Security Directory

The Berchtesgadener Land Bahn website serves as the official online presence for a regional railway operator in Germany, providing schedules, ticketing information, and news updates related to the Freilassing to Berchtesgaden rail line. The business recently transitioned operations to Bayerische Regiobahn, indicating a shift in operational control. The website targets local passengers and public transport users, offering essential travel information and partner links. Technically, the site is built with basic HTML, CSS, and JavaScript without modern frameworks or CMS, resulting in moderate performance and limited mobile optimization. Security posture is weak, with no HTTPS enforcement or security headers detected, and no visible privacy or cookie policies, which poses compliance and trust concerns. Overall, the site is functional but lacks modern security and privacy best practices, limiting its digital maturity and user trust.

BILS Verkehrsbetriebe mbH is a German transportation company whose website is currently in maintenance mode, providing minimal content. The site uses WordPress CMS with jQuery and custom maintenance plugins. The technical infrastructure is basic but functional, with HTTPS enabled and a login form present. However, the absence of privacy, cookie, and terms of service policies, as well as lack of contact information, limits the site's professionalism and user trust. Security posture is moderate due to HTTPS but lacks important security headers and explicit security policies. Overall, the website's current state restricts comprehensive analysis and indicates a need for content and compliance improvements.

R

Regentalbahn GmbH

vogtlandbahn.de

0

The website www.laenderbahn.com/vogtlandbahn/ represents the Vogtlandbahn, a regional passenger rail service operating in the Vogtland region of Germany. It is part of Regentalbahn GmbH and affiliated with the parent company Netinera. The site offers comprehensive information on train schedules, ticketing options, real-time departure data, and customer services, targeting regional travelers and commuters. The business model focuses on providing reliable and comfortable regional rail transport connecting multiple cities and towns. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience. From a technical perspective, the site employs modern web technologies including JavaScript libraries, Matomo analytics, Google Tag Manager, and Facebook Pixel for tracking and marketing. It is built on Craft CMS and demonstrates good mobile optimization and accessibility features. Security is well addressed with HTTPS enforcement, security headers, and CSRF protection, though there is room for improvement in publishing explicit security policies and incident response information. The security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is robust, featuring a comprehensive privacy policy and cookie consent mechanisms aligned with GDPR requirements. Contact information is clearly provided, including phone numbers and physical addresses, enhancing business credibility. Overall, the website is a trustworthy and professional digital presence for a regional transportation provider. However, the absence of WHOIS registration details introduces some uncertainty about domain legitimacy, warranting further verification. Strategic recommendations include publishing a dedicated security policy, establishing a vulnerability disclosure program, and enhancing incident response transparency to further strengthen trust and compliance.

V

vlexx GmbH

vlexx.de

0

vlexx GmbH is a regional rail transport company operating in the German states of Rheinland-Pfalz, Hessen, and Saarland. The company provides passenger rail services with a focus on comfort, modern amenities, and sustainability. Their website offers comprehensive information on schedules, tickets, service, career opportunities, and leisure travel, targeting regional commuters and travelers. The company is positioned as a reliable regional transport provider with a medium-sized workforce and a solid market presence since its founding in 2014. The parent company is Netinera Deutschland GmbH, indicating a strong backing in the rail transport sector. Technically, the website is built on Craft CMS, uses modern JavaScript libraries, and is hosted behind Cloudflare, ensuring good performance and security. Privacy and cookie policies are present and GDPR compliant, though explicit terms of service and incident response policies are not found. Security posture is good with HTTPS and CSRF protections, but could be improved with additional security headers and vulnerability disclosure mechanisms. Overall, the website is professional, trustworthy, and well-structured for its audience.

O

Osthannoversche Eisenbahnen Aktiengesellschaft

ohe-ag.de

0

Osthannoversche Eisenbahnen Aktiengesellschaft (OHE) is a well-established transportation company based in Germany, specializing in regional rail and bus services primarily in Niedersachsen. Founded in 1944, OHE operates workshops and infrastructure services, positioning itself as a key regional player with a strong focus on reliability and customer satisfaction. The website reflects a professional digital presence with clear business information and a user-friendly interface. Technically, the site uses modern web technologies including Craft CMS, jQuery, and FontAwesome, hosted behind Cloudflare DNS services, and integrates Matomo for privacy-conscious analytics. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though formal security policies and incident response contacts are absent. Overall, the site is trustworthy, compliant with GDPR, and well-optimized for users.

O

ODEG – Ostdeutsche Eisenbahn GmbH

odeg.de

0

ODEG – Ostdeutsche Eisenbahn GmbH is the largest private railway operator in eastern Germany, providing regional passenger rail services. The company offers comprehensive information on schedules, fares, tickets, and customer service through its website. The business targets a broad audience including daily commuters and travelers in the region. The website demonstrates a moderate level of digital maturity, leveraging TYPO3 CMS and modern JavaScript libraries to deliver a responsive and user-friendly experience. Privacy compliance is well addressed with a comprehensive privacy policy and a cookie consent mechanism that includes retargeting disclosures. Security posture is adequate with HTTPS enforcement and no visible vulnerabilities, though the absence of a published security policy and incident response contacts suggests room for improvement. Overall, the website is professional, trustworthy, and aligned with the company's business objectives.

M

metronom Eisenbahngesellschaft mbH

der-metronom.de

0

metronom Eisenbahngesellschaft mbH operates regional passenger rail services connecting key northern German states including Niedersachsen, Hamburg, and Bremen. The company positions itself as a reliable regional transport provider with a focus on customer service, real-time travel information, and sustainable mobility. Their business model centers on providing scheduled train services, ticketing solutions, and substitute bus services during infrastructure works. The website reflects a medium-sized enterprise with consistent branding and a strong regional presence supported by partnerships with local transport authorities and the parent company Netinera. Technically, the website employs modern web technologies including Progressive Web App features, service workers, and integrates third-party widgets for travel planning. Hosting and DNS are managed via Cloudflare, ensuring good performance and security. The site is mobile-optimized, accessible, and SEO-friendly, with comprehensive metadata and structured content. From a security perspective, the site enforces HTTPS, uses standard security headers, and avoids exposing sensitive data. However, it lacks a dedicated security policy, incident response information, and vulnerability disclosure mechanisms, which are recommended for enhanced transparency and trust. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms aligned with GDPR. Overall, the website is professional, trustworthy, and well-suited for its audience. Strategic improvements in security transparency and incident response readiness would further strengthen its posture.

D

Die Länderbahn GmbH DLB

laenderbahn.com

0

Die Länderbahn GmbH DLB is a well-established private railway company operating regional passenger transport services in Germany and the Czech Republic. With a history spanning over 130 years and multiple regional brands such as alex, trilex, and vogtlandbahn, the company holds a strong market position in the transportation sector. It is a subsidiary of NETINERA Deutschland GmbH, indicating a solid corporate backing. The website provides comprehensive information about the company’s services, history, and career opportunities, targeting both customers and potential employees. Technically, the website is built on a modern CMS platform (Craft CMS) and employs various analytics and marketing tools including Matomo, Google Tag Manager, Facebook Pixel, and Hotjar. The site is mobile-optimized with good SEO practices and a clear navigation structure. Security measures such as HTTPS and CSRF tokens are implemented, though some security headers and explicit incident response policies are absent. From a security and compliance perspective, the website includes a detailed privacy policy and cookie consent mechanism compliant with GDPR. However, the absence of WHOIS data for the domain raises questions about domain registration transparency, although the website content and branding strongly support legitimacy. No critical vulnerabilities or adult content were detected, and the site maintains a professional and trustworthy online presence. Overall, the website reflects a mature digital presence for a transportation company with good technical and privacy practices. Strategic improvements in security headers and public incident response information could further enhance trust and compliance.

L

Landesverkehrsgesellschaft Niedersachsen mbH (LNVG)

mobilotsin-niedersachsen.de

0

MOBILOTSIN is a regional initiative under the Landesverkehrsgesellschaft Niedersachsen mbH (LNVG) focused on supporting municipalities and counties in Lower Saxony, Germany, with innovative mobility concepts and the traffic transition. The website presents a professional and consistent brand image, offering services such as consulting, qualification courses, and events. The target audience primarily includes local government entities and stakeholders involved in mobility management. The digital infrastructure is built on the ProcessWire CMS with modern JavaScript libraries enhancing user experience. The site is mobile-optimized and well-structured, providing clear navigation and relevant content including event listings and newsletter subscription. From a security perspective, the website uses HTTPS and does not expose sensitive data in the HTML content. However, there is no evidence of advanced security headers or published security policies, and no cookie consent mechanism is present, which could be improved for better compliance. No analytics or tracking scripts were detected, indicating minimal user tracking. Contact information is clearly provided, enhancing business credibility. WHOIS data shows consistent domain registration with no privacy protection, aligning with the website's governmental affiliation. Overall, the website demonstrates a solid technical foundation and business credibility with room for improvement in privacy compliance and security best practices. The content is safe and appropriate for a general audience, with no adult or questionable material detected.

M

MoorFutures

moorfutures.de

0

MoorFutures is a German environmental initiative focused on climate protection through the restoration and rewetting of moorlands, offering CO2 compensation certificates. The website positions itself as a national and regional platform linking four moor-rich German states, providing information and access to purchase certificates. The business model centers on environmental sustainability and biodiversity preservation, targeting environmentally conscious investors and organizations. Technically, the site is built on the 1AND1 Website Editor platform, utilizing modern web technologies including jQuery, service workers for PWA capabilities, and Mapbox for mapping services. The site is mobile-optimized and implements cookie consent mechanisms compliant with GDPR. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. No direct contact emails or phone numbers are exposed on the homepage, with contact likely via a dedicated contact page form. Overall, the site is professional, trustworthy, and aligned with its environmental mission.

M

Musikhaus Thomann

static-thomann.de

0

Musikhaus Thomann operates Europe's largest online retail platform for musical instruments and related equipment, targeting musicians and music enthusiasts primarily in Germany and Europe. The website demonstrates a mature e-commerce business model with a strong market position as a leader in its sector. Key services include sales of instruments, studio and lighting equipment, repair services, and a mobile app for enhanced customer engagement. The platform supports multiple languages and currencies, reflecting its broad European reach. Technically, the website employs modern web technologies including JavaScript frameworks, SVG icons, and Google Tag Manager for analytics. It features responsive design optimized for mobile and desktop, with good SEO and accessibility practices. The site uses HTTPS with strong SSL configuration, although some security headers are not explicitly detected. Cookie consent mechanisms are implemented with user options, supporting GDPR compliance. From a security perspective, the site shows good practices such as HTTPS enforcement and secure login forms, but lacks published security policies or incident response contacts. CAPTCHA is implemented but currently disabled, which could be improved to mitigate automated abuse. No vulnerabilities or suspicious content were detected. WHOIS data aligns with the business claims, showing consistent domain registration and no privacy protection, indicating legitimacy. Overall, the website is professional, secure, and compliant with privacy regulations, serving a large customer base with a trustworthy online presence. Strategic recommendations include enabling CAPTCHA, publishing security policies, and enhancing security headers to further strengthen the security posture.

fuse.space GmbH operates a specialized file sharing platform tailored for creatives such as musicians and designers. The service emphasizes secure and beautiful sharing experiences, leveraging blockchain technology to provide immutable proof of file ownership. The company positions itself as a niche player in the creative technology sector, offering subscription-based plans including a free tier and paid options with enhanced storage and features. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content about its services and pricing. Technically, the platform uses modern web technologies including React and the Remix framework, hosted on AWS infrastructure, and integrates popular analytics and marketing pixels from Google, Facebook, and TikTok. Security posture is strong with HTTPS enforced and domain registration protections, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the business demonstrates legitimacy and maturity appropriate for its domain age and market focus.

F

Friedrichstadt

friedrichstadt.de

0

The website www.friedrichstadt.de serves as a tourism and cultural promotion platform for the town of Friedrichstadt in Schleswig-Holstein, Germany. It highlights local attractions such as canal tours and city walks, targeting tourists and visitors interested in nature and cultural experiences. The site is built on TYPO3 CMS and employs Cookiebot for cookie consent management, indicating a basic level of privacy compliance. However, no explicit privacy policy or terms of service pages were found, which limits full compliance and transparency. Technically, the site shows moderate performance and good mobile optimization but lacks visible security headers and advanced security policies. The domain is hosted by netcup GmbH, consistent with the German location, and shows no signs of blocking or WAF interference.

L

Lease a Bike

lease-a-bike.de

0

Lease a Bike is a large German bike leasing service provider targeting companies, public employers, and employees. It offers a digital platform for bike leasing, enabling companies to provide bikes as employee benefits with minimal administrative effort. The company is affiliated with Volkswagen Financial Services AG and Pon.Bike, indicating strong market positioning and trust. The website is modern, well-designed, and optimized for mobile, featuring extensive customer testimonials and a comprehensive service offering. Technically, the site uses modern frameworks like Tailwind CSS, HubSpot forms, and Google Tag Manager, hosted behind Cloudflare DNS. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security headers and policies are not fully documented. Privacy compliance is basic, with no explicit privacy or terms of service pages found in the provided content. Overall, the site is professional, trustworthy, and business-focused with a strong digital presence.

M

myRight

myright.de

0

myRight is a German legal services platform specializing in consumer rights across various legal domains such as tenancy law, emissions scandal, travel law, and labor law. The company positions itself as a consumer advocate with a high success rate in court cases, targeting German consumers seeking legal assistance online. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content relevant to its services. Technically, the site leverages modern frameworks like Laravel, uses Cloudflare for DNS and security, and integrates Cookiebot for GDPR-compliant cookie consent. Security posture is strong with HTTPS enforcement, CSRF protection, and security headers, though explicit security and incident response policies are not publicly available. Overall, the site demonstrates good privacy compliance and business credibility, though contact information is limited to web forms without direct emails or phone numbers.

Onilo.de is a German educational platform operated by StoryDOCKS GmbH, specializing in interactive digital learning content for children in primary education. The platform offers animated Boardstories, educational materials, and digital training, serving over one million children and numerous educators. It holds a strong market position supported by partnerships with reputable publishers and endorsements from educational ministries. Technically, the website is built on modern frameworks including React and Phoenix, hosted by Hetzner, and optimized for mobile and accessibility. Security measures include HTTPS and bot protection via FriendlyCaptcha, though explicit security headers and policies could be enhanced. Privacy compliance is good with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-positioned in the education sector.

Ö

ÖKO-TEST

oekotest.de

0

ÖKO-TEST is a well-established German media company specializing in independent product testing, consumer advice, and related news. With a history spanning over 30 years, it holds a strong market position as a trusted source for product evaluations and lifestyle guidance. The website offers subscription-based content and integrates modern consent management and subscription authentication systems to comply with GDPR requirements. Technically, the site leverages Cloudflare for DNS and likely CDN services, uses Google Analytics for tracking, and employs a custom or proprietary CMS framework. The design is professional, mobile-optimized, and content-rich, targeting a general audience interested in consumer products and lifestyle topics. Security posture is solid with HTTPS and Cloudflare protection, though explicit security headers and incident response information are not evident. Overall, the site is trustworthy and professionally maintained, with room for improvement in transparency of privacy and security policies.

streamfood.tv is a media streaming platform founded in 2020 and operated by Ralf M. Mendle - Mediendienstleistungen based in Germany. The platform offers a variety of cultural content including events, shows, interviews, and documentaries across genres such as comedy, music, literature, science, and politics. It targets a general audience interested in fair and transparent media consumption. The business model centers on streaming content with a focus on fair revenue sharing. Technically, the website is built using modern technologies including the Elixir Phoenix framework, Video.js for video playback, and Tailwind CSS for styling. Hosting is provided by Vautron Rechenzentrum AG, with DNS managed via Google Domains. The site is mobile optimized and provides a good user experience with clear navigation and search functionality. Security posture is adequate with HTTPS enforced and CSRF protection, but lacks important security headers and DNSSEC. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible consent mechanisms. Contact and security incident response information are not provided, limiting transparency. Overall, the domain registration is consistent and legitimate, supporting the business claims. Recommendations include adding comprehensive privacy and cookie policies, implementing security headers, enabling DNSSEC, and providing clear contact information to improve trust and compliance.

S

S-Bahn Berlin GmbH

sbahn-ebe.de

0

S-Bahn Berlin GmbH operates a dedicated online portal for managing the increased fare enforcement payments (Erhöhtes Beförderungsentgelt - EBE). The portal facilitates secure and quick payment of fines, submission of personalized tickets for review, and customer support for related inquiries. The website is professionally designed, mobile-optimized, and provides comprehensive FAQs and contact options, reflecting a mature digital presence for a public transportation entity. Technically, the site uses Drupal CMS, integrates UserCentrics for consent management, and employs Matomo for analytics, indicating a focus on privacy and compliance. Security measures include HTTPS, Content Security Policy with nonce, and CAPTCHA protections, contributing to a strong security posture. The domain WHOIS data is privacy protected but consistent with legitimate business use. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with GDPR and other regulations.

S

S-Bahn Berlin GmbH

abo-antrag.de

0

The website www.abo-antrag.de is an official online subscription management portal operated by S-Bahn Berlin GmbH, a medium-sized transportation company under Deutsche Bahn. It provides services for purchasing, managing, and canceling public transport subscriptions for Berlin and Brandenburg residents. The site is well-branded with official logos and integrates with partner domains such as sbahn.berlin and bahn.de. Technically, it is built on ASP.NET WebForms with modern JavaScript libraries and uses Adobe Analytics and Usercentrics for tracking and consent management, indicating a mature digital infrastructure. Security posture is adequate with HTTPS and consent mechanisms but lacks explicit security policies and vulnerability disclosure information. Overall, the site is professional, trustworthy, and compliant with GDPR, serving a general audience without any adult or questionable content.

C

CYQUEST GmbH

cyquest.net

0

CYQUEST GmbH operates as a specialized provider of online assessment, self-assessment, and study orientation solutions, combining psychological expertise with modern web technologies to enhance employer branding and recruitment processes. The company targets businesses and educational institutions primarily in Germany, offering scientifically validated tools and interactive applications to improve selection decisions and candidate engagement. The website demonstrates a professional and consistent brand presence with strong client references and ISO 27001 certification, indicating a mature security posture. Technically, the website is built on WordPress using the Enfold theme, leveraging modern JavaScript libraries such as jQuery and integrating Google Analytics 4 and Google Tag Manager for analytics and marketing purposes. The site is mobile-optimized and SEO-friendly, though some accessibility features could be improved. Security practices include HTTPS enforcement and use of security plugins, but the absence of security headers and cookie consent mechanisms suggests room for enhancement. The security posture is solid with ISO 27001 certification, but the lack of visible incident response contacts and missing WHOIS registration data raise concerns about domain legitimacy and transparency. No WAF or blocking mechanisms were detected, and the site content is safe and business-focused without any adult or questionable material. Overall, CYQUEST presents as a credible and professional business with a good digital presence and security foundation, but should address domain registration transparency, privacy compliance (cookie consent), and security header implementation to strengthen trust and compliance.

B

BVG Jelbi

jelbi.de

0

Jelbi is a large-scale mobility platform operated by BVG Jelbi, integrating Berlin's public transport with various sharing services such as e-scooters, bikes, cars, and taxis. The website serves as an informational and promotional portal for the Jelbi app, targeting residents and visitors in Berlin. The business model focuses on providing a unified mobility experience through a single app, positioning Jelbi as a key player in Berlin's transportation ecosystem. Technically, the site is built on WordPress with the Divi theme, leveraging modern plugins and consent management tools like Didomi. The infrastructure is hosted on Cronon servers with proper HTTPS encryption and basic SEO optimizations. Security posture is solid with HTTPS and consent mechanisms, though explicit security headers and policies are absent. Privacy compliance is partial due to missing visible privacy and terms pages. Overall, the site is professional, trustworthy, and well-branded, with room for improvement in transparency and security documentation.

R

regioactive.de

regioactive.de

0

regioactive.de is a German media platform specializing in cultural and music event coverage, including news, event listings, photo galleries, and ticket sales. It targets music and culture enthusiasts primarily in Germany and German-speaking regions. The website has a consistent brand presence and a solid market position as a regional cultural media outlet. Technically, the site uses a mix of jQuery, Google Analytics, and a cookie consent management system, hosted on UI-DNS name servers. The site is mobile-optimized and SEO-friendly with good performance. Security posture is adequate with HTTPS enforced and cookie consent implemented, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected. WHOIS data confirms a mature and consistent domain registration since 2001, supporting the legitimacy of the business. Overall, regioactive.de is a professional, trustworthy, and compliant cultural media website.

T

Thomann

thomann.de

0

Thomann is a leading European e-commerce retailer specializing in musical instruments and related accessories. The website serves a broad international audience with multiple language and country-specific versions, positioning itself as Europe's largest music retailer. The platform offers a wide range of products including guitars, drums, studio equipment, lighting, and PA systems, supported by strong customer service features such as a 30-day money-back guarantee and a 3-year warranty. Technically, the website employs modern web technologies including JavaScript, SVG icons, and Google Tag Manager for analytics and marketing. The site is well-optimized for mobile devices and accessibility, with clear navigation and professional design. Security posture is solid with HTTPS enabled and cookie consent mechanisms in place, though explicit security headers and published security policies are absent. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility.

L

Landesnahverkehrsgesellschaft Niedersachsen mbH

lnvg.de

0

The Landesnahverkehrsgesellschaft Niedersachsen mbH (LNVG) is a government-affiliated organization responsible for planning, financing, and managing public transportation services in the German state of Niedersachsen. The website serves as an information hub for passengers, transport operators, and stakeholders, providing comprehensive details on regional rail and bus services, funding programs, infrastructure projects, and regulatory frameworks. The company holds a significant market position as a key public transport authority in the region. Technically, the website is built on TYPO3 CMS, a robust and widely used content management system, ensuring maintainability and scalability. The site employs Matomo analytics with an opt-out mechanism, reflecting a moderate level of privacy awareness. The site is mobile-optimized, accessible, and SEO-friendly, with a clear navigation structure and professional design. From a security perspective, the site uses HTTPS with a Content-Security-Policy header, indicating good baseline security practices. However, it lacks explicit cookie consent mechanisms and published security or incident response policies, which are areas for improvement. No vulnerabilities or suspicious content were detected. Overall, the website is trustworthy, professional, and well-aligned with its public service mission. Strategic enhancements in privacy compliance and security transparency would further strengthen its posture.

N

NETINERA Deutschland GmbH

netinera.de

0

NETINERA Deutschland GmbH is a major transportation company in Germany, operating since 2004 in regional rail and bus services. It is a subsidiary of Trenitalia, part of one of Europe's largest transport groups. The company offers a broad portfolio of rail and bus transport services along with maintenance and infrastructure support. The website reflects a mature business with a clear market position and extensive subsidiary network. Technically, the site uses SITEFORUM CMS and Bootstrap 3, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent, but lacks visible security headers and explicit security policies. Overall, the site is professional, trustworthy, and compliant with GDPR, though improvements in security transparency and incident response readiness are recommended.

V

Verkehrsverbund Bremen/Niedersachsen GmbH (VBN)

vbn.de

0

Verkehrsverbund Bremen/Niedersachsen GmbH (VBN) operates as a regional public transportation authority providing integrated ticketing, timetable information, and mobility services across Bremen and Lower Saxony. The website serves a broad audience including commuters, families, students, and groups, offering comprehensive transport options and customer support. The business model focuses on facilitating seamless public transport usage through digital platforms and partnerships with transport operators. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries such as jQuery, Bootstrap, and Leaflet for interactive maps and widgets. The integration of HAFAS public transport widgets enhances user experience for timetable and ticketing queries. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and follows good security practices, though explicit security headers like Content-Security-Policy could be improved. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear GDPR-aligned policies and cookie management. Overall, the website presents a trustworthy, professional, and user-friendly platform supporting VBN's mission. Strategic improvements in security policy transparency and header implementation would further enhance its posture.

P

PACE-VET

pace-vet.eu

0

PACE-VET is an educational project focused on developing a digital platform for the recognition and validation of vocational competencies in the event technology sector. The website presents detailed project information, objectives, and schedules, targeting vocational learners, employers, and education providers. The platform aims to facilitate micro-credential certification to improve labor market adaptability. Technically, the website is built on WordPress with modern plugins and libraries, offering a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy but could improve in security and privacy transparency.

The European Theater Technicians Education (ETTE) website represents a European non-profit educational project coordinated by Deutsche Theatertechnische Gesellschaft (DTHG) e.V. The project aims to improve safety competencies for theatre technicians and stage professionals across Europe, leveraging ESCO competences and the European Safety Passport. The site provides multilingual educational content and openly licensed materials, supported by Erasmus+ funding and multiple European partners. The target audience includes theatre technicians, stage hands, and event professionals seeking safety training. Technically, the website is built using RapidWeaver CMS with Foundation framework and includes standard web technologies such as jQuery and Google Analytics. While the site is functional and professionally presented, it lacks modern security headers, updated libraries, and explicit privacy or cookie policies. No contact information or incident response channels are provided, which limits user trust and compliance. Overall, the site is safe, educational, and trustworthy but would benefit from improved security practices and privacy compliance.

F

forward

forward.live

0

The website forward.live represents the 'fwd: Bundesvereinigung Veranstaltungswirtschaft e.V.', a German non-profit association dedicated to the event industry. It serves as a central platform for members of the event sector, focusing on political advocacy, networking, knowledge transfer, and sustainability initiatives. The organization positions itself as a key voice for the industry at the national and regional levels, with a clear emphasis on community and future-oriented development. The site content is professionally presented in German, targeting industry professionals and stakeholders. Technically, the website is built on WordPress using Elementor and several Jet plugins, with SEO optimization via Yoast. It employs modern web technologies including jQuery and Google Tag Manager for analytics. The site is mobile-optimized and features a cookie consent mechanism compliant with GDPR, reflecting a mature digital infrastructure. Performance is moderate, with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks visible security headers such as CSP or HSTS. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is justified for this type of organization. No explicit security or incident response policies are publicly available, suggesting an area for enhancement. Overall, the website demonstrates a strong business credibility and compliance posture with good content quality and technical implementation. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility features to further strengthen trust and compliance.

R

R.I.F.E.L. Research Institute for Exhibition and Live-Communication e.V.

rifel-institut.de

0

R.I.F.E.L. Research Institute for Exhibition and Live-Communication e.V. is a small, Germany-based non-profit organization specializing in research within the exhibition and live communication sectors. The website serves as a platform to showcase their research activities, provide access to an online shop, and offer contact channels for stakeholders. Their market position is niche, targeting professionals and organizations involved in exhibitions and live events. The business model combines research services with e-commerce capabilities, supporting their mission and outreach. Technically, the website is built on WordPress with WooCommerce integration, leveraging common web technologies such as jQuery and PHP. Hosting is managed via Corpex DNS, and the site employs HTTPS with a good SSL configuration. The site demonstrates moderate performance and good mobile optimization, though accessibility and SEO optimizations are basic. The presence of Jetpack and WooCommerce analytics indicates moderate user tracking. From a security perspective, the site uses HTTPS but lacks advanced security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance compliance and security posture, supporting the organization's credibility and user trust.

F

fwd: Bundesvereinigung Veranstaltungswirtschaft e.V.

we-transform-future.live

0

The website www.we-transform-future.live represents the event platform 'wtf25' organized by 'fwd: Bundesvereinigung Veranstaltungswirtschaft e.V.', a non-profit association focused on the event industry in Germany. The platform offers a professional event experience with workshops, panels, and networking opportunities centered on future-oriented themes such as sustainability, business, politics, and people. The site targets event professionals, decision makers, and newcomers, providing relevant content and resources including event programs and partner information. Technically, the site is built on the Multiscreensite CMS platform, leveraging modern JavaScript libraries like jQuery and analytics tools such as Google Analytics and Snowplow. It uses HTTPS with good SSL configuration and includes privacy compliance features like cookie consent and GDPR-aligned privacy policies. However, explicit security headers and incident response information are absent, representing areas for improvement. Overall, the site is well-designed, accessible, and trustworthy, with a strong social media presence and clear business identity.

B

Bundeskonferenz Veranstaltungswirtschaft

bundeskonferenz.org

0

Bundeskonferenz Veranstaltungswirtschaft is a German non-profit organization representing the event industry. The website serves as a platform for advocacy, event information, and industry representation. It targets professionals and stakeholders within the German event sector, providing information about conferences, programs, and organizational goals. The organization positions itself as a strong voice for the event industry in Germany. Technically, the website is built on the Squarespace platform, leveraging modern web technologies including Google Fonts and reCAPTCHA for form security. The site is mobile-optimized and uses HTTPS with HSTS enabled, indicating a good baseline security posture. However, there is a lack of explicit privacy and cookie policies, which impacts privacy compliance. Security-wise, the site benefits from HTTPS and HSTS but lacks several recommended security headers such as Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain ownership verification, but the website content and social media presence support legitimacy. Overall, the website is professional and trustworthy for its intended audience but would benefit from improved privacy compliance and enhanced security headers. Strategic recommendations include publishing privacy and cookie policies, adding security headers, and providing incident response contact information.

B

BrandEx

brand-ex.org

0

BrandEx is a specialized event and award platform focused on recognizing excellence in live communication and brand experience within the German-speaking market. Established in 2017, it organizes annual award ceremonies celebrating creativity and innovation in categories such as architecture, events, and special awards. The website serves as a hub for ticket sales, jury information, news updates, and industry networking, targeting marketing professionals, event organizers, and creative agencies. Technically, the site is built on WordPress with modern plugins for SEO, cookie management, and analytics, hosted behind Cloudflare DNS. Security posture is solid with HTTPS and cookie consent mechanisms, though some advanced security headers and DNSSEC are not implemented. Privacy compliance is strong, reflecting GDPR requirements with detailed cookie categories and user consent options. No critical vulnerabilities or suspicious indicators were found. Overall, BrandEx presents a professional, trustworthy, and well-maintained digital presence aligned with its business goals.

The Landesinnungsverband Elektro- und Informationstechnik Schleswig-Holstein is a regional trade association representing over 800 electrical and information technology companies in Schleswig-Holstein, Germany. The organization focuses on advocacy, member support, training, and standardization within the electrical trade sector. Their website provides comprehensive information about their services, events, and industry news, targeting professionals and apprentices in the electrical industry. Technically, the site is built on the Contao CMS platform and uses modern JavaScript libraries to enhance user experience. The site is well-structured, mobile-optimized, and maintains good SEO practices. Security-wise, the site enforces HTTPS and uses secure forms with CSRF tokens, but lacks advanced HTTP security headers and a public security policy. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism. Overall, the website is professional, trustworthy, and serves its business purpose effectively.

L

Landesinnungsverband Sachsen-Anhalt der Elektrohandwerke

elektrohandwerk-sachsen-anhalt.de

0

The Landesinnungsverband Sachsen-Anhalt der Elektrohandwerke is a regional industry association representing electrical trades in the German state of Sachsen-Anhalt. The website serves as an information hub for professionals, businesses, and stakeholders in the electrical, energy, and related sectors, offering details on industry events, training, membership, and sector news. It positions itself as a key regional player facilitating networking, education, and industry standards. Technically, the site is built on TYPO3 CMS, employs modern web standards, and is hosted with reputable DNS providers. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and avoids exposing sensitive data but lacks some security headers and formal security policies. Privacy compliance is partially met with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy but could improve in security and privacy transparency.

F

Fachverband Elektro- und Informationstechnik Sachsen/Thüringen

elektro-sachsen-thueringen.de

0

The Fachverband Elektro- und Informationstechnik Sachsen/Thüringen is a regional trade association representing electrical and information technology craftsmen and companies in the German states of Saxony and Thuringia. The website serves as a professional platform offering information about the association, upcoming events, employee training, and member services. It targets electrical trade professionals and companies seeking industry support and networking. The business model focuses on member representation, training, and industry promotion within the regional market. Technically, the website is built on TYPO3 CMS, hosted on Strato servers, and integrates modern marketing and analytics tools such as Usercentrics CMP, Google Tag Manager, and TikTok Pixel. The site is well-structured, mobile-optimized, and provides comprehensive privacy and cookie policies with consent management, reflecting good digital maturity. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are lacking. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, supporting the association's credibility and member engagement.

L

Landesinnung Saarland der Elektro- und Informationstechnischen Handwerke

elektrohandwerk-saar.de

0

The Landesinnung Saarland der Elektro- und Informationstechnischen Handwerke is a well-established regional trade association in Germany, serving the electrical and information technology trades with a history spanning 50 years. The organization provides member services including training, certification, industry news, and event organization, positioning itself as a trusted entity within its sector. The website reflects this professionalism with good content quality, clear navigation, and consistent branding aimed at members and stakeholders in the Saarland region. Technically, the website is built on TYPO3 CMS and employs modern web technologies including Usercentrics for consent management and Google Analytics for tracking, all served over HTTPS with good mobile optimization. While performance is moderate, the site is accessible and SEO-friendly. Security practices include HTTPS enforcement and consent mechanisms, though explicit security headers and incident response information are absent. From a security perspective, the site shows a mature posture with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong with clear policies and consent management. The WHOIS data aligns with the business claims, showing domain age and registration consistency that support legitimacy. Overall, the site is low risk with good trust indicators. Strategic recommendations include enhancing security headers, publishing a security policy and incident response contacts, and implementing a vulnerability disclosure mechanism to further strengthen security and trust.

F

Fachverband Elektro- und Informationstechnische Handwerke Nordrhein-Westfalen

feh-nrw.de

0

The Fachverband Elektro- und Informationstechnische Handwerke Nordrhein-Westfalen (FEH.NRW) is a regional trade association serving the electrical and information technology trades in North Rhine-Westphalia, Germany. The website provides comprehensive information about the association's services, including member support, training, industry news, and job listings. The organization targets professionals and companies within the electrical trade sector, positioning itself as a key regional industry body. Technically, the website is built on TYPO3 CMS and employs modern web technologies including JavaScript, Usercentrics for consent management, Google Tag Manager, and TikTok analytics. The site is well-optimized for mobile devices, accessible, and SEO-friendly, reflecting a mature digital infrastructure. The use of HTTPS and consent management indicates a good level of privacy and security awareness. From a security perspective, the site enforces HTTPS and uses a consent management platform to comply with GDPR. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is typical for such organizations and does not raise immediate concerns. Overall, the website is professional, trustworthy, and well-maintained, with a strong focus on compliance and user privacy. Strategic recommendations include publishing explicit security and incident response policies, enhancing HTTP security headers, and maintaining regular audits of third-party scripts to further strengthen security posture.

L

Landesinnungsverband für Elektro- und Informationstechnik Niedersachsen / Bremen

eh-nb.de

0

The Landesinnungsverband für Elektro- und Informationstechnik Niedersachsen / Bremen is a regional trade association serving professionals in the electrical and information technology sectors within the German states of Niedersachsen and Bremen. The organization provides member services including certification as E-Marken Betrieb, educational seminars, industry news, and representation. Their website reflects a professional and consistent brand image, targeting trade members and stakeholders with relevant content and resources. Technically, the website is built on the TYPO3 CMS platform, utilizing modern web technologies such as SVG, CSS3, and JavaScript. It integrates Usercentrics for cookie consent management and TikTok analytics for user tracking. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics in place. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent banner. Overall, the website presents a low-risk profile with a solid business credibility and privacy posture. Strategic improvements could focus on enhancing security headers, publishing security policies, and expanding incident response information to further strengthen trust and compliance.

L

Landesinnungsverband der Elektro- und Informationstechnischen Handwerke Mecklenburg-Vorpommern

eh-mv.de

0

The Landesinnungsverband der Elektro- und Informationstechnischen Handwerke Mecklenburg-Vorpommern operates as a regional trade association focused on the electrical and information technology sectors within Mecklenburg-Vorpommern, Germany. The website serves as a comprehensive portal offering member services, training, certification programs, industry news, and job postings, positioning itself as a key resource for professionals in the electrical trade industry. The business model centers on supporting and representing member companies, providing educational resources, and facilitating industry collaboration. Technically, the website is built on the TYPO3 CMS platform and employs modern web technologies including JavaScript, AJAX for search functionality, and integrates third-party services such as Usercentrics for cookie consent management, Google Analytics, Google Tag Manager, and TikTok Pixel for analytics and marketing. The site is hosted on infrastructure associated with DomainControl, with good mobile optimization, accessibility, and SEO practices observed. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, demonstrating compliance with GDPR. However, explicit security headers and incident response policies are not evident, suggesting areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analysis. The WHOIS data aligns well with the website's business claims, supporting legitimacy. Overall, the website presents a professional, trustworthy, and well-maintained digital presence for the trade association, with moderate to good scores across content quality, technical implementation, security posture, privacy compliance, and business credibility. Strategic enhancements in security headers and incident response transparency would further strengthen the security posture and trustworthiness.

F

Fachverband Elektro- und Informationstechnik Hessen/Rheinland-Pfalz

liv-fehr.de

0

The Fachverband Elektro- und Informationstechnik Hessen/Rheinland-Pfalz (FEHR) operates as a regional trade association providing comprehensive support, consulting, and training services to entrepreneurs and businesses in the electro-technology sector within Hessen and Rheinland-Pfalz, Germany. The website serves as an information hub offering access to legal advice, technical consultations, training seminars, and member benefits, targeting local industry professionals and companies. The association maintains a strong market position as a trusted regional entity with a consistent brand presence and active member engagement. Technically, the website is built on TYPO3 CMS and integrates modern web technologies including Usercentrics for consent management, Google Analytics, Google Tag Manager, and TikTok Pixel for analytics and marketing. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance. Hosting and DNS are managed via DomainControl (GoDaddy), indicating a professional infrastructure. From a security perspective, the site enforces HTTPS and uses a consent management platform to comply with GDPR. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly implemented, and no public security or incident response policies are published. No vulnerabilities or sensitive data exposures were detected. The WHOIS data aligns with the website's legitimacy, showing consistent domain registration without privacy protection, appropriate for a trade association. Overall, the website demonstrates a good balance of content quality, technical implementation, security posture, privacy compliance, and business credibility, scoring an overall AI rating of 82. Strategic improvements in security headers, incident response transparency, and vulnerability disclosure would further enhance trust and resilience.

N

NFE Norddeutscher Fachverband Elektro- und Informationstechnik e.V.

nfe.de

0

NFE Norddeutscher Fachverband Elektro- und Informationstechnik e.V. is a well-established regional association representing approximately 350 medium-sized companies in the electrical and information technology sectors in Hamburg. The organization provides advocacy, certification, training, and networking services to its members, positioning itself as a key industry stakeholder in the region. The website reflects a professional and member-focused approach with clear communication of benefits and services. Technically, the site is built on TYPO3 CMS with Bootstrap, ensuring responsive design and good accessibility. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies could be improved. Overall, the site is trustworthy, well-maintained, and compliant with GDPR requirements.

E

E-Handwerke Berlin/Brandenburg

eh-bb.de

0

E-Handwerke Berlin/Brandenburg is a regional trade association focused on supporting electrical craftsmen and professionals in the Berlin and Brandenburg regions. The organization provides certification services such as E-Check, training seminars, apprenticeship support, and member services. The website reflects a professional and consistent brand presence with clear navigation and relevant content targeted at trade professionals and apprentices. Technically, the site is built on TYPO3 CMS, hosted by SchlundTech, and uses modern tracking and consent management tools, including Usercentrics and Google Tag Manager. The site is mobile optimized and performs moderately well. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are absent. Overall, the domain registration and hosting align well with the business purpose, indicating legitimacy and trustworthiness.

L

Landesinnungsverband für das Bayerische Elektrohandwerk

elektroverband-bayern.de

0

The Landesinnungsverband für das Bayerische Elektrohandwerk is a regional trade association representing the Bavarian electrical craft sector. It provides member services including training, certification (E-Marke), public relations, and a platform for news and events. The website targets professionals, trainees, and stakeholders in the electrical industry within Bavaria, positioning itself as an authoritative and trusted organization in this niche. Technically, the site is built on TYPO3 CMS, employs modern JavaScript libraries, and integrates a consent management platform (Usercentrics) alongside analytics tools such as Google Analytics and TikTok Pixel. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a moderate to good digital maturity. Security posture is solid with HTTPS enforced and privacy compliance mechanisms in place; however, there is room for improvement in publishing explicit security policies and implementing additional HTTP security headers. Overall, the domain registration data aligns well with the website content, indicating legitimacy and consistency. The site is free from blocking mechanisms or WAF challenges, enabling full content accessibility.

F

Fachverband Elektro- und Informationstechnik Baden-Württemberg

fv-eit-bw.de

0

The Fachverband Elektro- und Informationstechnik Baden-Württemberg is a regional industry association focused on the electrical and information technology sectors in Baden-Württemberg, Germany. It provides its members with industry news, training, networking opportunities, and advocacy services. The website reflects a professional and well-structured digital presence, targeting professionals and businesses within the regional energy and technology sectors. The association maintains a strong market position as a trusted regional body with a clear focus on quality and member services. Technically, the website is built on TYPO3 CMS and integrates modern technologies including Usercentrics for consent management, Google Analytics, and TikTok Pixel for analytics and marketing. The site is hosted on a domain controlled by DomainControl, likely GoDaddy, and shows good mobile optimization and SEO practices. Performance is moderate with no critical technical issues detected. From a security perspective, the website uses HTTPS with SSL and implements privacy best practices such as IP anonymization and cookie consent mechanisms. However, it lacks explicit security headers and does not provide visible security or incident response policies. No vulnerabilities or suspicious content were detected. Overall, the security posture is good but could be improved with additional headers and documented policies. The overall risk assessment is low with no signs of malicious activity or content safety concerns. Strategic recommendations include enhancing security headers, publishing incident response information, and maintaining regular audits of third-party scripts to ensure ongoing compliance and security.

A

Arbeitsgemeinschaft Medienwerbung GmbH im Zentralverband der Deutschen Elektro- und Informationstechnischen Handwerke

e-check.de

0

The website www.elektrohandwerk.de is a professionally maintained information portal affiliated with the German electrical trade association (ZVEH). It focuses on promoting the E-CHECK service, which provides electrical safety inspections and energy efficiency advice primarily for private homeowners, tenants, landlords, and property managers. The site offers comprehensive content on electrical safety, damage prevention, energy saving, and comfort enhancements, positioning itself as an authoritative resource in the energy sector within Germany. Technically, the site is built on TYPO3 CMS, uses modern JavaScript and CSS technologies, and integrates a consent management platform (Usercentrics) alongside Google Tag Manager and TikTok analytics for tracking, all implemented with GDPR compliance in mind. Security-wise, the site enforces HTTPS and uses consent-based tracking but lacks explicit security headers and published security policies or incident response information. Overall, the site is trustworthy, well-branded, and user-friendly, with moderate to good performance and mobile optimization.

SoviSol GmbH is a medium-sized German company specializing in the procurement and supply of solar energy components, including photovoltaic modules, battery storage systems, inverters, and mounting systems. With over 10 years of experience, the company targets professional customers such as solar installers, builders, and project developers. Their website presents a professional image with clear navigation, relevant content, and a focus on sustainable energy solutions. The company maintains multiple physical locations in Germany and provides clear contact information. Technically, the website uses modern frontend technologies like jQuery, Bootstrap, and Swiper.js, and integrates Cookiebot for GDPR-compliant cookie consent management. The site is mobile-optimized and performs moderately well.

R

RHEINZINK

rheinzink.de

0

RHEINZINK is a globally recognized manufacturer specializing in titanium zinc products, primarily serving the construction and architectural sectors. The company positions itself as a market leader with a strong emphasis on quality, sustainability, and innovative solutions for roofing, facades, and drainage systems. Their website reflects a mature digital presence with comprehensive product information, localized domains for international markets, and a professional design tailored to architects, craftsmen, distributors, and builders. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and includes performance optimizations and mobile responsiveness. Security measures such as HTTPS, security headers, and cookie consent mechanisms are in place, indicating a solid security posture. However, explicit security policies and incident response contacts are not prominently published. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations such as GDPR. The absence of blocking mechanisms or WAF challenges allows full content accessibility and analysis. Strategic recommendations include enhancing security transparency and publishing vulnerability disclosure information to further strengthen trust.