Security Directory

C

CTS GmbH

cts-umweltsimulation.de

0

CTS GmbH is a medium-sized German manufacturing company specializing in environmental simulation devices that simulate various environmental conditions such as temperature, humidity, and pressure. The company also offers calibration services for these devices, including those from other manufacturers. Positioned as a leading expert in their niche, CTS targets industrial clients requiring high-quality testing and simulation equipment. Their website reflects a professional and consistent brand image with clear product and service information. Technically, the website is built on Joomla CMS with Bootstrap and Splide.js for UI components. It is mobile-optimized and uses HTTPS with a valid SSL configuration. However, some security best practices such as security headers and cookie consent mechanisms are missing. No analytics or tracking scripts were detected, indicating a privacy-conscious approach but also a lack of advanced marketing tools. From a security perspective, the site has a solid foundation with HTTPS and CSRF tokens but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. The WHOIS data is minimal but consistent with the hosting and author information on the site, supporting legitimacy. Overall, the site is safe, professional, and trustworthy but could improve privacy compliance and security posture. Strategic recommendations include implementing cookie consent for GDPR compliance, adding security headers, publishing a security policy and incident response contacts, and considering a vulnerability disclosure program to enhance trust and security culture.

K

Das Wissensportal für die Wasserwirtschaft | knowH2O

knowh2o.de

0

The website knowh2o.de serves as a specialized knowledge portal dedicated to water management and the water industry, primarily targeting professionals and stakeholders within the German energy and water sectors. It provides educational content and resources to support water management practices. The site is built on a WordPress platform utilizing popular plugins such as Yoast SEO and Elementor, indicating a moderate level of digital maturity and a focus on content presentation and SEO. However, the technical infrastructure shows room for improvement in security and privacy compliance, with no visible privacy or cookie policies and a lack of security headers. The absence of contact information and incident response details limits transparency and trustworthiness. Overall, the website is functional and professionally designed but would benefit from enhanced security measures and compliance documentation to improve its risk posture and user trust.

Gesellschaft zur Förderung der Abwassertechnik e.V. (GFA) operates a professional German-language website providing specialized news, journals, and services focused on water, wastewater, and environmental technology sectors. The site targets professionals and stakeholders in these industries, offering news updates, quality mark testing services, newsletters, and advertising opportunities. The business model centers on information dissemination and industry service provision, positioning GFA as a niche media and service provider within the German water technology market. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern frontend technologies such as Tiny Slider and jQuery. The site demonstrates good mobile optimization, accessibility, and SEO practices, supported by structured data markup. Performance is moderate, with a well-structured navigation and professional design. From a security perspective, the site enforces HTTPS and implements cookie consent with Matomo analytics disabled by default, reflecting good privacy compliance. However, no explicit security policies, incident response contacts, or vulnerability disclosure mechanisms are published. Security headers are not explicitly detected, suggesting room for improvement in hardening the site against common web threats. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR requirements. The domain registration appears consistent with the business focus, and no blocking or WAF challenges were detected, allowing full content accessibility. Strategic recommendations include publishing security and incident response policies, enhancing security headers, and adding vulnerability disclosure information to strengthen the security posture and trustworthiness further.

The Deutsche Vereinigung für Wasserwirtschaft, Abwasser und Abfall e. V. (DWA) operates as a professional association in Germany specializing in water management, wastewater, and waste. The organization provides a comprehensive suite of services including memberships, access to technical standards, e-learning platforms, certifications, publications, and event management. Their market position is strong within the German environmental and water sectors, serving professionals and organizations with authoritative resources and training. Technically, the website is built on the Contao CMS platform, utilizing modern JavaScript libraries such as jQuery and tiny-slider. The hosting is managed via vistec.net, with a moderate performance profile and good mobile optimization. The site employs HTTPS with secure session management and a cookie consent mechanism, reflecting a mature digital infrastructure. From a security perspective, the site demonstrates good practices including HTTPS enforcement, CSRF protection, and privacy-conscious analytics via Matomo. However, explicit security policies and incident response information are not present, representing an area for improvement. The cookie consent and privacy policies are comprehensive and GDPR compliant, supporting strong privacy compliance. Overall, the website is professional, trustworthy, and well-aligned with the organization's mission. The risk profile is low, with no detected vulnerabilities or suspicious activity. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility features to further strengthen the security posture and user experience.

D

Deutsche Vereinigung für Wasserwirtschaft, Abwasser und Abfall e.V. (DWA)

dwa-digital.de

0

The Deutsche Vereinigung für Wasserwirtschaft, Abwasser und Abfall e.V. (DWA) operates the website dwa-digital.de as a platform dedicated to the digital transformation of the water management sector in Germany and Europe. The organization is a leading non-profit association with approximately 14,000 members from diverse sectors including municipalities, academia, industry, and government. The website offers expert knowledge, educational programs such as the Digitale Akademie, and events like the Digitaler Dienstag to foster digital innovation and skills development in water and wastewater management. Technically, the website is built using RapidWeaver with Foundation framework and various stacks plugins, leveraging Matomo for analytics and CookieHub for consent management. The site is well-structured, mobile-optimized, and employs HTTPS with a good security posture. Privacy compliance is strong with clear cookie consent and a comprehensive privacy policy. However, formal security policies and incident response contacts are not publicly disclosed. Security-wise, the site shows good practices including encrypted connections and no visible vulnerabilities or exposed sensitive data. The use of privacy-respecting analytics and cookie management tools further supports compliance. No WAF or blocking mechanisms interfere with content access, ensuring full transparency and accessibility. Overall, the website represents a credible, professional, and trustworthy digital presence for the DWA, effectively supporting its mission to lead digital transformation in water management. Strategic improvements could include publishing explicit security policies and vulnerability disclosure information to enhance trust and preparedness.

European Film Promotion (EFP) is a well-established organization founded in 2001 that promotes European films and talent internationally. The website serves as a platform to showcase European cinema excellence and diversity, targeting film industry professionals and enthusiasts worldwide. It offers various programs, film sales support, and networking opportunities, positioning itself as a key player in the European film promotion sector. The site is professionally designed with consistent branding and clear navigation, supporting its mission effectively. Technically, the website uses a modern tech stack including jQuery, Bootstrap, Slick Carousel, and Typekit fonts, with a newsletter subscription powered by Brevo (Sendinblue). Hosting is provided by Cronon GmbH, a reputable registrar. The site is mobile-optimized and performs moderately well, though accessibility and SEO could be improved. Security measures such as cookie consent are implemented, but advanced security headers and DNSSEC are missing. From a security perspective, the site shows a moderate security posture with no critical vulnerabilities detected in the provided data. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The WHOIS data confirms domain legitimacy with consistent registration details and appropriate domain age. Privacy compliance is supported by a clear privacy policy and cookie consent mechanism, indicating GDPR awareness. Overall, the website is trustworthy, professional, and serves its business purpose well. Strategic improvements in security headers, accessibility, and explicit policy disclosures would enhance its security posture and compliance standing.

S

Starscream Limited

vegadreams-de.com

0

VegaDream Casino, operated by Starscream Limited, is a licensed online gambling platform targeting the German market. Founded in 2021, it offers a broad portfolio of over 3,000 casino games including slots, live dealer games, poker, and sports betting. The platform emphasizes generous bonuses, a VIP program, and a mobile-optimized user experience. The website is professionally designed, content-rich, and compliant with key regulatory requirements such as MGA licensing and GDPR data protection. Technically, the site runs on WordPress with Cloudflare DNS and employs modern web technologies including Google Tag Manager and FontAwesome. Security practices include HTTPS with 128-bit SSL encryption and KYC verification, although some security headers and explicit cookie consent mechanisms are missing. Overall, the site presents a trustworthy and professional gambling service with room for improvement in privacy compliance and security transparency.

The Deutsche Vereinigung für Wasserwirtschaft, Abwasser und Abfall e. V. (DWA) is a large, politically and economically independent association focused on sustainable water management, wastewater, and waste. It serves as a leading expert network in Europe, providing education, publications, policy advice, and events to professionals and organizations in the water and environmental sectors. The website is well-structured, professionally designed, and offers comprehensive content in German with English language support. The technical infrastructure is based on the Contao CMS platform, utilizing modern JavaScript libraries and ensuring good mobile optimization and accessibility. Security posture is strong with HTTPS, CSRF protection, and cookie consent mechanisms, although some security headers could be improved. The domain registration is consistent with the organization's profile, and no blocking or WAF challenges were detected. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations.

The European Water Association (EWA) is a well-established non-profit organization focused on the management and improvement of the water environment across Europe. It serves a diverse audience including national member associations, corporate members, research members, and sponsors. The association provides key services such as membership management, organizing conferences and events, publishing reports and newsletters, and advocating for water quality, safety, and sustainability policies at the European level. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its target audience. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern JavaScript libraries such as Tiny Slider for interactive content. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security best practices are partially implemented, including HTTPS enforcement and cookie consent mechanisms, though some security headers and explicit security policies are absent. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent banner, indicating GDPR awareness. However, incident response and vulnerability disclosure information are missing, which could be improved to enhance trust. Overall, the website and organization present a low-risk profile with strong business credibility and a good technical foundation. Strategic recommendations include enhancing security headers, publishing a security policy, and adding incident response contacts to further strengthen the security posture and compliance.

D

DAE Dachverband Europäischer Dokumentarfilm / Documentary Association of Europe e.V.

dae-europe.org

0

DAE Dachverband Europäischer Dokumentarfilm / Documentary Association of Europe e.V. is a non-profit membership association serving documentary professionals primarily in Europe but also globally. Founded in 2019, it offers a collaborative network, expert advice, curated resources, discounts, and advocacy grounded in progressive social principles. The association positions itself as a fast-growing community with over 700 members, emphasizing inclusivity and sustainability. Technically, the website is built on WordPress with modern frameworks like Bootstrap 5, supporting good mobile responsiveness and user experience. The site employs standard plugins for cookie consent, analytics, and email marketing, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, uses domain locking statuses, and provides cookie consent mechanisms, though it lacks DNSSEC and explicit security policies or incident response contacts. Overall, the website is professional, trustworthy, and compliant with GDPR, with moderate tracking via Google Analytics and Mailchimp. The absence of phone contact and physical address is noted but common for such associations. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and implementing a security.txt file to enhance transparency and trust.

Zoovu (Germany) GmbH, formerly SEMKNOX GmbH, operates a professional website offering advanced product search and data processing solutions primarily targeting e-commerce businesses. Their services leverage machine learning to transform unstructured product data into structured, searchable formats, enhancing online shop conversions and customer satisfaction. The company positions itself as a specialist in next-generation product search and data cleansing technologies, serving notable clients such as Lidl and Gravis. Technically, the website is well-constructed using modern web standards, optimized for performance and mobile devices, and employs secure HTTPS connections with a cookie consent mechanism to comply with GDPR requirements. However, explicit security policies and incident response information are not published, representing an area for improvement. Overall, the site demonstrates a high level of professionalism, trustworthiness, and technical maturity, with no indications of security vulnerabilities or questionable content.

E

etg24 GmbH

etg24.de

0

etg24 GmbH is a German-based company specializing in digital real estate management solutions. Positioned as the original and first provider of online customer portals tailored specifically for property management, etg24 targets property managers, owners, tenants, and service providers. Their business model centers on providing SaaS platforms that streamline and modernize property management processes. The website reflects a professional and consistent brand image with good content quality and clear target audience focus. Technically, the website is built on WordPress using Elementor and WooCommerce, supported by modern tools such as Yoast SEO and Google Tag Manager. Hosting is managed via INWX, a reputable German hosting provider. The site demonstrates moderate performance and good mobile optimization, with basic accessibility features and solid SEO practices. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism via Borlabs Cookie, indicating awareness of privacy regulations. However, explicit security headers are not fully implemented, and no formal privacy policy or terms of service are found, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected, and no WAF or blocking mechanisms interfere with access. Overall, etg24 presents a trustworthy and professional digital presence with a solid foundation. Strategic improvements in privacy documentation and security header implementation would enhance compliance and security posture, supporting their market credibility and customer trust.

F

Fobi AI Germany GmbH

passcreator.com

0

Passcreator, operated by Fobi AI Germany GmbH, is a mature SaaS platform specializing in the creation and management of digital Wallet passes compatible with Apple Wallet and Google Wallet. Established since 2012, it serves a broad business audience with solutions including loyalty cards, coupons, event tickets, and membership cards. The platform emphasizes seamless integration, real-time updates, and personalized customer engagement without requiring dedicated apps. Its market position is reinforced by partnerships with notable global brands and certifications such as ISO 27001, underscoring its commitment to security and quality. Technically, the website is built on the Neos CMS and Flow PHP framework, leveraging modern web technologies including JavaScript and integrations with payment gateways like Stripe and PayPal. The site demonstrates good mobile optimization, accessibility, and SEO practices. Analytics and marketing tools such as Google Analytics, Hubspot, and Zapier are employed with privacy considerations like IP anonymization and explicit cookie consent mechanisms. From a security perspective, Passcreator shows a strong posture with HTTPS enforcement and ISO 27001 certification. However, the absence of WHOIS data and lack of explicit security headers or public incident response policies represent areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, Passcreator presents a professional, trustworthy, and technically sound digital service platform with minor gaps in transparency around domain registration and incident response. Strategic enhancements in these areas would further strengthen its security and compliance profile.

C

Cornelsen Verlag GmbH

cornelsen.de

0

Cornelsen Verlag GmbH is a well-established German educational publisher specializing in school books, workbooks, and teaching materials for learners and educators. The website reflects a mature digital presence with a comprehensive navigation structure covering various educational sectors including primary, secondary, vocational, and adult education. The company leverages modern web technologies such as Neos CMS and Flow PHP framework, hosted on AWS infrastructure, and integrates multiple analytics and marketing tools including Google Tag Manager, Econda, Microsoft Clarity, and social media platforms. Security measures are robust with HTTPS enforcement and a strict Content-Security-Policy, although explicit privacy and cookie policies are not clearly found in the analyzed content. The site is free from WAF blocks or security challenges, indicating full accessibility.

D

die kartenmacherei GmbH

kartenmacherei.de

0

die kartenmacherei GmbH operates a professional e-commerce platform specializing in personalized printed cards for occasions such as weddings, births, and other celebrations. The company is positioned as a trusted German retailer with a strong customer base, evidenced by high ratings and extensive product offerings. Their business model focuses on online customization and fast delivery, targeting consumers planning special events. Technically, the website employs modern technologies including Google Tag Manager and OneTrust for cookie consent, hosted on AWS infrastructure, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, with clear privacy and cookie policies and GDPR adherence. Overall, the site demonstrates high professionalism, trustworthiness, and technical maturity.

H

H-Hotels.com

h-hotels.com

0

H-Hotels.com operates as a European hospitality business offering multiple hotel brands including Hyperion, H4, H2, and H+ Hotels. The website provides direct booking services with exclusive benefits and best price guarantees, targeting leisure and business travelers across Germany, Austria, Switzerland, Hungary, and France. The company positions itself as a large hotel chain with a strong presence in key European cities. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, incorporating modern JavaScript libraries and third-party services such as Google Tag Manager, Jentis, Usercentrics, and Sentry for analytics, tracking, and error monitoring. The site is well-optimized for mobile devices and SEO, with a professional design and clear navigation. Security posture is strong with HTTPS enforced and security headers present, though explicit security policies and incident response contacts are not published. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a clearly accessible privacy policy and terms of service. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional appearance of the site. Overall, the website is functional, secure, and user-friendly but would benefit from improved transparency in privacy and legal policies and verification of domain registration.

S

sitegeist

sitegeist.de

0

sitegeist is a well-established digital agency based in Hamburg, Germany, with over 25 years of experience in digital transformation, web development, and online marketing. The company positions itself as a full-service digital agency offering strategic consulting, innovative AI solutions, and comprehensive web and marketing services. The website demonstrates a high level of digital maturity with modern technologies such as Neos CMS, PHP frameworks, and integration of AI-powered chatbots. Security posture is strong with HTTPS enforcement and good script management, though explicit security headers and policies could be improved. Privacy compliance is currently weak due to the absence of visible privacy and cookie policies. Overall, the website is professional, trustworthy, and well-optimized for performance and user experience.

T

Turnitin

turnitin.de

0

Turnitin is a globally recognized enterprise providing academic integrity and plagiarism detection solutions primarily targeting educational institutions, teachers, students, and researchers. The company offers a comprehensive suite of products including Feedback Studio, Originality, Gradescope, ExamSoft, Similarity, and iThenticate, positioning itself as a market leader in education technology. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content in German for its target audience. Technically, the site leverages modern frameworks such as Bootstrap and jQuery, integrates with Google Tag Manager and OneTrust for analytics and cookie consent, and is hosted on Amazon AWS infrastructure, ensuring good performance and reliability. Security posture is strong with HTTPS enforced and use of reCAPTCHA, though explicit security headers and public security policies could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the domain registration data aligns with the company's business history and legitimacy, reinforcing trustworthiness.

I

igroup Internetagentur GmbH & Co. KG

i-group.de

0

igroup Internetagentur GmbH & Co. KG is a specialized TYPO3 partner agency based in Germany, offering comprehensive web development, responsive web design, SEO, digital signage, and online reporting services. With over 555 TYPO3 projects completed and a team of 12 experts, the company holds a strong market position as a reliable full-service TYPO3 agency serving national and international clients. Their website reflects a professional and consistent brand image, supported by positive trust indicators such as Google reviews and official TYPO3 partnership certification. The technical infrastructure is modern, leveraging TYPO3 CMS, jQuery, Google Analytics, and consent management tools, ensuring a good digital maturity level. Security posture is solid with HTTPS enforcement and consent mechanisms, though some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR consent mechanisms. Overall, the website and business demonstrate high professionalism and trustworthiness.

F

Flownative GmbH

flownative.com

0

Flownative GmbH is a specialized technology company focused on providing expert support, coaching, training, and cloud hosting services around the Neos CMS and Flow PHP framework. The company positions itself as a niche expert in the Neos ecosystem, catering primarily to developers and businesses using Neos and Flow. Their offerings include professional support, upgrade assistance, and a cloud hosting platform called Flownative Beach, emphasizing scalability and GDPR compliance. The website content is professional and well-structured, reflecting a small but focused business entity based in Germany. Technically, the website is built on the Neos CMS platform and leverages the Flow PHP framework. It uses modern web technologies including PHP and JavaScript, with Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. The SSL configuration is excellent, ensuring secure HTTPS connections. From a security perspective, the site follows good practices such as HTTPS enforcement and privacy-respecting analytics. However, it lacks some security headers and does not provide explicit security policies or incident response contacts. The absence of a cookie consent mechanism is a minor compliance gap. The WHOIS data is notably missing or unavailable, which raises some concerns about domain registration transparency, although the website content and business information appear legitimate. Overall, Flownative GmbH presents a trustworthy and professional online presence with a strong focus on Neos CMS services. The main risk lies in the incomplete WHOIS data, which should be investigated further. Strategic improvements in security headers, cookie consent, and published security policies would enhance their security posture and compliance standing.

N

Neos Foundation e.V.

neos.social

0

Neos.social is a niche Mastodon instance operated by Neos Foundation e.V., focused on providing a social networking platform for discussions related to Neos and connecting users to the broader Fediverse. The platform leverages the open-source Mastodon software (version 4.4.1) and modern web technologies such as React and JavaScript ES modules, delivering a responsive and user-friendly experience. The website content is well-structured and relevant to its target audience, with a consistent branding approach and clear community focus. From a technical perspective, the site employs modern frameworks and technologies, including WebSockets for real-time communication, and uses CDN resources for media delivery. However, some security best practices such as enabling DNSSEC and implementing security headers are not observed, which could be improved to enhance the overall security posture. The absence of cookie consent mechanisms and limited privacy compliance indicators suggest room for improvement in regulatory adherence. Security-wise, the domain registration is transparent and consistent with the organization's identity, enhancing trustworthiness. The domain is protected against unauthorized transfers, but lacks DNSSEC. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the site maintains a moderate security posture but would benefit from enhanced security policies and compliance measures. Strategically, Neos.social serves a small but focused community, positioning itself as a specialized social platform within the Fediverse ecosystem. The lack of commercial advertising and tracking aligns with privacy-conscious user expectations. To strengthen its market position and trust, the platform should consider publishing more comprehensive privacy and security policies, implementing cookie consent, and improving technical security controls.

I

IONOS Group SE

ionos-group.com

0

IONOS Group SE is a leading European digitalization partner specializing in SMB and enterprise cloud and web presence solutions. The company operates multiple well-known brands and serves approximately 6.4 million customers across 18 markets in Europe and North America. Their business model focuses on providing comprehensive hosting, cloud, and domain registration services supported by strong customer care and infrastructure. The website reflects a mature digital presence with investor relations, corporate governance, and press information, indicating a publicly listed and transparent organization. Technically, the website is built on TYPO3 CMS, uses modern web technologies, and integrates Adobe Analytics for user tracking. The site is mobile optimized and demonstrates good SEO and accessibility practices, although some accessibility features could be improved. Hosting appears to be managed internally or via a dedicated CDN. Performance is moderate with room for optimization. Security posture is strong with HTTPS enforced and a robust cookie consent mechanism supporting GDPR compliance. However, explicit security headers are missing, and no public security policy or incident response contacts are published. The WHOIS data is incomplete or privacy protected, which is common for large enterprises but reduces transparency. No vulnerabilities or suspicious content were detected. Overall, the website and business present a low risk profile with strong credibility and compliance. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility to further strengthen trust and compliance.

S

Schlund Technologies GmbH

schlundtech.com

0

SchlundTech is a medium-sized European technology provider specializing in domain registration, encryption products, and cloud server hosting. The company, founded in 1995 and part of the 1&1 group, offers a comprehensive Control Center platform for managing domains, encryption certificates, and cloud infrastructure. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant business content targeting entrepreneurs and professional users. Technically, the site uses TYPO3 CMS, integrates Google Tag Manager and Usercentrics for consent management, and employs HTTPS with good security practices. However, the WHOIS data for the domain is missing or not publicly available, which raises concerns about domain registration legitimacy despite the strong business presence and branding. Privacy policies and cookie consent mechanisms are well implemented, indicating GDPR compliance. Overall, the website demonstrates a mature digital presence with a strong security posture but requires verification of domain registration details to fully confirm legitimacy.

D

DIRS21

dirs21.de

0

DIRS21 is a well-established German company specializing in web-based booking and channel management solutions for the hospitality industry. With over 20 years of experience and more than 5300 customers, it positions itself as a market leader offering SaaS products that enable hotels and gastronomy businesses to optimize their online distribution and direct bookings. The website reflects a mature digital presence with professional design, clear navigation, and modern technology stack including WordPress, Bootstrap, and HubSpot integrations. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. No critical vulnerabilities or suspicious content were detected. Overall, DIRS21 demonstrates strong business credibility and technical maturity suitable for its target market.

B

Brauerei Gebr. Maisel GmbH & Co. KG

maiselandfriends.com

0

Maisel & Friends is a medium-sized German brewery and hospitality business based in Bayreuth, specializing in beer production, retail, and experiential services including a restaurant, hotel, and event hosting. The company has a strong market position supported by awards and a rich tradition in brewing. The website demonstrates a mature digital presence with modern technologies, good mobile optimization, and comprehensive privacy and cookie policies. Security posture is solid with HTTPS and reCAPTCHA usage, though some security headers and explicit incident response contacts are missing. The absence of WHOIS data reduces domain transparency but the professional content and branding indicate a legitimate business. Overall, the site is well-designed, user-friendly, and trustworthy for its target audience of mature beer enthusiasts and event customers.

B

Bayerisches Staatsministerium für Wirtschaft, Landesentwicklung und Energie

by-cz.eu

0

The website www.by-cz.eu serves as the official platform for the INTERREG Bayern - Tschechien program, a European Union funded cross-border cooperation initiative between Bavaria and the Czech Republic for the 2021-2027 funding period. It provides comprehensive information about funding opportunities, project application processes, and program updates. The site is managed under the auspices of the Bavarian State Ministry for Economic Affairs, Regional Development and Energy, reflecting a strong governmental affiliation and public sector focus. Technically, the website is built on TYPO3 CMS, a robust open-source content management system, and employs Matomo analytics configured to respect user privacy. The site is well-structured, mobile-optimized, and includes accessibility features such as easy language and sign language options. Security is well-handled with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. From a security and compliance perspective, the site shows good privacy compliance with GDPR-aligned cookie consent and a detailed privacy policy. However, no explicit security policy or incident response contact information is published, and WHOIS data is unavailable due to registry privacy protections. Despite this, the presence of official ministry logos and consistent branding supports the site's legitimacy. Overall, the website is a trustworthy, professional government portal with a clear mission to support cross-border regional development projects. Strategic recommendations include enhancing security headers, publishing a security.txt file, and providing explicit incident response contacts to further strengthen security posture and user trust.

T

Technische Hochschule Deggendorf

th-deg.de

0

Technische Hochschule Deggendorf is a reputable German technical university specializing in applied sciences, offering a range of academic programs and research opportunities primarily targeting students, researchers, and industry partners. The institution maintains a solid regional presence with a focus on engineering, computer science, and business disciplines. The website reflects a mature digital infrastructure leveraging modern web technologies such as Bootstrap, jQuery, and Pimcore CMS, ensuring a responsive and user-friendly experience. Security posture is robust with enforced HTTPS, cookie consent mechanisms, and use of reputable third-party services, although there is room for improvement in security headers and incident response transparency. Overall, the website demonstrates strong compliance with GDPR and privacy regulations, providing clear contact and legal information. The risk profile is low, with no indications of malicious activity or content safety concerns.

V

Vallon Metallveredlung GmbH

vallon-mv.de

0

Vallon Metallveredlung GmbH is a specialized manufacturing company based in Germany, offering a comprehensive range of galvanic and surface finishing services including galvanic zinc plating, nickel plating, copper plating, phosphating, tin plating, aluminum conversion coatings, silver plating, and hydrogen embrittlement heat treatment. As part of the Adelhelm Group, Vallon positions itself as a reliable one-stop-shop for functional surface technologies targeting industrial clients. The website is professionally designed, well-structured, and provides clear navigation and contact information, supporting a positive user experience. Technically, the site is built on the Contao CMS platform, uses modern JavaScript libraries such as jQuery and Mmenu, and employs Matomo analytics for privacy-conscious user tracking. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is addressed with a clear privacy policy, cookie consent, and GDPR considerations. Overall, the site reflects a trustworthy and credible business presence with good digital maturity.

G

GEORG BÖRNER

georgboerner.de

0

GEORG BÖRNER operates a professional website focused on providing sealing systems for civil engineering projects, targeting infrastructure and transportation sectors. The company positions itself as a specialized B2B supplier with a medium-sized market presence in Germany. The website is built on the Magento e-commerce platform, leveraging modern frontend technologies such as RequireJS, jQuery, KnockoutJS, and Algolia Search for enhanced user experience and search capabilities. Analytics and monitoring are implemented via Matomo and New Relic, indicating a mature digital infrastructure. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though improvements in security headers and explicit security policies are recommended. Overall, the website is professional, trustworthy, and safe for general audiences.

S

SOPREMA GmbH

soprema.de

0

SOPREMA GmbH is a leading German manufacturer specializing in sealing systems, insulation materials, and sustainable building solutions such as photovoltaic and green roof systems. The company targets construction professionals, architects, and planners, offering a broad portfolio of products and technical services. Their market position is strong within the manufacturing sector, emphasizing innovation and sustainability. The website is built on TYPO3 CMS and incorporates modern web technologies including Bootstrap, jQuery, and Font Awesome, ensuring a responsive and accessible user experience. Hosting is managed via Gandi.net, a reputable provider. Security posture is solid with HTTPS enforced, cookie consent mechanisms in place, and use of analytics tools respecting user privacy. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the site is professional, trustworthy, and well-optimized for its audience.

A

Adelhelm Unternehmensgruppe

adelhelm.de

0

Adelhelm Unternehmensgruppe is a medium-sized German company specializing in functional surface coatings for a wide range of industries worldwide. The company operates multiple subsidiaries and offers a broad portfolio of coating technologies including non-stick, chemical protection, and custom tailored solutions. Their market position is that of an established global supplier with a strong industrial B2B focus. The website is built on the Contao CMS platform and uses modern web technologies such as jQuery and Matomo analytics, hosted on Schlundtech infrastructure. Security posture is solid with HTTPS enforced and anti-spam measures in place, though visible cookie consent and explicit security policies are lacking. Overall, the site is professional, well-structured, and trustworthy, supporting the company’s business credibility effectively.

T

Tourismusverband Ostbayern e.V.

goldsteig-wandern.de

0

The website www.goldsteig-wandern.de serves as the official portal for the Goldsteig hiking trail, a prominent 660 km long trail in Bavaria and Bohemia, Germany. Operated by the Tourismusverband Ostbayern e.V., it provides comprehensive information on hiking routes, accommodations, events, and booking services. The site targets hiking enthusiasts and tourists seeking outdoor experiences in the region, positioning itself as a key player in regional tourism with recognized affiliations such as the Top Trails of Germany. Technically, the site employs modern web technologies, including JavaScript and CSS, and integrates third-party services like Google Translate and CCM19 for cookie consent management. The website is mobile-optimized, accessible, and SEO-friendly, offering a professional user experience. Security-wise, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and incident response contact information. Overall, the domain and website content are consistent and legitimate, with no signs of blocking or WAF interference.

T

Technische Hochschule Deggendorf / University of West Bohemia in Pilsen

peregrinus.online

0

The Peregrinus Silva Bohemica website represents an academic and cultural tourism project focused on enhancing historical and cultural landscapes along Bavarian and Bohemian forests. It offers a multimedia tourist guide with digital content such as 3D models, augmented reality, and audio-visual materials aimed at pilgrims, hikers, and history enthusiasts. The project is realized by reputable academic institutions including the Technische Hochschule Deggendorf and the University of West Bohemia, supported by EU and Bavarian funding programs. The website serves as an information portal and digital platform for this initiative, targeting tourists and cultural heritage stakeholders.

Klöberfinder.com is a specialized configurator platform operated by BMI Deutschland GmbH, focusing on roofing accessories such as ventilation, roof penetrations, and drainage solutions for pitched and flat roofs. The site targets roofing professionals and end customers seeking tailored product solutions. The business operates in the manufacturing sector with a medium-sized profile and a relatively recent domain registration dating back to 2021. Technically, the website employs modern JavaScript technologies including jQuery and module scripts, with Google Tag Manager for analytics. The site is mobile optimized and presents a professional user experience with clear navigation and consistent branding. Security posture is adequate with HTTPS enforced and nonce usage in scripts, but lacks DNSSEC and visible security headers, which are recommended for improvement. Privacy compliance is basic, with a cookie consent mechanism present but no privacy policy or terms of service found. No contact emails or phone numbers are explicitly provided on the analyzed page, which could be improved for better user trust and compliance. Overall, the website is safe, professional, and trustworthy with moderate technical and security maturity.

L

LGS Furth im Wald 2025

furth2025.de

0

LGS Furth im Wald 2025 is a regional event organizer hosting the Bavarian Landesgartenschau 2025, a cultural and nature-focused garden show in Furth im Wald, Germany. The website serves as an information portal for visitors, offering event details, ticketing, and sponsorship opportunities. The site is built on a modern WordPress infrastructure using Elementor and Yoast SEO, indicating a good level of digital maturity. Security measures include HTTPS, reCAPTCHA for forms, and GDPR-compliant cookie consent mechanisms. However, some security headers could be improved, and no explicit security or incident response policies are published. Overall, the website is professional, trustworthy, and well-optimized for its audience.

M

METAL TRADE COMAX – Division COMAX Dach

comaxdach.de

0

COMAX Dach, a division of METAL TRADE COMAX, is a leading manufacturer specializing in metal roofing solutions primarily serving the German and Czech markets. The company offers a range of premium metal roofing products and related services, including custom painting and logistics. Their market position is strong, supported by decades of experience since 1973 and membership in the European Coil Coating Association (ECCA). The website reflects a professional and well-structured digital presence built on Drupal 10, with modern marketing and analytics integrations such as Google Tag Manager and CookieHub for GDPR compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, well-branded, and targets B2B customers in the construction and roofing sectors.

S

STG Combustion Control GmbH & Co KG

stg-cottbus.com

0

STG Combustion Control GmbH & Co KG is a medium-sized German company specializing in advanced combustion control and process optimization technologies primarily for the glass industry, with additional clients in steel, chemical, and biotechnology sectors. Founded in 1990, the company has a strong market position supported by over 30 years of experience and recognized certifications such as Siemens Solution Partner. Their key offerings include process control systems, oxygen measurement technologies, calorimeters, and burner technologies, tailored to industrial clients seeking energy efficiency and emission reduction. Technically, the website is built on a modern WordPress platform with a comprehensive multilingual setup and SEO optimizations. The site features a cookie consent mechanism compliant with GDPR, professional design, and good mobile and accessibility standards. The technical stack includes popular plugins for SEO, downloads, and consent management, indicating a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses cookie consent for privacy compliance. However, explicit security headers and incident response policies are not evident, suggesting room for improvement in security transparency and defense-in-depth. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the website presents a professional and trustworthy digital presence aligned with the company's industrial B2B focus. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to strengthen trust and compliance.

S

STG Combustion Control GmbH & Co KG

stg-cottbus.de

0

STG Combustion Control GmbH & Co KG is a German-based company specializing in advanced process control systems and sensor technologies for the glass melting industry and related sectors such as steel, chemical, and biotechnology. Founded in 1990, the company has grown to a medium-sized enterprise with over 60 specialized engineers and technicians. Their offerings include modern process control systems, high-temperature oxygen sensors, advanced signal evaluation, and burner technologies, positioning them as a trusted partner in industrial process optimization. The website reflects a professional and well-established business with a clear market focus on industrial clients requiring energy-efficient and low-emission solutions. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO and multilingual support via WPML. It features good mobile optimization, accessibility, and SEO practices. The site employs HTTPS and a comprehensive cookie consent mechanism, indicating a strong commitment to privacy compliance. However, some security headers are missing, and no explicit security or incident response policies are published. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. The cookie consent banner is well implemented, supporting GDPR compliance. No signs of WAF or blocking mechanisms were detected, allowing full content access. The domain WHOIS data aligns with the business claims, supporting legitimacy. Overall, the website is professional, secure, and compliant with privacy regulations, serving a specialized industrial market. Strategic improvements could include adding security headers, publishing incident response information, and enhancing transparency around security policies.

K

Klöber GmbH

kloeber.de

0

Klöber GmbH is a well-established German manufacturer specializing in innovative roofing accessories for pitched and flat roofs, serving primarily B2B customers such as roofing professionals, architects, and distributors. The company boasts over 60 years of experience and holds recognized certifications like ISO 9001 and ISO 14001, reinforcing its market position as a leading specialist in Europe. The website reflects a mature digital presence with comprehensive product information, configurators, and resource centers, supporting customer engagement and technical support. Technically, the website employs modern web technologies including Bootstrap, jQuery, Swiper, and Google reCAPTCHA, ensuring responsive design and security against spam. The site is well-optimized for mobile devices and SEO, with clear navigation and professional design. Security practices include HTTPS enforcement and CSRF tokens, although some HTTP security headers could be improved. Privacy compliance is robust, featuring detailed cookie consent mechanisms and a comprehensive privacy policy. The security posture is strong with no evident vulnerabilities or exposed sensitive data. However, the absence of a public security policy or incident response contact is noted. The domain WHOIS data aligns well with the business claims, showing consistent registration and no privacy protection, which supports legitimacy. Overall, the website is trustworthy, professional, and secure, with minor areas for enhancement in security headers and incident response transparency. Strategically, Klöber should focus on publishing a formal security policy and incident response contacts, enhancing HTTP security headers, and maintaining their strong privacy compliance to further build customer trust and meet evolving regulatory requirements.

S

STIHL Vertriebszentrale AG & Co. KG

stihl.com

0

STIHL Vertriebszentrale AG & Co. KG operates a professional and comprehensive website serving as the international portal for their power garden tools business. The company is a global leader in manufacturing battery-driven and motorized garden tools such as chainsaws and brush cutters. Their website reflects a mature digital presence with clear branding, extensive product information, and multiple social media channels. Technically, the site leverages modern web technologies including Adobe Experience Manager, Google Tag Manager, and various analytics tools, ensuring good performance and user experience. Security posture is strong with HTTPS enforcement and consent-based cookie management, although explicit security headers could be improved. The WHOIS data is unavailable or privacy protected, which is unusual but likely intentional for a brand of this size. Overall, the website is trustworthy, professional, and well-optimized for its audience.

puren gmbh is a German manufacturing company specializing in high-performance polyurethane rigid foam insulation products. Their website showcases a broad product portfolio targeting architects, planners, trade professionals, industry OEMs, private builders, and the housing sector. The company emphasizes sustainability and energy efficiency in construction. Technically, the website is built on TYPO3 CMS, employs modern web technologies, and includes GDPR-compliant privacy and cookie consent mechanisms. The site is well-structured, mobile-optimized, and professionally designed, reflecting a mature digital presence. Security posture is generally good with HTTPS enforced and secure session management, though the absence of security headers and a public security policy are areas for improvement. The WHOIS data is missing or unavailable, which raises concerns about domain registration transparency, but the website's comprehensive contact information and social media presence support its legitimacy. Overall, the site scores well on content quality, technical implementation, privacy compliance, and business credibility, with recommendations to enhance security headers and publish incident response information.

F

Fleck GmbH

fleck-dach.de

0

Fleck GmbH operates as a specialized manufacturer and distributor of roofing accessories, serving primarily roofing professionals and trade partners in Germany. The company offers a broad and customizable product range for steep roofs, flat roofs, and solar roofs, supported by various configurators, calculation services, and trade partner resources. The website is professionally designed, multilingual, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and performance optimizations, ensuring fast loading and good accessibility. Security posture is solid with HTTPS and privacy-focused cookie management, though additional security headers and incident response information could enhance protection. The domain registration data aligns with the business profile, showing no suspicious patterns or privacy protection that would undermine trust. Overall, the website and business demonstrate high professionalism, trustworthiness, and compliance with GDPR requirements.

A

ANDREAS STIHL AG & Co. KG

stihl-sso.com

0

The website analyzed is the official STIHL dealer portal login page, designed to provide authorized dealers and partners access to account management and related services. STIHL, a well-established German manufacturer of power tools and equipment, uses this portal to facilitate secure Single Sign-On (SSO) authentication for its dealer network. The site is professionally branded, consistent with the corporate identity, and targets a B2B audience. The portal includes essential features such as login, password reset, and registration completion links, with clear references to privacy and terms documents hosted on trusted cloudfront URLs. Technically, the site employs modern web technologies including JavaScript ES modules and likely a SPA framework such as Vue.js, hosted on AWS infrastructure. The site is mobile optimized with a responsive design and uses HTTPS to secure communications. However, some security best practices such as DNSSEC and security headers are not enabled or visible in the provided data. The site lacks a cookie consent mechanism, which is a minor compliance gap. From a security perspective, the portal demonstrates a solid baseline with encrypted login forms and no exposed sensitive data. The domain registration is consistent with the business, and the domain age is appropriate for a corporate SSO service. No signs of phishing, malware, or blocking by WAFs were detected. Privacy policies and terms of service are clearly linked, supporting GDPR compliance. Overall, the site is trustworthy and professionally maintained. The overall risk is low, but improvements in security headers, DNSSEC, and cookie consent would enhance the security posture and compliance. Strategic recommendations include implementing these controls and publishing explicit security and incident response policies to strengthen trust and readiness.

U

Bevor Sie zu Google Maps weitergehen

uzwei.com

0

This website is a Google consent management page used to handle user privacy and consent preferences, particularly related to Google Maps and associated services. It is part of Google's infrastructure to comply with privacy regulations such as GDPR. The page itself does not contain typical business content but serves as a gateway for user consent management. The technical infrastructure is robust, leveraging Google's global hosting and security capabilities. However, the page is a security challenge or consent gate, limiting direct content access and business information visibility. Security posture is strong with HTTPS and CSP usage, but explicit security headers are not visible in the provided data. Privacy compliance indicators are minimal on this page alone, as it is a functional consent interface rather than a full website. Overall, the page is legitimate and trustworthy as part of Google's ecosystem but cannot be fully analyzed for business or compliance details due to its nature as a consent gate.

M

Marc Siemering Business Coaching

marcsiemering.de

0

Marc Siemering Business Coaching is a small, professional coaching service based in Hannover, Germany, specializing in business coaching, team development, and organizational consulting. The website presents a clear and focused business model targeting individuals and organizations seeking to leverage change as an opportunity for growth. The company appears to have been founded around 2020, consistent with the domain registration data. The site uses WordPress with the Enfold theme and is optimized for SEO and mobile devices, indicating a moderate level of digital maturity. Technically, the website employs modern technologies including Yoast SEO, Real Cookie Banner Pro for GDPR compliance, Google Tag Manager for analytics, and Wordfence for security. Hosting is provided by a German hosting provider, and the site enforces HTTPS with good SSL configuration and security headers. The cookie consent mechanism is comprehensive and compliant with GDPR requirements. From a security perspective, the site benefits from Wordfence firewall protection and proper cookie consent management, with no visible vulnerabilities or exposed sensitive data. However, there is no publicly available security policy or incident response information, which could be improved to enhance trust and preparedness. The absence of a vulnerability disclosure policy or security.txt file is noted. Overall, the website is professional, secure, and compliant with privacy regulations, suitable for its business purpose. Strategic recommendations include publishing security and incident response policies, adding vulnerability disclosure information, and maintaining regular updates to software components to mitigate risks.

A

Akzente4you - Marion Sieber - Webdesign- / Internet Agentur in Offenburg

akzente4you.de

0

Akzente4you is a small, regionally focused internet agency based in Offenburg, Germany, specializing in web design, web development, SEO, and e-commerce solutions primarily for small businesses. The company offers fixed-price packages and personalized consulting services, positioning itself as a cost-effective and professional partner for local enterprises. The website reflects a mature digital presence built on WordPress with modern technologies and a clear focus on user experience and mobile responsiveness. Security posture is solid with HTTPS and cookie consent mechanisms in place, though some advanced security headers and policies could be improved. Overall, the site is trustworthy, professional, and compliant with GDPR requirements, with clear contact information and partner links enhancing credibility.

E

E.M.P. Merchandising Handelsgesellschaft mbH

emp.de

0

EMP Deutschland operates a professional e-commerce platform specializing in fan merchandise, particularly for rock, heavy metal, and entertainment fans. The company offers over 25,000 fan articles and fashion products, supported by a Backstage Club membership that provides benefits such as free shipping and exclusive discounts. The website is well-branded, consistent, and targets a broad European audience with multiple localized domains. The business model focuses on retailing licensed merchandise online, positioning EMP as a leading player in the European fan merchandise market.

E

E.M.P. Merchandising HGmbH

emp-online.com

0

EMP International is a well-established European e-commerce retailer specializing in alternative clothing, band merchandise, and fan merchandise for music, movies, TV, and gaming. Founded in 1986 and headquartered in Germany, EMP serves a broad European market with multiple country-specific online shops and is a subsidiary of Warner Music Group. The website offers a comprehensive product range targeting alternative music fans and pop culture enthusiasts, supported by a strong brand presence and professional digital infrastructure. Technically, the site is built on Salesforce Commerce Cloud with modern web technologies, providing good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security headers and incident response information are lacking. WHOIS data is unavailable, which slightly impacts trust but is mitigated by the company's established market position and branding. Overall, EMP presents a professional, secure, and user-friendly online retail experience with good privacy compliance.

Bohemia Cristal is a German-based glass trading company established in 1975, positioning itself as a leading glass wholesaler in Europe. The website reflects a professional B2B focus with content primarily in German and some English alternatives. The business model centers on wholesale distribution of glass products, targeting European markets. The digital infrastructure is built on the CONTAILOR CMS platform with Bootstrap 4 for responsive design, and includes a cookie consent mechanism via Usercentrics, indicating awareness of privacy compliance requirements. However, explicit privacy policies and terms of service are absent, which could be improved for better compliance and user trust. Security posture is adequate with HTTPS enabled and good SSL configuration, but lacks advanced security headers and incident response contact information. Overall, the website is functional, moderately optimized, and trustworthy based on domain registration data and content consistency.

C

Candy Store

candy-stores.de

0

Candy-stores.de is a German e-commerce website specializing in unique American and British food products, targeting consumers interested in specialty confectionery and snacks. The site offers a variety of branded products with promotional discounts and uses modern web technologies including JavaScript libraries, Google Tag Manager, and Facebook Pixel for marketing and analytics. The website is built on the ineShop platform and demonstrates good content quality and user experience with a focus on product presentation and navigation. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks explicit privacy policies, terms of service, and security headers. No contact information or incident response details are provided, which limits trust and compliance indicators. The domain WHOIS data is consistent with the website's branding and market focus, indicating legitimacy. Overall, the site is safe for general audiences and operates within a niche retail sector.