy linked from a related domain and GDPR-compliant cookie management. Overall, the domain registration data aligns well with the website content, indicating a legitimate and trustworthy business presence.

F

fit GmbH

mum-deo.de

0

fit GmbH operates the MUM brand, specializing in vegan deodorant products marketed primarily in Germany and several international markets. The company emphasizes sustainability with alcohol- and perfume-free deodorants packaged in glass bottles, targeting active individuals seeking effective personal care solutions. The website reflects a well-established brand with a history dating back to 1888, positioning itself as a niche player in the retail personal care sector. The business model combines e-commerce with physical retail availability, supported by a store locator feature and multilingual country-specific domains. Technically, the website uses a modern e-commerce CMS platform (likely Shopware), integrates Matomo analytics with cookie consent mechanisms, and employs responsive design for mobile optimization. While the site performs moderately well, there is room for improvement in SEO and accessibility. Security posture is solid with HTTPS enforced and privacy-aware tracking, but lacks explicit security headers and published security policies. The absence of a terms of service page and incident response contacts suggests areas for legal and security maturity enhancement. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, with clear contact information and consistent branding. The security and privacy practices are adequate but could be strengthened by adding formal policies and technical security headers. No critical vulnerabilities or suspicious indicators were found, and the domain registration aligns with the business claims. Strategic improvements in security transparency and legal completeness would further enhance trust and compliance.

F

fenjal

fenjal.de

0

fenjal.de is the official website of fenjal, a well-established German personal care brand specializing in body and facial care products. The site showcases various product lines, including lotions, creams, shower products, and fragrances, targeting a general consumer audience interested in quality skincare. The brand emphasizes natural ingredients and wellness, supported by partnerships and social responsibility initiatives. Technically, the website is built on TYPO3 CMS, uses modern JavaScript libraries, and implements cookie consent with opt-out capabilities. Analytics are handled via Matomo with privacy considerations. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and formal policies are absent. WHOIS data is minimal but consistent with a legitimate German brand domain. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

G

GARD

gard.de

0

GARD is a German retail brand specializing in natural haircare and styling products, emphasizing formulations free from silicones, microplastics, and parabens. The company targets general consumers seeking uncomplicated, natural haircare solutions, leveraging ingredients like bamboo extract to promote healthy hair. The website serves as a brand presence and gateway to an online shop hosted on a partner domain. Technically, the site is built on TYPO3 CMS with a modern JavaScript stack including jQuery, Modernizr, and Slick Carousel, and integrates Matomo for analytics. The site is mobile-optimized with good SEO and basic accessibility features. Security posture is adequate with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are absent. Privacy compliance is strong with GDPR-aligned policies and cookie management. Overall, the site is professional, trustworthy, and safe for general audiences.

D

DRESCHER & CIE Aktiengesellschaft

diefondsplattform.de

0

The website 'diefondsplattform.de' is an online multimedia platform operated by DRESCHER & CIE Aktiengesellschaft, targeting professional investors and financial service providers. It offers daily webinars, podcasts, and up-to-date news focused on the investment fund industry. The platform is well-positioned in the German finance sector with a broad partner network exceeding 130 partners, providing comprehensive coverage of products and providers. The business model centers on delivering educational and informational content to finance professionals, enhancing their market knowledge and engagement. Technically, the website is built on TYPO3 CMS, leveraging modern frontend technologies such as Bootstrap 4, Font Awesome 6 Pro, and Swiper.js for interactive elements. The site demonstrates good mobile optimization and basic accessibility features, with a moderate performance profile. SEO is supported by proper meta tags and structured data using JSON-LD. The cookie consent mechanism is implemented, indicating awareness of privacy regulations. From a security perspective, the site enforces HTTPS and uses modern libraries, but lacks explicit security headers and visible security policies. No privacy policy or terms of service pages were found, which is a compliance gap. Contact information for security incidents or data protection officers is not provided. No vulnerabilities or suspicious content were detected in the accessible content. Overall, the website presents a professional and trustworthy front for its target audience, with room for improvement in privacy compliance and security best practices. Strategic recommendations include publishing comprehensive privacy and terms policies, enhancing security headers, and providing clear contact channels for incident response.

Q

Quadoro Investment GmbH

sustainableenergy.de

0

Quadoro Investment GmbH operates the QEEE fund, an open infrastructure fund focused on renewable energy projects across Europe, targeting private investors interested in sustainable and impact investing. The website clearly communicates the fund's ESG compliance, investment goals, and partnership with EB-SIM, positioning itself as a specialist in the renewable energy investment sector. Technically, the site is built on TYPO3 CMS, uses Matomo for analytics with a GDPR-compliant cookie consent mechanism, and is well-structured with good mobile optimization and SEO practices. Security posture is solid with HTTPS and no exposed sensitive data, though formal security policies and incident response contacts are absent. Overall, the site is professional, trustworthy, and compliant with privacy regulations, supporting a positive business credibility and user experience.

E

ECOFIS GmbH

ecofis.de

0

ECOFIS GmbH is a specialized IT service provider focused on delivering IT network, hosting, and security solutions primarily for the Creditreform Unternehmensgruppe. The company leverages its affiliation with the Creditreform group to provide robust IT infrastructure and services, including data center operations and web hosting for group entities. The website reflects a professional corporate presence with clear service offerings and contact information. Technically, the site is built on TYPO3 CMS with modern frontend components and includes a comprehensive cookie consent mechanism compliant with GDPR. Security posture is solid with HTTPS and cookie management, though there is room for improvement in security headers and incident response transparency. Overall, the domain and website present a trustworthy and credible business entity with strong group backing.

Tief- und Rohrleitungsbau Wilhelm Wähler GmbH & Co. KG is a well-established infrastructure and civil engineering company based in Germany, with a history dating back to 1919. It operates as a subsidiary of the Seier Gruppe and is recognized as a leading player in northern Germany's infrastructure construction sector. The company offers a broad range of services including district heating, pipeline construction, geotechnical engineering, and telecommunications infrastructure. The website reflects a professional and consistent brand image, emphasizing employee development and corporate values. Technically, the site is built on WordPress with modern frameworks like UIkit and integrates SEO and cookie consent tools, indicating a mature digital presence. Security posture is good with HTTPS and cookie consent implemented, though some security headers and policies could be improved. Overall, the site is trustworthy, well-structured, and compliant with GDPR requirements.

M

Mudcon GmbH

mudcon.de

0

Mudcon GmbH is a certified environmental service provider specializing in the professional disposal and recycling of drilling sludge, primarily serving construction and industrial clients in Northern Germany. The company operates under the parent organization Seier Gruppe and emphasizes sustainability, compliance, and efficiency in its service offerings. The website reflects a strong market position with clear communication of certifications and services. Technically, the site is built on WordPress with modern frameworks and plugins, ensuring good SEO, mobile optimization, and user experience. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the digital presence supports a trustworthy and professional business image.

B

BHK Tief- und Rohrbau GmbH & Co. KG

bhk-rohrbau.de

0

BHK Tief- und Rohrbau GmbH & Co. KG is a well-established German company specializing in pipeline construction, civil engineering, and cable laying services. Founded in 1990 and operating under the parent company SEIER Gruppe, BHK serves regional clients with a focus on quality, reliability, and sustainable infrastructure development. The company offers a broad range of services including house connections, vacuum excavation, horizontal drilling, and network planning, positioning itself as a trusted partner in the energy and transportation sectors. Technically, the website is built on WordPress with modern frameworks such as UIkit and enhanced by SEO tools like Yoast. It employs Google Tag Manager and Cookiebot for analytics and privacy compliance, respectively. The site is mobile-optimized, accessible, and demonstrates good performance and SEO practices. Multiple office locations are clearly presented with comprehensive contact information, supporting strong business credibility. From a security perspective, the website enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The domain registration data aligns well with the business claims, showing consistency and legitimacy. Overall, the website reflects a professional, trustworthy, and compliant digital presence suitable for its industry and audience. Strategic improvements in security headers and transparency around security policies could further enhance trust and resilience.

T

TruPhysics GmbH

truphysics.com

0

TruPhysics GmbH operates a specialized platform focused on general purpose robotics, offering a configurator that integrates over 100 hardware, electronics, and software modules. The company targets businesses and developers in the robotics and automation sectors, positioning itself as a niche technology provider with a professional and consistent online presence. The website is built on WordPress with modern plugins and includes essential privacy and cookie policies, indicating a mature approach to compliance. However, the absence of WHOIS registration data raises concerns about domain legitimacy and age, which should be further investigated. Technically, the site employs standard technologies and tracking tools like Google Analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent but lacks advanced security headers and explicit incident response information. Overall, the site is professional and trustworthy but would benefit from enhanced transparency regarding domain registration and security policies.

I

igus

igus.com

0

igus GmbH is a global leader in the manufacturing and distribution of motion plastics, including cable carriers, polymer bearings, flexible cables, and linear slides. The company targets industrial manufacturers, automation engineers, and robotics integrators with a comprehensive product portfolio and global presence. The website reflects a mature digital infrastructure leveraging modern web technologies such as React and Next.js, integrated with advanced analytics and marketing tools. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user consent mechanisms. However, the absence of public WHOIS data reduces transparency but does not detract from the overall legitimacy given the brand's global footprint and consistent online presence. Strategic recommendations include publishing explicit security policies and vulnerability disclosure information to enhance trust further.

A

All About Automation

allaboutautomation.de

0

All About Automation is a professional event organizer specializing in trade fairs for automation, robotics, and digitalization across 10 locations in the D-A-CH region. The platform connects automation users with solution partners to promote flexible automation and smart production. The website demonstrates a mature digital infrastructure built on WordPress with Elementor, integrating multiple analytics and marketing tools managed via Google Tag Manager and Iubenda for privacy compliance. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site is well-positioned as a regional leader in automation trade fairs with consistent branding and good user experience.

The website 'Meldestelle Neuenhauser' serves as an internal whistleblowing and compliance reporting portal for the Neuenhauser Gruppe Holding SE & Co. KGaA, a medium-sized German corporate group. It provides channels for employees and stakeholders to report legal and compliance violations, particularly related to human rights and environmental obligations in the supply chain. The site emphasizes confidentiality, protection of whistleblowers, and legal compliance, reflecting a mature compliance culture. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies including Bootstrap and Font Awesome for UI, and integrates Google Analytics with IP anonymization for visitor statistics. The site is mobile-optimized and includes a comprehensive cookie consent mechanism in German, supporting GDPR compliance. Hosting is via domaincontrol.com nameservers, indicating a commercial hosting provider. From a security perspective, HTTPS is enforced and cookie consent is implemented properly. However, no advanced security headers or explicit security policies are published, and no incident response or vulnerability disclosure information is available. The site does not expose sensitive data and appears free of vulnerabilities in the visible content. Overall, the security posture is good but could be enhanced with additional headers and transparency. The overall risk profile is low with a trustworthy business presence and professional content. Strategic recommendations include adding explicit security policies, incident response contacts, and a security.txt file to improve transparency and readiness. The site is suitable for its compliance-focused audience and maintains good privacy standards.

Neuenhauser Maschinenbau GmbH is a medium-sized manufacturing company based in Germany, focusing on providing career opportunities across various segments including apprenticeships, direct employment, internships, and support for career changers. The website serves as a professional career portal emphasizing a family-like work environment, modern workplaces, and employee development. The company holds recognized certifications such as the IHK AusbildungsSiegel, enhancing its credibility in vocational training. Technically, the website is built on TYPO3 CMS, employs modern front-end libraries like Font Awesome and Slick Slider, and integrates Google Analytics with IP anonymization to balance analytics needs with privacy compliance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the website is well-designed, mobile-optimized, and provides clear navigation and contact information, supporting a high level of trustworthiness and professionalism.

D

d.vinci

dvinci.de

0

d.vinci is a German-based technology company specializing in recruiting and onboarding software solutions designed to optimize HR processes. Their offerings include applicant management, onboarding software, career pages, and multiposting services, targeting HR departments and recruiters. The company positions itself as an expert in seamless and efficient HR workflows, supported by a professional and well-structured website with strong SEO and digital presence. Technically, the website is built on WordPress with modern plugins such as Yoast SEO Premium and Borlabs Cookie for privacy compliance. Hosting is provided by SchlundTech, a reputable German hosting provider. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website reflects a mature digital infrastructure and a trustworthy business presence in the HR technology sector.

W

Waelzholz GmbH & Co. KG

waelzholz.com

0

Waelzholz GmbH & Co. KG is a global technology leader specializing in cold rolled steel products, serving industrial and manufacturing clients worldwide. The company positions itself as a high-quality steel solutions provider with a strong emphasis on technology and innovation. The website reflects a mature digital presence built on TYPO3 CMS with modern frontend technologies such as Bootstrap and Swiper.js, indicating a well-maintained technical infrastructure. Security posture is strong with HTTPS enforced and multiple security headers present, though no public vulnerability disclosure or incident response policies are published. Privacy compliance is robust with clear privacy and cookie policies and GDPR adherence. The absence of WHOIS data introduces some uncertainty about domain registration transparency, but the overall professional presentation and certifications support legitimacy.

H

Helmholtz Information & Data Science Academy (HIDA)

helmholtz-hida.de

0

The Helmholtz Information & Data Science Academy (HIDA) is a specialized educational platform within the Helmholtz Association, focusing on data science training and research education for doctoral candidates and postdoctoral researchers. The website serves as a central hub for training offerings, graduate schools, mobility programs, job listings, and events related to data science within the Helmholtz research community. The organization positions itself as a key player in preparing the next generation of data scientists for diverse scientific domains including energy, environment, health, and transportation. Technically, the website is built on TYPO3 CMS, hosted by hosting.de, and employs modern web technologies including responsive design, video content, and Matomo analytics for user tracking. The site demonstrates good digital maturity with comprehensive privacy and cookie consent mechanisms, multilingual support, and integration with social media platforms such as LinkedIn and Twitter. From a security perspective, the site enforces HTTPS and uses cookie consent to comply with GDPR. However, it lacks explicit published security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website's academic and institutional nature, indicating a legitimate and consistent domain registration. Overall, the website presents a professional, trustworthy, and well-maintained digital presence for HIDA, supporting its mission as an educational and research institution within the Helmholtz Association.

D

Deutsches Krebsforschungszentrum (DKFZ)

dkfz.de

0

The Deutsches Krebsforschungszentrum (DKFZ) is Germany's largest biomedical cancer research institution, employing over 3,000 staff and focusing on understanding cancer development, risk factors, prevention, diagnostics, and treatment. The website reflects a mature, well-funded public research entity with strong collaborations and translational research centers. Technically, the site is built on TYPO3 CMS with modern web technologies, optimized for performance, accessibility, and SEO. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site projects high professionalism and trustworthiness, supporting DKFZ's mission and public engagement.

E

event lab. GmbH

haicon.cc

0

The website haicon.cc represents the Helmholtz AI Conference 2025, a well-established scientific event focused on artificial intelligence applications in science. The conference is organized by event lab. GmbH in association with the Helmholtz Artificial Intelligence Cooperation Unit and multiple Helmholtz research centers. The site targets researchers, AI professionals, and industry partners, offering conference programs, workshops, poster sessions, and networking opportunities. The business model centers on event organization and community building within the AI research domain. The website demonstrates strong branding consistency and professional content quality, reflecting its reputable market position within the scientific community. Technically, the site is built on WordPress using the Avada theme and several plugins including LayerSlider and Borlabs Cookie for cookie management. Accessibility is a key focus, with the OneTap Pro accessibility plugin providing multiple modes for users with disabilities. The site is mobile-optimized and performs moderately well, with good SEO and meta tag implementation. External links to partner institutions and social media channels are properly integrated. From a security perspective, the website enforces HTTPS with strong SSL configuration and includes standard security headers. Cookie consent mechanisms are in place, and privacy policies are comprehensive and GDPR compliant. However, explicit security policies, incident response contacts, and vulnerability disclosure information are not found, representing areas for improvement. No vulnerabilities or suspicious content were detected. Overall, haicon.cc is a trustworthy, professional, and secure platform for hosting a major AI scientific conference. Strategic recommendations include publishing dedicated security and incident response pages, enhancing direct contact information for security matters, and considering a formal vulnerability disclosure policy to further strengthen trust and compliance.

S

Skiclub Oberstdorf Veranstaltungs GmbH

skifliegen-oberstdorf.com

0

The website www.skifliegen-oberstdorf.com represents the official online presence for the FIS Ski Flying World Championship 2026 held in Oberstdorf, Germany. Operated by Skiclub Oberstdorf Veranstaltungs GmbH, the site provides comprehensive event information, ticketing details, news updates, and media resources targeting ski flying enthusiasts and winter sports fans. The business operates in the hospitality and event organization sector with a focus on niche winter sports events, leveraging partnerships with regional and international sponsors. The website demonstrates a professional and consistent brand image with clear navigation and relevant content.

H

hefraTEC GmbH

hefratec.de

0

hefraTEC GmbH is a specialized telecommunications company based in Germany, focusing on wireless communication solutions such as Richtfunk (microwave radio links), WLAN, and carrier services. The company offers end-to-end services including consulting, planning, installation, and maintenance, targeting businesses and organizations requiring reliable and high-availability communication infrastructure. The website presents a professional image with detailed service descriptions, customer testimonials, and partnerships with reputable technology vendors, positioning hefraTEC as a trusted regional and international system integrator in the telecommunications sector. Technically, the website is built on WordPress CMS, utilizing modern technologies such as jQuery and Bootstrap, and integrates Google Analytics for visitor tracking alongside a GDPR-compliant cookie consent mechanism powered by consentmanager.net. The site is mobile-optimized with good SEO practices and basic accessibility features, providing a positive user experience. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and anonymizes IP addresses in analytics, employs a cookie consent banner, and avoids exposing sensitive data. However, it lacks visible security headers and does not publish explicit security or incident response policies, which could be improved to enhance trust and compliance. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and business information appear consistent and professional. Overall, hefraTEC GmbH's website demonstrates a solid digital presence with good privacy compliance and business credibility. Strategic improvements in security transparency and domain registration verification are recommended to strengthen trust and reduce risk.

T

Tramino

tramino.de

0

Tramino is a small German technology company specializing in web-based software solutions for the tourism industry. Founded in 2008 and based in Oberstdorf, Germany, the company offers a broad portfolio of products including content management systems, reservation and hotel management software, digital signage, customer loyalty programs, and event booking systems. Their market position is that of a regional specialist with a strong focus on tourism-related digital services. The website is professionally designed, mobile-optimized, and provides clear contact information and GDPR-compliant privacy and cookie policies. Technically, the site uses modern JavaScript libraries and asynchronous loading to ensure good performance and user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some HTTP security headers and explicit security policies are missing. Overall, the website and business present a trustworthy and professional image suitable for their target audience.

I

INTERPLAN Congress, Meeting & Event Management AG

interplan.de

0

INTERPLAN Congress, Meeting & Event Management AG is a professional event management company operating primarily in Germany with offices in Munich, Hamburg, Berlin, and Leipzig. The company specializes in congress organisation, exhibition and sponsoring management, hotel services, DMC and event management, delegate management, and association management. Their target audience includes organizations and associations seeking expert event planning and execution services across Europe. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive service descriptions. Technically, the site uses modern JavaScript libraries and cookie consent management tools, ensuring GDPR compliance and user privacy. Security posture is good with HTTPS enabled and anonymized analytics, though some security headers are not explicitly detected in the HTML content. Overall, the site is trustworthy, professional, and well-maintained, with no signs of blocking or WAF interference.

U

Universität Stuttgart

uni-stuttgart.de

0

The Universität Stuttgart is a leading technical university in Germany with a strong international reputation. The website reflects its mission to integrate engineering, natural sciences, humanities, and social sciences through top-tier research and education. The site targets prospective students, current students, researchers, entrepreneurs, employees, alumni, and media professionals, offering comprehensive information on study programs, research initiatives, and technology transfer. The university operates a large-scale digital presence with consistent branding and professional content quality. Technically, the website employs modern JavaScript libraries such as Bootstrap, jQuery UI, Fancybox, and Tippy.js, alongside Matomo analytics configured to disable cookies, indicating a privacy-conscious approach. The site is mobile-optimized, accessible, and SEO-friendly, with a custom CMS backend. Performance is moderate, with asynchronous script loading enhancing user experience. Security posture is solid with HTTPS enforced and standard security headers likely in place, though explicit Content-Security-Policy headers and incident response contacts are absent. Privacy compliance is good, with a comprehensive privacy policy and GDPR adherence, but lacks a visible cookie consent mechanism. No vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy, professional, and well-maintained, supporting the university's stature. Strategic improvements include implementing a cookie consent banner, publishing a security policy and incident response contacts, and enhancing security headers to further strengthen the security posture.

T

Technische Universität Berlin

tu.berlin

0

Technische Universität Berlin is a prominent public university located in Berlin, Germany, focused on higher education and research. The website reflects a mature digital presence with comprehensive academic content, clear navigation, and multilingual support. The institution holds an excellence title and collaborates within the Berlin University Alliance, reinforcing its market position. Technically, the site is built on TYPO3 CMS and uses Matomo analytics configured for privacy, indicating a modern and privacy-conscious infrastructure. Security posture is strong with HTTPS enforced and privacy-respecting analytics, though some security headers and explicit security policies could be improved. Overall, the site is professional, trustworthy, and well-optimized for users and search engines.

D

Deutsche Adipositas-Gesellschaft (DAG) e.V.

adipositas-gesellschaft.de

0

The Deutsche Adipositas-Gesellschaft (DAG) e.V. is a leading German professional society dedicated to the field of obesity, focusing on prevention, therapy, research, and public education. The website serves as an information hub for medical professionals, researchers, and the general public interested in obesity-related topics. It offers resources such as scientific congresses, publications, guidelines, and advocacy efforts. The organization also includes the Arbeitsgemeinschaft Adipositas im Kindes- & Jugendalter (AGA), focusing on childhood and adolescent obesity. Technically, the website is built on WordPress with modern frameworks like Gantry5 and UIkit, incorporating Google reCAPTCHA for form security. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers are missing. Privacy compliance is partially met with a clear privacy policy but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-positioned in its niche.

B

Bundesinstitut für Öffentliche Gesundheit (BIÖG)

diabetesnetz.info

0

Diabetesnetz Deutschland is a public health network initiative coordinated by the Bundesinstitut für Öffentliche Gesundheit (BIÖG) aimed at strengthening diabetes prevention efforts across Germany. The website serves as a platform to connect key stakeholders, disseminate educational materials, and promote national diabetes awareness campaigns. It is supported by the German Federal Ministry of Health, reflecting a strong governmental backing and positioning within the healthcare sector. The business model is non-profit and focused on public health impact rather than commercial gain. Technically, the website is built on TYPO3 CMS with modern frontend frameworks like Bootstrap 5 and uses Matomo for privacy-conscious web analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. However, some security best practices such as HTTP security headers and explicit incident response policies are not evident from the content. From a security perspective, the site employs GDPR-compliant cookie consent mechanisms and anonymizes IP addresses in analytics, reflecting a mature privacy posture. The absence of WHOIS data due to malformed responses suggests privacy protection, which is reasonable for a public health entity. No critical vulnerabilities or suspicious content were detected, indicating a generally secure and trustworthy platform. Overall, Diabetesnetz Deutschland presents a credible, well-maintained, and professionally managed website that aligns with its public health mission. Strategic improvements in security headers, incident response transparency, and WHOIS data availability could further enhance trust and compliance.

D

Deutsches Diabetes-Zentrum (DDZ)

ddz.de

0

The Deutsches Diabetes-Zentrum (DDZ) is a well-established interdisciplinary research institution affiliated with the Leibniz Association and Heinrich-Heine-University Düsseldorf, focusing on diabetes research that integrates molecular, clinical, and epidemiological approaches. The website serves as a comprehensive platform for disseminating research findings, clinical study participation, and public health information targeted at patients, researchers, and the general public. It maintains a strong market position as a reputable non-profit healthcare research center in Germany. Technically, the website is built on a modern WordPress CMS with a robust tech stack including Yoast SEO, WPBakery Page Builder, Matomo analytics, and Vue.js components. The site is hosted likely via GoDaddy infrastructure and demonstrates good mobile optimization and SEO practices, although some accessibility features could be improved. Performance is moderate with a professional design and clear navigation. From a security perspective, the site enforces HTTPS and uses privacy-conscious analytics with cookies disabled. However, it lacks visible security headers and a formal vulnerability disclosure or incident response policy. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is generally good with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a minor gap. Overall, the DDZ website is a professional, trustworthy, and content-rich platform supporting its mission in diabetes research and public engagement. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance its security posture and compliance further.

D

Deutsches Zentrum für Diabetesforschung (DZD)

dzd-ev.de

0

The Deutsches Zentrum für Diabetesforschung (DZD) is a prominent German non-profit research organization dedicated to advancing diabetes prevention, treatment, and research. The website serves as a comprehensive platform for disseminating scientific findings, promoting clinical studies, and providing educational resources to researchers, healthcare professionals, and the public. It is supported by reputable institutions such as Helmholtz Munich and the German Federal Ministry of Education and Research, underscoring its authoritative position in the healthcare research sector. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies including jQuery, Bootstrap, and Matomo analytics for user tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, providing a professional and user-friendly experience. Hosting and DNS infrastructure appear to be managed by trusted German research network providers, enhancing reliability. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers and incident response policies are not prominently published, representing areas for potential improvement. No critical vulnerabilities or suspicious activities were detected, and the domain registration data aligns well with the organization's identity, indicating a trustworthy digital presence. Overall, the DZD website reflects a mature, well-maintained digital asset that effectively supports its mission in diabetes research and public health education. Strategic enhancements in security transparency and direct contact information could further strengthen trust and compliance.

Weidmüller Interface GmbH & Co. KG is a well-established enterprise specializing in industrial connectivity solutions, including products and services for connection technology, automation, and digitalization. The company targets industrial customers, system integrators, and device manufacturers globally, positioning itself as a leader in manufacturing and technology sectors. Their website reflects a mature digital presence with comprehensive product catalogs and solution offerings. Technically, the website employs modern web technologies such as Google Tag Manager and OneTrust for privacy compliance, and it is optimized for mobile and accessibility standards. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS registration data is a notable anomaly but does not detract significantly from the overall legitimacy given the professional website and branding. Strategic recommendations include publishing detailed security policies and vulnerability disclosure information to enhance trust and compliance.

V

verlag moderne industrie GmbH

mi-connect.de

0

mi connect, operated by verlag moderne industrie GmbH, is a leading B2B multi-platform media company connecting the industrial sector with experts and technology enthusiasts. The website offers a comprehensive suite of services including lead generation, thought leadership, event organization, and marketing campaigns tailored for industrial clients. The company holds a strong market position in the German industrial media landscape, supported by professional content and a consistent brand presence. Technically, the site is built on TYPO3 CMS with modern web technologies and integrates Google Tag Manager and a consent management platform to ensure GDPR compliance. Security posture is solid with HTTPS and consent mechanisms, though explicit security headers and policies could be improved. Overall, the site is well-structured, mobile-optimized, and trustworthy, with clear contact information and social media presence.

H

Hüthig Medien GmbH

huethig-medien.de

0

Hüthig Medien GmbH is a medium-sized German media company specializing in connecting the industrial sector with experts and technology enthusiasts through independent reporting, marketing campaigns, and events. The company operates a professional website powered by TYPO3 CMS, integrating modern analytics and GDPR-compliant consent management. The site offers comprehensive information about their services including lead generation, thought leadership, and event organization, targeting B2B industrial clients. Technically, the website is well-structured, mobile-optimized, and uses secure HTTPS connections with privacy-focused scripts. However, explicit security policies and incident response information are not publicly available. Overall, the website demonstrates a strong security posture with room for improvement in security headers and vulnerability disclosure. The domain registration data aligns with the business profile, supporting legitimacy and trustworthiness.

BMW's official German website presents a comprehensive digital platform showcasing premium vehicles, including electric and hybrid models, alongside extensive services such as online purchasing, financial services, and customer support. The site leverages advanced technologies including Adobe Experience Manager, Adobe Analytics, and Akamai CDN to deliver a fast, mobile-optimized, and accessible user experience. Branding is consistent and professional, reinforcing BMW's market leadership in the premium automotive sector. However, explicit privacy and cookie policies were not found in the provided content, which may impact GDPR compliance perception. Security posture is strong with HTTPS and modern best practices, though explicit security headers should be verified. Overall, the site reflects a mature digital presence aligned with BMW's enterprise stature.

G

Generali Deutschland AG

generali.de

0

Generali Deutschland AG operates a comprehensive insurance and financial services website targeting private and business customers in Germany. The company offers a wide range of products including vehicle, home, health, legal protection, and pension plans. The website is professionally designed with clear navigation and mobile optimization, reflecting a mature digital presence. Technically, the site uses modern JavaScript libraries, cookie consent management via OneTrust, and tracking tools such as Facebook Pixel and Abtasty for marketing and analytics. Security posture is strong with HTTPS enforced and standard security headers present, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the domain registration data aligns with the company's identity, indicating a legitimate and trustworthy entity. The website complies with GDPR and provides comprehensive privacy and cookie policies with consent mechanisms.

B

BREITACHKLAMMVEREIN eG

breitachklamm.com

0

Breitachklamm is a tourism-focused organization operating the deepest rock gorge in Central Europe, located in Oberstdorf, Germany. The website provides comprehensive information about the natural attraction, including visitor information, seasonal highlights, guided tours, events, and online ticketing. The organization positions itself as a popular regional destination with a focus on nature experiences and family-friendly outdoor activities. The website is professionally designed with consistent branding and clear navigation, targeting tourists and nature enthusiasts. Technically, the website uses a modern technology stack including jQuery, RequireJS, and a proprietary CMS (Tramino). It is hosted likely on AWS S3 infrastructure, with good mobile optimization and moderate performance. The site implements cookie consent mechanisms and integrates a chatbot for visitor interaction. SEO and accessibility are adequately addressed, though some improvements are possible. From a security perspective, the site enforces HTTPS and uses cookie consent to comply with privacy regulations. However, explicit security headers are not detected, and there is no published incident response or vulnerability disclosure information. The WHOIS data for the domain is missing, which raises some concerns about domain registration transparency but does not directly impact the website's operational security. Overall, the website is a trustworthy and professional digital presence for a regional tourism entity, with room for improvement in security best practices and domain registration transparency.

S

Sportstätten Oberstdorf

nordic-zentrum-oberstdorf.de

0

Nordic Zentrum Oberstdorf is a modern, well-established outdoor and winter sports center located in the Allgäu region of Germany. It serves a diverse audience including professional athletes, families, and outdoor enthusiasts by providing world-class training facilities, event hosting, and recreational activities such as Nordic skiing, laser biathlon, and hiking. The website reflects a professional and comprehensive digital presence with clear navigation, rich content, and a strong focus on user experience. Technically, the site leverages modern JavaScript libraries and a specialized CMS platform (Tramino), with good mobile optimization and performance. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks some advanced security headers and explicit security policies. Overall, the domain registration and WHOIS data align well with the business, indicating legitimacy and trustworthiness.

O

Oberstdorf Kleinwalsertal Bergbahnen

ok-bergbahnen.com

0

Oberstdorf Kleinwalsertal Bergbahnen operates a professional tourism and mountain transportation website offering cable car and ski lift services in the Oberstdorf and Kleinwalsertal regions. The site targets tourists, families, and outdoor enthusiasts, providing detailed information on activities, events, and membership benefits. Technically, the website uses a mature stack including jQuery, RequireJS, and various UI libraries, with good mobile optimization and accessibility features. Security posture is solid with HTTPS and consent management, though some security headers could be improved. The absence of WHOIS data is a notable concern but does not detract from the overall professionalism of the site. Privacy compliance is well addressed with cookie consent and GDPR indicators. Overall, the site is a reliable digital presence for a regional tourism business.

Eissportzentrum Oberstdorf is a regional ice sports facility located in Oberstdorf, Germany, serving ice skating enthusiasts, sports clubs, schools, and professional athletes. It operates as an ISU Center of Excellence offering ice skating, ice hockey, curling, figure skating training, and hosting various events and camps. The website reflects a well-maintained digital presence with clear navigation, good content quality, and consistent branding. Technically, it uses modern JavaScript libraries and a specialized CMS platform (Tramino), hosted on Speedkom nameservers, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and a comprehensive cookie consent mechanism, though explicit security policies and incident response information are not published. Overall, the site is trustworthy, professional, and compliant with GDPR requirements.

S

Skiclub Oberstdorf Veranstaltungs GmbH

orlen-arena.de

0

The ORLEN Arena Oberstdorf Allgäu website represents a well-established sports and event venue specializing in ski jumping and Nordic sports tourism. The company, Skiclub Oberstdorf Veranstaltungs GmbH, offers a variety of services including arena tours, guided visits, event hosting, gastronomy, and training facilities. The site targets winter sports enthusiasts, tourists, and event organizers, positioning itself as a recognized regional hub with international relevance in winter sports. The business model revolves around facility management, event hosting, and merchandising, supported by an online booking system and fan shop. Technically, the website is built on the Tramino CMS platform, utilizing modern JavaScript libraries such as jQuery, Fancybox, and Slick Carousel. It is hosted on managed IP infrastructure with good mobile optimization and SEO practices. The site employs HTTPS with a solid SSL configuration and includes a comprehensive cookie consent mechanism aligned with GDPR requirements. Google Analytics is used for visitor tracking with appropriate consent controls. From a security perspective, the website demonstrates good practices including secure session cookies and no visible exposure of sensitive data. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The absence of advanced security headers suggests room for improvement. Overall, the security posture is solid but could be enhanced with additional measures. The overall risk assessment is low, with no critical vulnerabilities or compliance gaps detected. Strategic recommendations include implementing additional security headers, publishing a security policy and incident response contacts, auditing third-party scripts regularly, enhancing accessibility, and considering a security.txt file for vulnerability reporting. These steps will strengthen trust and security culture while maintaining compliance and operational excellence.

S

Sportstätten Oberstdorf

skiflugschanze-oberstdorf.de

0

Skiflugschanze Oberstdorf operates one of Germany's largest ski flying hills, offering visitors unique experiences including guided tours, events, and virtual reality. The website reflects a medium-sized tourism business with a clear market position in the hospitality and sports sector. Technically, the site uses modern JavaScript libraries and a specialized CMS (Tramino), hosted with Amazon S3 for static assets, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. Security posture is solid with HTTPS and cookie consent mechanisms, though additional security headers and policies could enhance protection. Overall, the website is professional, accessible, and compliant with GDPR, providing clear contact information and social media presence.

T

Therme Oberstdorf

therme-oberstdorf.de

0

Therme Oberstdorf is a premium wellness and spa destination located in the Allgäu region of Germany, offering a comprehensive range of services including thermal baths, sauna experiences, wellness treatments, and culinary delights inspired by natural elements. The website reflects a well-established business with a clear focus on hospitality and tourism, targeting wellness seekers and active vacationers. The site is professionally designed with excellent content quality, clear navigation, and mobile optimization. Technically, it employs modern web technologies such as jQuery, RequireJS, and lazy loading, hosted partially on Amazon S3 for static assets. Security posture is good with HTTPS enforced and a robust cookie consent mechanism, though some security headers are not visibly implemented. Privacy compliance is strong with a detailed privacy policy and cookie consent management. Contact information is clearly provided, enhancing business credibility.

M

Markt Oberstdorf

markt-oberstdorf.de

0

Markt Oberstdorf operates as the official municipal government website for the town of Oberstdorf in Germany, providing residents and visitors with access to local government services, news, and community information. The website is well-structured, primarily in German, and targets local citizens seeking administrative and community resources. The business model is public sector focused, emphasizing transparency and citizen engagement. Technically, the site uses a Tramino CMS platform with modern JavaScript libraries such as jQuery and RequireJS, and it is hosted on Tramino's infrastructure. The site is mobile optimized and includes a cookie consent mechanism compliant with GDPR standards. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. No incident response or explicit security policies are published. Overall, the site is trustworthy and professional, serving its government function effectively.

D

Deutsche Bahn Connect GmbH

deutschebahnconnect.com

0

Deutsche Bahn Connect GmbH operates as a subsidiary of Deutsche Bahn, providing tailored mobility solutions including fleet management, car and bike sharing, and digital mobility services targeted at private customers, businesses, municipalities, and DB Group employees. The company leverages nearly 30 years of experience to offer integrated mobility products such as Call a Bike, Flinkster carsharing, Bonvoyo mobility budgets, and corporate bike programs. The website reflects a professional and consistent brand image aligned with Deutsche Bahn's standards, serving primarily the German market.

E

Elektrobit

electrobit.com

0

Elektrobit is a well-established automotive software company specializing in embedded software products for ECU development, AUTOSAR standards, automated driving, connected vehicles, and user experience solutions. The company targets automotive industry professionals, OEMs, and suppliers with a comprehensive portfolio of software products and engineering services. Their market position is that of a specialist and innovator in automotive embedded software, supported by a professional and content-rich website that reflects their expertise and industry focus. Technically, the website is built on WordPress with modern technologies such as jQuery, Google Tag Manager, and a CDN for fast performance. The site is well-optimized for SEO, mobile-friendly, and accessible, with strong privacy and cookie compliance mechanisms in place. Security posture is robust, with HTTPS enforced, security headers present, and no visible vulnerabilities or exposed sensitive data. However, the WHOIS data is unavailable or protected, which slightly reduces trustworthiness but is mitigated by the professional presentation and presence of official contact and privacy policies. Overall, the website scores highly on content quality, technical implementation, security, privacy compliance, and business credibility, making it a trustworthy and authoritative source in its domain.

Bugl & Kollegen is a German consultancy specializing in information security, data protection, and compliance services. The company operates a professional website built on modern technologies such as Next.js and React, with a focus on GDPR compliance and privacy-conscious analytics using Matomo. The website is well-structured, mobile-optimized, and provides comprehensive privacy and cookie policies, although explicit terms of service and security policy pages are not present. The domain registration data aligns well with the business profile, indicating legitimacy and consistency. Security posture is good with HTTPS enforced and IP anonymization in analytics, but could be improved by adding security headers and explicit incident response information. Overall, the website presents a trustworthy and professional digital presence suitable for its consultancy business.