Germany security reports

B

BDS AZUBIAKADEMIE - Die Akademieseite des BDS Bayern

bdsazubiakademie.de

10

BDS AZUBIAKADEMIE is a regional educational initiative by the Bund der Selbständigen Bayern (BDS Bayern) aimed at enhancing vocational training for apprentices in Bavaria. The platform offers supplementary workshops and professional training beyond standard vocational school curricula, primarily targeting small and medium-sized enterprises. The website is built on WordPress using the Astra theme and Elementor page builder, reflecting a moderate level of digital maturity with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced, but lacks advanced security headers and formal privacy and cookie policies. Contact information is limited to an email address, and no incident response or vulnerability disclosure mechanisms are present. Overall, the site is professional and trustworthy but would benefit from improved compliance and security practices.

The website m2mserver.de is currently a minimal landing page with very limited content, primarily displaying the domain name in a styled header. There is no substantive business description, contact information, or interactive elements. The WHOIS data indicates the domain is registered with German name servers, consistent with the .de TLD, but lacks detailed registrant information. The absence of privacy policies, cookie consent mechanisms, and terms of service suggests the site is either under development or serves as a placeholder. From a technical perspective, the site uses basic HTML and CSS without any detected scripts, frameworks, or CMS platforms. Performance and mobile optimization are basic, with no advanced SEO or accessibility features. Security posture is minimal with no visible security headers or SSL configuration details provided. No analytics or tracking technologies are present, indicating minimal data collection or user tracking. Security-wise, the site does not exhibit any blocking mechanisms such as WAF or security challenges, and no vulnerabilities or exposed sensitive data were detected. However, the lack of security best practices and compliance documentation represents a risk if the site were to handle sensitive data or user interactions in the future. Overall, the site scores low on content quality, privacy compliance, and security posture, reflecting its minimalistic nature. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, providing clear contact information, and enhancing technical SEO and accessibility to improve trust and user experience.

MADixel GmbH operates a specialized tracking tool designed to support sales teams by identifying companies visiting their websites and providing insights into visitor interests. The company positions itself as a niche provider in the technology sector focused on GDPR-compliant marketing analytics solutions. The website presents a professional and consistent brand image with clear contact details and a downloadable data protection report, indicating a focus on privacy and compliance. Technically, the site uses a modern frontend stack including Bootstrap and jQuery, with good mobile optimization and moderate performance. However, the absence of visible security headers and privacy/cookie policies suggests room for improvement in security and compliance transparency. No blocking or WAF mechanisms were detected, allowing full content access and analysis.

A

ARCH+ Verlag GmbH

archplus.net

57

ARCH+ Verlag GmbH operates a well-established German architecture and urbanism magazine with a strong digital presence. The website serves as a platform for magazine sales, event promotion, and architectural discourse, targeting professionals, students, and enthusiasts in the architecture sector. The business model centers on publishing quarterly issues in print and digital formats, supplemented by events and advertising. The company holds a leading position in its niche market in Germany with international outreach through English content and social media engagement. Technically, the website employs modern web standards, including HTML5, CSS3, and JavaScript, with embedded video content and Google Tag Manager for analytics and marketing. The site is hosted on Namespace4You infrastructure and shows moderate performance with good mobile optimization and basic accessibility features. Security posture is solid with HTTPS enforced and clientTransferProhibited domain status, though improvements are recommended such as enabling DNSSEC and adding security headers. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and aligns well with the company's business objectives.

W

Wilken Software Group

wilken.ch

53

Wilken Software Group is a German technology company specializing in software development and technology integration services. Their website presents a professional image with a focus on connecting technology, people, and visions for a sustainable future. The company targets business and technology professionals and operates primarily within the technology sector. The website is built on HubSpot CMS, uses Cloudflare for DNS, and integrates Google Analytics 4 and Cookiebot for analytics and privacy compliance. While the site is well-designed and mobile-optimized, it lacks explicit privacy policies, terms of service, and detailed contact information, which are important for full compliance and trust. Security posture is moderate with HTTPS enforced and cookie consent managed, but missing security headers and vulnerability disclosures reduce the security maturity. Overall, the website is trustworthy and professional but could improve transparency and security practices.

A

Amadeu Antonio Stiftung

amadeu-antonio-stiftung.de

56

The Amadeu Antonio Stiftung is a German non-profit foundation dedicated to strengthening democratic civil society and combating right-wing extremism, racism, and antisemitism. The website presents a professional and content-rich platform offering information about their projects, publications, events, and initiatives. Their target audience includes civil society actors, activists, and supporters of democratic culture. The organization maintains an active presence on major social media platforms and provides a newsletter subscription for ongoing engagement. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and WPML for multilingual support. It uses Borlabs Cookie for GDPR-compliant cookie consent management and integrates Google Analytics via Google Tag Manager, respecting user consent. The site is hosted on servers indicated by the agenturserver nameservers, suggesting a professional hosting environment. Mobile optimization and SEO practices are good, though accessibility could be improved. Security posture is adequate with HTTPS enforced and cookie consent implemented. However, no explicit security headers were detected, and no public security or incident response policies are published. No vulnerabilities or exposed sensitive data were found. The WHOIS data is limited but does not raise concerns about legitimacy. Overall, the site is trustworthy and professionally managed. Recommendations include adding a clear privacy policy and terms of service links, publishing a security policy or incident response contact, implementing security headers, and enhancing accessibility features to improve compliance and user experience.

S

Stiftung Mercator

stiftung-mercator.de

53

Stiftung Mercator is a private, independent non-profit foundation based in Germany, dedicated to promoting an open, solidaric society with equal opportunities. The foundation focuses on democratic values, social cohesion, climate protection, and supports various projects and fellowship programs. The website is professionally designed, multilingual, and optimized for SEO and accessibility, reflecting a mature digital presence. Technically, it leverages WordPress CMS with modern libraries such as jQuery and uses Borlabs Cookie for privacy compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though formal security policies and incident response contacts are not published. Overall, the site is trustworthy, well-maintained, and compliant with GDPR requirements.

ING-DiBa AG operates as one of Germany's leading digital and universal banks, serving over 9 million customers. The company offers a broad range of financial products including current accounts, loans, investment services, and mortgage financing. The website reflects a strong market position with a focus on customer satisfaction and digital innovation. The target audience includes private customers and business banking clients, emphasizing ease of use and accessibility through digital channels such as the ING app. The business model centers on providing comprehensive banking services with a digital-first approach, supported by a robust online presence and customer engagement.

4

41 Campus gGmbH

forty.one

46

FORTYONE is a niche media platform operated by 41 Campus gGmbH, focusing on the charitable activities and stories related to Dirk Nowitzki and his foundations in Germany and the USA. The website serves as a communication and donation platform, supported by sponsors such as ING. The content is professionally presented with a focus on storytelling and foundation updates, targeting a general audience interested in sports philanthropy and Dirk Nowitzki's legacy. Technically, the site is built on WordPress with modern plugins for donations and GDPR compliance, showing moderate performance and good mobile optimization. Security posture is solid with HTTPS and anti-spam measures, though improvements like DNSSEC and CSP headers are recommended. Privacy compliance is well addressed with clear cookie consent and policies. Overall, the site is trustworthy and professionally maintained, with no signs of malicious or adult content.

I

IcanDo e.V.

icando-verein.de

53

IcanDo e.V. is a small German non-profit organization dedicated to educational and social projects, including school initiatives and volunteer services. The organization has a recognized market position within its community, evidenced by awards such as the 'Großer Stern des Sports 2020 in GOLD'. Their website is built on the Squarespace platform, leveraging standard web technologies and providing a visually consistent and mobile-optimized user experience. However, the site lacks explicit privacy and cookie policies, which are critical for GDPR compliance in the EU. Security posture is basic with HTTPS enabled but missing important security headers and incident response contact information. Overall, the website is safe, professional, and trustworthy for general audiences but could improve in privacy compliance and security best practices.

R

RheinFlanke gGmbH

rheinflanke.de

62

RheinFlanke gGmbH operates as a German non-profit organization specializing in youth work, educational programs, and social integration services. The organization maintains a professional and accessible website built on WordPress, featuring multiple locations and a clear focus on community impact. Their digital presence includes active social media channels and a cookie consent mechanism, reflecting awareness of privacy regulations. Technically, the site employs modern plugins and frameworks, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and some best practices, though explicit privacy policies and vulnerability disclosures are missing, representing areas for improvement. Overall, RheinFlanke presents a credible and trustworthy digital footprint aligned with its mission and audience.

A

Avacon AG

avacon-shop.de

66

Avacon AG operates the Avacon Shop, an e-commerce platform specializing in energy-related products and services including electromobility, photovoltaic systems, energy storage, and electrical installations. The website targets consumers and businesses in Germany seeking comprehensive energy solutions. The platform is built on the Shopware CMS and hosted by Hetzner, leveraging modern web technologies and marketing tools such as Google Tag Manager and Facebook Pixel. The site features a professional design with good navigation and mobile optimization, supporting customer account management and product browsing. Security posture is adequate with HTTPS and secure forms, though lacks explicit security headers and published privacy or cookie policies. Overall, the domain registration and website content are consistent and trustworthy, reflecting a legitimate business presence.

Avacon Wasser GmbH is a regional water utility company based in Germany, providing safe and sustainable water supply services to households, businesses, and municipalities. The company emphasizes environmental protection, climate initiatives, and customer engagement through digital portals and consulting services. Their market position is that of a medium-sized regional utility with a strong focus on sustainability and customer service. Technically, the website is built on Adobe Experience Manager with modern UI components and consent management tools, indicating a mature digital infrastructure. Security posture is good with HTTPS and consent mechanisms, though some security headers and explicit incident response policies are missing. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, with clear contact information and social media presence.

A

Avacon Connect GmbH

avacon-connect.de

71

Avacon Connect GmbH is a regional telecommunications provider specializing in delivering high-speed fiber optic broadband internet and telephony services in the German regions of Sachsen-Anhalt and Niedersachsen. The company targets private customers, business clients, and network carriers, offering comprehensive fiber optic infrastructure solutions and end-user connectivity. Their market position is that of a trusted regional carrier with a focus on fiber-to-the-home technology and collaboration with municipalities and other carriers. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, with modern consent management via Usercentrics and tracking through Google Tag Manager. The site is hosted with Cloudflare DNS services, ensuring good performance and security. Security posture is strong with HTTPS enforced and privacy compliance well addressed, including GDPR-aligned cookie consent mechanisms. No critical vulnerabilities or suspicious content were detected. Overall, the website reflects a professional, trustworthy, and technically mature digital presence aligned with the company's business objectives.

Avacon Natur GmbH is a German energy company specializing in sustainable and renewable energy solutions, including heat, cold, and regenerative energy technologies. The company targets municipalities, businesses, private customers, and the housing industry with integrated energy solutions such as district heating, photovoltaic systems, and innovative quarter concepts. Their market position is that of an innovative regional energy provider focused on sustainability and digital energy futures. Technically, the website is built on Adobe Experience Manager with modern UI components and integrates Google Tag Manager and Usercentrics for analytics and consent management. The site is hosted behind Cloudflare, ensuring robust infrastructure and security. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional, well-structured, and trustworthy, reflecting a mature digital presence for a medium-sized energy company.

Avacon Netz GmbH operates as a major regional energy network operator in Germany, providing reliable electricity and gas network infrastructure to municipalities, industries, businesses, and households. The company serves approximately 16 million people across a large geographic area, positioning itself as a key player in the German energy sector. The website reflects a mature digital presence with multiple customer portals and comprehensive service offerings tailored to various customer segments. Technically, the site employs modern web technologies including React, Adobe Experience Manager CMS, and integrates consent management tools to comply with GDPR requirements. Security posture is strong with HTTPS enforcement, content security policies, and no visible vulnerabilities, although explicit security policies and incident response information are not published. Overall, the website is professional, trustworthy, and well-optimized for its target audience.

The Federal Ministry of Food and Agriculture (BMLEH) operates an official government website providing comprehensive information on topics such as food and nutrition, consumer protection, farming, animal welfare, rural regions, forests, fisheries, international affairs, and digitalisation. The site targets the general public, stakeholders in agriculture and food sectors, and international partners, serving as a key communication and service platform for the ministry. The website is well-structured, professionally designed, and consistent with government branding standards. Technically, the website is built on the Government Site Builder CMS platform, utilizing modern web standards including HTML5, CSS3, and SVG graphics. It incorporates Matomo analytics for anonymous visitor statistics and implements a granular cookie consent mechanism compliant with GDPR. Mobile optimization and accessibility features are well addressed, ensuring a good user experience across devices. From a security perspective, the site enforces HTTPS with excellent SSL configuration and includes standard security headers such as Content-Security-Policy and Strict-Transport-Security. The cookie consent banner clearly distinguishes necessary cookies from optional tracking and third-party content cookies. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not present, representing areas for improvement. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. The domain appears legitimate and consistent with official government use. No WAF or content blocking was detected, allowing full content accessibility. Strategic recommendations include publishing detailed security policies, providing incident response contact channels, and establishing a vulnerability disclosure process to enhance security posture and transparency.

M

Messen.de

messen.de

53

Messen.de is a well-established online platform providing a comprehensive calendar and overview of trade fairs and exhibitions primarily in Germany, Austria, Switzerland, and the Netherlands. It serves exhibitors, visitors, event organizers, and service providers by offering detailed event information, ratings, and news updates. The platform positions itself as a key resource in the German-speaking trade fair market, leveraging structured data and a user-friendly interface to deliver relevant content without requiring login. Technically, the website employs modern JavaScript frameworks, integrates Google Tag Manager, and uses a consent management platform to comply with GDPR regulations. Advertising and tracking are managed through reputable networks such as Criteo and Sourcepoint. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response details are absent. Overall, the site is professional, trustworthy, and compliant with privacy standards, making it a reliable resource for its target audience.

C

Cubus Medien Verlag GmbH

schulbau.online

55

SCHULBAU.online is a professional German platform focused on educational construction, offering a magazine, trade fairs, and events targeting architects, school authorities, and planners. The business is operated by Cubus Medien Verlag GmbH, a medium-sized company based in Hamburg, Germany, founded in 2025. The website is built on WordPress with modern plugins and SEO tools, providing a good user experience with clear navigation and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though DNSSEC is not enabled and security headers could be improved. Privacy compliance is strong with accessible privacy and cookie policies. Overall, the site is trustworthy and well-positioned in its niche.

W

Wirtschaftsförderung in der Region Hannover

wirtschaftsfoerderung-hannover.de

65

Wirtschaftsförderung in der Region Hannover is a regional government economic development organization focused on supporting businesses, startups, and innovation in the Hannover area. The website provides comprehensive information on business location, financing, founding support, innovation, workforce development, and events. It targets entrepreneurs, companies, investors, and regional stakeholders, positioning itself as a key facilitator for economic growth in the region. Technically, the site uses a custom CMS with modern JavaScript libraries such as jQuery and Swiper.js, and employs Matomo for privacy-conscious analytics. The site is well-optimized for mobile and accessibility, with a clear navigation structure and professional design. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not publicly documented. Overall, the site demonstrates a mature digital presence aligned with governmental standards and regional economic goals.

L

Landeshauptstadt Hannover

herrenhausen.de

52

The website 'Herrenhäuser Gärten - Hannover.de' serves as the official online presence for the Herrenhäuser Gardens and the Museum Schloss Herrenhausen, operated by the Landeshauptstadt Hannover (City of Hannover). It provides comprehensive visitor information, event details, group tours, and ticketing services, targeting tourists, families, and cultural enthusiasts. The site is well-positioned as a leading cultural and botanical attraction in Hannover, supported by consistent branding and professional content. Technically, the website employs modern web standards including HTML5, CSS3, SVG graphics, and JavaScript, with Matomo analytics for user tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. The CMS appears custom or proprietary, typical for government sites. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes essential security headers. No vulnerabilities or exposed sensitive data were detected. However, the site lacks a visible cookie consent mechanism and dedicated security or incident response policies, which are recommended for enhanced GDPR compliance and transparency. Overall, the website is trustworthy, professionally maintained, and provides a safe user experience. Strategic improvements in privacy consent and security transparency would further strengthen its compliance and user trust.

H

Hannover Marketing und Tourismus GmbH

visit-hannover.com

61

Visit Hannover is an official tourism portal managed by Hannover Marketing und Tourismus GmbH, providing comprehensive information on hotels, sightseeing, events, congresses, and regional attractions in Hannover, Germany. The website targets tourists, business travelers, and event attendees, offering booking options and cultural highlights. Technically, the site uses modern JavaScript libraries, Matomo analytics, and Google advertising scripts, with a likely CMS based on eZ Platform. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is good with HTTPS and consent management, though explicit security headers and policies are missing. WHOIS data is unavailable, which slightly reduces trust but the website content and branding indicate legitimacy. Overall, the site is professional, user-friendly, and compliant with GDPR.

S

Sparkasse

sparkasseblog.de

53

Der Sparkasseblog is a professional German-language financial blog focused on the Sparkasse banking ecosystem, targeting private customers, young people, and business clients. The site provides educational content and advice related to banking, investments, taxes, and personal finance. It is positioned as a niche content provider within the finance sector, leveraging the trusted Sparkasse brand. Technically, the website is built on WordPress with a modern tech stack including jQuery, Yoast SEO, and Google Tag Manager, ensuring good SEO and moderate performance. The site is mobile optimized and offers clear navigation and search functionality. Security-wise, the site uses HTTPS with valid SSL certificates and employs Google Tag Manager for analytics. However, it lacks visible security headers, explicit privacy and cookie policies, and contact information for security or general inquiries, which are areas for improvement. Overall, the website is trustworthy and professional but could enhance its privacy compliance and security posture.

B

Bauhaus-Universität Weimar

uni-weimar.de

57

Bauhaus-Universität Weimar is a medium-sized public university in Germany specializing in architecture, civil engineering, design, media, and related disciplines. The website serves students, researchers, and academic partners with comprehensive information about study programs, research, and university news. The university maintains a strong brand presence and offers a well-structured, accessible, and mobile-optimized website built on TYPO3 CMS with modern web technologies. Security posture is solid with HTTPS and privacy-conscious analytics (Matomo) but lacks explicit cookie consent and published security policies. The domain registration aligns with academic networks, supporting legitimacy. Overall, the site is professional, trustworthy, and suitable for its educational mission.

Z

zinnobergruen gmbh

bestarchitects.de

50

The website bestarchitects.de represents the 'best architects award', a prestigious European architecture award recognizing outstanding architectural achievements. The site serves architects, industry professionals, and enthusiasts by providing award results, news, and a bookshop for related publications. The business model centers on award organization and publication sales, positioning itself as a recognized authority in the European architecture sector. Technically, the site is built on depage CMS with modern web standards, includes responsive design, and uses Google Analytics for visitor insights. Security posture is solid with HTTPS, CSRF protection on forms, and cookie consent mechanisms, though it lacks explicit security headers and published security policies. Overall, the site is professional, trustworthy, and compliant with GDPR, but could improve transparency on security and incident response. No blocking or WAF interference was detected, allowing full content access and analysis.

D

DOM publishers

dom-publishers.com

66

DOM publishers is a specialized architecture book publisher established in 2005, offering a wide range of premium books and journals focused on architecture and design. The company targets architects, educators, and students globally, leveraging a Shopify-based e-commerce platform to distribute its products worldwide. The website demonstrates a professional and consistent brand presence with clear contact information and multilingual support. Technically, the site uses modern web technologies and Shopify's infrastructure, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and form protection via hCaptcha, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is trustworthy, well-maintained, and suitable for its niche audience.

K

KAWAHARA KRAUSE ARCHITECTS

kawahara-krause.com

62

KAWAHARA KRAUSE ARCHITECTS is a small, specialized architectural practice based in Germany, founded in 2007. The firm offers architectural design services, academic research, exhibitions, and publications, targeting clients interested in innovative and contextually rich architecture. The website is professionally designed using modern technologies such as Nuxt.js, Vue.js, Tailwind CSS, and Sanity CMS, providing a good user experience and mobile optimization. However, the site lacks explicit privacy and cookie policies, contact information, and security headers, which are important for compliance and security. The domain registration is consistent with the business claims, indicating legitimacy and stability. Overall, the website is safe, professional, and moderately secure but would benefit from enhanced privacy compliance and security practices.

A

archaic studio

archaic-studio.com

58

Archaic Studio operates as an online magazine dedicated to architecture and architectural photography, based in Berlin, Germany. The website serves a niche audience interested in architectural aesthetics and design, offering curated content and an integrated online store for related products. The business model focuses on content curation and e-commerce within the architecture and photography domain. Technically, the site is built on the Squarespace platform, leveraging its CMS and hosting infrastructure, with additional integrations such as Google Analytics and Typekit fonts. The site demonstrates moderate performance and good mobile optimization but lacks advanced accessibility features. Security posture is adequate with HTTPS enabled; however, the absence of security headers and HSTS reduces overall security robustness. Privacy compliance is weak due to missing privacy and cookie policies. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy. Overall, the website is professionally designed and functional but requires improvements in security and compliance to enhance trust and reduce risk.

B

Bund der Selbständigen Bayern

bds-bayern.de

45

Bund der Selbständigen Bayern is a well-established membership association founded in 1874, representing the interests of self-employed individuals and the independent middle class in Bavaria, Germany. The organization operates as a non-partisan, cross-industry network providing advocacy, legal advice, educational programs, and member services. Their market position is strong regionally with a history of over 150 years and a comprehensive service offering including academies, competence centers, and event organization. The website reflects a professional and consistent brand image targeting self-employed professionals and SMEs in Bavaria.

A

Andreas Gminder

myko-service.de

71

Myko-Service, operated by Andreas Gminder, is a small specialized e-commerce business focused on providing products and literature related to mycology and botany. The website targets a niche audience of scientists, hobby mycologists, and mushroom pickers, offering a broad range of items including microscopy supplies, truffle products, and creative materials. The business operates primarily in Germany and has been active since 2020. The website is multilingual, enhancing accessibility to an international audience. Technically, the website is built on the Epages e-commerce platform, utilizing modern JavaScript frameworks and is hosted on servers associated with rzone.de. The site demonstrates moderate performance with good mobile optimization and basic accessibility features. SEO is basic but functional, and the site includes essential legal pages and cookie consent mechanisms. From a security perspective, the site uses HTTPS with a valid SSL certificate, but lacks visible advanced security headers. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is adequate with GDPR-aligned policies and cookie consent. However, no explicit security or incident response policies are published. Overall, the website presents a trustworthy and professional front for a small niche retailer. Strategic improvements in security headers and explicit security policies could enhance trust and compliance further.

F

Felix Hampe, Pilzkurse und Kartierung

pilz-wissen.de

57

Felix Hampe operates a specialized educational and consulting business focused on mycology, offering mushroom courses, guided walks, consulting, and mapping services primarily in Hessen, Germany. The website presents a clear market position as a niche expert serving mushroom enthusiasts and nature lovers. The business model centers on direct service provision through seminars and personalized courses. Technically, the website is built on a modern stack with a CMS named MyWebsite, featuring responsive design and good SEO practices. Privacy compliance is well addressed with a GDPR-compliant privacy policy and cookie consent mechanisms. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though security headers are absent and could be improved. Overall, the website is professional, trustworthy, and safe for general audiences.

PilzCoach Badenweiler is a small, specialized business focused on mushroom coaching, education, and related product sales in the Badenweiler region of Germany. The company offers mushroom identification workshops, educational outreach to schools and kindergartens, and sells mushroom-related books and products. Their market position is niche and local, targeting mushroom enthusiasts and nature lovers. The website is built on the One.com Web Editor platform and hosted by One.com, featuring a moderate technical infrastructure with basic SEO and mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and explicit policies are lacking. Privacy compliance is basic but present, with cookie consent and privacy policy pages available. Overall, the website is professional, trustworthy, and content-rich for its niche audience.

Pilzzentrum Hornberg operates as an educational institution specializing in mushroom identification and nature conservation, targeting enthusiasts and learners interested in mycology. The website is built on Joomla CMS version 3.10.11 and incorporates Usercentrics for cookie consent management, reflecting a basic level of GDPR compliance. The site presents good content quality and user experience but lacks explicit privacy policies, terms of service, and contact information, which are critical for trust and compliance. Security posture is moderate with HTTPS enabled but missing important security headers and incident response details. Overall, the domain registration data aligns well with the website's German location and business focus, indicating legitimacy. Strategic improvements in privacy documentation, security headers, and contact transparency are recommended to enhance trust and compliance.

K

Kieler Pilzfreunde e.V.

kieler-pilzfreunde.de

56

Kieler Pilzfreunde e.V. is a small non-profit association based in Germany focused on mushroom education, conservation, and community engagement. The website provides information about mushroom identification, courses, exhibitions, and artistic projects involving fungi. It targets mushroom enthusiasts, nature lovers, and local community members including adults and children. The business model relies on memberships, donations, and event participation. Technically, the website is built using Incomedia WebSite X5 CMS with jQuery and standard web technologies. The site has moderate performance and basic mobile optimization. SEO is reasonably addressed with meta tags and structured navigation. However, there is no visible cookie consent mechanism or advanced accessibility features. From a security perspective, the site lacks visible security headers and explicit HTTPS confirmation in the provided data, which lowers its security posture. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic with a privacy policy present but no cookie banner. No incident response or security policies are published. Overall, the website is functional and trustworthy for its non-profit educational purpose but would benefit from improved security practices, HTTPS verification, and enhanced privacy compliance to strengthen user trust and regulatory adherence.

D

Deutsche Gesellschaft für Mykologie e.V.

dgfm-ev.de

58

The Deutsche Gesellschaft für Mykologie e.V. (DGfM) is a well-established German non-profit organization dedicated to the study and promotion of mycology. The website serves as a comprehensive resource for mushroom enthusiasts, researchers, and educators, offering educational content, qualifications, events, and community forums. The organization has a strong market position within its niche, supported by a century-long history and active engagement through social media and publications. Technically, the website is built on Joomla CMS with modern libraries like Bootstrap and jQuery, and it employs Matomo analytics configured for privacy compliance. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-optimized for users, with no signs of blocking or WAF interference.

N

National Geographic

nationalgeographic.de

68

National Geographic Germany operates a comprehensive media platform delivering inspiring stories, breathtaking adventures, and brilliant photography focused on nature, science, culture, and travel. The website serves a broad audience interested in educational and adventure content, leveraging a strong global brand under the Walt Disney Company umbrella. The business model includes magazine subscriptions, online editorial content, and e-commerce through affiliated partner sites. Technically, the site is built on WordPress with Elementor and Yoast SEO, ensuring modern content management and SEO optimization. The presence of cookie consent mechanisms indicates attention to privacy compliance, although explicit privacy and terms policies are not found in the provided content. Security posture is solid with HTTPS and consent-based script loading, but could be improved with additional security headers and published policies. Overall, the site is professional, trustworthy, and well-positioned in the media sector.

R

Roger Lehner

rogerlehner.com

47

Roger Lehner operates a small, specialized design studio based in Germany, focusing on ambitious projects that emphasize collaboration, creativity, and accessibility. The website showcases a professional portfolio with services including branding, digital and print design, and inclusive design practices. The business targets clients seeking high-quality, dynamic visual communication solutions. Technically, the website employs modern JavaScript libraries such as Swup and Swiper for enhanced user experience and uses Umami Analytics for minimal user tracking. Hosting is provided by hosttech.de, a German hosting provider, aligning with the business location. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, and does not implement cookie consent mechanisms, which are areas for improvement. Overall, the website is professional, trustworthy, and well-designed but could enhance compliance and security practices.

M

MOBILEE

mobilee-plattform.de

43

MOBILEE is a German non-profit platform dedicated to social work through sport and movement. It serves as a networking and resource hub for initiatives, organizations, and individuals working at the intersection of social work and sports. The platform is supported by notable foundations and sport organizations, enhancing its credibility and reach within its niche. The website is professionally designed using WordPress and Elementor, featuring rich content, event information, and partner links. Technically, the site uses modern web technologies and privacy-conscious analytics (Matomo), but lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is good with HTTPS and no exposed sensitive data, but could be improved by adding security headers and vulnerability disclosure mechanisms. Overall, the site is trustworthy, well-branded, and serves its target audience effectively.

S

Spielfeld Gesellschaft

spielfeld-gesellschaft.de

10

Spielfeld Gesellschaft is a German non-profit platform focused on fostering social cohesion and integration within the Niedersachsen region. Supported by the Niedersächsische Lotto-Sport-Stiftung, it offers community engagement through events, podcasts, newsletters, and networking opportunities. The website reflects a clear mission to connect people and ideas for an open society. Technically, the site uses modern JavaScript modules, Matomo analytics with cookies disabled, and good accessibility and SEO practices, though some improvements in cookie consent and security headers are recommended. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks published security policies or incident response contacts. Overall, the site is professional, trustworthy, and safe for general audiences.

L

lernando

lernando.de

72

lernando.de is a German e-commerce website specializing in educational materials such as school books, learning aids, and exercise booklets for children of all school grades. The platform targets parents and children seeking verified publisher materials with convenient shipping options. Technically, the site is built on Drupal 11 with Commerce 3, leveraging modern web technologies including jQuery UI, Cookiebot for consent management, Google Tag Manager, and Meta Pixel for marketing and analytics. The website demonstrates good digital maturity with mobile optimization and SEO best practices. Security-wise, the site enforces HTTPS and employs a comprehensive cookie consent mechanism, but lacks explicit security policies or incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR, though it could improve by adding Terms of Service and security disclosure information.

A

Arena Verlag

arena-verlag.de

72

Arena Verlag is a reputable German publishing company specializing in high-quality children's and youth books. The website reflects a professional digital presence with a focus on book publishing and e-commerce, targeting children and youth audiences. The company leverages modern technologies including Drupal 11 CMS and integrates marketing and analytics tools such as Facebook Pixel and Google Ads. The website demonstrates good mobile optimization and SEO practices, enhancing user experience and accessibility. Privacy compliance is well addressed through a comprehensive cookie consent mechanism powered by Cookiebot, ensuring GDPR adherence. However, explicit contact information and terms of service are not readily found, which could be improved to enhance transparency and user trust. Security posture is solid with HTTPS enforced, but the absence of security headers and a security.txt file suggests room for improvement in security best practices.

A

Amadeu Antonio Stiftung

swipeaway.de

50

SwipeAway is an educational self-learning tool designed to raise awareness about recognizing hostile narratives on social media platforms and to promote digital civil courage. The project is operated by the Amadeu Antonio Stiftung, a reputable non-profit foundation in Germany, and is supported by Stiftung Mercator. The website targets a general audience interested in social media literacy and digital rights education. The business model is non-commercial, focusing on social impact and education. Technically, the website is built using modern web technologies including Nuxt.js, JavaScript, HTML5, and CSS3. It is hosted on servers associated with agenturserver, with good mobile optimization and moderate performance. The site uses HTTPS with an excellent SSL configuration but lacks some security headers that could enhance protection. The site employs minimal user tracking via the privacy-conscious Umami analytics platform. From a security perspective, the website demonstrates a solid baseline with HTTPS enabled and no exposed sensitive data. However, it lacks security headers and a cookie consent mechanism, which are important for GDPR compliance and security best practices. No incident response or security policy information is provided, and no contact information is readily available on the main page, which could impact user trust and compliance. Overall, the website is professional, trustworthy, and focused on educational content without any adult or questionable material. The domain registration data aligns well with the website's stated purpose and parent organization, indicating legitimacy. Strategic recommendations include implementing security headers, adding a cookie consent mechanism, publishing security and incident response policies, and providing clear contact information to enhance trust and compliance.

L

Landesverband Nachhaltiges Sachsen e.V.

nachhaltiges-sachsen.de

57

Landesverband Nachhaltiges Sachsen e.V. is a regional non-profit organization dedicated to promoting sustainable development in Saxony, Germany. The website serves as a platform for networking, supporting projects, and providing educational materials related to sustainability. It targets stakeholders interested in social-ecological transformation and regional engagement. The organization maintains an active presence through newsletters, social media, and project coordination. Technically, the website is built on WordPress using modern plugins such as Yoast SEO and Matomo for privacy-respecting analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a good level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and policies could be improved. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, supporting the organization's credibility and mission.

A

Afeefa - Digitaler Zusammenhalt e.V.

afeefa.de

48

Afeefa - Digitaler Zusammenhalt e.V. operates a non-profit digital platform focused on social integration and community engagement in Leipzig, Germany. The website provides multilingual access to information about social services, volunteer opportunities, and local offers for people with diverse backgrounds. The platform positions itself as a local community hub fostering inclusion and participation. Technically, the website uses modern frontend technologies such as Vue.js and MapLibre GL for interactive maps, indicating a moderate level of digital maturity. However, the site lacks visible security headers and explicit privacy or cookie consent mechanisms, which are areas for improvement. Social media presence on Instagram and Facebook supports community outreach. Overall, the security posture is basic with no critical vulnerabilities detected but improvements are recommended to enhance compliance and trust. The domain registration data is consistent and supports the legitimacy of the website. Strategic recommendations include implementing security headers, cookie consent, and clearer contact information to improve user trust and regulatory compliance.

Cowiki is a non-profit project affiliated with anstiftung and the Verbund offener Werkstätten, providing a structured knowledge base platform aimed at supporting open workshops and collaborative communities in Germany. The website serves as a community resource with links to partner organizations and open source code repositories, reflecting a niche market position focused on knowledge sharing and collaboration. Technically, the site uses modern JavaScript frameworks such as Vue.js and integrates Umami Analytics for minimal user tracking, indicating a moderate level of digital maturity. The website is accessible, mobile-optimized, and presents a consistent brand image aligned with its non-profit mission. Security posture is moderate with HTTPS implied but lacking explicit security headers and published security policies. Privacy compliance is basic, with a privacy policy linked externally but no cookie consent mechanism detected. Overall, the site is trustworthy and safe for general audiences, with no adult or questionable content detected.

N

NDK Wurzen

leerstellen-lkl.de

47

The website leerstellen-lkl.de is a well-structured non-profit project focused on documenting cases of right-wing violence in the Leipzig district. It provides a digital memorial and educational resource through a web documentary, peer networks, and workshops primarily targeting youth and affected communities. The project is funded by reputable organizations and operated by NDK Wurzen, indicating a credible and mission-driven initiative. Technically, the site uses modern frameworks like Nuxt.js and Vue.js, ensuring a responsive and user-friendly experience, though some improvements in accessibility and SEO could be made. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and cookie consent mechanisms, which are recommended for GDPR compliance. Overall, the site is trustworthy, professional, and safe for general audiences.

HANSEPILZ is a small local business specializing in mushroom consulting and educational mushroom walks primarily serving the Northern Germany region including Hamburg, Schleswig-Holstein, and Niedersachsen. The website also showcases mushroom photography, appealing to enthusiasts and learners interested in mycology. The business maintains a niche market position with a focus on education and community engagement, supported by media appearances and active social media channels on Instagram and Facebook. Technically, the website is built on WordPress using the Twenty Seventeen theme, with standard plugins such as Contact Form 7 and CleanTalk for spam protection. Hosting is provided by 1blu, as indicated by the nameservers. The site demonstrates moderate performance and basic mobile optimization, with room for improvement in accessibility and SEO. Security posture is adequate with HTTPS enabled and anti-spam measures in place, but lacks important security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Overall, the site is trustworthy and professional but could benefit from enhanced security and privacy features to improve compliance and user trust.

K

KMU Werk

kmuwerk.de

66

KMU Werk is a German-based consulting network specializing in providing comprehensive, cross-disciplinary services to small and medium-sized enterprises (SMEs). Their focus is on practical, result-oriented business consulting covering topics from company foundation to succession, addressing challenges such as skilled labor shortages and digital transformation. The website is professionally designed using WordPress and Elementor, featuring clear navigation, contact information, and GDPR-compliant privacy and cookie policies. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies are absent. Overall, the site reflects a trustworthy and credible business presence in the SME consulting sector.

V

Vulkan Verlag

vulkan-shop.de

52

Vulkan Shop is a German-based e-commerce platform specializing in the sale of technical books, magazines, and eBooks focused on energy, automation, water, and industrial sectors. The website is professionally designed using Magento 2, featuring a comprehensive catalog of specialized publications targeting professionals and specialists in these industries. The platform supports German and English languages and integrates Google Analytics for user behavior tracking. Cookie consent mechanisms are implemented to comply with GDPR requirements. Security posture is solid with HTTPS enforced and secure cookie settings, although explicit security headers and policies are not fully documented. Contact information and terms of service pages are not clearly presented in the analyzed content, which could impact user trust and compliance transparency.

D

Deutscher Olympischer Sportbund e.V.

sportdeutschland.de

44

Sportdeutschland is the official digital platform of the Deutscher Olympischer Sportbund e.V., Germany's leading sports organization. It promotes sports participation nationwide, offering digital tools such as an interactive sports club map, a club app, and website services tailored for sports clubs and associations. The platform supports Olympic and Paralympic initiatives and targets sports enthusiasts, clubs, and volunteers across Germany. Technically, the website is built on TYPO3 CMS with modern front-end libraries and uses Matomo for privacy-conscious analytics. The site is well-structured, mobile-optimized, and professionally designed, reflecting a mature digital presence. Security posture is solid with HTTPS and secure forms, though it lacks some security headers and a cookie consent mechanism. Privacy compliance is strong with a comprehensive GDPR-aligned privacy policy. Overall, the site is trustworthy and authoritative in its domain.