Government security reports

A

Austrian Research Promotion Agency (FFG)

digitalbarrierefrei.at

0

Digitalbarrierefrei.at is an authoritative Austrian government-supported platform managed by the Austrian Research Promotion Agency (FFG). It provides comprehensive resources, training, and services focused on digital accessibility compliance, particularly for public sector institutions in Austria. The website serves as a central hub for information on legal frameworks, accessibility criteria, complaint submission, and regional contact points across federal provinces. Technically, the site is built on the Contao Open Source CMS, uses jQuery and Matomo analytics configured for privacy, and implements a robust cookie consent mechanism with blocking until user consent. The site is well-optimized for accessibility and mobile devices, reflecting its mission. Security posture is solid with HTTPS and CSRF protections, though additional security headers and published policies could enhance trust. Overall, the site is professional, trustworthy, and highly relevant to its target audience.

U

United Nations Global Compact

unglobalcompact.org

0

The United Nations Global Compact website represents a well-established, globally recognized non-profit initiative focused on promoting corporate sustainability and responsible business practices aligned with the UN Sustainable Development Goals. The organization operates under the United Nations umbrella and targets businesses, governments, civil society, and young professionals worldwide. The website effectively communicates its mission, key services, and impact through professional design and comprehensive content. Technically, the site employs a modern technology stack including JavaScript frameworks, Google Tag Manager, Hotjar, and Stripe for payments, hosted on Amazon Cloudfront CDN. The site is performant, mobile-optimized, and accessible, with clear navigation and SEO best practices. Cookie consent and privacy policies are implemented with high compliance standards, reflecting GDPR adherence. From a security perspective, the site uses HTTPS with good SSL configuration and domain transfer protections. However, DNSSEC is not enabled, and no explicit security or incident response policies are published. The use of multiple third-party analytics and marketing tools introduces moderate tracking but is managed transparently with user consent. Overall, the website is trustworthy, professional, and secure with minor areas for improvement in security policy transparency and DNS security. The domain registration data aligns well with the organization's history, reinforcing legitimacy. Strategic recommendations include enabling DNSSEC, publishing security policies, and enhancing security headers to further strengthen the security posture.

U

U.S. Department of Commerce - International Trade Administration

dataprivacyframework.gov

0

The Data Privacy Framework website is an official U.S. government platform managed by the Department of Commerce's International Trade Administration. It serves as a resource and certification portal for U.S. organizations to comply with data transfer regulations from the European Union, United Kingdom, and Switzerland. The site targets multiple audiences including U.S. businesses, European businesses, individuals, and data protection authorities, providing program overviews, self-certification processes, and lists of participants. The business model is government-driven, focusing on regulatory compliance facilitation rather than commercial services. Technically, the website employs a modern frontend stack including React, Bootstrap, jQuery UI, and Font Awesome, hosted on Microsoft Azure Blob Storage. The site demonstrates good mobile responsiveness, accessibility, and SEO optimization. Performance is moderate, with no major technical issues detected. However, explicit security headers are not visible in the HTML, and no cookie consent mechanism is present, which are areas for improvement. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. The lack of visible security headers and absence of published security or incident response policies suggest room for enhancement in security posture. No vulnerabilities or malicious content were detected. WHOIS data is incomplete, likely due to .gov domain privacy restrictions, but the domain's official status and content confirm legitimacy. Overall, the website is a trustworthy, professional government resource with good content quality and technical implementation. Strategic recommendations include adding security headers, implementing cookie consent, publishing security policies, and enhancing transparency around incident response to strengthen compliance and trust.

B

Bundesrepublik Deutschland

govdata.de

0

GovData is the official open data portal for Germany, providing centralized access to datasets from all levels of government administration. It serves a broad audience including government agencies, researchers, developers, and the general public interested in open government data. The platform offers key services such as dataset search, SPARQL query assistance, and regional data filtering by federal states. The website is well-branded with consistent government identity and maintains a strong market position as the national open data hub. Technically, the site is built using modern web technologies including React and Next.js, with Matomo analytics for privacy-conscious user tracking. The site demonstrates excellent performance, mobile optimization, and accessibility features. Security posture is strong with HTTPS enforcement and appropriate security headers, though there is room for improvement in publishing explicit security policies and incident response information. Overall, GovData exhibits a high level of professionalism, trustworthiness, and compliance with GDPR, supported by clear privacy and usage policies. The absence of cookie consent mechanisms and vulnerability disclosure pages are minor gaps. The domain registration data aligns well with the official nature of the site, reinforcing its legitimacy. Strategic recommendations include implementing explicit cookie consent, publishing security and incident response policies, and enhancing accessibility further to maintain leadership in government open data provision.

M

Ministerium fuer Inneres und Kommunales NRW

open.nrw

0

Open.NRW is the official Open Government and Open Data portal of the North Rhine-Westphalia state government in Germany. It provides a comprehensive platform for transparency, citizen participation, and access to open datasets from the public sector. The portal targets citizens, municipalities, government agencies, and service providers, offering data, project information, and participation opportunities. Technically, the site is built on Drupal CMS, uses Matomo for privacy-conscious analytics, and implements cookie consent mechanisms compliant with GDPR. Security posture is strong with HTTPS and privacy features, though DNSSEC is not enabled. The domain registration aligns with the official government entity, reinforcing trust and legitimacy. Overall, the site demonstrates high professionalism, good technical implementation, and strong privacy compliance.

W

WestLotto

westlotto.com

0

WestLotto is the official state lottery operator for North Rhine-Westphalia (NRW), Germany, providing a range of lottery and gaming services including LOTTO, Eurojackpot, KENO, TOTO, and GlücksSpirale. The website serves as a comprehensive portal for players in NRW, offering game information, statistics, and service support. It holds a strong market position as a government-backed entity with a trusted brand and consistent user experience. Technically, the website employs modern JavaScript libraries, tag management via Tealium, and GDPR-compliant consent management through Usercentrics, hosted likely on Deutsche Telekom infrastructure. Security posture is robust with HTTPS, security headers, and monitoring scripts, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site is professional, secure, and compliant with privacy regulations, targeting general adult audiences interested in legal lottery gaming.

S

Stadt Münster

smartcity.ms

0

Smart City Münster is a municipal initiative focused on advancing the city of Münster through technology, sustainability, and social inclusion. The website serves as a communication and coordination platform for smart city projects, digital citizen participation, and urban innovation. It is positioned as a leading local government project with a clear target audience of citizens and city stakeholders. The technical infrastructure is based on a modern WordPress CMS with Elementor and related plugins, providing a responsive and well-structured user experience. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is strong with clear GDPR-aligned policies and cookie consent mechanisms. Overall, the site reflects a professional government project with good trust indicators and no suspicious elements.

L

Landschaftsverband Westfalen-Lippe (LWL)

lwl.org

0

The Landschaftsverband Westfalen-Lippe (LWL) operates as a regional government authority in Germany, providing a wide range of public services including cultural management, social welfare, healthcare, and educational programs. The website serves as an official portal for residents and stakeholders in the Westfalen-Lippe region, offering comprehensive information and access to services. The organization holds a strong market position as a public sector entity with a large operational scope. Technically, the website is built on a Django-based CMS with integrations such as jQuery, Matomo analytics, and ReadSpeaker for accessibility. The infrastructure appears stable with good mobile optimization and accessibility features, although some SEO enhancements could be beneficial. The site employs HTTPS and standard security headers, reflecting a solid security posture. Security-wise, the site demonstrates good practices including cookie consent mechanisms and no visible vulnerabilities or exposed sensitive data. However, the absence of a Content Security Policy and reliance on third-party scripts suggest areas for improvement. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website is trustworthy and professional, with no indications of malicious activity or content safety concerns. The lack of WHOIS data is mitigated by the domain's association with an official government domain and consistent branding. Strategic recommendations include enhancing security headers, improving SEO, and maintaining regular audits of third-party components to sustain security and compliance.

I

IHK Nord Westfalen

ihk-nordwestfalen.de

0

IHK Nord Westfalen is a regional chamber of commerce in Germany providing consulting, training, and support services to member companies. The website serves as an information portal for businesses in the Nord Westfalen region, offering access to various business services and educational resources. The organization holds a strong market position as a governmental business support entity with a clear focus on regional economic development. Technically, the website employs a custom CMS and integrates modern technologies such as Cookiebot for GDPR-compliant cookie management, Cloudflare for DNS and bot protection, and eTracker for analytics. The site demonstrates good performance, mobile optimization, and accessibility, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, uses security headers, and implements a robust cookie consent mechanism. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a security.txt file and explicit incident response contacts suggests room for improvement in transparency and incident management. Overall, the website is professional, trustworthy, and compliant with privacy regulations. The risk profile is low, with recommendations focusing on enhancing security header policies, publishing vulnerability disclosure information, and maintaining regular audits of third-party scripts.

P

Pensplan Centrum

pensplan.com

0

Pensplan Centrum operates as an institutional government entity focused on pension planning services, primarily serving the Swiss market. The website presents itself as an official informational portal with a professional design and consistent branding. The technical infrastructure is based on WordPress CMS, enhanced with Bootstrap Italia for responsive design and WP Rocket for performance optimization. DNS is managed via Microsoft Online, indicating a professional hosting environment. Security posture is moderate; HTTPS is enabled but lacks advanced security headers and explicit privacy or cookie policies. No incident response or vulnerability disclosure mechanisms are evident, which could be improved to enhance trust and compliance. Overall, the domain registration data aligns well with the website's institutional nature, supporting legitimacy and trustworthiness.

N

Nemzeti Kulturális Alap

nka.hu

0

Nemzeti Kulturális Alap is a Hungarian government entity focused on supporting cultural projects through grant funding. The website serves as an information and service portal for artists, cultural institutions, and the public interested in cultural funding opportunities. It has a well-structured design with clear navigation and is optimized for mobile devices. The technical infrastructure is based on WordPress CMS with common plugins and integrations such as Google Analytics and Google Custom Search Engine, hosted likely on government infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with a comprehensive data protection notice and GDPR cookie consent. Business credibility is high given the domain age, WHOIS consistency, and government affiliation. Overall, the website is professional, trustworthy, and serves its purpose effectively.

B

Bundesministerium für Wirtschaft und Klimaschutz

data-infrastructure.eu

0

The Bundesministerium für Wirtschaft und Klimaschutz (Federal Ministry for Economic Affairs and Climate Action) operates an official website focused on the Gaia-X project, a European initiative to develop a sovereign, federated data infrastructure. The ministry plays a key role in fostering digital sovereignty, innovation, and interoperability across Europe, targeting businesses, policymakers, and scientific communities. The website serves as an information hub and promotes collaboration through the German Gaia-X Hub and related initiatives. Technically, the website employs modern web technologies including jwplayer for video content, eTracker for analytics with privacy considerations, and responsive design elements ensuring good mobile optimization and accessibility. Hosting is managed via a professional managed IP provider consistent with government standards. The site demonstrates strong SEO and usability features with clear navigation and comprehensive metadata. From a security perspective, the site uses HTTPS and cookie consent mechanisms, provides a data protection officer contact, and avoids exposing sensitive data. However, explicit security headers like CSP and X-Frame-Options are not clearly visible and could be improved. No vulnerability disclosure or incident response policies are published, which is a potential area for enhancement. Overall, the website is trustworthy, professional, and compliant with GDPR, serving as a reliable source for information on the Gaia-X ecosystem. It maintains a high standard of content quality and technical implementation, with minor recommendations to strengthen security posture and transparency.

W

Wirtschaftskammer Österreich (WKO)

charta-der-vielfalt.at

0

The Wirtschaftskammer Österreich (WKO) operates the website hosting the 'Charta der Vielfalt' initiative, promoting diversity and inclusion across Austrian businesses. The site serves as an authoritative platform offering resources, events, and support for organizations to embrace societal diversity. It targets enterprises and organizations within Austria, positioning itself as a leading government-affiliated economic chamber with a strong commitment to social values. Technically, the website employs modern web technologies including Bootstrap and jQuery, is mobile-optimized, and uses a reputable CMS (Gentics). Security posture is robust with HTTPS enforcement, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts are absent. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site reflects high professionalism, trustworthiness, and content quality, supporting its role as a government-backed initiative.

H

Horizon Europe Community Österreich

horizon-europe-community.at

0

The Horizon Europe Community Österreich website serves as a specialized networking and collaboration platform for researchers, organizations, and citizens engaged with Horizon Europe funding in Austria. It facilitates matchmaking, event participation, and dissemination of funding opportunities, positioning itself as a niche community hub supported by the b2match platform. The site is well-structured, content-rich, and targets a professional audience interested in European research funding and cooperation. Technically, the site leverages modern web technologies including React with Next.js, Google OAuth for authentication, and WebSocket for real-time features, hosted on Google Cloud infrastructure. It demonstrates good digital maturity with mobile optimization and accessibility considerations. Security-wise, the site enforces HTTPS, employs standard security headers, and integrates cookie consent mechanisms compliant with GDPR. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the site is trustworthy, professionally maintained, and aligned with its business purpose, with no signs of malicious content or vulnerabilities.

A

Association DECLIC

asso-declic.fr

0

Association DECLIC operates as a non-profit network dedicated to the mutualization of information, experiences, and technological and regulatory monitoring for local authorities and associated structures in France. The organization positions itself as a niche player focused on public interest and collective benefit, leveraging digital tools to facilitate knowledge exchange. The website reflects a small-sized entity with a clear mission and target audience, supported by social media presence on Facebook, Twitter, and LinkedIn. Technically, the website is built on WordPress using Elementor and several modern plugins, ensuring a good level of digital maturity and SEO optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit policies could be improved. Privacy compliance is basic with a cookie consent mechanism but lacking a clear privacy policy. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and contact information.

N

NEOGOV

neogov.com

0

NEOGOV is a well-established government software company specializing in a comprehensive HR suite tailored for the public sector. Their platform addresses the entire employee lifecycle with integrated solutions for recruiting, onboarding, performance management, learning, compliance, and more. The company is positioned as a trusted leader with over 6000 government agencies as customers, supported by strong certifications and compliance with public sector regulations. Technically, the website is built on HubSpot CMS with modern marketing and analytics tools, delivering a professional, mobile-optimized, and accessible user experience. Security posture is robust, with HTTPS, data encryption, and adherence to multiple industry standards including SOC 2 Type II and NIST 800-53. Privacy compliance is well-handled with clear policies and cookie consent mechanisms. WHOIS data is unavailable publicly, likely due to privacy protection, but the website's content and trust signals strongly indicate legitimacy. Overall, NEOGOV presents a mature, secure, and credible digital presence aligned with its enterprise government HR software business.

S

Sächsische Landesstiftung Natur und Umwelt

schlosspark-wechselburg.de

0

The website www.schlosspark-wechselburg.de represents a project under the Sächsische Landesstiftung Natur und Umwelt, a governmental foundation focused on nature and environmental protection in Saxony, Germany. The site provides information about funding projects, environmental education, and conservation efforts. It targets citizens, educators, and environmental stakeholders in the region. The foundation holds a stable market position as a regional governmental entity with a medium organizational size. Technically, the website employs modern JavaScript libraries and modules, ensuring good mobile optimization and accessibility, though it lacks some advanced security headers and explicit incident response information. The security posture is solid with HTTPS and cookie consent mechanisms, but could be improved by adding security policies and vulnerability disclosures. Overall, the site is professional, trustworthy, and compliant with GDPR, with moderate user tracking via Google Analytics.

P

Pro Helvetia - Swiss Arts Council

pro-helvetia.ch

0

Pro Helvetia is the Swiss Arts Council, a government-funded organization dedicated to supporting, connecting, and inspiring the arts within Switzerland and internationally. The website reflects a well-established cultural institution with a clear mission to promote Swiss arts and culture. It targets artists, cultural institutions, and the general public interested in Swiss arts. The organization operates with a medium-sized footprint and maintains a consistent and professional online presence. Technically, the website is built on WordPress, leveraging modern tools such as Google Tag Manager, Google Analytics 4, and Cloudflare for security and performance. The site is optimized for mobile devices, fast loading, and accessibility, demonstrating digital maturity. Security posture is strong with HTTPS enforcement, security headers, and bot protection via Cloudflare Turnstile. Privacy compliance is robust, featuring comprehensive cookie consent management and GDPR adherence. However, the absence of a dedicated security policy and incident response page is noted as an area for improvement. Overall, the website is trustworthy, professional, and well-aligned with its governmental and cultural mission.

P

Proxi Territoires

proxiterritoires.fr

0

Proxi Territoires is a French platform dedicated to centralizing public inquiries and enabling citizens to stay informed and participate in local projects. The website targets French citizens and local authorities, providing digital tools such as a digital registry for public inquiries and event services. The platform is positioned as a niche government-related service, operated under Rossel Conseil Médias Légales. Technically, the site is built on WordPress using modern themes and plugins like Astra and Elementor, with additional libraries such as Leaflet.js for mapping. The site is mobile-optimized and SEO-friendly but lacks visible privacy and cookie policies, which impacts compliance scores. Security posture is generally good with HTTPS enforced, but the absence of security headers and incident response contacts are areas for improvement. Overall, the website is professional, trustworthy, and safe for general audiences, though it would benefit from enhanced privacy and security disclosures.

R

Réseau de Villes et Villages Numériques

rvvn.org

0

Réseau de Villes et Villages Numériques (RVVN) is a French non-profit association that supports local government entities such as EPCI, communes, and intercommunal syndicates in mutualizing their digital communication and dematerialization needs. The organization offers a suite of services including TYPO3-based website development, accessibility audits, collaborative platforms using Zimbra, participative democracy tools via Decidim, and resource management solutions. RVVN positions itself as a regional to national digital services provider for public administrations, expanding its reach since 2023. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content in French.

S

Sud Avesnois Invest

sud-avesnois-invest.com

0

Sud Avesnois Invest is a regional government entity focused on economic development and business support within the Sud Avesnois community in France. The website serves as a portal for businesses and entrepreneurs seeking to establish, develop, or network in the region, highlighting strategic location advantages and available services such as aid, networking, and meeting facilities. The site is well-branded and professionally maintained, reflecting its government affiliation and regional focus. Technically, the website is built on WordPress with Elementor and integrates modern analytics tools like Matomo and HubSpot, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though improvements are recommended in DNSSEC and security headers to enhance protection. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact information, supporting its credibility as a government service platform.

V

Ville de Fourmies

fourmies.fr

0

Ville de Fourmies operates an official municipal website providing comprehensive information and services to residents and visitors of Fourmies, France. The site offers local news, event agendas, administrative procedures, and contact information for elected officials, positioning itself as a trusted source of community information. The business model is that of a government entity focused on public service and community engagement. The website is well-branded, consistent, and targets a general audience including local citizens and stakeholders. Technically, the website employs a moderate technology stack including jQuery, Google Analytics, and Google reCAPTCHA v3 for security and analytics. It is hosted by OVH, a reputable provider, and uses HTTPS with a good SSL configuration. The site is mobile optimized and includes basic accessibility features. SEO is supported by proper metadata and structured data (JSON-LD) enhancing search engine visibility. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to mitigate bot activity. However, it lacks visible security headers and does not publish a dedicated security policy or incident response contacts. Cookie consent is implemented, supporting GDPR compliance. No vulnerabilities or suspicious content were detected. The WHOIS data is consistent with the website’s municipal nature, showing a long-established domain registered with OVH. Overall, the website presents a low-risk profile with good business credibility and moderate security posture. Strategic improvements include adding security headers, publishing a security policy, and enhancing accessibility. These steps would strengthen trust and compliance further.

Provence en Scène is a cultural initiative managed by the Conseil Départemental des Bouches-du-Rhône, aimed at fostering collaboration between local communes and artists by providing a curated repertoire of performances and financial support. The website serves as an informational and operational platform for producers and municipalities, offering access to catalogs, agendas, and registration portals. Technically, the site employs a custom TAO framework with standard web technologies and maintains a moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enforced, but lacks visible advanced security headers and explicit incident response information. The absence of WHOIS data reduces domain trustworthiness, though the website content and structure indicate a legitimate governmental service. Overall, the site is professional, content-rich, and trustworthy for its intended audience.

C

CERT.at GmbH

cert.at

0

CERT.at GmbH serves as Austria's national Computer Emergency Response Team, providing critical cybersecurity incident response, alerts, and related services primarily to Austrian organizations. The website reflects a government-affiliated entity with a clear focus on cybersecurity awareness, incident reporting, and dissemination of security information. The site is well-structured, professionally designed, and offers comprehensive contact information and resources for its target audience. Technically, the site uses modern web technologies including jQuery and CSS bundles, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforced and CSRF protection evident, though additional security headers and a security.txt file would enhance the security framework. Privacy compliance is good with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the website is trustworthy, professional, and aligns well with its stated mission and business model.

C

Communauté de Communes

cc-sudavesnois.fr

0

The website represents the official online presence of the Communauté de Communes Sud Avesnois, a French local government community organization established in 2014. It provides information about regional governance, public services, economic development, and community initiatives targeted at residents and stakeholders of the Sud Avesnois region. The site is positioned as a trusted local authority with a medium-sized organizational footprint. Technically, the site is built on WordPress with a modern tech stack including Yoast SEO, Google Maps API, Matomo analytics, and GDPR-compliant cookie management. The site is hosted by OVH, a reputable provider, and uses HTTPS with reCAPTCHA protection on contact forms, indicating a reasonable security posture. However, the absence of explicit security headers suggests room for improvement. Privacy compliance is well addressed with clear cookie consent mechanisms and a privacy policy in French. Overall, the site is professional, trustworthy, and well-structured for its audience.

P

Pays de Mormal

cc-paysdemormal.fr

0

Pays de Mormal is a French local government community organization providing a wide range of public services including social action, economic development, urban planning, environmental management, and cultural activities for residents and businesses in the Pays de Mormal region. The website is professionally designed, accessible, and optimized for SEO, reflecting a mature digital presence. Technically, it is built on WordPress with modern libraries such as Swiper.js and includes cookie consent management via Tarteaucitron, indicating attention to privacy compliance. Security posture is good with HTTPS enforced and cookie consent mechanisms, though some security headers could be improved. WHOIS data is not publicly available, likely due to privacy protection, but the website content and contact information strongly support legitimacy. Overall, the site is trustworthy, well-maintained, and serves its public sector mission effectively.

C

Communauté de Communes du Coeur de l'Avesnois

coeur-avesnois.fr

0

The website www.coeur-avesnois.fr serves as the official digital presence of the Communauté de Communes du Coeur de l'Avesnois, a French local government entity. It provides comprehensive information and services related to community life, local governance, public services, cultural activities, and citizen engagement. The site targets residents and stakeholders within the Avesnois region, offering resources such as news updates, event agendas, and administrative contacts. The business model is that of a public sector service provider, focusing on community support and information dissemination. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies including Bootstrap, jQuery, FontAwesome, and Leaflet for mapping. It employs Matomo analytics for privacy-conscious visitor tracking and implements cookie consent mechanisms compliant with GDPR. The site is mobile-optimized with good navigation and accessibility features, though some accessibility aspects could be enhanced. From a security perspective, the site enforces HTTPS and uses cookie consent tools but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data is consistent with AFNIC's privacy policies and does not detract from the site's legitimacy. Overall, the website demonstrates a solid digital infrastructure suitable for a government entity, with good content quality and privacy compliance. Strategic improvements in security headers, accessibility, and incident response transparency would further strengthen its posture.

A

Agglo Maubeuge Val de Sambre

agglo-maubeugevaldesambre.fr

0

Agglo Maubeuge Val de Sambre is a regional government entity serving 43 communes in France, providing local administrative services and community project information. The website acts as an official portal for residents and stakeholders, offering news, services, and event management. The digital infrastructure is built on WordPress with SEO and event management plugins, hosted by OVH, and uses Matomo for analytics. The site is well-branded and professionally designed with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled, but lacks visible security headers and formal privacy or incident response policies. Overall, the site is trustworthy and safe for general audiences but would benefit from enhanced privacy compliance and security best practices.

V

Ville de Nice

nice.fr

0

The website www.nice.fr is the official digital portal for the city of Nice, France, providing comprehensive municipal information, administrative procedures, event agendas, and public alerts. It serves a broad audience including residents, visitors, professionals, and various demographic groups such as seniors, children, and parents. The site is well-branded with consistent official city imagery and messaging, positioning it as a trusted government resource. Technically, the site is built on WordPress with Bootstrap framework, uses Matomo for analytics with cookies disabled, and demonstrates good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and minimal tracking, though explicit security headers and privacy policies are not clearly found in the provided content. WHOIS data is unavailable due to AFNIC restrictions, which is common for .fr domains, but this does not detract significantly from the site's legitimacy given its official nature. Overall, the site is professional, trustworthy, and serves its public service mission effectively.

O

obshtini.bg

obshtini.bg

0

The website obshtini.bg serves as a centralized portal providing access to municipal normative acts for various Bulgarian municipalities. It primarily functions as a gateway linking to municipality-specific subdomains such as Sofia, Varna, Plovdiv, and others. The site targets residents and officials seeking local government legal documents. Technically, the site is built using Angular 9 with PrimeNG components, indicating a modern frontend framework, though some legacy scripts like jQuery are commented out. The site demonstrates basic mobile optimization and moderate performance but lacks advanced SEO and accessibility features. Security posture is moderate; HTTPS is assumed but no security headers were detected in the provided data, and no privacy or cookie policies are present, which impacts compliance. The WHOIS data is privacy protected due to GDPR, typical for domains related to government or public services in the EU, and the domain appears legitimate and active. Overall, the site is functional and safe but would benefit from enhanced security headers, privacy compliance, and contact transparency to improve trust and compliance.

Holding Graz is the largest municipal service provider in southern Austria, delivering essential services daily to the citizens and businesses of Graz and its surroundings. The organization operates multiple subsidiaries across sectors such as energy, transportation, and public utilities, positioning itself as a key player in the regional public service market. The website reflects a mature digital presence with comprehensive information, clear navigation, and multilingual support, targeting local residents and stakeholders. Technically, the site is built on WordPress with modern JavaScript frameworks and analytics tools, ensuring good performance and user experience across devices. Security measures include HTTPS enforcement and a robust Content Security Policy, though explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. Overall, Holding Graz presents a professional, trustworthy, and well-maintained online presence consistent with its public service mandate.

G

Graz Museum

grazmuseum.at

0

The Graz Museum website serves as the official cultural and historical museum platform for the city of Graz, Austria. It provides comprehensive information about exhibitions, events, educational workshops, and archival services, targeting a broad audience interested in culture, history, and urban development. The museum operates as a public institution, likely funded by the city, and positions itself as a key cultural hub in the region. The website content is rich, professionally designed, and multilingual, enhancing accessibility and user engagement. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and WPML for multilingual support. It employs a moderate performance profile with good mobile optimization and accessibility features. The use of Matomo analytics reflects a privacy-conscious approach to user tracking. Security best practices are observed, including HTTPS enforcement and security headers, although formal security policies and incident response information are not publicly available. Overall, the security posture is solid with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. The domain registration details align well with the museum's identity, reinforcing trust and legitimacy. Strategic recommendations include publishing explicit security and incident response policies and adding a vulnerability disclosure mechanism to enhance transparency and preparedness. This website represents a mature digital presence for a government cultural institution, balancing user experience, privacy, and security effectively while maintaining high content quality and professional standards.

PSC Public Software & Consulting GmbH is a specialized IT company providing software and e-government solutions tailored for public administration and municipalities in Austria. Their flagship product, k5 Kommunalmanagement, is a market-leading software suite for municipal management, complemented by a range of services including IT infrastructure, consulting, and citizen communication platforms. The company positions itself as a trusted partner for Austrian local governments, combining regional expertise with innovative technology solutions. Technically, the website is built on ASP.NET WebForms with legacy jQuery libraries and includes accessibility features and a cookie consent mechanism compliant with GDPR. Security posture is solid with HTTPS enforced and no critical vulnerabilities detected, though some improvements in security headers and library updates are recommended. Overall, the website reflects a professional and credible business with a strong focus on public sector digital transformation.

Gemdat OÖ is a well-established IT service provider specializing in software and solutions for municipalities and public sector organizations in Upper Austria. With over 40 years of experience, the company holds a leading market position regionally, offering a broad portfolio including financial management, document management, personnel accounting, and IT security services. The website reflects a mature digital presence with modern technologies and a clear focus on customer needs. Security posture is strong, with HTTPS enforced, cookie consent mechanisms, and no visible vulnerabilities. Privacy compliance is well addressed, including GDPR-aligned policies and consent banners. Overall, Gemdat OÖ presents a trustworthy and professional image suitable for its target audience.

Д

Държавна агенция за закрила на детето

116111.bg

0

The website www.116111.bg is the official online presence of the National Telephone Line for Children 116 111, operated by the State Agency for Child Protection in Bulgaria. It provides free, anonymous, and 24/7 telephone and online chat support services aimed at children, parents, and professionals working with children. The site serves as a government non-profit service focused on child welfare and protection, with a clear mission and target audience. The content is primarily in Bulgarian with multilingual support, and the site includes news, stories, and resources relevant to child protection.

М

Министерство на външните работи на Република България

mfa.bg

0

The website mfa.bg is the official online presence of the Ministry of Foreign Affairs of the Republic of Bulgaria. It serves as a comprehensive portal for information related to Bulgaria's foreign policy, diplomatic missions, consular services, travel advisories, and governmental documentation. The site targets Bulgarian citizens, foreign diplomats, international partners, and the general public interested in Bulgaria's international relations. As a government entity, it operates under a public service model, providing authoritative and official content without commercial intent. Technically, the website employs a traditional web stack including jQuery, Bootstrap, and polyfills for legacy browser support. The site is mobile-optimized and accessible, with a moderate performance profile. SEO optimization is basic but functional, and the site structure supports clear navigation and content discoverability. From a security perspective, the site enforces HTTPS and implements several key security headers, reflecting a good security posture. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a cookie consent mechanism and explicit security or incident response policies indicates room for improvement in privacy compliance and transparency. Overall, the website is trustworthy, professionally maintained, and aligned with the expectations for a government ministry site. Strategic recommendations include implementing cookie consent to meet EU regulations, publishing security policies and incident response contacts, and enhancing SEO metadata for better visibility.

И

Информационно обслужване АД

evroto.bg

0

The website evroto.bg serves as the official Bulgarian government portal dedicated to informing citizens and businesses about the adoption of the euro currency in Bulgaria. It provides comprehensive news, events, educational materials, and multimedia content to support the transition process. The site targets a broad audience including citizens, businesses, and stakeholders interested in the eurozone integration. Technically, the website employs modern web technologies such as Bootstrap for responsive design, Video.js for video playback, and Matomo for analytics, hosted behind Cloudflare DNS services. Accessibility features are well implemented, enhancing usability for diverse users. Security-wise, while HTTPS is presumably enabled, the site lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. The WHOIS data is privacy protected in compliance with GDPR, which is appropriate for this type of government-related domain. Overall, the site is professional, trustworthy, and serves its informational purpose effectively, though it would benefit from enhanced security and privacy disclosures.

М

Министерски съвет на Република България

gov.bg

0

The website gov.bg is the official portal of the Council of Ministers of the Republic of Bulgaria, serving as a comprehensive source of governmental information, news, administrative services, and anti-corruption initiatives. It targets Bulgarian citizens, institutions, media, and international partners, providing authoritative content in Bulgarian with an English language option. The site reflects the government's commitment to transparency and public communication. Technically, the website employs a modern tech stack including jQuery, Bootstrap, Font Awesome, and parallax effects, with a responsive design optimized for mobile devices. The presence of DNSSEC and enforced HTTPS indicates a strong foundational security posture. Cookie consent mechanisms are implemented with user customization, supporting GDPR compliance. Security-wise, the site demonstrates good practices such as HTTPS, DNSSEC, and cookie consent, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or suspicious activities were detected. The WHOIS data is privacy protected per GDPR, which is standard for government domains, and the domain is consistent with official Bulgarian government use. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. Strategic recommendations include enhancing security headers, publishing a security policy, and implementing a vulnerability disclosure program to further strengthen security posture.

М

Министерски съвет Република България

government.bg

0

The website government.bg is the official online portal of the Council of Ministers of the Republic of Bulgaria, serving as a central hub for government information, news, administrative services, and anti-corruption initiatives. It targets Bulgarian citizens, government officials, media, and international partners, providing authoritative content about government structure, policies, and programs. The site is well-branded with consistent government imagery and bilingual support (Bulgarian and English). Technically, the site employs a modern but custom CMS platform with common web technologies such as jQuery, Bootstrap, and Font Awesome. It features responsive design and accessibility considerations, though some advanced accessibility features could be improved. Performance is moderate with standard optimization. Security is adequate with HTTPS enforced and cookie consent implemented, but lacks visible HTTP security headers which could enhance protection. From a security and compliance perspective, the site shows good adherence to GDPR with no personal data exposed and a clear cookie consent mechanism. WHOIS data is limited due to GDPR but domain legitimacy is supported by official Bulgarian government nameservers and domain status. No critical vulnerabilities or security incidents are evident. However, explicit security policies and incident response contacts are not published, which could be improved. Overall, the site is a trustworthy, professional government portal with good content quality and technical implementation. Strategic recommendations include enhancing security headers, publishing detailed security and privacy policies, and continuous monitoring of third-party scripts to maintain security posture.

С

Столична община

sofia.bg

0

The website www.sofia.bg is the official portal of the Sofia Municipality, serving as a comprehensive platform for disseminating municipal information, news, events, and public services to residents and visitors. It holds a strong market position as the primary government website for Sofia, Bulgaria, and offers a wide range of services including public consultations, access to public registers, and updates on city activities. The site targets a broad audience including citizens, businesses, and tourists. Technically, the site is built on the Liferay CMS platform with React and AlloyUI frameworks, ensuring a modern and responsive user experience. The integration of Matomo analytics indicates a moderate level of user tracking with privacy compliance. Security posture is good with HTTPS enforcement and content security policies, although explicit security and incident response policies are not publicly disclosed. Overall, the site demonstrates high professionalism, trustworthiness, and consistent branding, making it a reliable source of municipal information.

K

k5|Next Entwicklungspartner

k5next.at

0

k5|Next is a specialized Austrian software solution provider focused on modernizing municipal administration through digital services and efficient management tools. Their platform offers modules for contact management, election processing, citizen services, and resident registration, targeting local government entities. The website is professionally designed, leveraging TYPO3 CMS and modern frontend technologies, with a focus on usability and mobile responsiveness. Security posture is solid with HTTPS and two-factor authentication mentioned, though some security headers are missing and no explicit security policy is published. Privacy compliance is strong with a GDPR-compliant privacy policy and cookie consent mechanism. Overall, the site reflects a trustworthy and mature business with strong local partnerships and a clear market position in government technology.

G

GELSENDIENSTE

gelsendienste.de

0

GELSENDIENSTE is a municipal service provider focused on waste management, street cleaning, green space maintenance, and market operations in Gelsenkirchen, Germany. The website serves residents and businesses with comprehensive information and services, including waste disposal schedules, container orders, and career opportunities. The site is well-positioned as a local government service portal with a clear mission to maintain a clean and green city environment. Technically, the website is built on WordPress using modern plugins and frameworks, ensuring good mobile optimization, accessibility, and SEO. Security posture is solid with HTTPS, cookie consent mechanisms, and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is strong with a detailed privacy policy and cookie management. Overall, the site is professional, trustworthy, and serves its community effectively.

A

Amt der Steiermärkischen Landesregierung

steiermark.at

0

The website www.verwaltung.steiermark.at serves as the official administrative portal for the Steiermark regional government in Austria. It provides comprehensive information and e-government services to citizens and businesses within the region. The portal features detailed navigation to government departments, service offerings, news updates, and contact information, positioning itself as a central hub for public administration in Steiermark. The site targets a broad audience including residents, government employees, and stakeholders seeking official information or services. Technically, the website is built on a custom CMS (ico-cms) and employs modern web technologies such as HTML5, CSS3, JavaScript, jQuery, and FontAwesome. It integrates privacy-respecting analytics via Matomo alongside Google Analytics and Facebook tracking pixels, balancing data collection with user privacy. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. From a security perspective, the site enforces HTTPS and implements a detailed cookie consent mechanism compliant with GDPR. However, it lacks publicly visible dedicated security policies or incident response contacts. Security headers are not explicitly detected in the HTML content, suggesting room for improvement. No vulnerabilities or suspicious content were identified, and the domain registration aligns with official government credentials, indicating high legitimacy. Overall, the website demonstrates a strong professional and trustworthy presence suitable for a government entity. Strategic recommendations include publishing explicit security and incident response policies, enhancing security headers, and maintaining transparency in vulnerability disclosures to further strengthen trust and compliance.

S

Stadt Graz

graz.at

0

Stadt Graz operates the official city portal for the capital of Styria, Austria, providing comprehensive information and services related to municipal administration, citizen services, tourism, and local news. The website serves as a central hub for residents and visitors, offering access to city plans, webcams, political news, and community programs. It maintains a strong market position as the authoritative source for city-related information and services. Technically, the website is built on the ico-cms platform, leveraging modern web technologies including PHP, JavaScript libraries such as PDF.js, Three.js, and Bootstrap for responsive design. The site demonstrates good digital maturity with mobile optimization, accessibility features, and SEO best practices. Analytics tools like Matomo/Piwik and Google Analytics are used with a clear cookie consent mechanism, reflecting compliance with privacy regulations. From a security perspective, the site enforces HTTPS and uses session management cookies appropriately. However, explicit security headers are not clearly detected, and there is no publicly available security policy or incident response contact information. No vulnerabilities or suspicious content were identified, indicating a generally secure posture suitable for a government website. Overall, Stadt Graz's website is a professional, trustworthy, and well-maintained digital presence that effectively supports its public service mission. Strategic improvements in security header implementation and transparency around security policies would further enhance its security posture and user trust.

K

KBB – Kulturveranstaltungen des Bundes in Berlin GmbH

kbb.eu

0

KBB – Kulturveranstaltungen des Bundes in Berlin GmbH is a prominent German cultural organization that manages and organizes major cultural events and festivals including the Berlinale, Berliner Festspiele with the Gropius Bau, and the Haus der Kulturen der Welt. The organization serves as a key cultural facilitator and partner, promoting arts and culture with a strong government affiliation. The website reflects a mature digital presence with a modern tech stack based on Next.js and Magnolia CMS, providing a rich user experience with detailed event information and multimedia content. Security posture is strong with HTTPS and cookie consent mechanisms in place, though some security headers could be enhanced. Privacy compliance is well addressed with comprehensive policies and GDPR adherence. Overall, the site is professional, trustworthy, and well-positioned in the cultural sector.

M

Musée Matisse de Nice

musee-matisse-nice.org

0

The Musée Matisse de Nice is a government-affiliated cultural institution dedicated to the life and works of Henri Matisse. The website serves as the official digital presence, providing comprehensive information about exhibitions, collections, visitor information, and educational activities. It targets art enthusiasts, tourists, families, and researchers, positioning itself as a key cultural museum within the Ville de Nice museum network. The business model is primarily non-profit and government-supported, focusing on cultural preservation and public engagement. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and jQuery, integrating Matomo for analytics and Complianz for GDPR-compliant cookie management. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. The use of trusted third-party services for ticketing and online shop enhances user experience. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and a public security policy or vulnerability disclosure page. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust assessment, but the presence of official certifications and government logos supports legitimacy. Overall, the website is professional, secure, and compliant with privacy regulations, offering a trustworthy platform for visitors and stakeholders. Strategic improvements in security headers and incident response transparency could further enhance its security posture.

C

Communauté d'Agglomération de Cambrai

agglo-cambrai.fr

0

The Communauté d'Agglomération de Cambrai is a local government entity serving the Cambrai region in France. The website provides comprehensive information about its public services including economic development, transport, environmental management, cultural activities, and administrative resources. It targets residents and stakeholders within the agglomeration area, offering accessible and structured content to support community engagement and service delivery. Technically, the website is built on TYPO3 CMS with modern web technologies such as Bootstrap and jQuery, ensuring a responsive and user-friendly experience. The site includes cookie consent mechanisms and complies with GDPR requirements, reflecting a mature approach to privacy and data protection. However, some accessibility features are basic and could be enhanced. From a security perspective, the site uses HTTPS and implements cookie consent but lacks explicit security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces the trust score slightly, but the presence of official partner logos and consistent branding supports legitimacy. Overall, the website is professional, trustworthy, and well-suited for its public sector role. Strategic improvements in security transparency, accessibility, and WHOIS data availability would further strengthen its posture.

Les Rues des Vignes is the official website of the commune Les Rues des Vignes located in France. It serves as a local government portal providing residents and visitors with municipal news, administrative procedures, community events, and information about local heritage. The site targets the local population and those interested in the commune's activities and services. The business model is that of a public service information platform, with a focus on transparency and community engagement. Technically, the website is built on TYPO3 CMS, leveraging modern frontend technologies such as Bootstrap, jQuery, and FontAwesome. It integrates open-source tools like Leaflet for maps and Tarteaucitron.js for cookie consent management, reflecting a moderate level of digital maturity. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the website uses HTTPS and includes a cookie consent mechanism, indicating compliance with privacy regulations such as GDPR. However, explicit security headers are not clearly detected, and there is no dedicated security policy or incident response information available. The absence of WHOIS data from the AFNIC server limits the ability to fully verify domain legitimacy, though the official nature of the site and consistent branding support trustworthiness. Overall, the website presents a solid, trustworthy platform for local government communication, with room for improvement in security header implementation and accessibility compliance. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility standards to further strengthen the site's security posture and user inclusivity.

M

Ministère de l'agriculture et de l'alimentation

laventureduvivant.fr

0

L'aventure du Vivant is an official French government educational website managed by the Ministry of Agriculture and Food. It provides comprehensive information about agricultural careers, training programs, and environmental awareness targeted primarily at students and young people interested in agriculture and nature-related professions in France. The site is well-branded with government logos and maintains a consistent professional image. Technically, the website is built on Drupal CMS with Bootstrap and jQuery, and uses modern analytics tools including Matomo, Google Tag Manager, and TikTok Pixel. It is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. No critical vulnerabilities or suspicious content were detected. The domain registration is consistent with the official nature of the site, registered through a reputable registrar without privacy protection, appropriate for a government entity.

P

Pro Helvetia - Swiss Arts Council

prohelvetia.ch

0

Pro Helvetia - Swiss Arts Council is a government-funded cultural institution dedicated to supporting and promoting the arts in Switzerland and internationally. The organization provides funding, cultural exchange, and connection services to artists and cultural institutions. The website reflects a mature digital presence with multilingual support and comprehensive content tailored to its target audience of artists and cultural stakeholders. Technically, the site is built on WordPress with modern plugins for cookie consent, multilingual content, and analytics, hosted behind Cloudflare for security and performance. Security posture is strong with HTTPS, security headers, and bot protection, though it lacks a dedicated security policy or incident response page. Privacy compliance is robust, with clear GDPR-aligned policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-positioned as a national cultural institution.