Security Directory

K

Knappschaft-Bahn-See

kbs.de

63

Knappschaft-Bahn-See is a large German government social insurance and healthcare institution providing integrated services including pension, health, and nursing insurance, as well as medical networks and specialized services like the Minijob-Zentrale and Seemannskasse. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content targeting insured individuals, companies, healthcare providers, and seafaring businesses. Technically, the site uses a government-specific CMS, self-hosted Matomo analytics, and Usercentrics for consent management, indicating a strong commitment to privacy and compliance. Security posture is solid with HTTPS and secure forms, though explicit security policies and incident response contacts are not published. Overall, the domain WHOIS data aligns well with the website content, confirming legitimacy and trustworthiness.

N

NEW.EGO GmbH

newego.de

68

NEW.EGO GmbH is a premium internet agency based in Munich, Germany, specializing in TYPO3 CMS solutions and digital B2B communication services. Founded in 2005, the company serves medium-sized businesses and hidden champions primarily in the DACH region. Their key offerings include TYPO3 consulting, development, hosting, SEO, and comprehensive digital strategy services. The company holds multiple TYPO3 certifications and industry awards, reflecting a strong market position and trusted reputation. Technically, the website is built on TYPO3 CMS with a modern tech stack including JavaScript, CSS, and privacy-focused analytics tools like self-hosted Matomo. The site is well-optimized for performance, mobile responsiveness, and SEO, with a professional design and clear navigation. Security best practices such as HTTPS and cookie consent mechanisms are implemented, though explicit security headers and incident response policies are not publicly detailed. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, featuring comprehensive privacy and cookie policies aligned with GDPR. The company demonstrates strong business credibility through detailed contact information, client testimonials, and certifications. Overall, the website presents a trustworthy and professional digital presence suitable for its B2B audience.

V

Verband der Ersatzkassen e. V. (vdek)

gesunde-lebenswelten.com

43

Gesunde Lebenswelten is a professional health promotion initiative operated by the Verband der Ersatzkassen e. V. (vdek), representing six major German statutory health insurance funds. The website serves as a platform to present and support various health promotion and prevention projects targeting vulnerable groups such as residents and staff of care homes, people with disabilities, migrants, families, and older adults. The organization positions itself as a leading non-profit entity in the healthcare sector in Germany, focusing on sustainable health equity and community-based interventions. Technically, the website is built on WordPress with the Avada theme and uses modern plugins like Yoast SEO and Matomo for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security best practices like explicit security policies and incident response contacts are missing. The WHOIS data is notably absent, which raises some concerns about domain registration transparency. However, the professional content, consistent branding, and affiliation with a reputable organization mitigate these concerns. Overall, the website is trustworthy, well-maintained, and compliant with GDPR requirements. Strategic recommendations include publishing a dedicated security policy, providing incident response contact details, and adding a vulnerability disclosure mechanism to enhance transparency and trust further.

H

Hanseatische Krankenkasse (HEK)

hek.de

65

Hanseatische Krankenkasse (HEK) is a German statutory health insurance provider offering a wide range of health-related services including digital health management, family support, preventive care, and alternative medicine. The company holds a strong market position as a top-rated Krankenkasse with multiple awards and a professional online presence. The website is built on TYPO3 CMS and leverages modern web technologies such as Bootstrap, jQuery, and Matomo analytics, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not publicly available. Overall, the site is trustworthy, well-branded, and compliant with GDPR requirements.

D

Deutsche Rentenversicherung Knappschaft-Bahn-See

knappschaft.de

65

The website www.knappschaft.de represents the Deutsche Rentenversicherung Knappschaft-Bahn-See, a statutory health insurance provider in Germany. It offers a wide range of health insurance services, including family planning, preventive care, digital health services, and membership management. The site targets the general German population seeking reliable health insurance and related healthcare services. The business is well-established and government-affiliated, reflected in the professional and comprehensive content presented on the site. Technically, the website uses the Government Site Builder CMS, integrates Matomo for analytics, and employs Usercentrics for GDPR-compliant cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security best practices such as HTTPS and consent management are implemented, though explicit security headers could be improved. The security posture is strong with no visible vulnerabilities or exposed sensitive data. The WHOIS data confirms domain legitimacy and consistency with the business claims. No WAF or blocking mechanisms interfere with content accessibility, enabling full analysis. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable digital presence for a government health insurance entity.

B

BKK Dachverband e.V.

bkk.de

54

BKK Dachverband e.V. is a German healthcare interest association representing 68 company health insurance funds and four regional BKK associations, collectively serving 9 million insured individuals. The website serves as a comprehensive platform for political advocacy, healthcare innovation, prevention, and sustainability topics relevant to statutory health insurance. The organization positions itself as a key stakeholder in the German healthcare system with a medium-sized footprint and a focus on member services and policy influence. Technically, the website is built on TYPO3 CMS, employs modern web technologies including jQuery and Matomo analytics hosted on its own servers, and is hosted on environmentally conscious green hosting infrastructure. The site is well-optimized for mobile and accessibility, with clear navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent implemented, though some advanced security headers and explicit security policies are not published. Privacy compliance is strong, with GDPR-aligned cookie management and transparent data practices. Overall, the site is trustworthy, professional, and well-maintained, serving a specialized healthcare audience.

B

Bayerische Landeszahnärztekammer

blzk.de

64

The Bayerische Landeszahnärztekammer (BLZK) website serves as the official online presence of the statutory professional association representing approximately 17,500 dentists in Bavaria, Germany. The site provides comprehensive information and services for dental professionals, dental staff, and patients, including professional representation, patient counseling, quality management, continuing education, job listings, and radiology services. The website is well-structured, professionally designed, and targets a specialized healthcare audience within the Bavarian region. Technically, the website is built on the IBM Domino CMS platform, utilizing legacy but stable technologies such as jQuery 1.8 and Modernizr, supplemented by Font Awesome icons and Cookiebot for cookie consent management. The site is hosted on servers associated with kasserver.com, a known German hosting provider. Performance is moderate, with good mobile optimization and basic accessibility features. Analytics are handled via Matomo, ensuring privacy-conscious visitor tracking. From a security perspective, the site enforces HTTPS and employs a robust cookie consent mechanism via Cookiebot, supporting GDPR compliance. However, no explicit security headers were detected in the provided data, and the use of an outdated jQuery version may pose potential vulnerabilities. No privacy policy or terms of service pages were clearly identified, which could be improved to enhance compliance and user trust. Overall, the website presents a trustworthy and professional digital front for the BLZK, with a solid business credibility score. Strategic recommendations include updating technical components, enhancing security headers, publishing clear privacy and security policies, and implementing a security.txt file for vulnerability disclosures to further strengthen the security posture and compliance framework.

The website www.jugendhaeuser.de represents the youth self-catering houses affiliated with the Diocese of Würzburg, Germany. It serves as an informational and booking platform for youth groups seeking accommodation in the region. The site is well-positioned within the non-profit and government sector, targeting youth organizations and church-affiliated groups. Key services include providing access to multiple youth houses with self-catering facilities, supported by the Kirchliche Jugendarbeit (kja) of the Diocese. The website maintains a consistent brand identity aligned with the Diocese and offers clear contact information and external links to partner organizations.

F

Fundus Jugendarbeit

fundus-jugendarbeit.de

51

Fundus Jugendarbeit is a German non-profit educational platform focused on providing youth workers and educators with a rich collection of games, methods, and practical resources to support youth work and prevention efforts. The website is well-structured, using WordPress and Elementor, and targets youth work professionals in Germany. It offers categorized content such as games, methodological impulses, and event planning tips, supporting its niche market position effectively. Technically, the site employs a modern CMS with a popular page builder, integrates Matomo analytics configured for privacy by disabling cookies, and implements GDPR-compliant cookie consent mechanisms. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site uses HTTPS and privacy-focused analytics but lacks explicit security headers and published security policies. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website's German origin and domain usage, supporting legitimacy. Overall, Fundus Jugendarbeit presents a trustworthy, privacy-conscious, and content-rich platform for its target audience. Strategic improvements in security headers and explicit incident response policies could further enhance its security posture and trustworthiness.

B

BDKJ Würzburg

bdkj-wuerzburg.de

51

BDKJ Würzburg is a regional non-profit umbrella organization representing 11 Catholic youth associations within the Diocese of Würzburg, Germany. The organization focuses on youth engagement in church and society, providing services such as youth political participation, social projects, and world volunteer services. The website reflects a well-structured, professional presence with clear branding and comprehensive content tailored to its target audience of children and youth involved in church activities. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including Bootstrap, jQuery, and FontAwesome. It incorporates privacy-conscious analytics via Matomo and employs Usercentrics for GDPR-compliant cookie consent management. The site is mobile-optimized, accessible, and demonstrates good SEO practices. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or suspicious activities were detected. The domain WHOIS data is consistent and legitimate, supporting the trustworthiness of the site. Overall, the website presents a low-risk profile with strong privacy compliance and good technical implementation. Strategic improvements could focus on enhancing security headers, publishing security policies, and adding vulnerability disclosure mechanisms to further strengthen trust and security posture.

L

Klientsky portál

livingbypenta.sk

49

The website livingbypenta.sk/login serves as a client portal login page, primarily targeting existing customers or users of the service. The site is built using Bootstrap 4.6.2 for responsive design and integrates Matomo analytics for user tracking. The domain is registered since 2017 with a stable registration and appropriate nameservers, indicating a legitimate and established presence in Slovakia. However, the site lacks publicly accessible business descriptions, contact information, and legal policies such as privacy or cookie policies, which limits transparency and user trust. From a technical perspective, the website employs standard web technologies and includes cache-control headers to prevent caching of sensitive login pages. The site appears to be mobile-optimized and uses modern frameworks, but SEO and accessibility features are basic. Security headers are minimal, and there is no explicit evidence of HTTPS enforcement or advanced security policies, which could be improved to enhance security posture. Security-wise, no WAF or blocking mechanisms were detected, and no immediate vulnerabilities or exposed sensitive data were found in the provided content. However, the absence of privacy and cookie policies, as well as contact information for incident response, represents compliance gaps, especially under GDPR regulations. The use of Matomo analytics suggests some level of user tracking, but without clear privacy disclosures, this may pose privacy concerns. Overall, the website is functional as a login portal but lacks comprehensive compliance and transparency features. Strategic improvements in privacy policy publication, security header implementation, and contact information disclosure are recommended to enhance trustworthiness and regulatory compliance.

B

Bluethumb

bluethumb.com.au

57

Bluethumb is a well-established Australian online art marketplace specializing in original paintings and modern art. Since its founding in 2012, it has positioned itself as a leading platform connecting Australian artists with collectors and art buyers. The website offers free shipping, returns, and insurance, enhancing customer trust and satisfaction. The business model focuses on e-commerce with additional services such as art advisory and trade services. Bluethumb targets art enthusiasts and collectors primarily within Australia.

I

Internetagentur dd-media.de Inh. Guido Kamm

dd-media.de

48

Internetagentur dd-media.de is a small, owner-operated German internet agency founded in 1995, specializing in web design, custom CMS development, and secure web hosting primarily serving the Heringen (Werra) region. The company positions itself as a regional expert with a strong focus on professional and individualized digital solutions. The website reflects a mature digital presence with a consistent brand and clear service offerings. Technically, the site uses modern web technologies including Bootstrap, PHP, and JavaScript, with a custom CMS and Matomo analytics for privacy-conscious tracking. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and GDPR-compliant cookie consent via Usercentrics, though it lacks explicit security headers and incident response information. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

F

Fomanu AG

fotobuch.de

58

Fotobuch.de is a German e-commerce platform operated by Fomanu AG specializing in personalized photo products such as photobooks, calendars, puzzles, and wall pictures. The company positions itself as a market leader in Germany with award-winning products and a strong emphasis on high-quality printing technology and user-friendly design software. The website is professionally designed with excellent content quality, clear navigation, and mobile optimization, targeting consumers looking for personalized photo gifts. Technically, the site uses modern JavaScript libraries like jQuery, integrates a consent management platform, and employs Matomo for privacy-conscious analytics. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. Overall, the site demonstrates a mature digital presence with good privacy compliance and trustworthy business indicators.

The Praxenland website represents a significant healthcare initiative in Germany, supported by the Kassenärztliche Bundesvereinigung (KBV). It focuses on advocating for and supporting approximately 100,000 medical practices including general practitioners, specialists, and psychotherapists. The site emphasizes the importance of maintaining strong healthcare services for the German population, highlighting social, health, and economic benefits. The target audience includes healthcare professionals and the general public interested in healthcare provision in Germany. Technically, the website is built on WordPress using the Elementor page builder, enhanced with plugins for GDPR compliance (Complianz), interactive content (Scrollsequence), and privacy-respecting analytics (Matomo). The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Hosting appears to be managed by agenturserver, a German hosting provider. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms aligned with GDPR. While explicit security headers are not evident in the HTML, the use of security/privacy plugins and absence of exposed sensitive data indicate a solid security posture. No vulnerabilities or suspicious domains were detected. The WHOIS data aligns with the website's German healthcare focus, supporting legitimacy. Overall, the website is professional, trustworthy, and compliant with privacy regulations. However, it lacks explicit contact information and published security or incident response policies. Strategic recommendations include enhancing security headers, publishing incident response and security policies, and providing clear contact channels to improve user trust and compliance.

M

Müllabhol-Zweckverband Rotenburg (MZV)

mzv-service-gmbh.de

53

Müllabhol-Zweckverband Rotenburg (MZV) is a regional public waste management organization based in Bebra, Germany, with a history dating back to 1957. It operates a 100% subsidiary, MZV-Service GmbH, established in 2014, which extends waste disposal and recycling services beyond the core Verband area. The company serves private households, commercial and industrial clients, and dual system operators, emphasizing reliable, customer-focused service delivery. Their offerings include waste consulting, container provision, full-service apartment clearances, and specialized disposal of various waste types. The website reflects a professional and consistent brand presence with clear service descriptions and contact information.

L

Landesvereinigung der Unternehmensverbände NRW (unternehmer nrw)

unternehmer.nrw

59

unternehmer nrw is the leading organization representing employer and economic associations in North Rhine-Westphalia, Germany's most populous state. It serves as a key voice for the regional economy, providing political advocacy, policy positions, and networking opportunities. The website reflects a professional and well-structured digital presence, leveraging TYPO3 CMS and modern web technologies. It offers comprehensive content including news, events, and educational partnerships, targeting business leaders and policymakers. The organization maintains active social media channels and complies with GDPR through clear privacy and cookie policies. Security posture is solid with HTTPS and consent mechanisms, though some advanced security headers and incident response disclosures are absent. WHOIS data is privacy protected, which is typical for such entities, and does not detract from the site's legitimacy. Overall, the site is trustworthy, well-maintained, and aligned with its business mission.

Z

ZVEI e.V.

zvei.org

69

ZVEI e.V. is a prominent German industry association representing the electrical and digital industries. The organization positions itself as a leader in driving digitalization and technological progress within these sectors. Its website offers extensive content on industry topics, market data, and member services, targeting industry professionals and policymakers. The business model centers on advocacy, networking, and providing industry insights to its members. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and a consent-based analytics system (Matomo), reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, employs cookie consent mechanisms, and shows no evident vulnerabilities, though explicit security policies and incident response information are not publicly detailed. Overall, the site is professional, trustworthy, and well-structured, with a strong focus on compliance and user privacy. The lack of WHOIS data is mitigated by the site's evident legitimacy and privacy protection is justified for this type of organization.

B

Bundesverband der Pharmazeutischen Industrie e.V.

bpi.de

56

The Bundesverband der Pharmazeutischen Industrie e.V. (BPI) is a German pharmaceutical industry association representing a broad spectrum of pharma companies nationally and internationally. The website serves as an information hub, providing news, events, publications, and member services targeted at industry professionals, policymakers, and the public. The organization positions itself as a key advocate for the pharmaceutical sector in Germany, emphasizing innovation, healthcare policy, and industry collaboration. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including responsive design and Matomo analytics for user tracking with consent. The site demonstrates good SEO and accessibility practices, though some improvements in accessibility and security headers could be made. The cookie consent mechanism is robust, supporting opt-in and revocation, aligning with GDPR requirements. From a security perspective, the site uses HTTPS with no visible critical vulnerabilities or exposed sensitive data. However, it lacks explicit published security policies, incident response contacts, or vulnerability disclosure mechanisms, which could enhance trust and preparedness. WHOIS data is consistent with the organization's identity, supporting legitimacy. Overall, the website is professional, trustworthy, and well-maintained, serving its role as an industry association portal effectively. Strategic improvements in security transparency and accessibility could further strengthen its posture.

I

IdeenExpo GmbH

ideenexpo.de

62

IdeenExpo GmbH operates Europe's largest youth event focused on technology and natural sciences, attracting hundreds of thousands of young talents biennially. The company organizes interactive exhibitions, workshops, and stage shows to inspire youth and connect them with future career opportunities in STEM fields. Their market position is strong within the education sector in Germany, supported by a professional and consistent brand presence across multiple digital channels. Technically, the website is built on Drupal 9 with modern front-end frameworks and integrates analytics tools like Matomo and Facebook Pixel, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforcement, cookie consent mechanisms, and antibot protections, though some security headers could be improved. Overall, the site is well-optimized for performance, accessibility, and SEO, providing a high-quality user experience. Privacy compliance is robust with clear policies and consent management, though explicit terms of service and incident response details are lacking. The domain registration data aligns well with the website content, indicating legitimacy and trustworthiness.

I

Ingenieurbüro EBL

socialorga.de

40

SocialOrga is a German-based software provider specializing in modular administrative solutions for voluntary social and ecological service organizations such as FSJ, BFD, and FÖJ. The company offers a flexible software suite that supports participant management, deployment sites, seminar organization, and financial accounting. Their business model focuses on modular software sales with custom extensions and integration services, targeting organizations managing voluntary services. The website is professionally designed, mobile-optimized, and hosted on Hetzner servers, indicating a modern technical infrastructure. The use of Next.js and Matomo analytics reflects a contemporary digital maturity level. Security posture is moderate with HTTPS implied but lacks explicit security headers and vulnerability disclosures. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website presents a trustworthy and professional image but would benefit from enhanced privacy and security transparency.

L

lucanize

lucanize.de

62

lucanize is a small technology-focused digital services provider based in Germany, offering business consulting, web development, and digital marketing services. The website is currently under maintenance but provides clear contact information and privacy compliance mechanisms. The technical infrastructure is built on WordPress with modern plugins such as Real Cookie Banner Pro and Matomo Analytics, indicating a moderate level of digital maturity. Security posture is good with HTTPS enforced and bot protection via hCaptcha, though security headers are not explicitly detected. Privacy compliance is strong with GDPR-aligned cookie consent and privacy policies. Overall, the website presents a professional and trustworthy digital presence suitable for its target audience of businesses seeking digital solutions.

S

Stiftung Tierärztliche Hochschule Hannover

tiho-hannover.de

59

The Stiftung Tierärztliche Hochschule Hannover (TiHo) is a prominent academic institution specializing in veterinary medicine, combining modern science with university tradition to serve both humans and animals. The website reflects a well-established university foundation offering education, research, and clinical services. It targets a diverse audience including students, researchers, staff, and the general public interested in veterinary sciences. The institution maintains a strong market position in Germany's veterinary education sector with a comprehensive range of academic and research programs. Technically, the website is built on the TYPO3 CMS with a specialized higher education package, leveraging modern web technologies such as jQuery and Matomo analytics for privacy-conscious user tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Hosting appears to be managed by a reputable academic network provider (DFN). From a security perspective, the site enforces HTTPS and employs a robust cookie consent mechanism compliant with GDPR. However, there is room for improvement in implementing security headers and publishing explicit security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site presents a secure and privacy-aware posture suitable for an academic institution. The overall risk assessment is low, with recommendations focusing on enhancing security headers, publishing security policies, and maintaining up-to-date software components. The website is professional, trustworthy, and compliant with relevant privacy regulations, supporting its role as a reputable educational entity.

Amt für Gemeindedienst, now operating as Wirkstatt evangelisch, is a church-affiliated institution providing support, education, and mission-related services to church employees, volunteers, and congregations primarily in Bavaria and Austria. The organization focuses on fostering community engagement, offering workshops, and distributing resources to strengthen church work and outreach. The website reflects a professional and consistent brand identity aligned with its religious and non-profit mission. Technically, the site is built on TYPO3 CMS with integrations such as Matomo for privacy-conscious analytics and CleverReach for newsletter management. While the site is generally well-structured and accessible, some outdated technologies like jQuery 1.4.4 present potential security risks. Security posture is moderate, with HTTPS enforced and minimal cookie use, but lacking explicit security headers and published security policies. Overall, the site is trustworthy, privacy-aware, and serves its target audience effectively.

O

Ostbayerische Technische Hochschule Regensburg

oth-regensburg.de

62

The Ostbayerische Technische Hochschule Regensburg (OTH Regensburg) is a prominent higher education institution in Bavaria, Germany, offering a wide range of Bachelor, Master, and continuing education programs with a strong emphasis on applied sciences and research. The website reflects a well-established university with a strong market position, recognized by awards such as the Study-Check Award 2025. The institution targets students, researchers, and professionals seeking academic and career advancement. Technically, the website is built on TYPO3 CMS, employs modern JavaScript modules, and uses Matomo for analytics, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. Security-wise, the site enforces HTTPS, implements cookie consent mechanisms, and avoids exposing sensitive data, though it lacks explicit published security policies or incident response contacts. Overall, the website is trustworthy, compliant with GDPR, and demonstrates good security hygiene.

E

Eckstein - das Haus der Evang.-Luth. Kirche in Nürnberg

eckstein-evangelisch.de

43

Eckstein is a medium-sized non-profit institution serving as the heart of the Evangelical Lutheran Church in Nuremberg. It offers a broad range of educational, counseling, and community services, hosting events and providing meeting spaces in the city center. The website reflects a well-structured, professionally designed platform that effectively communicates its mission and services to a general audience interested in evangelical church activities. Technically, the site is built on TYPO3 CMS with Bootstrap and incorporates modern web technologies ensuring good performance, mobile optimization, and accessibility. Privacy compliance is well addressed with GDPR-aligned policies and a cookie consent mechanism. Security posture is solid with HTTPS and privacy-conscious analytics, though additional security headers and incident response information could enhance trust. Overall, the site is trustworthy, safe, and professionally maintained, supporting the institution's community-focused mission.

H

Holzhofer Consulting GmbH

holzhofer-consulting.de

64

Holzhofer Consulting GmbH is a specialized consulting firm based in Munich, Germany, focusing on data protection, IT, and information security services. With over 14 years of experience, the company positions itself as a pioneer in external data protection officer services and information security management. Their key offerings include GDPR compliance consulting, ISO 27001 certification support, risk management, audits, and employee training. The firm targets medium-sized enterprises primarily within Germany, emphasizing practical and tailored solutions to ensure business continuity alongside compliance. Technically, the website employs modern web technologies such as Bootstrap for responsive design and Matomo for privacy-conscious analytics. Hosting is managed via kundencontroller.de, consistent with the domain's nameservers. The site is well-structured, mobile-optimized, and demonstrates good SEO practices, although some accessibility features could be enhanced. No CMS was explicitly detected, suggesting a custom or lightweight solution. From a security perspective, the site uses HTTPS with a good SSL configuration and avoids exposing sensitive data. However, it lacks explicit security headers and a cookie consent mechanism, which are important for GDPR compliance and security hardening. The presence of numerous industry-recognized certifications and a clear incident response section indicates a mature security posture. No vulnerabilities or suspicious domains were detected, and the privacy settings in analytics reflect a commitment to user privacy. Overall, Holzhofer Consulting presents a professional, trustworthy, and secure online presence aligned with its business focus. Strategic improvements in cookie consent, security headers, and vulnerability disclosure would further enhance compliance and security posture.

K

Kassenärztliche Vereinigung Hessen

asv-hessen.de

59

The website www.asv-hessen.de represents the Kassenärztliche Vereinigung Hessen, a regional healthcare authority in Germany focused on the ambulante spezialfachärztliche Versorgung (ASV), which is a specialized outpatient care service for rare and severe diseases. The site provides comprehensive information for healthcare professionals and institutions about participation, billing, and regulatory frameworks. It serves as an authoritative resource for the ASV program in Hessen, targeting medical specialists, hospitals, and patients. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries like jQuery and Matomo for analytics. The site is hosted on Anexia servers, uses HTTPS with good SSL configuration, and implements GDPR-compliant cookie consent mechanisms. The design is professional, mobile-optimized, and accessible, with clear navigation and relevant metadata enhancing SEO. From a security perspective, the site enforces HTTPS and uses cookie consent for privacy compliance. However, it lacks publicly visible security policies, incident response contacts, and advanced security headers, which are recommended for improved security posture. No vulnerabilities or suspicious content were detected. Overall, the website is trustworthy, well-maintained, and compliant with privacy regulations, serving its public healthcare mission effectively. Strategic improvements in security transparency and incident response readiness would further enhance its security maturity.

D

Die evangelische Kirche

kirche-entdecken.de

44

Kirche-entdecken.de is a German non-profit educational website operated by the Evangelische Kirche, targeting children to explore and learn about the Christian faith through interactive content, games, quizzes, videos, and crafts. The platform is well-established and sponsored by major regional church organizations, positioning it as a trusted resource for religious education for children in Germany. Technically, the site is built on the TYPO3 CMS platform, uses modern web technologies, and is hosted on German infrastructure with good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and privacy-respecting analytics via Matomo, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, but no explicit terms of service or security policy pages are found. Overall, the site is safe, professional, and trustworthy with no adult or questionable content.

B

Bundesverband Kulturloge e.V.

kulturloge.de

63

The Bundesverband Kulturloge e.V. is a German non-profit organization dedicated to promoting cultural access for people with low income by mediating free tickets to cultural events such as theater, cinema, sports, and concerts. The organization supports the founding of regional Kulturlogen and provides a specialized ticket database and print templates free of charge. Their volunteer-based approach emphasizes dignity and respect for the beneficiaries, known as 'Kulturgäste'. The website reflects a well-established national association with clear communication and partnership with LOTTO Hessen. Technically, the website is built on WordPress 6.8.3 using the Avada theme and child theme, incorporating modern web technologies including jQuery and Matomo analytics configured for privacy compliance. The site is mobile-optimized with good SEO practices and a cookie consent mechanism aligned with GDPR requirements. However, no explicit security policy or incident response contacts are published. From a security perspective, the site uses HTTPS with a good SSL configuration and privacy-conscious analytics. Security headers are not explicitly detected, and there is no public vulnerability disclosure or security.txt file. The absence of incident response contacts and security policy pages represents an area for improvement. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving its non-profit mission effectively. Strategic recommendations include publishing security and incident response policies, enhancing security headers, and considering a vulnerability disclosure mechanism to further strengthen trust and security posture.

German Software e.V. is a German initiative focused on promoting excellence in software engineering with an emphasis on IT security and data protection standards 'Made in Germany'. The website serves as a platform to highlight the quality and security of German IT products and companies, targeting primarily German IT firms and customers seeking secure and compliant software solutions. The business model is that of a non-profit initiative aiming to foster trust and quality in the German IT sector. Technically, the website is built on WordPress, utilizing common libraries such as jQuery and Matomo for analytics. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. Security posture is adequate with HTTPS enforced and spam protection via honeypot, but lacks advanced security headers and explicit security policies. Privacy compliance is partial, with a privacy policy linked externally but no cookie consent mechanism visible. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

S

Sign & Digital UK

signuk.com

53

Sign & Digital UK is an established event organizer specializing in the signage and digital printing industry, hosting trade shows at the NEC Birmingham. The website presents a professional and consistent brand image targeting industry professionals and businesses. The technical infrastructure is based on WordPress with a modern theme and SEO tools, integrating analytics and social media SDKs. Security posture is adequate with HTTPS and some security headers, but lacks DNSSEC and explicit security policies. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the site is credible and functional with room for improvement in security and compliance documentation.

S

Schönstatt-Zentrum Marienberg

schoenstatt-bamberg.de

63

Schönstatt-Zentrum Marienberg is a small, non-profit religious community center in Germany focused on the Schönstatt movement. It offers guest and youth house accommodations, spiritual events, and community programs targeting religious community members, families, and youth groups. The website is professionally designed with good content quality, clear navigation, and strong accessibility features. Technically, it uses the Alkacon Mercury CMS platform, integrates Matomo analytics for privacy-conscious tracking, and hosts content on servers associated with keymachine.de. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though security headers could be improved. Overall, the site is trustworthy and compliant with GDPR, providing clear contact information and privacy policies.

P

Polsko-Niemiecka Współpraca Młodzieży (PNWM)

szerpa-ezr.org

40

Szerpa is a specialized educational website focused on sustainable development education for youth, primarily targeting youth workers in Poland, Germany, and other countries. It is operated under the auspices of the Polsko-Niemiecka Współpraca Młodzieży (PNWM), a non-profit organization. The site offers educational content, methodologies, and project examples to support international youth meetings with a sustainability perspective. Technically, the website is built on WordPress with modern libraries and plugins, including multilingual support and privacy-conscious analytics via Matomo. The site is well-structured, mobile-optimized, and accessible, providing a good user experience. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and explicit security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is trustworthy and professionally maintained, with room for improvements in security and privacy transparency.

S

SalesViewer

dmndfrcstng.com

56

SalesViewer is a technology company specializing in B2B sales intelligence and lead generation software. Their platform identifies website visitors and converts them into actionable sales leads, targeting sales and marketing professionals primarily in the European market. The company positions itself as a trusted SaaS provider with ISO 27001 certification and a strong focus on GDPR compliance. The website is professionally designed, mobile-optimized, and uses modern web technologies including WordPress and Matomo analytics. Security posture is strong with HTTPS enforcement and security headers, though the absence of public WHOIS data slightly reduces domain trust. Overall, SalesViewer demonstrates a mature digital presence with good privacy and security practices.

S

SalesViewer

gtmrkt.com

56

SalesViewer is a technology company specializing in B2B sales intelligence and lead generation software. Their platform identifies website visitors and provides actionable company data to enhance sales and marketing efforts. Positioned as an established player in the sales enablement market, SalesViewer targets B2B sales teams and marketing professionals with a SaaS subscription model. The website demonstrates a high level of digital maturity, leveraging WordPress CMS, modern frameworks like Bootstrap, and privacy-conscious analytics via Matomo. Security posture is strong with HTTPS enforcement and security headers, though the absence of a public security policy and incident response contacts suggests room for improvement. Overall, the site is professional, well-optimized for SEO and mobile, and compliant with GDPR regulations. The lack of WHOIS data slightly reduces trust but does not detract from the business credibility evident on the site.

H

HERING Group

heringinternational.eu

47

HERING Group is a medium-sized, well-established company specializing in systemized construction solutions primarily for the transportation and infrastructure sectors. Founded in 1892 and based in Germany, the company offers a broad portfolio including architectural concrete façades, railway construction, public toilet facilities, noise protection, modular platforms, and sustainable technologies such as organic photovoltaics. Their market position is strong with a focus on quality, sustainability, and innovation, supported by approximately 700 employees and international project experience. Technically, the website is built on TYPO3 CMS with modern frontend technologies like Bootstrap and Swiper.js, and uses Matomo for privacy-conscious analytics. The site is well-structured, mobile-optimized, and professionally designed, providing a good user experience and clear navigation. However, some technical improvements are recommended, such as adding security headers and cookie consent mechanisms to enhance compliance and security posture. From a security perspective, the site uses HTTPS with good SSL configuration and does not expose sensitive data or vulnerable libraries. The absence of security headers and a formal incident response or vulnerability disclosure policy are areas for improvement. The WHOIS data for the domain is missing, which raises concerns about domain registration transparency, although the website content and social media presence strongly indicate a legitimate business. Overall, the website presents a professional and trustworthy image with minor compliance and security gaps. Strategic recommendations include implementing cookie consent, enhancing security headers, publishing incident response contacts, and verifying domain registration details to improve trust and compliance.

K

KÜHN Sicherheit GmbH

shop-fuer-sicherheit.de

52

Shop für Sicherheit - KÜHN Sicherheit GmbH operates a specialized e-commerce platform focused on security products such as door locks, locking cylinders, and related safety technology. The company holds reputable certifications including VdS and DIN EN 9001 and is a member of recognized industry associations, positioning it as a trusted player in the German security retail market. The website targets both private and business customers seeking high-quality security solutions. Technically, the site is built on the Shopware platform, utilizing modern web technologies like jQuery and FontAwesome, and integrates analytics tools such as Google Tag Manager and Matomo for user tracking and marketing insights. The site is mobile-optimized with good navigation and content quality, supporting a positive user experience. Security posture is strong with HTTPS enforced, CSRF protection on forms, and a comprehensive cookie consent mechanism, although some HTTP security headers could be improved. Overall, the domain registration data aligns with the business claims, supporting legitimacy and trustworthiness.

E

ELRA Elektro Anlagenbau GmbH

elra-elektro.de

54

ELRA Elektro Anlagenbau GmbH is a medium-sized German company specializing in electrical engineering, energy technology, and related services such as installation, project planning, and maintenance. Established in 1990, it serves industrial, commercial, and municipal clients with a focus on quality and professional project management. The company operates primarily from its headquarters in Haldensleben, Germany, with a workforce of approximately 50 skilled professionals. The website reflects a mature digital presence built on WordPress with Elementor, featuring professional design and clear navigation. Technically, the website employs modern web technologies including jQuery, Matomo analytics for user tracking, and Borlabs Cookie for GDPR-compliant cookie management. Hosting is provided via rzone.de, and the site uses HTTPS with a good SSL configuration. While security best practices such as cookie consent are implemented, explicit security headers and a formal security policy are absent, representing areas for improvement. From a security perspective, the site shows no signs of blocking or WAF interference, no exposed sensitive data, and no visible vulnerabilities. Privacy compliance is well addressed with a privacy policy and cookie consent mechanism. However, incident response contact details and vulnerability disclosure information are missing, which could enhance trust and preparedness. Overall, ELRA Elektro Anlagenbau GmbH presents a trustworthy and professional online presence consistent with its business profile. Strategic recommendations include enhancing security headers, publishing a security policy, and providing incident response contacts to strengthen security posture and compliance.

A

ACCONSIS - Wirtschaftsprüfung, Steuerberatung, Rechtsberatung, Unternehmensberatung, Finanzierungsberatung

acconsis.de

65

ACCONSIS is a well-established professional services firm based in Munich, Germany, offering tax consultancy, legal advice, auditing, management consulting, and financial consulting. With over 60 years of experience, the company targets both corporate clients and private individuals, positioning itself as a trusted and comprehensive consulting partner. The website reflects a mature market presence with strong branding and trust indicators such as industry certifications and awards. Technically, the site is built on WordPress with modern SEO and analytics tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS, security headers, and form protections, though dedicated security and incident response policies are not publicly disclosed. Overall, the domain and website present a credible and professional digital footprint consistent with the company's business claims.

B

BUND Landesverband Nordrhein-Westfalen e.V.

bund-nrw.de

58

BUND Landesverband Nordrhein-Westfalen e.V. is a well-established non-profit environmental organization focused on nature and environmental protection in the German state of Nordrhein-Westfalen. The website serves as a comprehensive platform for advocacy, education, membership engagement, and public awareness campaigns. It maintains a strong regional presence with active social media channels and regularly updated content including news, publications, and event information. Technically, the site is built on the TYPO3 CMS platform, employs privacy-conscious analytics via Matomo, and uses tarteaucitron.js for cookie consent management, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit incident response policies are absent. Privacy compliance is robust, with clear privacy and cookie policies in German, aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-suited to its audience of environmentally conscious citizens and activists in NRW.

S

Sozialverband Deutschland e.V.

sovd-rentenlabyrinth.de

51

The Sozialverband Deutschland e.V. (SoVD) is a well-established non-profit organization focused on social welfare and pension advisory services in North Rhine-Westphalia, Germany. The website serves as an informational and service platform, providing guidance on pensions, social law, and related social services. It targets German residents seeking support navigating social security and pension systems. The organization maintains a strong regional presence with multiple advisory centers and active social media engagement. Technically, the website is built on TYPO3 CMS with modern web technologies including Bootstrap, jQuery, and integrates analytics and chatbot tools for enhanced user experience. Privacy and cookie consent mechanisms are robust and GDPR compliant. Security posture is good with HTTPS enforced, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the site reflects a professional, trustworthy, and user-friendly platform for social welfare services.

S

Sozialverband Deutschland Landesverband Schleswig-Holstein e.V.

sovd-sh.de

55

The Sozialverband Deutschland Landesverband Schleswig-Holstein e.V. (SoVD SH) is a regional non-profit social association dedicated to supporting individuals in difficult life situations, focusing on social justice, inclusion, and advocacy in Schleswig-Holstein, Germany. The website serves as an information and engagement platform offering social counseling, political representation, and volunteer opportunities. It targets seniors, socially disadvantaged groups, and people with disabilities. The organization maintains a solid regional presence with a medium-sized operational scale and a consistent brand image. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including jQuery and Klaro for cookie consent management. It employs Matomo analytics, reflecting a privacy-conscious approach. The site is mobile-optimized, accessible, and SEO-friendly, with good performance metrics. Hosting details are not explicit but the domain uses multiple UI-DNS name servers indicating professional hosting. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, but lacks explicit security policy documentation and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The absence of security headers and vulnerability disclosure mechanisms suggests room for improvement in security posture. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR requirements. It effectively supports the organization's mission but could enhance transparency around security policies and incident handling to further strengthen user trust and compliance.

S

Sozialverband Deutschland e.V.

sovd-rps.de

55

The SoVD Rheinland-Pfalz / Saarland website represents a well-established non-profit social advocacy organization in Germany, providing social law advice and support primarily to residents of Rheinland-Pfalz and Saarland. The organization leverages over 100 years of experience and offers services such as social counseling, legal pattern lawsuits, and member engagement. The website is professionally designed, content-rich, and targets individuals seeking social welfare assistance. Technically, the site is built on TYPO3 CMS, uses jQuery and Bootstrap frameworks, and integrates privacy-focused Matomo analytics alongside a clear cookie consent mechanism. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the site is trustworthy, accessible, and compliant with GDPR requirements.

S

Sozialverband Deutschland e.V. Landesverband Hessen

sovd-he.de

56

The Sozialverband Deutschland e.V. Landesverband Hessen is a regional branch of a large non-profit social association in Germany focused on social advocacy, member services, and social policy information. The website provides comprehensive information about their services including social counseling, legal model lawsuits, care level calculators, and recreational facilities. It targets members and socially engaged individuals in Hessen, Germany. The organization maintains a strong digital presence with regular news updates and social media engagement. Technically, the website is built on TYPO3 CMS, uses modern JavaScript libraries like jQuery, and integrates privacy-respecting analytics via Matomo. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Cookie consent is managed via Klaro, ensuring GDPR compliance. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms but lacks explicit published security policies or incident response contacts. No vulnerabilities or suspicious content were detected. The domain registration is consistent with the organization's identity, though the name servers are generic. Overall, the security posture is good but could be improved with additional security headers and transparency. The overall risk assessment is low with strong trust indicators and professional presentation. Strategic recommendations include publishing a security policy, incident response information, and enhancing security headers to further strengthen the security posture and user trust.

S

Sozialverband Deutschland Landesverband Bremen e.V.

sovd-hb.de

56

Sozialverband Deutschland Landesverband Bremen e.V. is a well-established non-profit social advocacy organization with a century of experience, focusing on social justice, legal advice, and member services in the Bremen region of Germany. The website serves as an information hub for social policy developments, member benefits, and community engagement. It targets individuals facing social insecurity and those seeking social legal support. The organization maintains a strong market position as Germany's longest-standing social association, offering services such as free social law consultation, online tools, and a members' magazine.

S

Sozialverband Deutschland e.V.

sovd-bbg.de

54

The Sozialverband Deutschland e.V., Landesverband Berlin-Brandenburg, is a well-established non-profit social association focused on social advocacy, counseling, and political engagement for socially disadvantaged individuals and people with disabilities in the Berlin and Brandenburg region. The website serves as an information hub for members and the public, offering services such as social counseling, political representation, volunteer opportunities, and community events. The organization leverages a professional TYPO3 CMS platform with modern web technologies and privacy-conscious analytics (Matomo). The site is well-structured, mobile-optimized, and provides clear navigation and content relevant to its target audience. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the website reflects a credible and trustworthy organization with a strong regional presence.

S

Sozialverband Deutschland e.V.

sovd-bayern.de

55

The Sozialverband Deutschland e.V., Landesverband Bayern, is a well-established non-profit social association focused on providing social counseling, legal advice, and advocacy services to members and the public in Bavaria, Germany. The website serves as an information hub for social policy updates, membership services, and community engagement. It maintains a strong presence through social media and offers digital tools such as an online Pflegegradrechner and access to their members' newspaper as an e-paper. Technically, the site is built on TYPO3 CMS, uses modern frontend technologies, and implements privacy-conscious analytics with Matomo. The cookie consent mechanism Klaro is in place, ensuring GDPR compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the site is professional, trustworthy, and serves its target audience effectively.

S

Sozialverband Deutschland e.V.

sovd-bawue.de

56

The Sozialverband Deutschland e.V., Landesverband Baden-Württemberg, is a well-established non-profit organization focused on social welfare, legal advice, and advocacy within the Baden-Württemberg region of Germany. The website serves as a comprehensive portal offering information on social policies, legal counseling, membership services, and community engagement. It targets individuals seeking social support and legal guidance, emphasizing inclusivity and accessibility. The organization leverages a modern TYPO3 CMS platform, enhanced with privacy-conscious analytics (Matomo) and a robust cookie consent mechanism (Klaro), reflecting a mature digital infrastructure. The site is mobile-optimized, accessible, and professionally designed, supporting a positive user experience.

I

Integrated Carbon Observation System (ICOS)

icos-cp.eu

72

ICOS (Integrated Carbon Observation System) is a European research infrastructure dedicated to providing standardized greenhouse gas measurements across Europe. It operates a network of stations in atmosphere, ecosystem, and ocean domains coordinated by national networks in 16 member countries. The organization supports climate science, policy-making, and societal impact through open data and community services. The website reflects a mature digital presence with a modern Drupal 10 CMS, responsive design, and integration of analytics tools such as Matomo. It offers comprehensive resources, data portals, and educational materials targeting scientists, policy-makers, and the general public. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security headers and policies could be improved. WHOIS data is privacy protected, which is justified for this type of research infrastructure. Overall, ICOS demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations.