Security Directory

C

CEUR Workshop Proceedings

ceur-ws.org

0

CEUR-WS.org is a well-established academic open-access publishing platform specializing in computer science and information systems workshop proceedings. Operated by volunteers under the auspices of RWTH Aachen University, it provides free online access to scientific papers and maintains a recognized ISSN publication series. The website hosts a large volume of proceedings with detailed editorial and submission information, targeting researchers and academic workshop organizers. Technically, the site uses basic HTML and CSS, hosted by Sun SITE Central Europe, with moderate performance and basic mobile optimization. Security posture is moderate with domain transfer protections but lacks advanced security headers and cookie consent mechanisms. Privacy compliance is basic, relying on legal disclaimers without explicit GDPR adherence or cookie policies. Overall, the domain registration is consistent and legitimate, reflecting a stable and trustworthy academic service.

S

SOMA GmbH

flexassistant.de

0

The website www.flexassistant.de represents SOMA GmbH's flexAssistant product, a digital worker assistance system designed for manual assembly and production processes. The company is positioned as a medium-sized, well-established player in the manufacturing technology sector, with a strong focus on Industry 4.0 solutions such as Pick by Light systems and paperless manufacturing. The site demonstrates a professional and comprehensive digital presence, supported by modern CMS technology (TYPO3), consent management, and analytics tools. Security posture is good with HTTPS and standard best practices, though some security headers could be improved. The business credibility is high, supported by certifications like ISO 9001 and awards such as the TOP 100 Innovator. Contact information is clear and includes a named contact person, enhancing trust.

T

Triflex GmbH & Co. KG

triflex.com

0

Triflex GmbH & Co. KG is a specialized manufacturer and provider of waterproofing and marking solutions primarily targeting construction professionals and infrastructure managers. The company offers durable systems for waterproofing roofs, balconies, and parking decks, as well as road and cycle path markings. Their market position is that of a reputable specialist in their niche, with a medium-sized business footprint in Germany. The website reflects a professional and consistent brand image with good content quality and clear business focus. Technically, the website is built on Drupal 10 and integrates multiple modern analytics and marketing technologies including Google Tag Manager, Google Analytics, Facebook Pixel, Hotjar, and Mouseflow. The site is mobile optimized and demonstrates good SEO and accessibility practices. Cookie consent is managed via Cookiebot, ensuring compliance with GDPR and related privacy regulations. From a security perspective, the site enforces HTTPS and uses anti-bot cookies to enhance security. However, explicit security headers like Content-Security-Policy and X-Frame-Options were not clearly identified in the provided data. There is no visible security policy or incident response contact information, which could be improved. The absence of WHOIS data for the domain is a concern, reducing the overall trust score, though the website content and business presence appear legitimate. Overall, the website scores well in content quality, technical implementation, and security posture, but could benefit from improved transparency in domain registration and security policies. Strategic recommendations include publishing a security.txt file, enhancing security headers, and providing clear contact information for security incidents.

Z

Zambelli Holding GmbH

zambelli.com

0

Zambelli Holding GmbH is a medium-sized manufacturing company based in Germany specializing in metal system solutions across multiple sectors including roof drainage, building envelopes, shelving systems, caravaning, heating technology, and industrial metalworking. The company maintains a professional and well-structured website that targets business customers and industry professionals, showcasing its diverse product and service offerings. The website demonstrates consistent branding and good content quality, supporting the company's established market position. Technically, the website is built on modern web standards with responsive design, leveraging technologies such as HTML5, CSS3, JavaScript, and Adobe Typekit fonts. The CMS identified is Contao, which supports structured content management. Performance and mobile optimization are good, though accessibility features could be enhanced. SEO practices are adequately implemented with proper meta tags and structured data. From a security perspective, the site uses HTTPS with a good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, security headers are not explicitly detected, and there is no visible cookie consent mechanism, which could impact GDPR compliance. The absence of WHOIS data for the domain is a notable anomaly that slightly reduces trustworthiness, though the website content and business information appear legitimate. Overall, the website presents a professional and trustworthy digital presence for Zambelli Holding GmbH, with recommendations to improve privacy compliance and security headers to enhance user trust and regulatory adherence.

G

GIH Bundesverband

gih.de

0

GIH Bundesverband is the largest German association representing energy consultants, focusing on political advocacy, professional training, networking, funding support, and professional representation. The website is built on WordPress with standard SEO optimizations and a professional design targeted at energy professionals in Germany. The technical infrastructure is moderate with hosting provided by Alfahosting. Security posture is weak due to lack of visible security headers, privacy policies, and incident response information. No blocking or WAF mechanisms were detected, allowing full content access. Overall, the site is functional and professional but lacks critical compliance and security documentation.

The website https://dach-checker.de/login serves as a login portal for CREATON GmbH's visualization service. It targets business users or clients who require access to specialized visualization tools or services. The site is branded consistently with CREATON GmbH and provides a basic but functional interface for user authentication. However, the site lacks comprehensive business information, privacy policies, and contact details, which limits transparency and user trust. Technically, the site uses standard HTML5, CSS, and JavaScript with a CSRF token implemented in the login form, indicating some security awareness. The absence of security headers and explicit HTTPS confirmation in the HTML content suggests room for improvement in security posture. The site does not employ external analytics, advertising, or tracking technologies, which reduces privacy concerns but also limits marketing insights. From a security perspective, the site is accessible without WAF or blocking mechanisms, but it lacks visible security best practices such as HTTP security headers and privacy compliance indicators. The WHOIS data is minimal but does not raise immediate red flags. Overall, the site scores moderately on content quality, technical implementation, and security posture but scores low on privacy compliance and business credibility due to missing policies and contact information. Strategic recommendations include implementing and publishing privacy and cookie policies, enhancing security headers and HTTPS enforcement, providing clear contact and business information, and adding vulnerability disclosure and incident response details to improve trust and compliance.

K

Kreishandwerkerschaft Prignitz

handwerk-prignitz.de

0

The website 'Kreishandwerkerschaft Prignitz' serves as an informational platform for a regional crafts association in the Prignitz area of Germany. It provides an overview of partners and services relevant to local craftsmen. The site is built on Joomla! CMS and employs common frontend technologies such as jQuery, Bootstrap, and UIkit, along with Usercentrics for cookie consent management, indicating compliance efforts with GDPR. However, the site lacks explicit privacy policy and terms of service pages, and no direct contact information is present in the analyzed content. Security posture is moderate with HTTPS enabled but missing security headers and incident response details. Overall, the site is functional and serves its informational purpose but could improve in transparency and security best practices.

W

WEMAG Netz GmbH

wemag-netz.de

0

WEMAG Netz GmbH operates as a regional electricity and gas distribution network operator in Mecklenburg and parts of Brandenburg and Lower Saxony, Germany. The company manages extensive electricity and gas networks, providing services such as network connections, energy distribution, and customer portals. Their website reflects a professional and regionally focused utility business with clear service offerings and customer support channels. Technically, the site is built on Drupal 10, uses modern JavaScript libraries, and integrates GDPR-compliant cookie management via Usercentrics. Analytics are managed through Google Tag Manager, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the site lacks explicit security policy and incident response information. Overall, the website is well-structured, accessible, and trustworthy, supporting the company's business credibility in the energy sector.

A

Arbeitskreis für Jugendliteratur e.V.

jugendliteratur.org

0

Arbeitskreis für Jugendliteratur e.V. is a German non-profit organization dedicated to promoting youth literature through awards such as the Deutscher Jugendliteraturpreis, publications, and various cultural activities. The website serves as an information hub for these initiatives, targeting educators, authors, publishers, and youth literature enthusiasts. The organization appears established within its niche, offering specialized services and community engagement opportunities. Technically, the website employs modern JavaScript libraries including Matomo for analytics and a cookie management system that respects user consent, particularly for marketing cookies. The site is mobile-optimized with good navigation and SEO practices, although no specific CMS or hosting provider was identified. Performance is moderate, and accessibility is basic but functional. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms to manage tracking. However, no explicit security headers were detected, and there is no public incident response or vulnerability disclosure information. The absence of WHOIS data limits domain trust verification, but the website content and structure suggest legitimacy. No adult or inappropriate content is present, making the site safe for general audiences. Overall, the site scores well in content quality, privacy compliance, and business credibility but could improve in security best practices and transparency. Strategic recommendations include implementing security headers, publishing incident response details, and enhancing accessibility features to strengthen trust and compliance.

G

Gerstenberg Verlag GmbH & Co. KG

die-kleine-raupe-nimmersatt.de

0

Gerstenberg Verlag GmbH & Co. KG is a reputable German publishing company specializing in children's literature, notably the internationally acclaimed 'Die kleine Raupe Nimmersatt' by Eric Carle. The website serves as a blog and information portal for their publications, events, and educational content, targeting parents, educators, and children. Their market position is that of an established niche publisher with a strong brand presence and consistent content quality. Technically, the website is built on WordPress with Bootstrap framework, enhanced by Matomo analytics for user tracking. The site is hosted likely by Deutsche Telekom, uses HTTPS with good SSL configuration, and demonstrates moderate performance and good mobile optimization. SEO and accessibility are adequately addressed, though some accessibility features could be improved. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and avoids exposing sensitive data. However, it lacks some advanced security headers and does not publish a formal security policy or incident response contacts. No vulnerabilities or suspicious patterns were detected in the content or WHOIS data, indicating a solid security posture. Overall, the website is professional, trustworthy, and compliant with GDPR and privacy standards. It provides a safe environment focused on children's educational content. Strategic recommendations include enhancing security headers, publishing security policies, and continuous monitoring of third-party scripts to maintain security and compliance.

K

kimverlag GmbH

kimverlag.de

0

kimverlag GmbH is an independent, artist-led publishing company specializing in children's media, hobby art, and creativity. They develop and publish magazines, audio content, and digital media, also producing and licensing content for German and international book publishers. The company positions itself as a niche publisher with a focus on creative and child-friendly content, targeting children and hobby artists. The website reflects a small-sized business with a professional and consistent brand presence, founded around 2020 in Germany. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern CMS platform with good SEO practices. Hosting is provided by rzone.de, a German hosting provider, and the site uses Google Analytics and a consent management platform for tracking and privacy compliance. The site is mobile optimized with moderate performance and basic accessibility features. From a security perspective, the site uses HTTPS with excellent SSL configuration but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. However, no direct contact emails or phone numbers were found in the content provided. Overall, the website is trustworthy, professional, and compliant with privacy regulations, suitable for its target audience. Strategic recommendations include enhancing security headers, publishing a security policy, and providing clearer contact information for security or incident response purposes.

A

ADAC Reisen

adacreisen.de

0

ADAC Reisen is a well-established travel service provider affiliated with the reputable ADAC brand in Germany. The company offers a wide range of travel products including package holidays, member-exclusive trips, camper rentals, flights, and cruises. The website demonstrates a high level of professionalism with excellent content quality, clear navigation, and strong branding consistency. Technically, the site uses modern frameworks such as Next.js and React, hosted on DigitalOcean infrastructure, and integrates consent management and analytics tools responsibly. Security posture is strong with HTTPS enforced and privacy compliance evident through detailed privacy and cookie policies. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement.

L

Laudert GmbH + Co. KG

laudert.de

0

Laudert GmbH + Co. KG is a European leader in holistic product communication, offering consulting, tools, content, and channel services primarily targeting businesses seeking to enhance their product messaging. The company positions itself as a highly effective partner in the media sector, with a professional and well-branded online presence. The website is built on WordPress with modern SEO and privacy compliance features, including a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Technically, the site employs standard web technologies and integrates Google Tag Manager and Cookiebot for analytics and consent management. Security posture is strong with HTTPS and Content-Security-Policy headers, though explicit security policies and incident response contacts are not published. The absence of WHOIS registration data for the domain is a notable anomaly that warrants further investigation. Overall, the website demonstrates a mature digital infrastructure and a high level of professionalism, supporting the company's market position.

N

Nahverkehrsservice Sachsen-Anhalt GmbH

insa.de

0

Nahverkehrsservice Sachsen-Anhalt GmbH operates the INSA platform, a regional public transportation service providing comprehensive timetable information and ticketing solutions for Sachsen-Anhalt and the Mitteldeutschen Verkehrsverbund (MDV). The website serves as a digital hub for users seeking mobility information, ticket purchases, and related services such as the INSA app and RufBus ordering. Positioned as a key regional mobility facilitator, INSA leverages modern web technologies and complies with GDPR regulations to ensure user privacy and data protection. Technically, the website is built on TYPO3 CMS, integrating JavaScript libraries such as ReadSpeaker for accessibility and Cookiebot for consent management. The infrastructure is hosted with professional DNS providers and employs HTTPS with good SSL configuration, ensuring secure communications. The site demonstrates good mobile optimization, accessibility, and SEO practices, providing a user-friendly experience. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and avoids exposing sensitive data. However, it lacks explicit published security policies or incident response contacts, which could be improved to enhance trust and readiness. Analytics usage is moderate with Piwik (Matomo), respecting privacy with clear retention policies. Overall, the website is trustworthy, professionally maintained, and compliant with privacy laws. Strategic recommendations include publishing a security.txt file, incident response contacts, and expanding security policy disclosures to strengthen the security posture and user trust.

G

GoDaddy Operating Company, LLC

nicexpo.com

0

The website is a domain sales landing page operated by GoDaddy, offering the domain nicexpo.com for sale. It targets individuals and businesses interested in acquiring premium domain names, providing options to buy outright or lease to own. The platform leverages GoDaddy's established market presence and integrates partner services such as Afternic and Trustpilot to enhance trust and user confidence. The site is localized for the German market with appropriate language and currency settings. Technically, the site is built using modern web technologies including React and Next.js, hosted on GoDaddy infrastructure. It employs standard security measures such as HTTPS and reCAPTCHA for form protection, and uses tag management and analytics tools like Tealium and Google Analytics. Performance and mobile optimization are good, though some accessibility features could be improved. From a security perspective, the site demonstrates a solid posture with encrypted connections and secure payment options. However, explicit security headers are not evident, and no dedicated security or incident response policies are published. The WHOIS data for the domain is unavailable, which is typical for parked domains listed for sale, and does not raise concerns. Overall, the site is trustworthy and professionally maintained. The overall risk is low, with recommendations to enhance security headers, improve accessibility, and publish clear security policies to further strengthen user trust and compliance.

A

Arbeitsgemeinschaft Medienwerbung GmbH im Zentralverband der Deutschen Elektro- und Informationstechnischen Handwerke

arge-medien.de

0

ArGe Medien im ZVEH is a marketing and PR service provider operating within the German electrical trade sector, affiliated with the Zentralverband der Deutschen Elektro- und Informationstechnischen Handwerke (ZVEH). The organization focuses on advertising, public relations, and developing marketing concepts aimed at both trade members and end customers, including campaigns for image building and recruitment. The website demonstrates a strong market position within its niche, supported by a broad network of reputable industry partners and suppliers. Technically, the site is built on TYPO3 CMS, hosted on RZone infrastructure, and employs modern web technologies including Usercentrics for consent management and Google Analytics for tracking. The site is mobile-optimized and accessible, with good SEO practices.

The Mecklenburg-Prignitzer Elektrogemeinschaft (m-peG) is a regional professional community focused on the electrical trade sector in Mecklenburg-Vorpommern, Germany. It serves as a platform for electrical installation companies and related stakeholders to collaborate, access training, and participate in industry events. The website reflects a well-structured, professional presence with clear navigation and relevant content tailored to its target audience of trade professionals and members. The business model centers on membership and event-based revenue streams, supported by partnerships with regional industry associations and companies. Technically, the website is built on Django CMS with modern frontend technologies including Bootstrap 5 and Swiper.js for interactive elements. It employs Matomo for analytics, indicating a preference for privacy-conscious tracking. The site is mobile-optimized and performs moderately well, though some accessibility features could be enhanced. Security practices include HTTPS enforcement and CSRF protection on forms, but lack explicit security headers and cookie consent mechanisms. From a security perspective, the site demonstrates a solid baseline posture with no evident vulnerabilities or exposed sensitive data. However, the absence of a cookie consent banner and security policy documentation suggests room for improvement in GDPR compliance and transparency. The WHOIS data is minimal but consistent with the website's regional focus, supporting legitimacy. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures. Strategically, the organization should prioritize implementing cookie consent mechanisms, publishing security policies, and adding vulnerability disclosure information to strengthen compliance and user trust. Enhancing accessibility and security headers will further improve the site's robustness and reputation.

D

Deutschland tankt Strom

deutschland-tankt-strom.de

0

Deutschland-tankt-Strom.de is a specialized German platform dedicated to advancing electric mobility by providing comprehensive information, tools, and resources such as charging station locators, qualified service providers, and funding guidance. The website is positioned as a niche information hub targeting consumers and businesses interested in electric vehicles and infrastructure within Germany. Technically, the site is built on WordPress with Elementor and several plugins enhancing functionality and user experience. The hosting is provided by Hostingwerft, a German hosting provider, consistent with the website's regional focus. Security posture is adequate with HTTPS and cookie consent mechanisms in place, though explicit security headers and policies are lacking. No blocking or WAF interference was detected, allowing full content access. Overall, the site demonstrates good content quality and technical implementation but would benefit from enhanced privacy and security disclosures to improve compliance and trust.

V

VDE VERLAG GmbH

vde-verlag.de

0

VDE VERLAG GmbH operates as a specialized technical publisher and seminar provider focused on electrical engineering standards, technical literature, and professional training. The company serves professionals and organizations in the energy and electrical engineering sectors primarily in Germany. Their business model centers on publishing DIN-VDE and IEC standards, technical books, journals, and offering subscription services and seminars. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding. Technically, the website employs modern web technologies including Bootstrap, jQuery, and FontAwesome, hosted on German Telekom infrastructure. The site is mobile-optimized, accessible, and SEO-friendly. Analytics are implemented via etracker with user consent mechanisms in place. Security best practices such as HTTPS enforcement and anti-clickjacking scripts are present, though HTTP security headers and a formal security policy are absent. Security posture is solid but could be improved by adding explicit security policies and incident response contacts. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. WHOIS data is minimal but consistent with a legitimate German entity. No suspicious or malicious indicators were found. Overall, the website is professional, trustworthy, and well-maintained, supporting the company's position as a reputable technical publisher. Strategic improvements in security transparency and header implementation would enhance trust and resilience.

Eline GmbH operates a professional e-commerce website targeting the electrical and information technology trade sector in Germany. The company offers specialized products such as inspection stickers, inspection protocols, advertising materials, and printed matter. Founded in 1991, the business leverages a Shopify platform with a modern technical infrastructure including JavaScript frameworks, hCaptcha for form security, and GDPR-compliant cookie consent mechanisms. The website is well-structured, mobile-optimized, and integrates social media channels to enhance customer engagement. Security posture is solid with HTTPS enforced and basic protections in place, though improvements in security headers and DNSSEC are recommended. Overall, the site presents a trustworthy and professional online presence with no critical vulnerabilities detected.

Zweckverband Verkehrsverbund Oberlausitz-Niederschlesien (ZVON) operates a regional public transportation portal serving the Oberlausitz and Niederschlesien regions in Germany. The website provides comprehensive information on public transit schedules, ticketing, network maps, and current service updates, targeting local commuters and travelers. The business model centers on facilitating access to public transport services and enhancing user experience through digital tools such as real-time departure monitors and fare calculators. The organization holds a solid regional market position as a trusted mobility service provider.

N

Nahverkehrsservice Sachsen-Anhalt GmbH

nasa.de

0

Nahverkehrsservice Sachsen-Anhalt GmbH (NASA GmbH) is a regional public transportation authority responsible for planning, ordering, and financing local rail passenger transport in the German state of Sachsen-Anhalt. The company also operates the INSA timetable information system, serving public transport users and stakeholders in the region. The website reflects a professional and consistent brand presence, targeting primarily German-speaking users interested in regional mobility services. The business model focuses on public sector transportation planning and service provision, positioning NASA GmbH as an essential regional player in transportation infrastructure and information services. Technically, the website is built on the TYPO3 CMS platform, integrating modern web technologies such as jQuery, ReadSpeaker for accessibility, and Cookiebot for GDPR-compliant cookie management. Hosting is managed via DomainControl nameservers, and the site demonstrates good mobile optimization, accessibility, and SEO practices. Analytics are conducted using Piwik (Matomo), indicating a privacy-conscious approach to user data collection. From a security perspective, the site enforces HTTPS and implements a comprehensive cookie consent mechanism. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, and no public security policy or incident response contacts are published. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The domain registration appears legitimate and consistent with the business's regional focus. Overall, the website presents a low-risk profile with strong privacy compliance and good technical implementation. Strategic improvements could include publishing a formal security policy, adding security headers, and establishing a vulnerability disclosure process to enhance trust and security posture further.

F

Fahrgastforum Sachsen-Anhalt

fahrgastforum.de

0

Fahrgastforum Sachsen-Anhalt operates a regional public transport passenger forum website focused on collecting and sharing ideas, questions, and feedback about regional trains, S-Bahn, and PlusBus services in Sachsen-Anhalt, Germany. The site targets local passengers and community members interested in improving public transport services. It is positioned as a community engagement platform with a clear focus on regional transportation issues. The website uses TYPO3 CMS and Bootstrap for a responsive and accessible user experience, supported by Cookiebot for cookie consent management and Piwik (Matomo) for analytics. The technical infrastructure is modern and adequate for the site's purpose, hosted on domaincontrol.com nameservers.

N

Nahverkehrsservice Sachsen-Anhalt GmbH

mein-takt.de

0

Mein Takt Sachsen-Anhalt is the official regional mobility brand for the German state of Sachsen-Anhalt, operated by Nahverkehrsservice Sachsen-Anhalt GmbH. The website provides comprehensive information and services related to regional trains, S-Bahn, PlusBus lines, train stations, and travel information via the INSA Fahrplanauskunft system. The site targets public transport users within the region and serves as a key information portal for mobility services. Technically, the website is built on TYPO3 CMS, integrates modern JavaScript libraries, and uses Cookiebot for GDPR-compliant cookie consent. The presence of accessibility features and mobile optimization indicates a mature digital infrastructure. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks explicit security headers and published security policies. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though it could improve transparency around security and incident response.

N

Nahverkehrsservice Sachsen-Anhalt GmbH

starker-nahverkehr.de

0

Mein Takt Sachsen-Anhalt is a regional public transportation brand operated by Nahverkehrsservice Sachsen-Anhalt GmbH, focusing on providing mobility services including regional trains, S-Bahn, PlusBus lines, and travel information via the INSA system. The website serves residents and travelers in the German state of Sachsen-Anhalt, offering comprehensive travel planning tools and service information. The site is built on TYPO3 CMS and integrates third-party services such as Cookiebot for cookie consent and INSA for travel planning. The technical infrastructure is modern and well-implemented, with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response policies are not publicly documented. Privacy compliance is strong, with a detailed privacy policy and GDPR-aligned cookie consent. Overall, the website is professional, trustworthy, and serves its target audience effectively.

D

Deutsche Bahn AG

deutschebahn.com

0

Deutsche Bahn AG operates as Germany's leading railway company, offering comprehensive passenger and freight transportation services, infrastructure management, and innovative mobility solutions. The website reflects a mature digital presence with a professional design, clear navigation, and extensive content covering corporate information, sustainability, digitalization, and business units. The company targets a broad audience including customers, investors, and partners, positioning itself as a key player in the European transportation sector. Technically, the site leverages modern technologies such as CoreMedia CMS, Matomo analytics, and Usercentrics for consent management, ensuring compliance with GDPR and providing a good user experience across devices. The security posture is strong with HTTPS enforcement and security headers, although explicit security policies and incident response contacts are not published. Overall, the website is trustworthy and professionally maintained, though the WHOIS data for the queried domain variant is missing, which warrants verification. The site does not exhibit any adult or questionable content and maintains good privacy compliance. Strategic recommendations include publishing detailed security policies, incident response information, and vulnerability disclosure mechanisms to enhance transparency and trust.

D

Deutsche Bahn AG

db-ersatzverkehr.de

0

The website 'Ersatzverkehr bei Generalsanierungen' is an official informational portal operated by Deutsche Bahn AG, focusing on replacement bus services during major rail infrastructure renovations in Germany. It serves travelers and freight customers by providing timely updates, travel alternatives, and detailed information about ongoing and upcoming construction projects. The site leverages a modern technical infrastructure including CoreMedia CMS, Usercentrics for cookie consent, and Matomo for privacy-conscious analytics. The design is professional, mobile-optimized, and accessible, reflecting Deutsche Bahn's strong brand identity and commitment to user experience. Security posture is solid with HTTPS enforced and no exposed sensitive data, though explicit security policies and incident response contacts are not published. Overall, the domain registration and website content are consistent and trustworthy, supporting a high legitimacy score.

V

VMV – Verkehrsgesellschaft Mecklenburg-Vorpommern mbH

vmv-mbh.de

0

VMV – Verkehrsgesellschaft Mecklenburg-Vorpommern mbH operates as a regional public transportation company in Mecklenburg-Vorpommern, Germany, providing services related to public transit schedules, ticketing, and regional transport network management. The website serves as an information portal for residents and travelers, offering schedule information, news updates, and contact options. The company positions itself as a key regional transportation authority with a focus on accessibility and customer engagement. Technically, the website is built on WordPress using modern plugins such as Elementor and Yoast SEO, ensuring good SEO and mobile responsiveness. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies could be improved. Privacy compliance is evident with a comprehensive privacy and cookie policy, aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-maintained, supporting the company's regional transportation mission.

V

valantic

valantic.com

0

valantic is a leading enterprise specializing in digital solutions, consulting, and AI-powered transformation. With over 4300 experts, the company delivers tailored end-to-end solutions that enable businesses to leverage AI and innovative digital technologies for growth and operational excellence. Their market position is strong, serving multiple industries including technology, finance, manufacturing, and telecommunications. The website reflects a mature digital presence with multilingual support and comprehensive service offerings. Technically, the site is built on WordPress with modern libraries and frameworks, optimized for performance, accessibility, and SEO. Security posture is robust with HTTPS, security headers, and privacy compliance mechanisms in place. However, WHOIS data is unavailable, which slightly impacts trust but does not detract from the overall legitimacy. Strategic recommendations include publishing explicit security policies and vulnerability disclosure information to enhance transparency and trust.

G

GALERIA S.à r.l. & Co. KG

galeria.de

0

GALERIA S.à r.l. & Co. KG operates a large retail business in Germany, offering a broad range of products including fashion, beauty, home goods, and lifestyle items through both online and physical stores. The website is professionally designed with clear navigation and modern e-commerce features, targeting general consumers in Germany. Technically, the site uses a modern React-based framework (Next.js), is hosted behind Cloudflare, and integrates consent management and advertising technologies responsibly. Security posture is strong with HTTPS and best practices implemented, though explicit security policies and incident response information are not publicly visible. Overall, the site is trustworthy, compliant with privacy regulations, and provides a positive user experience.

A

Acne Studios

acnestudios.com

0

Acne Studios operates as a premium fashion brand offering a wide range of clothing, accessories, shoes, and denim for both men and women through a well-designed e-commerce platform. The website targets fashion-conscious consumers globally, with localized content for Germany. The company maintains a strong brand presence with consistent branding and active social media channels. Technically, the site leverages modern e-commerce technologies including Salesforce Commerce Cloud, Google Tag Manager, reCAPTCHA, and OneTrust for privacy compliance, ensuring a robust and user-friendly shopping experience. Security measures such as HTTPS, security headers, and fraud detection services like Riskified are implemented, reflecting a mature security posture. However, the absence of WHOIS data limits transparency regarding domain ownership, though the professional nature of the site and its compliance with GDPR mitigate concerns. Overall, Acne Studios presents a trustworthy and professional online retail presence with room for improvement in publishing explicit security policies and contact information for incident response.

Z

Zeitverlag Gerd Bucerius GmbH & Co. KG

zeitverlag.de

0

Die ZEIT Verlagsgruppe ist ein etabliertes und renommiertes Medienunternehmen mit einem breiten Portfolio an Print-, Online-, Audio- und Eventangeboten. Die Website präsentiert das Unternehmen als eines der führenden Medienhäuser Europas mit einem starken Fokus auf Innovation, digitale Angebote und Bildungsprogramme. Die Zielgruppe umfasst Leser, Geschäftskunden sowie potenzielle Mitarbeiter. Technisch basiert die Website auf WordPress mit modernen Plugins und Frameworks, die eine gute Performance und mobile Optimierung gewährleisten. Die Sicherheitsmaßnahmen umfassen HTTPS, Cookie-Consent-Management und reCAPTCHA, jedoch fehlen explizite Sicherheitsrichtlinien und Incident-Response-Informationen. Insgesamt zeigt die Website eine hohe Professionalität, gute Datenschutzkonformität und eine vertrauenswürdige Marktposition.

M

MENTOR im LitWIT e.V.

mentor-litwit.de

0

MENTOR im LitWIT e.V. is a small non-profit organization based in Witten, Germany, dedicated to improving children's reading and language skills through volunteer mentoring. The website is built on Joomla CMS with modern frontend technologies like Bootstrap and jQuery, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and CSRF protections, though security headers are not explicitly detected. Privacy compliance is well addressed with a cookie consent mechanism and a privacy policy. The organization is transparent with contact details and affiliations, enhancing trustworthiness. No critical security or content safety issues were found.

L

Landesmedienzentrum Baden-Württemberg

lmz-bw.de

0

The Landesmedienzentrum Baden-Württemberg is a well-established public educational institution focused on media education, technical support, and digital learning resources for schools, educators, parents, and related stakeholders in the Baden-Württemberg region of Germany. The website reflects a mature digital presence with comprehensive content, event promotion, and active social media engagement. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries, delivering good performance and mobile optimization. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be explicitly confirmed or enhanced. Privacy compliance is robust with clear cookie and privacy policies and consent mechanisms. Overall, the domain registration and WHOIS data align well with the organization's identity, supporting high legitimacy and trustworthiness.

R

Ravensburger

ravensburger.de

0

Ravensburger is a well-established German retail company specializing in puzzles, games, and educational products. The website serves as an online shop and product catalog, targeting a general audience including families and children. The brand is consistent and professional, with a clear market position in the retail sector for leisure and educational products. Technically, the site uses modern frameworks such as Bootstrap and is powered by the Bloomreach CMS, hosted with Cloudflare DNS services, ensuring good performance and security. The site is mobile-optimized and SEO-friendly, with comprehensive privacy and cookie policies indicating GDPR compliance. Security posture is solid with HTTPS and service worker usage, though explicit security headers and incident response information are not evident. Overall, the site is trustworthy, safe, and professionally maintained.

V

Verlagsgruppe Oetinger Service GmbH

oetinger.de

0

Verlagsgruppe Oetinger Service GmbH is a well-established German publishing group specializing in children's and youth literature. Their website offers a broad catalog of books, including popular titles like Pippi Langstrumpf and Tintenwelt, targeting children and young readers. The company maintains a consistent brand presence with active social media channels and a professional online storefront. Technically, the website is built on Drupal 10 with the Thunder distribution, integrating modern analytics and marketing tools such as Google Analytics, Microsoft Clarity, and Cookiebot for GDPR-compliant cookie management. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Security-wise, the site enforces HTTPS, employs standard security headers, and uses a cookie consent mechanism, though it lacks a publicly stated security policy or incident response contact. WHOIS data aligns well with the business claims, indicating legitimacy and consistent domain registration. Overall, the website is professional, secure, and compliant with privacy regulations, serving its target audience effectively.

K

Klett Kinderbuch Verlag GmbH

klett-kinderbuch.de

0

Klett Kinderbuch Verlag GmbH is a small, independent German children's book publisher founded in 2008 and independent since 2015. The company focuses on publishing seven to ten new titles per half-year for children aged 2 to 12 and their adults. Their website reflects a professional and consistent brand presence with good content quality and clear navigation. Technically, the site uses the Contao CMS platform with modern JavaScript libraries like jQuery and Rocksolid Slider, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS usage and cookie consent mechanisms, but lacks explicit security headers and incident response information. Privacy compliance is well addressed with a comprehensive privacy policy and cookie banner. Business credibility is supported by social media presence and professional content, though no direct contact emails or phone numbers are published on the site. Overall, the website is safe, trustworthy, and well-suited for its target audience.

K

Kindermann Verlag

kindermannverlag.de

0

Kindermann Verlag is a small German publishing company specializing in classic and large stories for children, operating an e-commerce platform for book sales. The website is built on WordPress with WooCommerce and uses the Divi theme, indicating a modern and flexible technical infrastructure. SEO is enhanced with Yoast SEO plugin and structured data is implemented via JSON-LD, supporting good search engine visibility. The site is hosted by webgo.de with multiple name servers, and HTTPS is enforced with appropriate security headers, reflecting a solid security posture. However, the absence of explicit privacy policy, terms of service, and contact information reduces compliance and trust levels. The site includes cookie consent mechanisms, showing some GDPR awareness. Overall, the site is professional, secure, and targets families and children with safe content.

K

kimverlag GmbH

kim-verlag.de

0

kimverlag GmbH is an independent, artist-led publishing company specializing in children's media, hobby art, and creativity. The company develops and publishes magazines, audio, and digital media, and licenses content for German and international book publishers. The website reflects a small but professional media publisher with a clear focus on creative and child-friendly content. The business is positioned as a niche publisher with a strong artistic orientation and a target audience including children and hobby artists. Technically, the website is built on WordPress using Elementor and related plugins, with modern SEO and consent management tools implemented. The site is mobile optimized and performs moderately well. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies are absent. Privacy compliance is good with GDPR-aligned privacy and cookie policies and a consent mechanism in place. Overall, the website is trustworthy, professional, and safe for general audiences.

K

KIDDINX Media GmbH

kiddinx.de

0

KIDDINX Media GmbH is a reputable German media company specializing in children's entertainment, particularly audio plays and licensing of popular brands such as Bibi Blocksberg and Benjamin Blümchen. The company operates under the parent company GT-Holding and maintains a strong market position in the children's media sector. The website is built on Drupal 10, featuring modern consent management and analytics integration, reflecting a mature digital infrastructure. Security posture is solid with HTTPS, anonymized analytics, and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is well addressed with clear policies and GDPR-aligned consent. Overall, the site presents a professional and trustworthy digital presence with good content quality and user experience.

Hanser Literaturverlage is a well-established German publishing house specializing in literature and books across several imprints including Hanser, Hanser Kinder- und Jugendbuch, Zsolnay, Hanser Berlin, and hanserblau. The website serves as a comprehensive platform for showcasing their authors and publications, targeting German-speaking literary audiences and book buyers. The business model revolves around traditional and digital book publishing and sales, positioning Hanser as a reputable player in the German media and publishing sector. Technically, the website is built using modern web technologies such as Next.js and React, supported by cloud-based image hosting and integrated marketing and analytics tools like Emarsys and eTracker. The site demonstrates good mobile optimization, accessibility features, and SEO practices, reflecting a mature digital infrastructure. Hosting appears to be managed by Noris Network AG, a reputable provider. From a security perspective, the site enforces HTTPS, implements standard security headers, and uses cookie consent management compliant with GDPR. While no explicit security policy or vulnerability disclosure page is present, the site shows no signs of vulnerabilities or exposed sensitive data. The WHOIS data is transparent and consistent with the business identity, enhancing trustworthiness. Overall, Hanser Literaturverlage's website is professional, secure, and compliant with privacy regulations, supporting its business credibility and user trust. Strategic improvements could include publishing a dedicated security policy and vulnerability disclosure to further enhance transparency and incident response readiness.

G

Gerstenberg Verlag GmbH & Co. KG

gerstenberg-verlag.de

0

Gerstenberg Verlag GmbH & Co. KG is a well-established German publishing house specializing in children's literature, including iconic titles such as Eric Carle's 'Die kleine Raupe Nimmersatt' and Rotraut Susanne Berners Wimmelbücher. The company also publishes adult books focusing on culture, nature, lifestyle, and culinary topics, complemented by a range of papeterie products. The website serves as an e-commerce platform for these offerings and maintains a strong market position in the German and international children's book market. Technically, the website is built on the OXID eShop CMS platform, employs modern JavaScript libraries, and integrates Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized with clear navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit security policies are absent. Overall, the site is trustworthy, professional, and compliant with GDPR requirements.

T

Thienemann Verlage

thienemann-esslinger.de

0

Thienemann Verlage is a German publishing company specializing in children's and youth literature, offering a broad catalog of books, e-books, and related services. The website is professionally designed, built on TYPO3 CMS, and features modern UI components such as carousels and sliders. The company targets children, youth, parents, and educators with a focus on educational and entertaining content. The site is hosted with Microsoft Online DNS services and uses HTTPS with cookie consent managed by Usercentrics. However, explicit privacy policies, terms of service, and direct contact information are not readily found on the homepage, which could be improved for compliance and user trust. Security posture is good with HTTPS and no visible vulnerabilities, but additional security headers and incident response contacts are recommended.

D

DuMont Buchverlag GmbH & Co. KG

dumont-buchverlag.de

0

DuMont Buchverlag GmbH & Co. KG is a German book publishing company with a well-established market presence in the media sector. The website serves as a digital storefront and informational portal showcasing their book catalog, authors, and events. The target audience primarily consists of German-speaking book readers and literary enthusiasts. The business model focuses on publishing and selling books, promoting authors, and organizing literary events. The company maintains a consistent brand image and provides clear contact information, enhancing trust and credibility. Technically, the website is built using modern web technologies including Next.js (React framework), Cloudinary for image hosting, and integrates marketing and tracking tools such as Facebook Pixel and Sendinblue. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with room for improvement in accessibility and security headers. From a security perspective, the website enforces HTTPS and implements a cookie consent mechanism aligned with GDPR requirements. However, it lacks explicit privacy policy and terms of service pages in the analyzed content, as well as a security policy or incident response contact. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the legitimacy of the domain with consistent registrant information matching the business location and sector. Overall, the website demonstrates a solid digital presence with good business credibility and technical implementation. Strategic improvements in security policies, privacy disclosures, and accessibility would enhance compliance and user trust. The risk profile is low, with no indications of malicious activity or content safety concerns.

C

CalmeMara Verlag

calmemaraverlag.de

0

CalmeMara Verlag is a small German publishing company specializing in sustainable and vegan children's books, targeting families and children interested in environmentally friendly and ethical products. The website is built on WordPress with WooCommerce and uses the Avada theme, indicating a modern and flexible technical infrastructure. The site integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, and Pinterest Analytics, reflecting a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and anti-spam measures in place, though explicit security policies and incident response contacts are not published. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Overall, the site is professional and trustworthy but could improve compliance documentation and security transparency.

A

arsEdition

arsedition.de

0

arsEdition is a well-established German publishing company with over 125 years of history, specializing in creative publishing and retail of books and games for children, teens, and adults. The company operates a professional e-commerce website powered by Shopify, offering a broad range of products categorized by age groups and themes. The website demonstrates a mature digital infrastructure with modern technologies, including Shopify's Dawn theme, Usercentrics consent management, and Google Tag Manager for analytics. Security posture is strong with HTTPS enforced, hCaptcha protection on forms, and privacy compliance mechanisms in place. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. Overall, the website is professional, trustworthy, and well-positioned in the retail and media sectors.

G

gridscale GmbH

gos3.io

0

gridscale GmbH is a German technology company specializing in cloud infrastructure services. Their website presents a portfolio of cloud solutions including virtual machine provisioning, integrated backups, live snapshots, and features aimed at flexibility and reliability. The company targets businesses and IT professionals seeking scalable cloud infrastructure. The website is built on WordPress using the Astra theme and Yoast SEO plugin, indicating a modern and SEO-optimized platform. Performance and mobile optimization are good, though accessibility is basic. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy and cookie policies are absent, which is a compliance gap. The domain registration is consistent with the business claims, showing legitimacy and a mature presence since 2014.

V

Verkehrsverbund Bremen/Niedersachsen GmbH

fahrplaner.de

0

The FahrPlaner website serves as the official digital platform for public transportation information and ticketing in the German regions of Niedersachsen and Bremen. Operated by Verkehrsverbund Bremen/Niedersachsen GmbH, it offers real-time timetable data, mobile ticket purchasing, and comprehensive route planning through a well-integrated app and web interface. The site is positioned as a regional leader in transportation services, targeting commuters and travelers within these areas. Technically, the website is built on TYPO3 CMS with modern frontend frameworks like Bootstrap and Leaflet.js for mapping, ensuring a responsive and accessible user experience. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, though it lacks explicit security policies or vulnerability disclosures. Overall, the platform demonstrates a mature digital presence with good privacy compliance and trustworthy domain registration.

N

NETINERA

netinera-tickets.de

0

NETINERA operates a digital platform and app for the Deutschland-Ticket, a nationwide public transportation subscription in Germany. The company is a major player in the German regional transport sector, operating multiple subsidiary brands. The website provides comprehensive information about ticketing options, app usage, and subscription management, targeting private customers, students, apprentices, and employers. Technically, the site uses modern web standards, is hosted behind Cloudflare, and implements HTTPS with strong security headers. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. However, explicit security policies and incident response contacts are not published. Overall, the website is professional, trustworthy, and well-optimized for its audience.

R

Regentalbahn GmbH

alex.info

0

The website www.laenderbahn.com/alex/ represents the alex regional train service operated by Regentalbahn GmbH, a subsidiary of the Netinera group. It offers daily direct train connections between Germany and the Czech Republic, targeting commuters and travelers in this region. The site provides comprehensive travel information, ticket sales, real-time updates, and customer service resources. The business model focuses on regional transportation services with a strong emphasis on customer convenience and cross-border connectivity. Technically, the website is built on Craft CMS and employs modern JavaScript libraries and frameworks such as jQuery and Mmenu for mobile navigation. It integrates multiple analytics and tracking tools including Matomo, Google Tag Manager, Facebook Pixel, and Hotjar, all managed with a cookie consent mechanism to comply with privacy regulations. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. From a security perspective, the website enforces HTTPS and uses CSRF tokens to protect forms. While explicit HTTP security headers were not detected in the provided data, the site follows best practices in data protection and privacy compliance, including a comprehensive privacy policy and cookie management. No vulnerabilities or exposed sensitive data were found. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website branding and content strongly indicate a legitimate business. Overall, the site is professional, trustworthy, and well-maintained, serving its target audience effectively. The main risk lies in the missing WHOIS registration data, which should be verified externally. Strategic recommendations include enhancing HTTP security headers, publishing a vulnerability disclosure policy, and providing explicit incident response contacts to further strengthen security posture.