Security Directory

T

Technische Universität München

tum.de

67

Technische Universität München (TUM) is a leading German university specializing in natural sciences and engineering education and research. The website serves a broad academic audience including prospective and current students, researchers, and alumni. It offers comprehensive information on study programs, research initiatives, innovation, and community engagement. The site is built on TYPO3 CMS, indicating a mature technical infrastructure with good content organization and navigation. However, the site lacks visible privacy and cookie policies, security headers, and incident response information, which are important for compliance and trust. No WAF or blocking mechanisms were detected, and the content is safe and appropriate for a general audience.

The website ogp.me serves as the official specification and resource hub for the Open Graph protocol, a technology originally created by Facebook and now maintained by Meta Platforms, Inc. It provides detailed technical documentation and metadata guidelines enabling web developers to integrate their web pages into social graphs effectively. The site targets developers and technical audiences interested in web standards and social media integration. The business model is centered around providing an open standard and community resources rather than direct commercial services. The domain is well-established since 2010 and is owned by Meta Platforms, Inc., reflecting strong legitimacy and market position. Technically, the website is built with standard web technologies including HTML5, CSS, and JavaScript, hosted behind Cloudflare DNS services. The site demonstrates good performance and basic mobile optimization, with clear and structured content. SEO practices are well implemented through comprehensive Open Graph metadata. However, accessibility features are basic, and no advanced frameworks or CMS are detected. From a security perspective, the site uses HTTPS with a good SSL configuration and domain registration protections such as clientDeleteProhibited status. However, DNSSEC is not enabled, and no explicit security headers or policies are published. There is no evidence of privacy, cookie, or terms of service policies, which impacts privacy compliance scores. No contact or incident response information is provided, limiting transparency in security governance. Overall, the website is trustworthy, professional, and focused on its technical mission. The lack of privacy and cookie policies and DNSSEC are minor gaps. Strategic recommendations include enabling DNSSEC, publishing privacy and security policies, and adding security headers to enhance protection and compliance.

A

ARD Audiothek

ardaudiothek.de

53

ARD Audiothek is a large-scale podcast platform operated by the German public broadcaster ARD, offering a wide range of podcasts from ARD and Deutschlandradio. The platform targets German-speaking podcast listeners and provides free streaming and download services. It holds a strong market position as a leading public media podcast provider in Germany. The website is built with modern web technologies including Next.js and React, optimized for both desktop and mobile users, and integrates analytics tools like Piano Analytics and Google Tag Manager. Security posture is strong with HTTPS and multiple security headers implemented, though some improvements in privacy compliance such as cookie consent mechanisms and security policies could be made. Overall, the platform is professional, trustworthy, and well-branded, serving a broad audience with high-quality content.

Z

ZOLAR GmbH

zolar.de

62

ZOLAR GmbH operates a professional platform connecting customers in Germany with local experts for solar energy solutions including photovoltaic systems, balcony power plants, wallboxes, and solar storage. The company maintains a strong market position supported by a vetted installer network and recognition in press and comparison portals. Technically, the website is built on modern frameworks such as Next.js and React, hosted on AWS infrastructure, and optimized for performance, mobile, and SEO. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Privacy and cookie policies are present and GDPR compliant. Overall, the website reflects a mature digital presence with high trustworthiness and user experience.

E

Ecosia GmbH

ecosia.org

72

Ecosia GmbH operates a green search engine that dedicates 100% of its profits to climate action, primarily through tree planting projects worldwide. The company positions itself as a transparent and environmentally responsible alternative to mainstream search engines, with a strong community of over 20 million users. Their business model leverages advertising revenue to fund sustainability initiatives, supported by monthly financial reports and certifications such as B-Corporation. The website is professionally designed, mobile-optimized, and provides clear navigation and calls to action to engage users in their mission. Technically, Ecosia employs modern web technologies including JavaScript frameworks (likely Vue.js), Google Tag Manager for analytics, and Didomi for consent management, ensuring compliance with privacy regulations such as GDPR. The site is served over HTTPS with strong security headers, reflecting a mature security posture. No critical vulnerabilities or exposed sensitive data were detected, and the site includes mechanisms for cookie consent and privacy transparency. Security-wise, Ecosia demonstrates good practices with HTTPS enforcement, consent management, and transparent data processing disclosures. However, no explicit incident response or security policy pages were found, suggesting an opportunity to enhance security communication. The lack of publicly listed contact emails or phone numbers may limit direct user support but aligns with privacy considerations. Overall, Ecosia presents a trustworthy and credible online presence with a clear environmental mission, solid technical infrastructure, and good security hygiene. The absence of WHOIS data limits domain registration insights but does not detract from the evident legitimacy and professionalism of the site. Strategic recommendations include enhancing incident response visibility, maintaining up-to-date technology stacks, and possibly providing more direct contact channels for security or support inquiries.

Adblock Plus is a well-established ad blocking software product developed by eyeo GmbH, founded in 2006. It offers free, open source browser extensions and mobile apps that block intrusive ads, tracking, and malware, while supporting websites through an Acceptable Ads program. The company holds a strong market position as the leading ad blocker with a broad user base across major browsers and platforms. The website is professionally designed, mobile optimized, and provides comprehensive privacy and cookie policies with user consent mechanisms. Technically, the site uses modern JavaScript and web standards, with good performance and accessibility. Security posture is strong with HTTPS enforced and error logging implemented, though some improvements like DNSSEC and security headers could be added. No critical vulnerabilities or suspicious content were detected. Overall, the site and business demonstrate high credibility and trustworthiness.

I

IONOS Inc.

ionos.com

11

IONOS Inc. is a well-established enterprise-level technology company specializing in web hosting, domain registration, cloud solutions, and related digital services. The company targets businesses and individuals seeking reliable and scalable hosting and cloud infrastructure. Their market position is strong, supported by a comprehensive portfolio of services including websites, domains, servers, email, office productivity, and eCommerce platforms. The website reflects a professional and consistent brand image with excellent content quality and navigation clarity. Technically, the website is built on modern frameworks such as Next.js and React, leveraging various third-party analytics and marketing tools including Google Tag Manager, TikTok Pixel, LinkedIn Insight Tag, and others. The site is mobile-optimized and performs moderately well, with good SEO and accessibility features. Security-wise, HTTPS is enforced with no visible exposed sensitive data, and monitoring tools like Sentry are in use. However, explicit security headers and published security policies are absent. The security posture is solid but could be improved by adding explicit security headers, publishing a security policy, and establishing a vulnerability disclosure program. Privacy compliance is basic, lacking visible privacy and cookie policies or consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and professional, with no signs of content blocking or WAF interference. Strategically, IONOS should focus on enhancing transparency around privacy and security policies, improving compliance with GDPR and cookie consent requirements, and publishing incident response contacts to strengthen user trust and regulatory adherence.

Deutsche Telekom AG operates the website www.telekom.de, providing a comprehensive range of telecommunications services including mobile telephony, fixed-line internet, fiber optic connections, and TV offerings under the MagentaTV brand. The website targets both private and business customers in Germany, positioning itself as a leading telecommunications provider with a strong market presence. The content is professionally presented, with clear navigation and a focus on current offers and customer services. Technically, the site employs modern web technologies such as React, uses advanced analytics and tag management tools like Dynatrace and Tealium, and demonstrates good mobile optimization and accessibility. Security posture is strong with HTTPS enforced and consent mechanisms for GDPR compliance implemented, although explicit privacy and security policies are not prominently linked. Overall, the domain registration data aligns well with the business identity, indicating a legitimate and trustworthy online presence.

L

Leaflet

leaflet.pub

56

Leaflet is a technology platform focused on enabling users to write and share interconnected social documents. The website positions itself as a niche content creation and publishing platform, targeting general audiences interested in blogging and publication exploration. The platform leverages modern web technologies such as React and Next.js, indicating a contemporary technical infrastructure. The site design is professional and mobile-optimized, providing a good user experience with clear navigation and relevant content. However, the absence of privacy, cookie, and terms of service policies suggests room for improvement in compliance and transparency. Security posture is moderate with no explicit security headers detected and unknown SSL configuration, which should be addressed to enhance trust and protection. Overall, the domain uses privacy protection for WHOIS data, which is common for small tech platforms but slightly reduces transparency. Strategic recommendations include implementing security headers, publishing privacy and cookie policies, and providing clear contact and incident response information to improve compliance and user trust.

G

Graze.social

graze.social

58

Graze.social is a technology company specializing in providing a SaaS platform for building custom social feeds on the Bluesky network using the ATProto protocol. The platform targets feed curators, brands, publishers, developers, and advertisers, enabling them to create personalized feeds, monetize content, and engage audiences without coding. The website demonstrates a strong market position with a growing user base and a clear value proposition centered on user control over social algorithms. Technically, the website is built on modern web technologies including React, JavaScript, and integrates third-party services such as Crisp chat, Beehiiv newsletter, and Plausible analytics. The site is mobile-optimized, fast-loading, and well-structured with good SEO and accessibility features. However, some security best practices like explicit security headers and cookie consent mechanisms are not visibly implemented. From a security perspective, the site uses HTTPS and does not expose sensitive data. The lack of public WHOIS data suggests privacy protection, which is common and justified for startups. No critical vulnerabilities or suspicious patterns were detected. The site lacks publicly disclosed incident response or security policies, which could be improved to enhance trust. Overall, Graze.social presents a professional, trustworthy, and technically mature platform with minor areas for security and privacy compliance improvements. Strategic recommendations include implementing security headers, publishing security policies, and adding cookie consent to align with best practices and regulatory requirements.

A

Atlas Schindler

schindler.com.br

71

Atlas Schindler is a leading manufacturer and service provider of elevators, escalators, and moving walkways in Brazil. The company offers comprehensive solutions including manufacturing, installation, modernization, and maintenance services, targeting residential, commercial, and public transportation buildings. The website reflects a strong market position with professional branding and multilingual support, indicating a global presence and local adaptation. Technically, the site is built on Adobe Experience Manager, leveraging Adobe Analytics and HubSpot for marketing and data collection, with a robust cookie consent mechanism in place. Security posture is strong with HTTPS and strict Content Security Policy headers, although explicit security policies and incident response contacts are not published. Overall, the site is professional, secure, and business-focused, with room for improvement in privacy transparency and incident response disclosures.

Radio Bremen is a well-established public broadcasting institution in Germany, providing radio, television, and online media content primarily for the Bremen region. As a member of the ARD consortium, it holds a strong market position in regional media with multiple subsidiary radio channels and production entities. The website reflects a professional and comprehensive digital presence with high-quality content and consistent branding. Technically, the site uses modern web technologies, including lazy loading and structured data, and demonstrates good mobile optimization and accessibility. Security posture is strong with HTTPS enforced and partial security headers, though some improvements in explicit security policies and incident response transparency are recommended. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy, safe, and professionally managed, with no signs of malicious activity or content blocking.

A

Alexandra Hamer Therapeutic Massage & Bodywork

touchstream.com

58

Alexandra Hamer Therapeutic Massage & Bodywork is a small local healthcare service provider specializing in orthopedic and sports massage, myofascial bodywork, trigger point therapy, and structural integration. The business targets clients in Durham, Chapel Hill, RTP, and Raleigh, North Carolina. The website is built on the Squarespace platform, leveraging its standard templates and technologies such as Typekit fonts and JavaScript for a moderate performance and good mobile optimization. The site presents a professional and consistent brand image with clear business hours and contact phone number, supported by structured data markup for local business.

O

OPPBTP (Organisme Professionnel de Prévention du Bâtiment et des Travaux Publics)

moa-batissez-en-prevention.fr

50

The website moa-batissez-en-prevention.fr is a professional French-language resource dedicated to construction project owners (maîtres d’ouvrage) to help optimize construction operations by integrating risk prevention measures. It is affiliated with OPPBTP, a recognized professional prevention organization in the French construction sector. The site offers advice, tools, solutions, and resources focused on health and safety in construction projects. Technically, the site uses modern web technologies including Google Tag Manager, Matomo analytics, and a cookie consent solution from axept.io. The CMS appears to be Ibexa, supporting structured content and rich media. Security posture is good with HTTPS and no exposed sensitive data, though security headers and explicit security policies are not evident. Privacy compliance is basic with a cookie consent mechanism and a privacy policy linked on a partner domain. The domain registration is consistent and legitimate, registered with GANDI in 2022, appropriate for the business purpose. Overall, the website is professional, trustworthy, and well-targeted to its audience, with moderate technical performance and good content quality.

The OpenStreetMap Foundation is a well-established international non-profit organization dedicated to supporting the OpenStreetMap Project, which provides free geographic data to the public. The foundation operates a membership-based model and focuses on community engagement, governance, and the promotion of open geospatial data. The website reflects a mature digital presence using the MediaWiki platform, offering comprehensive content about the foundation's mission, policies, and organizational structure. Technical infrastructure is solid, with fast performance, mobile optimization, and good SEO practices, although some modern security enhancements like DNSSEC and security headers are missing. Security posture is generally good with HTTPS enforced and domain transfer protections in place, but there is room for improvement in explicit security policies and vulnerability disclosure mechanisms. Privacy compliance is supported by a comprehensive privacy policy, but the absence of a cookie consent mechanism is a minor gap. Overall, the website is professional, trustworthy, and serves its target audience effectively.

Allwebco Design Corporation operates a website offering developer-grade HTML web templates, responsive designs, and related hosting and SEO support services. The company targets both professional developers and novice users, providing downloadable templates and add-ons to facilitate website building. The business has a niche market position with over 20 years of domain age, indicating established presence and credibility. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and jQuery, supplemented by Google Adsense and Tag Manager for monetization and analytics. The site is mobile responsive and well-structured, though accessibility features are basic. Security posture is moderate with HTTPS implied but lacking DNSSEC and security headers, and no explicit security or incident response policies are published. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and trustworthy but could improve security and privacy practices.

Allwebco Design Corporation operates a niche website offering developer-grade, mobile-friendly HTML and CSS web templates primarily targeting novice and professional web developers and small businesses. The company has a long-standing presence since 2002 and provides a variety of responsive templates, built-in scripts, and support resources. Their business model centers on downloadable templates and related add-ons, complemented by web hosting services linked via partner domains. The website content is well-structured, professionally designed, and offers clear navigation with multiple template categories and support options.

L

Lutra

lutra.com.au

53

Lutra is a specialized company providing engineering and software services focused on water and wastewater treatment plants and operations. Their market position is that of a niche provider offering both software solutions like Infrastructure Data and process engineering services for water and wastewater treatment. The company targets councils, water authorities, and infrastructure operators primarily in New Zealand and Australia. Technically, the website is built on a modern stack including SilverStripe CMS, Google Tag Manager, Microsoft Clarity, and Vimeo integrations, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and no exposed sensitive data, though formal security policies and incident response contacts are absent. Privacy compliance is basic with cookie consent and a privacy policy present but no GDPR-specific indicators. Overall, the website is professional, trustworthy, and well-branded, supporting a medium-sized business in the energy sector.

S

Schindler Portugal

schindler.pt

66

Schindler Portugal is a leading enterprise in the manufacturing and servicing of elevators, escalators, and moving walkways, operating as part of the global Schindler Group. The company offers a comprehensive range of products and modernization services tailored to residential, commercial, and industrial buildings. Their market position is strong, supported by a well-established brand and extensive service network. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support, targeting building owners, architects, and facility managers. Technically, the site leverages Adobe Experience Manager and integrates advanced analytics and consent management tools, indicating a high level of digital maturity. Security posture is robust with HTTPS, CSP, and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is trustworthy, compliant with GDPR, and provides a safe browsing experience.

IT-Grünenwald GmbH is a small German IT consulting company specializing in virtualization, installation, migration, maintenance, and training services primarily for municipalities, SMEs, schools, and freelancers in the Stuttgart-Heilbronn-Heidelberg-Karlsruhe region. Their offerings include Windows client and server solutions, IT security, remote support, and hardware/software procurement with leasing options. The website is basic and somewhat outdated, using legacy technologies like Flash and lacking modern security features such as HTTPS and security headers. Contact information is available via email, but no phone numbers or social media links are provided. Privacy compliance is minimal with no cookie consent mechanism detected.

TomTom is a globally recognized leader in navigation and mapping technology, offering a wide range of GPS devices, mapping software, and location-based services. The company serves both consumer markets and business sectors including automotive manufacturers, logistics, and public sector organizations. Their market position is strong, supported by partnerships with major automotive and technology companies. The website reflects a mature digital presence with modern technologies such as React and Next.js, ensuring fast performance and excellent mobile optimization. Security posture is robust with HTTPS enforcement and comprehensive security headers, though public security policies and incident response information could be enhanced. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, TomTom presents a professional, trustworthy, and technically sound online presence.

G

Geofabrik GmbH

geofabrik.de

45

Geofabrik GmbH is a specialized technology company focused on extracting, processing, and providing free geodata primarily sourced from OpenStreetMap. Their services include creating shape files, maps, map tiles, and web mapping solutions, complemented by consulting and training offerings. The company positions itself as an expert in the OpenStreetMap ecosystem, targeting businesses and organizations requiring geospatial data solutions. Technically, the website is built with standard HTML, CSS, and JavaScript (including jQuery), hosted on Hetzner infrastructure, and demonstrates moderate performance and basic mobile optimization. Security posture is adequate with no visible vulnerabilities or exposed sensitive data, but lacks advanced security headers and explicit policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional, trustworthy, and aligned with its business focus.

The domain opencage.com is registered since 2004 with Megazone Corp., a Korean registrar, but the website content is currently a parked domain page with no active business presence. The page primarily displays advertisements and a link to purchase the domain, indicating it is not in active use. The technical infrastructure is minimal, relying on basic HTML, CSS, and JavaScript with no modern frameworks or CMS detected. The site lacks HTTPS and security headers, and content is served via an iframe from an external ad network, limiting direct content access and user experience. No privacy, cookie, or terms of service policies are present, and no contact or business information is provided. Overall, the site has a low trustworthiness and security posture, with significant gaps in compliance and user transparency.

A

ARD

ard.de

61

ARD is a major German public broadcasting organization providing a wide range of media services including news, sports, podcasts, and children's programming. The website serves as a portal linking to various ARD brands and partner broadcasters, reflecting a strong market position in the German media landscape. The business model is publicly funded broadcasting, targeting a general audience with diverse content offerings. Technically, the website uses modern web technologies such as React and is optimized for mobile devices, though some accessibility features could be improved. Security posture is moderate with no visible security headers or explicit policies, and privacy compliance is good with a comprehensive privacy policy but lacking a cookie consent mechanism. Overall, the site is professional and trustworthy, with strong business credibility but room for technical and security enhancements.

CloudPit is a cloud platform service operated under dogado GmbH, a German company established in 2015. The website analyzed is primarily a login portal for users to access cloud infrastructure management services. The business targets IT professionals and organizations requiring cloud hosting and management solutions. The platform appears to be a niche player in the cloud technology sector with a medium-sized company profile. Technically, the website employs standard web technologies including JavaScript and CSS, with scripts loaded from its own domain. The site uses HTTPS with a valid CSRF token for form security, but lacks advanced security headers and visible privacy or cookie policies. The site is moderately optimized for performance and mobile use but could improve accessibility and SEO features. From a security perspective, the site demonstrates basic good practices such as HTTPS and CSRF protection but lacks DNSSEC and security headers that would enhance protection. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms a consistent and legitimate domain registration with no privacy protection, matching the business location and entity. Overall, the website is functional and trustworthy but would benefit from enhanced privacy compliance, security hardening, and more comprehensive business transparency. Strategic improvements in these areas would strengthen user trust and regulatory compliance.

P

pretix GmbH

pretix.social

70

pretix GmbH operates pretix.social, a Mastodon-based decentralized social media server hosting official company accounts related to their open-source and SaaS projects such as pretix and venueless. The website serves as a communication and branding platform rather than a user registration portal, with accounts managed externally. The company is positioned as a niche technology provider focused on event management and decentralized social media solutions. Technically, the site uses Mastodon 4.4.5 with React and modern JavaScript modules, providing a responsive and user-friendly experience. Security posture is moderate with HTTPS implied but lacking visible security headers and cookie consent mechanisms. Business credibility is strong due to clear company information and legal notices. Overall, the site is professional, trustworthy, and safe for general audiences.

P

pretix

pretix.cloud

72

pretix is a technology company specializing in event ticketing software, offering a comprehensive platform that includes online ticket shops, box office solutions, and various event management tools. The company targets event organizers across multiple sectors such as conferences, festivals, concerts, and exhibitions. With over 1000 customers and ISO 27001 certification, pretix holds a strong market position as a secure and privacy-focused ticketing solution provider. The website reflects a professional and consistent brand image with clear navigation and extensive product offerings. Technically, pretix employs modern web technologies including Matomo analytics for privacy-conscious tracking, SVG graphics for UI, and a REST API for extensibility. The site is well-optimized for performance and mobile devices, providing a good user experience. Security-wise, pretix demonstrates strong practices with HTTPS enforcement and ISO certification, though it lacks some security headers and a public vulnerability disclosure policy. Contact information is clearly presented, supporting business credibility. Overall, pretix presents a trustworthy and mature digital presence with minor areas for compliance and security enhancement.

W

Weser-Ems Halle Oldenburg GmbH & Co. KG

motorradshow-oldenburg.de

62

MOTORRAD SHOW Oldenburg is a well-established regional motorcycle trade fair organized by Weser-Ems Halle Oldenburg GmbH & Co. KG, targeting motorcycle enthusiasts and industry stakeholders in the Oldenburg region of Germany. The event showcases new motorcycle models, accessories, and offers an engaging program including contests and social spaces. The website is professionally designed with good content quality and consistent branding, supporting a positive market position as a leading regional event. Technically, the site uses modern web technologies and Matomo analytics, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks advanced security headers and explicit privacy and terms policies. Overall, the site is trustworthy and functional but could improve compliance and security transparency.

D

daisys-diner.click

daisys-diner.click

62

The website daisys-diner.click serves as a branded short domain landing page associated with the Rebrandly URL shortening service. It does not provide any direct business information, contact details, or user engagement content beyond redirecting users to Rebrandly's main site. The domain WHOIS data is suspicious due to a creation date set in the future (June 2025), which undermines trust and legitimacy. The site uses minimal technical infrastructure with basic HTML, CSS, and JavaScript, and lacks modern security features such as DNSSEC or security headers. No privacy or cookie policies are present, and no contact or incident response information is provided, indicating low compliance with privacy and security best practices.

D

DELTA PARTS

deltaparts.de

46

DELTA PARTS is a German manufacturer and retailer specializing in high-quality custom motorcycle parts produced using advanced CNC milling and laser technology. The company targets motorcycle enthusiasts and retailers seeking premium components such as license plate holders, fuel caps, lighting, and accessories. Their market position is that of a specialized manufacturer with a focus on quality and German engineering. The website is built on WordPress with Elementor, featuring modern design and multilingual support via GTranslate. Technical infrastructure is solid with HTTPS enabled and use of SEO plugins, though performance is moderate. Security posture is adequate but lacks explicit security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced compliance and security transparency.

KABINETT Verlag is a small German media publishing company with a focus on motor journalism and related media content. The website kabinett-online.de is currently under maintenance and provides detailed contact information and company background but lacks privacy, cookie, and security policies. The technical infrastructure is basic, relying on standard HTML, CSS, and JavaScript, hosted on servers indicated by the nameservers. No advanced CMS or analytics tools are detected. Security posture is moderate but could be improved by implementing HTTPS, security headers, and privacy compliance measures. Overall, the website presents a legitimate and consistent business presence but requires modernization and enhanced security and privacy practices to meet current standards.

Nordic Nest is an established online retailer specializing in Scandinavian interior design products, offering a wide range of furniture, lighting, tableware, and home accessories from over 250 Scandinavian brands. The website is professionally designed with good content quality and clear navigation, targeting consumers worldwide interested in Scandinavian design. Technically, the site uses modern technologies such as Google Tag Manager and a comprehensive cookie consent mechanism to ensure GDPR compliance. Security posture is strong with HTTPS enforced and cookie consent implemented, though additional security headers and explicit security policies could enhance protection. The absence of WHOIS data and contact information slightly reduces business credibility but does not negate the overall legitimacy of the site. The site is safe for general audiences with no adult content detected.

S

Seeberger

seeberger.cz

10

Seeberger.cz is an e-commerce website representing the Seeberger brand, a well-established company in the snack food industry since 1844. The website offers a wide range of natural and premium snack products including nuts, dried fruits, mixes, coffee, and related items, targeting Czech consumers. The site is part of a broader multinational presence with multiple language-specific domains. Technically, the site is built on the Shopify platform, leveraging modern web technologies and standard e-commerce features. It demonstrates good performance, mobile optimization, and SEO practices. Security posture is strong with HTTPS, security headers, and captcha protections, although explicit security and incident response policies are not publicly available. Privacy compliance is well addressed with GDPR-aligned privacy and cookie policies. Overall, the website is professional, trustworthy, and suitable for general audiences with no adult or explicit content.

S

Seeberger

seeberger-snacks.ch

68

Seeberger is a well-established premium snack brand operating an e-commerce platform primarily targeting the Swiss market with multi-language support for neighboring countries. The website offers a broad range of natural snack products including nuts, dried fruits, and coffee. The business model focuses on direct online retail with a professional and consistent brand presentation. Technically, the site is built on Shopify, leveraging modern web technologies and optimized for performance and mobile use. Security posture is strong with HTTPS, security headers, and form protections, though explicit security policies and incident response contacts are absent. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site presents a trustworthy and professional online retail experience.

Ö

Österreichischer Alpenverein

alpenverein.at

72

The Österreichischer Alpenverein is a well-established non-profit organization dedicated to alpine sports, nature conservation, and community engagement in Austria. The website serves as a comprehensive portal for members and the public, offering information on membership benefits, mountain huts, environmental initiatives, and educational programs. It maintains a strong market position as Austria's leading alpine association with a large member base and extensive regional presence. Technically, the website employs standard web technologies including JavaScript, jQuery, and Matomo analytics, with a focus on accessibility and mobile optimization. The site is well-structured, professionally designed, and provides clear navigation and relevant content. Privacy compliance is robust, featuring a detailed privacy policy and cookie consent mechanism aligned with GDPR requirements. From a security perspective, the site uses HTTPS and implements cookie consent but lacks some advanced security headers and explicit vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious content were detected. The WHOIS data is unavailable, likely due to privacy protection, which is justified for this type of organization. Overall, the website demonstrates a strong security posture, high content quality, and good privacy compliance, making it a trustworthy and professional digital presence for the Österreichischer Alpenverein.

H

Hengst Filtration

hengst.shop

51

Hengst Filtration operates a professional e-commerce platform focused on filtration products and personal protective equipment, targeting industrial and commercial customers primarily in Germany. The company is a large, family-owned manufacturer with a global presence, emphasizing sustainability and innovation. The website is built on the Shopware platform with a modern theme, integrating standard marketing and analytics tools such as Google Analytics, Facebook Pixel, and LinkedIn Insight. Security posture is solid with HTTPS, CSRF protection, and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent banners. Overall, the site reflects a mature digital presence aligned with the company's business model and market position.

Pascualet - Marc Diez-Prida is a small, specialized PR agency based in Radolfzell am Bodensee, Germany, with a focus on public relations, strategic marketing, photography, and design services. The company targets businesses and organizations seeking comprehensive communication and creative solutions, operating with a niche regional and international presence including Germany, Spain, and Mexico. The website reflects a professional and consistent brand image with clear contact points and partner affiliations. Technically, the website employs a modest but effective technology stack including Matomo for privacy-conscious analytics and Userlike for chat support. The site is moderately optimized for performance and mobile devices, with good SEO practices evident in meta tags and structured content. However, no CMS or advanced frameworks are detected, indicating a likely custom or lightweight implementation. From a security perspective, the domain is well-registered with a reputable registrar and shows no signs of privacy protection or suspicious patterns, supporting legitimacy. The site uses HTTPS and disables cookies in analytics, enhancing privacy. However, the absence of security headers and cookie consent mechanisms are notable gaps. No explicit security or incident response policies are published, which could be improved to enhance trust and compliance. Overall, the website presents a trustworthy and professional front for a small PR agency with good business credibility and privacy-conscious analytics. Strategic improvements in security headers, cookie consent, and published policies would strengthen the security posture and compliance standing, supporting long-term business growth and client trust.

C

CLEANPRODUCTS

cleanproducts.de

29

CLEANPRODUCTS is a specialized German e-commerce retailer offering professional-grade automotive care products, targeting commercial vehicle detailing and maintenance professionals. With over 35 years of industry experience, the company positions itself as a trusted manufacturer-direct supplier of high-quality car cleaning and care solutions. The website is built on the Shopify platform, leveraging modern e-commerce technologies and integrations such as Trustpilot for customer reviews and multiple social media channels for brand engagement. The technical infrastructure is robust, featuring HTTPS, cookie consent mechanisms, and optimized performance for desktop and mobile users. Security posture is strong with standard best practices observed, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site presents a professional and trustworthy online presence suitable for its niche market.

M

Deine Mitfahrzentrale für die Berge | Moobly

moobly.de

55

Moobly is a German-based online platform specializing in ridesharing services tailored for mountain trips. It enables users to find and offer carpool rides to various alpine destinations, promoting cost savings and environmental benefits by reducing CO2 emissions. The website is well-branded and targets environmentally conscious outdoor enthusiasts and mountain travelers. Technically, the site leverages the Enhavo CMS and integrates Google Maps API for geolocation and ride point-of-interest features, supported by Google Analytics and Tag Manager for user tracking. The site is mobile-optimized with good navigation and content relevance, although accessibility features are basic. Security-wise, the site uses HTTPS but lacks several security headers and explicit security policies, which could be improved. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the platform appears legitimate and functional but would benefit from enhanced privacy disclosures and security hardening.

D

DAV Summit Club

dav-summit-club.de

54

DAV Summit Club is a German-based travel company specializing in guided hiking, mountaineering, winter sports, and adventure tours worldwide. The website presents a broad portfolio of over 600 trips across 100 countries, targeting outdoor enthusiasts and adventure travelers. The business model focuses on experiential travel with expert guides and diverse travel types including training and safety courses. The company appears established with a medium-sized market presence in the hospitality sector.

S

Seeberger

seeberger.de

61

Seeberger operates a professional e-commerce platform focused on selling natural snacks such as nuts, dried fruits, and coffee products primarily targeting the German and broader European market. The website is built on the Shopify platform, leveraging modern web technologies and providing a seamless user experience with mobile optimization and accessibility features. The company maintains a strong brand presence with consistent branding and comprehensive content quality. Security posture is robust with HTTPS enforced, standard Shopify security headers, and privacy compliance including GDPR-aligned policies and cookie consent mechanisms. However, explicit security policies and incident response information are not publicly available, which could be improved to enhance trust. Overall, the site is trustworthy, well-maintained, and suitable for general consumers seeking premium snack products.

J

Jugend des Deutschen Alpenvereins

jdav.de

66

Jugend des Deutschen Alpenvereins (JDAV) is the youth division of the Deutscher Alpenverein, a prominent German alpine club. The organization focuses on providing youth-oriented alpine sports education, courses, and community engagement activities. Their website reflects a well-structured, content-rich platform targeting young members and interested parties in Germany. The site leverages modern web technologies such as Vue.js and employs privacy-conscious analytics via Plausible. Social media integration and partner affiliations enhance their outreach and credibility. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements in cookie consent and security headers are recommended. Overall, the website is professional, trustworthy, and aligned with the organization's mission.

G

GLS Bank

gls.de

71

GLS Bank is a well-established social-ecological bank in Germany, founded in 1974, offering sustainable banking products and services focused on positive social and environmental impact. The website demonstrates a strong market position with awards and recognitions, targeting private customers, companies, and non-profit organizations. Technically, the site uses TYPO3 CMS with modern web standards, good SEO, and excellent accessibility features. Security posture is moderate with HTTPS and consent mechanisms but lacks explicit security headers and published security policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Strategic improvements include publishing comprehensive privacy and security policies and enhancing security headers.

D

Deutscher Alpenverein (DAV)

alpenverein.de

65

The Deutscher Alpenverein (DAV) operates a comprehensive online magazine focused on alpine sports including mountaineering, hiking, climbing, ski touring, and mountain biking. The organization is a leading non-profit entity in Germany dedicated to mountain sports, safety, environmental protection, and community engagement. Their website offers rich content, event information, and resources for outdoor enthusiasts, supported by a strong brand presence and partnerships with relevant outdoor and insurance companies. Technically, the site uses modern web technologies such as Vue.js and privacy-conscious analytics (Plausible), delivering a well-structured, mobile-optimized, and accessible user experience. Security posture is good with HTTPS and no exposed sensitive data, though improvements could be made by adding security headers and explicit incident response information. Privacy compliance is supported by a comprehensive privacy policy, but lacks a visible cookie consent mechanism. Overall, the site is professional, trustworthy, and well-positioned in its niche.

D

Dublin Bus

dublinsightseeing.ie

65

Dublin Sightseeing Tours, branded as Dublin Bus, is a well-established tourism service provider in Ireland offering a variety of sightseeing tours including hop-on hop-off buses, ghost tours, day trips, and airport transfers. The company targets tourists visiting Dublin and surrounding areas, leveraging a strong market position supported by positive reviews and a comprehensive online presence. Their business model focuses on direct online ticket sales and partnerships with local attractions. Technically, the website employs standard web technologies including JavaScript and Google Tag Manager with a cookie consent mechanism, indicating a moderate level of digital maturity. However, the absence of WHOIS data and security headers suggests areas for improvement in transparency and security posture. The security evaluation shows basic compliance with privacy regulations but lacks visible incident response or vulnerability disclosure information. Overall, the website is professional, user-friendly, and trustworthy, but could benefit from enhanced security measures and clearer contact information to improve business credibility and compliance.

D

Dublin Bus

dodublin.ie

66

DoDublin is a well-established tourism and transportation service provider in Dublin, Ireland, offering hop-on hop-off bus tours, day tours, airport transfers, and attraction tickets. The company is part of Dublin Bus, the city's public bus provider, which strengthens its market position and trustworthiness. The website is professionally designed with excellent content quality, clear navigation, and good mobile optimization. It integrates modern technologies such as Swiper.js and Google Tag Manager for analytics and marketing purposes. Security posture is good with HTTPS enabled and cookie consent mechanisms in place, though there is room for improvement in security headers and incident response transparency. The domain registration is consistent with the business claims and supports legitimacy. Overall, the website presents a trustworthy and user-friendly platform for tourists seeking Dublin city tours and related services.

D

Dublin Bus

dodublin.com

65

DoDublin operates as a leading sightseeing and transportation service provider in Dublin, Ireland, specializing in hop on hop off city tours, airport transfers, day trips, and attraction ticket sales. The company has a strong market position as the No.1 rated Dublin bus tour since 1988, targeting tourists and visitors seeking convenient and informative travel experiences. Their business model focuses on direct online ticket sales and providing frequent, well-guided bus tours with a fleet of buses. Technically, the website employs standard web technologies including JavaScript and CSS, with Google Tag Manager for analytics and marketing. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks advanced security headers and published security policies. Privacy compliance is well addressed with visible cookie consent mechanisms and accessible privacy and cookie policies. Overall, the website is professional, trustworthy, and well-aligned with its business objectives.

C

co2.auto GmbH

co2.auto

61

co2.auto GmbH operates a specialized platform in Germany facilitating the sale of THG-Quotas, enabling electric vehicle owners to monetize their CO2 emission reductions through annual bonuses. The company targets private individuals, fleet managers, and public charging station operators, positioning itself as a trusted intermediary between quota-obligated companies and electric mobility stakeholders. The website is professionally designed, content-rich, and provides comprehensive information about the THG-Quota system, registration process, and legal context. Technically, the site uses standard web technologies with moderate performance and good mobile optimization. Security posture is solid with HTTPS and encrypted session management, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the business demonstrates credibility and trustworthiness with transparent WHOIS data and clear contact information.

J

Jürgen Auer

server-daten.de

69

Server-Daten, operated by Jürgen Auer, is a small German technology business specializing in providing relational web database solutions for rent. The company offers services including database setup, encrypted file uploads, and a UserAgent LinkCheck tool. The website is primarily in German and targets businesses or individuals seeking secure web database hosting and related services. The business has been established since 2005, indicating a mature presence in its niche market. Technically, the website uses standard HTML, CSS, and JavaScript with no detected CMS or advanced frameworks. Hosting is provided via INWX nameservers, a reputable German domain registrar and hosting provider. The site performance is moderate with basic mobile optimization and accessibility features. SEO is basic but sufficient for the site's scope. No advanced analytics or tracking technologies are detected, reflecting a privacy-conscious approach. From a security perspective, the site uses HTTPS (implied by domain and standard practice though SSL details are not explicitly provided) and implements a cookie consent banner, indicating GDPR awareness. However, no explicit security headers or incident response policies are found. The WHOIS data is consistent with the business claims, showing no privacy protection and a domain age that aligns with the company's history. No vulnerabilities or suspicious patterns are detected in the content or technical setup. Overall, Server-Daten presents a trustworthy, niche-focused web service with a solid business foundation and basic but adequate technical and security measures. Strategic improvements in security headers, incident response documentation, and enhanced mobile optimization could further strengthen its posture.

C

Coolstuff

coolstuff.se

66

Coolstuff is a well-established Swedish e-commerce retailer specializing in unique and personalized gifts and gadgets. The website targets consumers primarily in Sweden and other Nordic countries, offering a wide range of products including personalized apparel, advent calendars, and gift boxes. The company operates multiple country-specific domains, indicating a broad regional presence. Technically, the website is built using modern frameworks such as SvelteKit, ensuring fast performance and excellent mobile optimization. The use of Google Tag Manager indicates active marketing and analytics efforts. Security posture is generally good with HTTPS enabled and cookie consent implemented, but the absence of security headers and explicit privacy and terms pages suggests room for improvement. WHOIS data for the www subdomain is not available, but this is likely due to querying the subdomain rather than the root domain. Overall, the site presents a professional and trustworthy front with moderate risk due to minor compliance and security gaps.