Security Directory

EEX Group is a leading global provider of market platforms for energy and commodity products, including power, natural gas, environmentals, freight, metals, and agriculturals. The company operates a network of over 950 trading participants across 25 locations worldwide and is part of the Deutsche Börse Group. Their services encompass exchange trading, clearing, registry, risk management, market data, and transparency services, positioning them as a key player in the energy and commodity markets. The website reflects a mature digital presence built on TYPO3 CMS, leveraging modern JavaScript libraries and interactive maps to enhance user experience. Privacy and cookie policies are well implemented with consent mechanisms, and the site maintains a professional design with clear navigation and mobile optimization. Security posture is strong with HTTPS enforced and no evident vulnerabilities, though explicit security headers and incident response information are lacking. WHOIS data is unavailable, which raises some concerns about domain registration transparency, but the overall business credibility is supported by consistent branding, detailed corporate information, and multiple subsidiary references. Recommendations include enhancing security headers, publishing a security policy, and verifying domain registration details to improve trust and compliance.

L

Lebendiges Lüneburg

lebendiges-lueneburg.de

0

Lebendiges Lüneburg is a German non-profit community platform dedicated to fostering social and ecological engagement within the Lüneburg region. The website aggregates local events, supports initiative networking, and promotes collaboration through integration with partner platforms such as WECHANGE and Lünepedia. The platform targets local citizens and community groups aiming to drive societal change through collective action. Technically, the site is built on WordPress with modern plugins for SEO, GDPR compliance, and user experience enhancements. The infrastructure supports mobile responsiveness and accessibility, providing a good user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in HTTP security headers and explicit security policies. Overall, the site is trustworthy, well-maintained, and compliant with relevant privacy regulations, making it a reliable resource for its community audience.

N

N+P Informationssysteme GmbH

spartacus-fm.de

0

N+P Informationssysteme GmbH operates the SPARTACUS Facility Management software platform, a comprehensive CAFM solution designed to optimize facility management processes such as maintenance, space management, energy controlling, and cost tracking. Established in 1996, the company holds a solid market position with over 200 customers and a strong presence in Germany. The website reflects a professional and consistent brand image, targeting facility management professionals and organizations seeking integrated software solutions. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates marketing and analytics tools such as HubSpot, Google Analytics, and Usercentrics for consent management. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some HTTP security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the website demonstrates a mature digital presence aligned with business goals and compliance requirements.

N

N+P Informationssysteme GmbH

nuptools.de

0

N+P Informationssysteme GmbH operates the NuPTools website offering proprietary productivity software components designed to enhance IT core systems in manufacturing and construction industries. With over 30 years of experience, the company provides tailored IT solutions including automation tools for Autodesk Inventor, Vault, APplus, and PRO.FILE, supporting digital transformation initiatives such as Industry 4.0 and BIM. The website is built on TYPO3 CMS and integrates modern marketing and analytics technologies including HubSpot, Google Analytics, and Usercentrics for GDPR-compliant cookie management. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit policies could be improved. Overall, the site presents a professional, trustworthy digital presence aligned with the company's business focus and market position.

M

MLP SE

mlp-se.de

0

MLP SE operates as a financial services group in Germany, providing consulting and financial solutions to private customers, companies, and institutional investors. The website serves multiple audiences including press, investors, and career applicants, reflecting a mature and established market position. The company emphasizes transparency through detailed investor relations, corporate governance disclosures, and a corporate university for training and certification. Technically, the website uses modern tools such as Google Tag Manager and a consent management platform to ensure GDPR compliance. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and consent mechanisms in place, though explicit security headers and incident response information are absent. WHOIS data aligns with the brand, supporting legitimacy. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

M

MLP Finanzberatung SE

mlp-financify.de

0

MLP financify is a specialized financial advisory platform targeting students, medical students, and private customers in Germany. It offers a broad range of financial services including retirement planning, insurance, financing, asset management, and digital banking solutions. The company leverages a large network of over 2,000 advisors across 90 locations, positioning itself as a trusted partner in personal finance. The website is professionally designed with comprehensive content and clear navigation, supporting an excellent user experience. Technically, the site uses modern web technologies including Google Tag Manager and Usercentrics for consent management, and likely runs on the FirstSpirit CMS platform. Security posture is strong with HTTPS enforced and privacy compliance well implemented, though some security headers could be explicitly confirmed. No critical vulnerabilities or blocking mechanisms were detected. Overall, the domain and WHOIS data align well with the MLP brand, supporting legitimacy and trustworthiness.

A

AHLMANN-ZERSSEN GMBH

ahlmann-zerssen.com

0

AHLMANN-ZERSSEN GMBH is a well-established maritime shipping and logistics service provider based in Germany, with a domain age dating back to 2008 supporting its claim of decades of experience. The company offers a comprehensive range of services including chartering, shipowners services, port agency, transshipment and warehousing, customs services, and heavy load/project logistics. Their market position is that of a trusted maritime service provider with multiple certifications such as ISO 9001, GMP+, and AEO, which enhance their credibility and trustworthiness in the transportation sector. Technically, the website is built on the Contao Open Source CMS platform, utilizing common web technologies such as jQuery and Font Awesome. It is hosted via Cloudflare, ensuring good SSL configuration and domain security, although DNSSEC is not enabled. The website is mobile optimized and provides a good user experience with clear navigation and professional design. Privacy compliance is well addressed with a cookie consent mechanism and a GDPR-compliant privacy policy. From a security perspective, the site benefits from HTTPS and Cloudflare protection but lacks visible security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The absence of a vulnerability disclosure policy or security.txt file suggests room for improvement in transparency and security maturity. Overall, the website presents a professional and trustworthy digital presence with solid business credibility and compliance. The main risks relate to enhancing security best practices and publishing more comprehensive security and incident response information to align with industry standards and regulatory expectations.

I

Internetseelsorge

internetseelsorge.de

0

Internetseelsorge.de is a German non-profit organization providing free Christian pastoral care and spiritual guidance through mail and chat services. The website targets individuals facing life crises, spiritual questions, or feelings of loneliness, offering confidential and anonymous support. The organization collaborates with recognized Catholic partners, enhancing its credibility and reach within the German-speaking community. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and uses Matomo analytics to respect user privacy. Hosting is provided by kasserver.com, a known hosting provider. Security posture is solid with HTTPS enforced, though improvements in security headers and cookie consent mechanisms are recommended. The website is well-structured, mobile-optimized, and provides clear navigation and service descriptions, supporting a positive user experience. No adult or explicit content is present, making it safe for general audiences.

Z

Zentrum für Berufungspastoral

berufung.org

0

Zentrum für Berufungspastoral is a German non-profit organization dedicated to vocation pastoral care within the Catholic Church. The website provides resources, events, and contact information for diocesan vocation pastoral offices primarily targeting young people and church members in Germany and neighboring countries. The organization has an established presence since 2000, reflected by the domain age and consistent content. Technically, the site runs on TYPO3 CMS version 4.7 with common JavaScript libraries and Google Analytics for tracking, though the CMS version is outdated and may pose security risks. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks modern security headers and DNSSEC. Privacy compliance is basic but present, with a privacy policy and cookie banner. Overall, the site is professional, trustworthy, and safe for general audiences.

U

Unabhängiger Beauftragter der Bundesregierung für Fragen des sexuellen Kindesmissbrauchs

kein-raum-fuer-missbrauch.de

0

The website 'Kein Raum für Missbrauch' is an official German governmental initiative dedicated to preventing sexual abuse of children and youth. It provides educational resources, support for institutions to develop protection concepts, and links to specialized help portals. The initiative targets educators, caregivers, and organizations working with children. The site is well-branded, consistent, and professionally presented, reflecting its authoritative position in the child protection sector. Technically, the website is built on TYPO3 CMS, uses JavaScript, and integrates Matomo analytics hosted locally in Germany with strong privacy controls including IP anonymization and user consent mechanisms. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance. Hosting appears to be managed by a reputable German provider. From a security perspective, the site enforces HTTPS, uses a cookie consent banner, and respects privacy regulations. However, it lacks explicit security headers and a published security or incident response policy. No vulnerabilities or suspicious content were detected. Privacy compliance is strong, with GDPR-aligned policies and transparent data collection. Overall, the website presents a low-risk profile with a strong focus on privacy and user trust. Strategic improvements could include adding security headers, publishing a security policy, and providing direct contact information for incident response to enhance transparency and resilience.

W

Web Commerce GmbH

digitalpastoral.de

0

Digitalpastoral.de is a German-language digital platform focused on providing resources, networking, and content for Catholic church communities and pastoral workers. The platform serves as a marketplace and knowledge hub for digital church practice, offering articles, event listings, and community engagement tools. It is developed and maintained by Web Commerce GmbH, with affiliations to multiple (Erz-)Bistümer, indicating a trusted position within the church digital ecosystem. The website targets church professionals and digital faith communities, positioning itself as a niche but important resource in the religious digital media space. Technically, the site is built on Edith CMS and leverages modern web technologies including jQuery, Bootstrap, and FontAwesome. It integrates Matomo analytics with privacy-conscious tracking controls and uses HTTPS to secure communications. The site demonstrates good mobile optimization and accessibility features, with a clear navigation structure and professional design. However, some security best practices such as security headers and explicit cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. From a security perspective, the site shows a moderate maturity level with no visible vulnerabilities or exposed sensitive data. The lack of a published security policy or incident response contacts is a gap in transparency and readiness. Privacy compliance is partial, with a privacy policy present but no cookie consent banner detected. Overall, the domain and hosting infrastructure appear legitimate and consistent with the business claims, with no signs of suspicious WHOIS data or blocking by WAFs. The overall risk assessment is moderate with recommendations to implement explicit cookie consent, add security headers, and publish security and incident response policies to strengthen trust and compliance. The platform is well-positioned as a specialized digital resource for church communities but should address these gaps to maintain and improve its credibility and security posture.

B

Bonifatius GmbH

bonifatius.de

0

Bonifatius GmbH is a well-established media and printing company based in Paderborn, Germany, with a history dating back to 1869. The company operates multiple business fields including printing services, publishing, and retail bookstores, serving a broad audience from individual book buyers to business clients seeking sustainable and high-quality media solutions. The website reflects a professional and consistent brand image with clear navigation and comprehensive content about the company's offerings and values, particularly emphasizing sustainability and innovation. Technically, the website is built on WordPress with modern frontend technologies such as Tailwind CSS and Tiny Slider, ensuring good mobile optimization and accessibility. The site uses HTTPS with no visible security vulnerabilities or exposed sensitive data. However, there is room for improvement in security headers and explicit incident response policies. Privacy compliance is addressed with a comprehensive privacy policy, though a cookie consent mechanism is absent. The security posture is solid with HTTPS and secure form handling, but lacks advanced security headers and vulnerability disclosure mechanisms. The domain WHOIS data is partially consistent with the business claims, showing no suspicious patterns. Overall, the website presents a trustworthy and professional digital presence for Bonifatius GmbH. Strategic recommendations include enhancing security headers, implementing cookie consent, adding a vulnerability disclosure policy, and improving incident response transparency to strengthen compliance and trust.

B

Bistum Mainz

bistum-mainz.de

0

Bistum Mainz is a large, established Catholic diocese in Germany providing religious, social, educational, and community services. The website serves as a comprehensive portal for information, news, and engagement with the Catholic community and the general public. It maintains a consistent brand presence and offers rich content tailored to its audience. Technically, the site is built on the Alkacon Mercury CMS platform, uses Matomo for privacy-conscious analytics, and incorporates accessibility features, reflecting a mature digital infrastructure. Security posture is good with HTTPS and cookie consent mechanisms, though it lacks some advanced security headers and explicit incident response policies. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, making it a reliable resource for its users.

E

EUREGIO Bayerischer Wald - Böhmerwald - Unterer Inn

euregio.bayern

0

EUREGIO Bayerischer Wald - Böhmerwald - Unterer Inn is a regional cooperation organization focused on fostering cross-border collaboration between Germany, Czech Republic, and Austria. The website serves as an informational and project facilitation platform, targeting regional stakeholders and the general public interested in EU-funded projects and regional development. The organization positions itself as a key facilitator for cross-border initiatives in the tri-border area, emphasizing education, cultural exchange, and regional growth. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies such as Bootstrap, jQuery, and Leaflet.js for interactive maps. The site is mobile-optimized with good navigation and SEO practices, although some accessibility features could be improved. The presence of cookie consent and privacy policy indicates awareness of GDPR compliance. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms but lacks visible advanced security headers and explicit incident response contacts. The WHOIS data is unavailable, which slightly impacts trust but the professional presentation and contact details mitigate concerns. No vulnerabilities or malicious content were detected. Overall, the website is a credible, well-maintained regional government/non-profit portal with moderate technical sophistication and good privacy compliance. Strategic improvements in security headers and WHOIS transparency could enhance trust and security posture.

A

August Horch Museum Zwickau gGmbH

horch-museum.de

0

The August Horch Museum in Zwickau is a cultural institution specializing in automotive history and technology, offering extensive exhibitions and multimedia experiences. The museum targets automotive enthusiasts, tourists, and culture seekers, positioning itself as a regional leader in automotive heritage. The website supports multiple languages and provides virtual tours and an online shop, reflecting a moderate digital maturity. Technically, the site uses established JavaScript libraries and Google services, hosted on a reliable German hosting provider. Security posture is solid with HTTPS and cookie consent management, though some security headers could be improved. Privacy compliance is well addressed with GDPR-aligned cookie management and clear policies. Overall, the site is professional, trustworthy, and user-friendly, with room for enhanced security policies and incident response transparency.

O

Open Grid Europe GmbH

oge.net

0

Open Grid Europe GmbH operates as a leading gas transmission system operator in Germany, focusing on natural gas, biogas, hydrogen, and CO2 infrastructure. The company provides a broad range of services including transportation, technical services, and market information to shippers, network operators, and connection customers. Their website reflects a strong commitment to sustainability and climate protection, with detailed reporting and active communication channels. Technically, the site is built on Neos CMS with modern libraries such as jQuery and Bootstrap, offering good performance and mobile optimization. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though DNSSEC is not enabled and security headers are not explicitly detected. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

D

Deutsche Bahn Stiftung gGmbH

deutschebahnstiftung.de

0

Deutsche Bahn Stiftung is a German non-profit foundation established in 2013 by Deutsche Bahn AG, focusing on education, integration, and volunteering to strengthen social cohesion. The website reflects a professional and consistent brand presence, offering detailed information about its mission, projects, and the DB Museum. Technically, the site uses CoreMedia CMS, integrates privacy-conscious tools like Usercentrics CMP and Matomo analytics, and enforces strong security practices including HTTPS and security headers. However, explicit security policies and incident response information are not publicly available, which could be improved. Overall, the site is trustworthy, well-structured, and compliant with GDPR, serving a broad audience including volunteers, educational institutions, and the general public.

B

Bundesweiter Vorlesetag

vorlesetag.de

0

The Bundesweite Vorlesetag website represents a well-established non-profit initiative focused on promoting literacy and the joy of reading among children and adults in Germany. Founded in 2004 by prominent partners including DIE ZEIT, Stiftung Lesen, and Deutsche Bahn Stiftung, it holds a leading position in the national literacy promotion landscape. The website offers comprehensive resources, event registration, and digital storytelling content, supported by a consistent and professional brand presence. Technically, the site is built on TYPO3 CMS with modern integrations such as Vue.js, Matomo analytics, and social media embeds, reflecting a mature digital infrastructure with good mobile optimization and SEO practices. Security-wise, the site employs HTTPS and a robust cookie consent mechanism, though explicit security headers and incident response policies are not publicly documented. Overall, the site demonstrates a high level of trustworthiness and compliance with GDPR, making it a reliable platform for its audience.

G

GemeindebriefDruckerei

gemeindebriefhelfer.de

0

GemeindebriefDruckerei operates a specialized blog and resource platform focused on assisting church communities and newsletter designers in creating effective and visually appealing church newsletters. The website offers a variety of blog articles, downloadable templates, image archives, and tools, complemented by an associated shop for fan articles and other related products. The target audience is niche, primarily German-speaking church groups and individuals involved in newsletter production. Technically, the site is built on WordPress with WooCommerce integration, leveraging modern web technologies and plugins to provide a functional and moderately optimized user experience. Security posture is adequate with HTTPS enforced and some best practices observed, but lacks visible security headers and formal privacy or cookie policies, which are areas for improvement. The domain registration data is consistent and indicates a legitimate and established service. Overall, the site is professional, content-rich, and trustworthy within its niche, though it would benefit from enhanced privacy compliance and security hardening.

A

Adalbert Stifter Verein e. V.

stifterverein.de

0

The Adalbert Stifter Verein is a German non-profit cultural institute dedicated to promoting the cultural heritage and history of the Bohemian countries. The organization offers a range of services including exhibitions, events, publications, scholarships, and a library. Their target audience includes cultural enthusiasts, historians, researchers, and the general public interested in Bohemian culture. The website is professionally designed with consistent branding and clear navigation, reflecting a well-established cultural institution. Technically, the website is built on WordPress and uses modern JavaScript libraries such as GSAP for animations. The site is mobile-optimized and accessible, with good SEO practices. Performance is moderate, and no major technical issues were detected. The site uses HTTPS with excellent SSL configuration, but lacks some security headers and cookie consent mechanisms. From a security perspective, the website demonstrates good practices such as HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. However, it lacks published security policies, incident response contacts, and a vulnerability disclosure mechanism. Privacy compliance is basic with a privacy policy present but no cookie consent banner. Overall, the website is trustworthy and professional, with a strong cultural focus and good business credibility. Strategic improvements in security headers, privacy compliance, and incident response transparency would enhance the security posture and user trust.

H

Hochschule Landshut

haw-landshut.de

0

Hochschule Landshut is a German university of applied sciences offering a broad range of degree programs, continuing education, and research services with a strong emphasis on practical relevance. The website reflects a well-established educational institution with a clear market position in the regional higher education sector. The digital infrastructure is built on TYPO3 CMS with integrated Matomo analytics, providing a modern and accessible user experience. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Security posture is good with HTTPS and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is professional, trustworthy, and serves its target audience effectively.

B

Bistum Essen

bistum-essen.de

0

Bistum Essen is a well-established Catholic diocese serving over 2.5 million people in the Ruhrgebiet and Sauerland regions of Germany. The website reflects a comprehensive religious and social service organization with a strong community focus, offering pastoral care, social help, education, and cultural events. The institution is positioned as a key religious entity in its region, with a large workforce and multiple parishes. Technically, the website is built on TYPO3 CMS with modern frontend technologies and uses Matomo for privacy-conscious analytics. The site is well-structured, mobile-optimized, and GDPR compliant with a clear cookie consent mechanism. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the domain and website content align with a legitimate and trustworthy religious organization.

G

GemeindebriefDruckerei

gemeindebriefdruckerei.de

0

GemeindebriefDruckerei is a specialized printing service focused on church newsletters and community publications in Germany. The company offers printing, layout materials, consulting, and an online shop tailored to religious communities and local municipalities. The website is built on TYPO3 CMS with modern frontend technologies, providing a professional and user-friendly experience. Contact information and customer testimonials enhance trust and credibility. Security posture is adequate with HTTPS and secure forms, but lacks explicit security policies and cookie consent mechanisms. Overall, the site is well-positioned in its niche with a solid digital presence.

G

German Coworking Federation e.V. Bundesverband Coworking Deuschland

coworking-germany.org

0

The German Coworking Federation e.V. is a non-profit national federation representing coworking spaces, users, researchers, and interested parties in Germany since 2015. The organization focuses on community building, education, event organization, and advocacy within the coworking sector. Their website reflects a professional and consistent brand presence with clear navigation and relevant content for their target audience. Technically, the site is built on WordPress using the Divi theme and integrates modern technologies such as Bootstrap 5, Matomo analytics, and Brevo for marketing automation. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though explicit security headers and policies are not published. The absence of WHOIS data due to privacy protection is common for such entities but slightly reduces transparency. Overall, the site is trustworthy and well-maintained but could improve privacy compliance and security disclosures.

C

Creacando

creacando.de

0

Creacando is a German-based e-commerce business specializing in DIY creative kits, offering customers curated boxes with materials and instructions for various crafts such as pottery, candles, and soaps. The company targets a general audience interested in creative hobbies and positions itself as a niche provider with a focus on quality materials and ease of use. The website is built on the Shopify platform, leveraging modern web technologies and integrations with popular marketing and analytics tools like Google Analytics, Facebook Pixel, Hotjar, and Klaviyo. The technical infrastructure is robust, with Cloudflare CDN and Shopify hosting ensuring good performance and security. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, reflecting GDPR adherence. However, explicit terms of service and security policies are not found, and direct contact information is limited, which could impact user trust and legal clarity. Overall, the site demonstrates a good balance of business professionalism, technical maturity, and privacy awareness, with room for improvement in transparency and accessibility.

4

4toStay GmbH

chronuu.de

0

Chronuu is a German-based digital platform specializing in estate and legacy management, operated by 4toStay GmbH. The company offers a secure, user-friendly service that enables individuals to manage their digital and material estate, document their life story, and provide access to heirs in a compliant and encrypted environment. The platform is positioned as a niche provider in the German market, leveraging modern web technologies and mobile app availability to reach its target audience. Technically, the website is built on WordPress with a robust tech stack including Bootstrap, Slider Revolution, and Matomo analytics, hosted behind Cloudflare DNS services. Security posture is strong with HTTPS enforced, data stored in Germany, and no provider access to user data, complemented by GDPR-compliant privacy and cookie policies. No critical vulnerabilities or suspicious patterns were detected, and the site demonstrates good design, navigation, and content quality. Overall, Chronuu presents a trustworthy and professional digital service with room for improvement in security headers and incident response transparency.

S

Stopcrime GmbH

stopcrime.info

0

Stopcrime GmbH operates a specialized platform aimed at preventing banking fraud and money laundering by providing an international, independent infrastructure for financial institutions to share alerts about suspicious accounts and transactions. The website is professionally designed, primarily in German, and targets financial service providers and banks. The business model revolves around a membership network that enables participants to report suspicious accounts and check transactions in real-time via API, enhancing fraud detection and coordination among banks. Technically, the website is built on WordPress using the Elementor page builder, with additional plugins such as TranslatePress for multilingual support and Usercentrics for GDPR-compliant consent management. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Security-wise, the site enforces HTTPS and uses consent management but lacks visible advanced security headers and explicit incident response contact information. Overall, the security posture is solid but could be enhanced by implementing additional security headers and publishing clear security policies. The WHOIS data is privacy protected, which is reasonable given the nature of the business. No suspicious patterns were detected. The site does not expose sensitive data or contain vulnerabilities visible from the front-end. Privacy compliance is good with clear policies and consent mechanisms. Strategic recommendations include improving security header implementation, publishing incident response contacts, enhancing SEO and accessibility, and providing clearer contact information to boost business credibility and trust.

M

MYCOVER® - PROTECTION AT ITS FINEST

mycover-protection.com

0

MYCOVER® is a specialized e-commerce retailer focused on premium motorcycle covers and theft protection accessories, targeting motorcycle owners primarily in Germany. The website presents a professional and well-structured online shop with comprehensive product offerings, including outdoor and indoor covers, chopper and roller specific covers, and various theft protection devices. The business emphasizes quality and customer service, supported by detailed size recommendations and advisory content. Technically, the site is built on WordPress with WooCommerce, enhanced by multilingual support and cookie consent management, reflecting a mature digital infrastructure. Security posture is solid with HTTPS, security headers, and cookie consent mechanisms, though lacking explicit security policy and incident response information. The absence of WHOIS registration data for the domain raises concerns about domain legitimacy, which impacts overall trust. Strategic recommendations include verifying domain registration, publishing security policies, and enhancing contact transparency to improve business credibility and security compliance.

B

Barf Box

barf-box.de

0

Barf-Box.de is a German e-commerce website specializing in premium raw dog food products, including BARF Komplettmenüs, snacks, and training treats. The site targets dog owners seeking natural and high-quality nutrition options for their pets. The business operates primarily online, leveraging WooCommerce on WordPress with Elementor for site design and user experience. The company emphasizes express shipping and sustainable packaging, positioning itself as a niche leader in the German premium pet food market. Technically, the website uses a modern WordPress stack with WooCommerce and Elementor, integrated with Google Tag Manager and Borlabs Cookie for consent management and tracking. The site is mobile-optimized and employs structured data (JSON-LD) for SEO enhancement. Performance is moderate, with good SEO and accessibility basics in place. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analysis. Privacy compliance is partially addressed via cookie consent, but no privacy policy or terms of service pages were found in the provided content. Overall, Barf-Box.de presents a professional and trustworthy e-commerce platform with solid technical foundations and good business credibility. Strategic improvements in security headers, privacy documentation, and incident response transparency would enhance its security posture and compliance standing.

F

frihed. GmbH

frihednordicwear.com

0

frihed. GmbH operates an e-commerce platform specializing in sauna and wellness products, including sauna hats, bio sauna infusions, oils, and thermal salts. The company targets consumers interested in sauna culture and wellness, primarily in Germany and surrounding regions. The website is built on the Shopify platform, leveraging modern e-commerce technologies and integrations such as Klarna for payments and Trusted Shops for customer trust. The business maintains a niche market position with a focus on sustainable materials and Nordic design aesthetics. Technical infrastructure is solid, hosted via Alfahosting with a well-implemented HTTPS configuration and multiple marketing and analytics tools integrated for customer engagement and performance monitoring. Security posture is good with standard security headers and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism in place. Overall, the website presents a professional and trustworthy front for a small-sized retail business in the wellness sector.

O

ORGANIC POLYMER

organicpolymer.de

0

ORGANIC POLYMER is a German-based manufacturer and developer specializing in sustainable polyurethane and epoxy resin floor coatings. The company positions itself as a niche player focusing on environmentally friendly, bio-based, and low-emission products targeting industrial and commercial clients. The website reflects a professional and consistent brand image with clear navigation and relevant content about their products and certifications. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Complianz for GDPR compliance, and uses Matomo for privacy-conscious analytics. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the site is trustworthy and well-maintained, suitable for its business scope.

W

WG Match

wg-match.de

0

Livo is a German household management application developed by WG Match, targeting various household types including WGs, families, couples, and singles. The app offers integrated features such as task management, finance tracking with fair cost splitting, shared calendars, shopping lists, and recipe management. The website is professionally designed, well-structured, and optimized for SEO, reflecting a mature digital presence. Technically, it is built on WordPress with Elementor and integrates modern analytics and marketing tools like Google Analytics, Google Tag Manager, and TikTok Pixel. Security posture is good with HTTPS enabled and no exposed sensitive data, but lacks some security headers and explicit privacy and cookie policies. No incident response or vulnerability disclosure information is provided, which could be improved to enhance trust and compliance. Overall, the website and business appear legitimate and focused on providing a niche digital solution for household organization.

L

Locawo

locawo.com

0

Locawo is a German-based e-commerce business specializing in low-carb food products such as pasta, pizza, and bread. Founded in 2021, it targets health-conscious consumers seeking low-carbohydrate alternatives with a focus on taste and fiber content. The website presents a professional and consistent brand image with good design and user experience, optimized for mobile users. Technically, the site leverages modern JavaScript libraries including jQuery, Bootstrap, and Slick Slider, and is built on the JTL Shop platform hosted by IONOS SE. Tracking and marketing tools such as Google Tag Manager and Facebook Pixel are integrated, indicating moderate user tracking. Security posture is adequate with HTTPS enabled and domain status protections, but lacks DNSSEC and visible security headers, which are recommended for enhancement. Privacy compliance is weak due to missing privacy and cookie policies, and no GDPR compliance indicators are found. Overall, the site is functional and credible but would benefit from improved privacy and security practices.

Jens Kunstein Engineering & Consulting is a small German-based engineering and consulting firm specializing in construction project management and related services. The company offers a range of services including project leadership, cost estimation, contract and claim management, and expert reporting primarily targeted at small and medium-sized construction and handcraft businesses. The website is simple and professional, providing clear information about services and contact details but lacks advanced features such as forms or social media integration. Technically, the website uses a basic but modern tech stack including Bootstrap and jQuery, hosted on a German hosting provider's infrastructure. The site is moderately optimized for mobile and performance but lacks advanced SEO and accessibility features. No CMS or analytics tools are detected, indicating a static or manually maintained site. From a security perspective, the site lacks visible HTTPS confirmation and security headers, which lowers its security posture. There are no privacy or cookie policies, which raises compliance concerns under GDPR. No incident response or vulnerability disclosure information is provided. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain and business. Overall, the website is functional and professional but requires improvements in security, privacy compliance, and technical modernization to enhance trust and user experience.

S

St. Browns GmbH

st-browns.de

0

St. Browns GmbH operates an e-commerce platform specializing in curated, stylish gift box sets targeting customers in Germany. The website presents a professional and consistent brand image with a focus on sustainable and personalized gift packaging. The business model is retail-focused, leveraging Shopify as its platform to deliver a seamless shopping experience. The company integrates multiple marketing and analytics tools such as Facebook Pixel, Klaviyo, Trustpilot, and Lucky Orange to optimize customer engagement and conversion. Technically, the website is built on Shopify with modern JavaScript modules and CDN hosting, ensuring fast performance and excellent mobile optimization. Accessibility and SEO practices are well implemented, contributing to a positive user experience. The site uses HTTPS with strong SSL configuration and includes cookie consent mechanisms aligned with GDPR requirements. From a security perspective, the site follows best practices including HTTPS enforcement, use of hCaptcha for form protection, and no visible exposure of sensitive data. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not present, representing areas for improvement. Overall, the website is secure, compliant, and trustworthy, with a moderate to high security posture. The overall risk is low with no critical vulnerabilities detected. Strategic recommendations include publishing a dedicated security policy, providing incident response contact information, and adding a vulnerability disclosure or security.txt file to enhance transparency and trust.

M

Movato

movato.de

0

Movato is a German-based technology company specializing in innovative software solutions for the mobility sector. Their offerings include intelligent in-car applications compatible with platforms such as CarPlay, Android Auto, and Android Automotive, scalable cloud environments for processing large mobility datasets, and location intelligence services leveraging Open Street Maps data. The company targets businesses and developers in the automotive and mobility industries, positioning itself as an innovative provider of connected driving experiences and data-driven mobility insights. Technically, the website is built on the Webflow CMS platform, hosted with Cloudflare for DNS and security, and employs modern web technologies including jQuery and Cloudflare's Turnstile CAPTCHA for form protection. The site demonstrates good performance, mobile optimization, and SEO practices, although accessibility features are basic. Security posture is strong with HTTPS enforced and CAPTCHA on forms, but could be improved by adding explicit security headers and cookie consent mechanisms. From a security perspective, no critical vulnerabilities or exposed sensitive data were detected. The site lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced trust and compliance. The WHOIS data is consistent with legitimate business use, showing no privacy protection or suspicious patterns. Overall, the site is professional, trustworthy, and compliant with GDPR through a comprehensive privacy policy. The overall risk assessment is low, with recommendations focusing on improving privacy compliance with cookie consent, enhancing security headers, and providing clearer direct contact information. These steps will strengthen the security posture and user trust, supporting Movato's position as a credible technology provider in the mobility sector.

W

WLH Wirtschaftsförderung im Landkreis Harburg GmbH

wlh.eu

0

WLH Wirtschaftsförderung im Landkreis Harburg GmbH operates as a regional economic development agency focused on supporting small and medium enterprises (KMU), start-ups, and companies seeking commercial real estate in the Hamburg region. The organization provides consulting services for business location, founding support, innovation promotion, networking, and event organization. Positioned as a competence center and partner for municipalities in Landkreis Harburg, WLH aims to strengthen the local economy and business environment. Technically, the website is built on WordPress 6.8.3 with a modern tech stack including Yoast SEO, UIkit framework, and Borlabs Cookie for consent management. The site is mobile-optimized, SEO-friendly, and uses HTTPS with good security practices. Analytics are implemented with Google Analytics but are consent-based, respecting user privacy. Security posture is solid with HTTPS enforced and spam protection on forms, though no explicit security policy or incident response information is published. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website presents a professional, trustworthy, and well-maintained digital presence that effectively supports WLH's mission. Strategic improvements could include publishing a formal security policy and enhancing security headers to further strengthen the security posture.

T

THE FIZZ

the-fizz.com

0

THE FIZZ operates as a specialized real estate business focusing on student apartments across Germany, Austria, Czech Republic, and the Netherlands. The company offers fully furnished apartments with community spaces and house management services, targeting students seeking convenient and community-oriented housing solutions. The website is professionally designed, mobile-optimized, and provides online booking capabilities, positioning THE FIZZ as a competitive player in the European student housing market. Technically, the website is built on WordPress with modern performance and cookie management plugins, ensuring good user experience and compliance with privacy regulations. Security posture is generally good with HTTPS and cookie consent mechanisms, though the absence of security headers and a published security policy are areas for improvement. The WHOIS data is missing or unavailable, which raises concerns about domain registration transparency, slightly impacting business credibility. Overall, THE FIZZ presents a trustworthy and professional online presence with room for enhanced security and transparency.

S

Schachbundesliga | Schachbundesliga

schachbundesliga.de

0

The Schachbundesliga website serves as the official platform for the German Chess Bundesliga, providing comprehensive information including news, match results, team profiles, and live updates. It targets chess enthusiasts and participants primarily within Germany. The site is built on Drupal 9, leveraging modern web technologies such as Font Awesome and Slick Carousel for enhanced user experience. Hosting is managed via Goldvision, indicating a professional infrastructure. Security posture is moderate, with HTTPS likely enabled but lacking explicit security headers and policies. Privacy compliance is minimal due to absence of privacy and cookie policies. Overall, the site is functional, content-rich, and safe for general audiences but would benefit from enhanced security and compliance measures.

D

Deutsche Bischofskonferenz

dbk.de

0

The Deutsche Bischofskonferenz (DBK) website serves as the official online presence of the German Bishops' Conference, providing authoritative information, news, and resources related to the Catholic Church in Germany. It targets German-speaking Catholics, church officials, and the general public interested in religious affairs. The site offers thematic content, service tools such as parish searches and address directories, and maintains a strong social media presence. The business model is non-profit and government-related, focusing on information dissemination and coordination among Catholic dioceses. Technically, the website is built on TYPO3 CMS and leverages modern web technologies including jQuery, Bootstrap, and Owl Carousel. It is hosted on domaincontrol.com nameservers, indicating professional hosting arrangements. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Privacy compliance is robust, featuring a Usercentrics consent management platform and a comprehensive privacy policy in German. From a security perspective, the site enforces HTTPS and uses modern libraries, but lacks explicit security headers such as CSP and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response contact is noted. Overall, the security posture is good but could be improved with additional headers and formal vulnerability disclosure mechanisms. The website is safe for general audiences, containing no adult or explicit content. The domain registration data aligns well with the organization's identity, showing no suspicious patterns. The site is trustworthy, professionally maintained, and compliant with relevant regulations. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining up-to-date software components.

F

FSV Zwickau

fsv-zwickau.de

0

FSV Zwickau operates a professional and comprehensive website serving as the official digital presence of the German football club. The site provides extensive information on team rosters, match results, ticketing, merchandise, and fan engagement, positioning itself as a key resource for supporters and stakeholders. The business model revolves around sports entertainment, sponsorships, and community engagement, targeting football fans and local audiences. Technically, the website is built on WordPress with a modern tech stack including Divi theme, jQuery, and various plugins enhancing user experience and content management. Performance and mobile optimization are good, though accessibility could be improved. Security posture is solid with HTTPS and cookie consent mechanisms in place, but the absence of some security headers suggests room for enhancement. Privacy compliance is strong, with clear policies and GDPR adherence. Overall, the site reflects a trustworthy and professional organization with a medium-sized operational scale.

M

MLP Finanzberatung SE

mlp.de

0

MLP Finanzberatung SE is a well-established financial advisory company based in Germany, offering a wide range of services including wealth management, retirement planning, insurance, financing, and investment products. The website targets diverse customer segments such as private customers, medical professionals, legal and tax advisors, and senior citizens. The company operates under the parent company MLP SE and maintains a professional online presence with consistent branding and comprehensive service information. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager for analytics, and Usercentrics for consent management, indicating a mature digital infrastructure. The site is mobile-optimized and structured for good user experience, although some accessibility features appear basic. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the website enforces HTTPS and uses a recognized consent management platform, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is partial due to the absence of a clearly accessible privacy policy and terms of service. Contact information for security incidents or data protection officers is not published. Overall, the website presents a low risk profile with a good business credibility score but would benefit from enhanced transparency in privacy and security documentation. Strategic improvements in publishing privacy policies, terms of service, and security incident contacts would strengthen compliance and trust.

N

N+P Informationssysteme GmbH

nupis.de

0

N+P Informationssysteme GmbH is a well-established German family-owned company specializing in digital transformation solutions for medium-sized enterprises in the industrial and construction sectors. Their offerings include software solutions, IT infrastructure services, consulting, implementation, and support, positioning them as a comprehensive digitalization partner. The company has a strong market presence with over 2,000 customers and more than 200 employees, emphasizing stability and continuous growth since 1990. Technically, the website is built on TYPO3 CMS with modern integrations such as HubSpot forms, Usercentrics consent management, and multiple analytics and tracking tools, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and consent mechanisms in place, though some security headers could be improved. Overall, the site is professional, well-branded, and trustworthy, with no signs of malicious or suspicious content.

H

Hochschulverein Mentor e. V.

mentor-zwickau.de

0

Hochschulverein Mentor e. V. is a non-profit association supporting the Westsächsische Hochschule Zwickau (WHZ) by fostering student engagement, organizing alumni networks, and providing preparatory courses and scholarships. The website is professionally designed with clear navigation and relevant content targeting students, staff, and supporters of the WHZ. Technically, the site uses legacy JavaScript libraries like jQuery 1.8.3 and FancyBox, hosted on kasserver.com, with basic mobile optimization and good SEO practices. Security posture is adequate with HTTPS and cookie consent mechanisms but lacks advanced security headers and modern JS libraries. No critical vulnerabilities or suspicious content were detected. Overall, the site reflects a trustworthy and regionally focused educational non-profit entity.

A

ATG Entertainment GmbH

atgtickets.de

0

ATG Entertainment GmbH operates a professional ticketing platform focused on musicals, concerts, and theater shows primarily in Germany. The company positions itself as a leading provider of live entertainment tickets, offering a wide range of shows and exclusive deals. The website is well-designed, mobile-optimized, and uses modern web technologies including Next.js and Vercel hosting, ensuring fast performance and good user experience. Security posture is solid with HTTPS and Cloudflare DNS, though some security headers and policies could be improved. Privacy compliance is supported by a Usercentrics cookie consent mechanism, but lacks explicit privacy and terms of service pages. Contact information is clearly provided, enhancing business credibility.

4830.org e.V. is a small non-profit organization dedicated to advancing infrastructure for citizen networks, particularly focusing on promoting and operating local Freifunk community networks in the Gütersloh district of Germany. The website serves as an informational platform describing the association's mission and activities, targeting community members and network enthusiasts. The business model is community-driven and non-commercial, emphasizing open and free network infrastructures. Technically, the website is built on WordPress with modern plugins such as Yoast SEO for search engine optimization and Burst Statistics for minimal analytics. The site uses modern web fonts and implements structured data (JSON-LD) and Open Graph metadata to enhance content discoverability. Performance and mobile optimization are moderate to good, though accessibility features are basic. The site enforces HTTPS, ensuring secure communication. From a security perspective, the site lacks several best practices such as security headers and explicit privacy or cookie policies. No contact information or incident response channels are provided, limiting transparency and user trust. The WHOIS data is unavailable due to a malformed response, which reduces domain legitimacy confidence. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is functional and serves its community purpose but would benefit from improved privacy compliance, enhanced security headers, and transparent contact and incident response information to strengthen trust and security posture.

C

Commons Zentrum Lüneburg

commonszentrum.de

0

Commons Zentrum Lüneburg is a community-driven non-profit organization focused on creating a shared space for collaborative activities and societal change in Lüneburg, Germany. The website presents a clear mission centered on inclusivity, ecological responsibility, and commons-based resource sharing. It offers various services including workshops, events, and a self-help bicycle repair team, targeting local residents interested in sustainable and communal living. The organization is relatively new, founded around 2023, and maintains an active event calendar and social media presence.

L

Lünepedia

luenepedia.de

0

Lünepedia is a community-driven city wiki focused on aggregating and sharing local knowledge about Lüneburg and its surroundings. Originating from a student project in 2020, it serves residents and community members by providing a collaborative platform for information sharing, event listings, and local initiatives. The website is built on the MediaWiki platform, enhanced with map integration using Leaflet, and presents content primarily in German. It maintains a good level of digital maturity with responsive design, clear navigation, and basic accessibility features. Privacy compliance is addressed with a cookie consent banner and a privacy policy, reflecting GDPR adherence. Security posture is solid with HTTPS enforced and CSRF protections, though explicit security policies and incident response contacts are absent.

W

WerkStadt Lüneburg e.V.

werkstadt-lueneburg.de

0

WerkStadt Lüneburg e.V. is a non-profit community workshop based in Germany, offering an open space for creative handcraft, repair, and learning activities. The organization targets a broad audience including children, youth, schools, companies, and the general public. Their services include access to tools and machines, workshops, courses, and space rental. The website is built on Squarespace, hosted via Netcup, and integrates Google Maps and social media platforms for outreach. The site is well-designed, mobile-optimized, and uses HTTPS with HSTS for secure communications. However, it lacks visible privacy and cookie policies, which is a compliance gap. Contact information is primarily via contact pages without explicit emails or phone numbers. Overall, the website presents a trustworthy and professional image suitable for its community-oriented mission.

E

EEX Group

eex-transparency.com

0

The EEX Transparency Platform is a professional and comprehensive online portal operated by the EEX Group, providing inside information and transparency services for European energy markets including power, natural gas, emissions, and hydrogen sectors. The platform targets market participants, regulatory bodies, and the general public interested in energy market data. The website demonstrates a mature digital infrastructure using TYPO3 CMS and modern JavaScript libraries such as Highcharts for interactive data visualization. It features GDPR-compliant privacy and cookie policies with user consent mechanisms, reflecting a strong commitment to privacy and regulatory compliance. Security posture is solid with HTTPS enforcement and basic security headers, though there is room for improvement in advanced security headers and accessibility. The absence of WHOIS data suggests privacy protection or recent domain registration, but the website's branding and content align with the reputable EEX Group, supporting legitimacy. Overall, the platform is a trustworthy and valuable resource for energy market transparency.