Security Directory

W

Wirtschaftsbetriebe Duisburg – AöR

wir-und-du.de

46

Wirtschaftsbetriebe Duisburg – AöR is a municipal economic enterprise and public law institution serving the city of Duisburg, Germany. The organization focuses on providing employment opportunities, training programs, and municipal services that shape the city's infrastructure and future. The website serves as a recruitment and informational platform targeting professionals, career starters, and students interested in joining the municipal workforce. The site is well-branded, professionally designed, and provides comprehensive information about benefits, job openings, and company culture. Technically, the website is built on WordPress 6.8.1 with modern JavaScript libraries such as Swiper.js and Matomo for analytics. It employs a cookie consent mechanism via Borlabs Cookie, ensuring GDPR compliance. The site is mobile-optimized and uses structured data (JSON-LD) to enhance SEO and rich snippet presentation. Performance is moderate, with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and does not expose sensitive data. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure information. The use of Matomo analytics indicates a privacy-conscious approach compared to more invasive trackers. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the website presents a trustworthy and professional municipal employer platform with strong content quality and compliance. Strategic improvements in security headers, incident response transparency, and accessibility could further enhance the security posture and user trust.

B

Bezirksregierung Münster

bezreg-muenster.de

59

Bezirksregierung Münster operates as a regional government authority in North Rhine-Westphalia, Germany, providing a broad range of public administrative services including education, environment, health, regional planning, and social affairs. The website serves as an official portal offering information and resources to citizens, businesses, and public institutions within the Münster district. It maintains a professional and consistent brand presence aligned with government standards. Technically, the website is built on Drupal CMS, leveraging modern web technologies such as Bootstrap for responsive design, Matomo for privacy-conscious analytics, and FontAwesome for iconography. The site demonstrates good performance, accessibility, and SEO practices, ensuring a positive user experience across devices. From a security perspective, the site enforces HTTPS, implements standard security headers, and provides a GDPR-compliant cookie consent mechanism. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response information are not publicly available, suggesting room for improvement in transparency and preparedness. Overall, the website reflects a mature digital presence for a government entity, with high trustworthiness and compliance. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure mechanisms, and maintaining regular security audits to uphold and enhance the security posture.

D

Deutscher Volkshochschul-Verband e. V.

volkshochschule.de

62

The Deutscher Volkshochschul-Verband e. V. operates the website volkshochschule.de, serving as the central platform for adult education centers (Volkshochschulen) in Germany. The site provides course finding tools, educational policy information, and news updates, targeting adult learners and educational institutions. It holds a strong position as a leading non-profit educational association in Germany. Technically, the website is built on the Sitepark CMS platform, hosted on bringe.net, and employs modern web technologies including responsive images and SVG icons. The site is mobile optimized and accessible, with good SEO practices. Security-wise, the site enforces HTTPS, uses anonymized Matomo analytics, and provides a GDPR-compliant cookie consent mechanism. However, explicit security policies and incident response contacts are not found, which could be improved. Overall, the website is professional, trustworthy, and compliant with privacy regulations, making it a reliable resource for its audience.

M

Ministerium für Kinder, Jugend, Familie, Gleichstellung, Flucht und Integration des Landes Nordrhein-Westfalen

familienportal.nrw

62

The Familienportal.NRW website is an official government portal managed by the Ministry for Children, Youth, Family, Equality, Refuge and Integration of the State of North Rhine-Westphalia, Germany. It provides centralized, accessible, and multi-language information and services for families, parents, and children in the region. The portal offers comprehensive content covering pregnancy, child age groups, family topics, and legal information, supported by contact forms and newsletter subscriptions. The site is well-positioned as a trusted government resource with strong branding and accessibility features. Technically, the site is built on Drupal 10 CMS with modern frontend libraries such as Font Awesome and accessible slick carousels. It employs Matomo analytics configured to disable cookies, reflecting a privacy-conscious approach. The website is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security best practices are observed, including HTTPS enforcement and security headers, though no explicit incident response or vulnerability disclosure policies are publicly available. The security posture is strong with no detected vulnerabilities or exposed sensitive data. Privacy compliance is robust, with clear privacy and cookie policies and GDPR adherence. The lack of WHOIS data is due to privacy protection, which is justified for a government domain. Social media presence on major platforms enhances trust and outreach. Overall, the site demonstrates a high level of professionalism, trustworthiness, and user-centric design. Strategic recommendations include establishing a public vulnerability disclosure policy, publishing incident response contacts, and continuous monitoring of third-party libraries to maintain security integrity. These steps will further enhance the portal's security maturity and user trust.

K

Kreisstadt Unna

stadt-unna.de

51

The website www.unna.de serves as the official digital portal for the Kreisstadt Unna municipal government in Germany. It provides citizens and visitors with comprehensive information about city services, cultural events, administrative contacts, and digital service access. The site is well-structured, professionally designed, and optimized for mobile devices, reflecting a mature digital presence for a medium-sized government entity. Technically, it is built on Drupal 10 with modern libraries such as Font Awesome and integrates Matomo Analytics with privacy-conscious configurations. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though it lacks explicit security policy and incident response disclosures. Overall, the site is trustworthy, compliant with GDPR, and offers a positive user experience for its target audience.

F

Frauenforum im Kreis Unna e.V.

frauenforum-unna.de

50

Frauenforum im Kreis Unna e.V. is a small non-profit organization based in Germany providing critical social support services to women and children affected by domestic and sexual violence. Their key offerings include a women's shelter (Frauenhaus), counseling services, and housing emergency aid. The website is built on WordPress using the Divi theme and integrates modern tools such as Matomo for analytics and Usercentrics for cookie consent management. The site is well-structured, mobile-optimized, and accessible, reflecting a good level of digital maturity for a non-profit entity. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks published security policies and security headers, which are recommended for improvement. Overall, the website is trustworthy and professional, though it would benefit from enhanced privacy and compliance documentation.

Kufer Software GmbH is a well-established German company specializing in intelligent software solutions for seminar and course management in adult education. With over 30 years of experience and a customer base exceeding 1,900 clients, the company offers products such as KuferSQL, KuferWEB, and KuferTools. Their business model focuses on software development, sales, and comprehensive customer support including training and updates. The website reflects a professional and consistent brand image targeting educational institutions and seminar organizers. Technically, the website is built on TYPO3 CMS with modern frontend frameworks like Bootstrap and jQuery. It integrates Matomo for analytics and Cookiebot for GDPR-compliant cookie consent management. Hosting is provided by kasserver.com, and the site demonstrates good mobile optimization and SEO practices. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site uses HTTPS and employs cookie consent mechanisms. Remote support is facilitated via trusted third-party tools TeamViewer and pcvisit. However, explicit HTTP security headers are not detected, and no published security or incident response policies are found. No vulnerabilities or exposed sensitive data were identified in the content. Overall, the website is trustworthy, professional, and compliant with privacy regulations. The domain WHOIS data aligns with the business claims, supporting legitimacy. The site poses low risk, but could enhance security posture by adding security headers and publishing security policies.

A

Adami

adami.fr

69

Adami is a French collective management organization dedicated to supporting artists-interpreters through rights management, financial aid, and career support. The website is professionally designed, multilingual (French and English), and targets artists and project holders in the cultural and media sectors. The business model revolves around collective rights management and funding artistic projects, positioning Adami as a key player in the French artistic ecosystem. Technically, the site is built on WordPress with modern JavaScript libraries and includes analytics and cookie consent tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent implemented, though the absence of a published security policy and incident response details suggests room for improvement. The lack of WHOIS data limits domain trust verification, but the professional presentation and official social media presence support legitimacy. Overall, the site is safe, compliant with GDPR, and well-structured, serving its audience effectively.

L

labor b designbüro

laborb.de

54

labor b designbüro is a small German digital agency specializing in digital brand strategy, design, and web development. The company serves a diverse clientele including international firms and notable institutions in arts, culture, and science. Their key services include brand development, corporate design, software and web application development, and strategic consulting. The website reflects a professional market position with a clear focus on delivering comprehensive digital experiences. Technically, the website employs modern web standards with HTML5, CSS3, and JavaScript, and integrates privacy-conscious Matomo analytics with cookies disabled. Hosting and DNS are managed via Cloudflare, ensuring reliable performance and security. The site is mobile-optimized and accessible, with good SEO practices. However, some security best practices such as security headers and explicit cookie consent mechanisms are missing. From a security perspective, the site benefits from HTTPS and CSRF token implementation, but lacks published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The domain WHOIS data aligns with the website's professional nature, showing no suspicious patterns or privacy protection that might obscure legitimacy. Overall, the website is trustworthy, well-designed, and compliant with GDPR in terms of privacy policy presence, though cookie consent could be improved. Strategic recommendations include enhancing security headers, adding cookie consent, and publishing security and vulnerability disclosure policies to strengthen trust and compliance.

D

Das Abfallbündnis im Kreis Wesel

frag-mike.info

45

Frag Mike is a German local government initiative under the name 'Das Abfallbündnis im Kreis Wesel' focused on waste management, recycling, and environmental protection. The website serves as an educational and community engagement platform promoting proper waste disposal and recycling practices in the Kreis Wesel region. The business model is non-profit and government-oriented, targeting residents and workers in the local area. The site is professionally designed with consistent branding and clear navigation, supporting its mission effectively. Technically, the website is built on WordPress CMS with common plugins such as Contact Form 7 for user interaction, Rank Math for SEO, and Matomo for privacy-conscious analytics. The site is hosted under a registrar consistent with the domain's German origin and uses HTTPS with good SSL configuration. Mobile optimization and accessibility are well addressed, though DNSSEC is not enabled, which is a minor security gap. From a security perspective, the site enforces HTTPS, uses domain status locks to prevent unauthorized changes, and implements cookie consent mechanisms aligned with GDPR. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or suspicious content were detected. The privacy compliance is good, with clear privacy and cookie policies. Overall, Frag Mike presents a trustworthy, professional, and secure web presence for a local government environmental campaign. Strategic improvements could include adding security headers, publishing incident response and security policies, and enabling DNSSEC to enhance DNS security.

S

Stadt Dinslaken

familienkompass-dinslaken.de

63

The Familienkompass Dinslaken website serves as a centralized government-supported portal providing comprehensive family-related services and information for the Dinslaken region in Germany. It targets families, pregnant women, parents, and youth with a broad range of offerings from pregnancy support to education and health services. The site is funded by the Ministry for Children, Youth, Family, Equality, Refugees and Integration of North Rhine-Westphalia, reflecting its public service mission and local government affiliation. The portal offers a searchable database of offers and providers, enhancing accessibility to relevant social services. Technically, the website employs a modern but straightforward technology stack including HTML5, CSS3, JavaScript with libraries such as jQuery, Leaflet.js for mapping, and Matomo for analytics. The site is mobile-optimized, accessible, and well-structured, providing a good user experience. However, no explicit CMS or hosting provider information is available. Performance is moderate with no critical technical debt observed. From a security perspective, the site uses HTTPS and secure form submissions but lacks visible advanced security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial; a privacy policy page exists but no cookie consent mechanism is implemented despite usage of tracking via Matomo. Contact information is clearly provided, enhancing trust and credibility. Overall, the website is a trustworthy, well-maintained government portal with good content quality and user experience. Strategic improvements include implementing cookie consent, publishing security and incident response policies, and enhancing security headers to strengthen compliance and security posture.

I

Innovation City Management GmbH

icm.de

53

Innovation City Management GmbH is a medium-sized German company specializing in sustainable urban development, energy management, and climate adaptation solutions. Their website presents a professional and well-structured digital presence focused on consulting and supporting municipalities, ministries, real estate, and energy providers in integrated city and district development. The company emphasizes practical and implementable solutions with references to successful projects and active social media engagement. Technically, the website is built on WordPress with modern plugins including Yoast SEO Premium and Matomo analytics, ensuring good SEO and privacy compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, well-optimized, and compliant with GDPR requirements.

E

Emscher Lippe Energie GmbH

elecard.de

70

Emscher Lippe Energie GmbH operates the ELE Card platform, a regional loyalty program offering customers discounts and benefits across various sectors such as leisure, retail, and travel. The website is professionally designed, leveraging TYPO3 CMS and modern web technologies to provide a user-friendly experience. The company targets residents and customers in the Emscher Lippe region, positioning itself as a regional energy provider with added customer engagement services. Technically, the site uses reputable analytics and advertising tools including Matomo, Google Ads, and Facebook Pixel, all integrated with a robust cookie consent mechanism ensuring GDPR compliance. Security posture is strong with HTTPS, security headers, and session management in place, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is trustworthy, compliant, and well-structured, supporting the company's business objectives effectively.

S

Stadt Duisburg

meinduisburg.app

63

The website meinduisburg.app serves as the official municipal app portal for the city of Duisburg, Germany. It provides residents with comprehensive information about local services such as waste collection schedules, event calendars, children's city maps, and climate-related initiatives. The site targets private customers (citizens) and offers direct download links to the MEIN DUISBURG app on Apple and Android platforms. The business model is focused on delivering public services digitally to enhance citizen engagement and convenience. Technically, the website is built on TYPO3 CMS with Bootstrap 5 for responsive design. It integrates Matomo for analytics and Usercentrics for GDPR-compliant cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure suitable for a government entity. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. It effectively serves its purpose as a municipal information hub, with recommendations to enhance transparency around security and incident handling to further strengthen user trust.

The Regenagentur Duisburg is a municipal service established in 2022 by the Wirtschaftsbetriebe Duisburg to provide citizens with information and support regarding sustainable rainwater management. The agency focuses on promoting natural rainwater handling, offering advisory services, and managing a related funding program. The website serves as an informational and contact platform for residents of Duisburg, Germany, with clear communication channels and official branding. Technically, the website is built on TYPO3 CMS, employs Matomo for analytics, and uses modern front-end libraries such as AOS and Slick Slider. The site is mobile-optimized and performs moderately well, though there is room for improvement in SEO and accessibility. Hosting is managed via DomainControl nameservers, indicating a standard registrar setup. From a security perspective, the site enforces HTTPS and uses secure cookies for analytics. However, it lacks several recommended security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is partially addressed with a comprehensive privacy policy linked externally, but no cookie consent mechanism is present. Overall, the website is trustworthy and professionally maintained, suitable for its public service role. Strategic improvements in security headers, privacy consent, and incident response transparency would enhance its security posture and compliance.

D

Duisburg Live

duisburglive.de

43

Duisburg Live is an official event calendar platform for the city of Duisburg, Germany, providing comprehensive listings of cultural, sports, and community events. The website is well-branded and professionally designed, targeting residents and visitors interested in local activities. It operates on TYPO3 CMS with modern frontend technologies and integrates Matomo for analytics. Security posture is adequate with HTTPS and no visible vulnerabilities, though it lacks explicit security headers and incident response policies. Privacy compliance is basic with a privacy policy and cookie policy present but no active cookie consent mechanism. Overall, the platform is trustworthy and serves as a key community resource.

S

Stadt Bochum

stadtliche-ausbildung-bochum.de

52

The website www.stadtliche-ausbildung-bochum.de serves as the official training and education portal for the city of Bochum, Germany. It provides comprehensive information about various apprenticeship programs, dual study courses, internships, and application procedures. As a large public sector employer, the city offers diverse career opportunities in administration, technical fields, social services, and firefighting. The site targets young people and prospective trainees seeking career development within the municipal government. Technically, the website is built on WordPress using the WPBakery Page Builder and the Salient theme, hosted by webgo.de. It employs Matomo analytics for privacy-conscious visitor tracking and implements GDPR-compliant cookie consent mechanisms. Security-wise, the site uses HTTPS with good SSL configuration and basic security best practices, though it lacks explicit security policies or vulnerability disclosure pages. Overall, the site is professional, trustworthy, and well-structured, supporting the city's role as a major employer and training provider. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility features.

K

Klima-Bündnis Services

stadtradeln.de

65

STADTRADELN is an established international campaign managed by Klima-Bündnis Services that promotes cycling as a means to improve climate protection, increase bicycle traffic, and enhance quality of life in municipalities. The website serves as a platform for participants and municipalities to register, track cycling activities, and access campaign information. The site is built on TYPO3 CMS with a modern, responsive design and integrates Matomo analytics configured to disable cookies, reflecting some privacy awareness. Security posture is good with HTTPS enforced and secure login mechanisms, though explicit security policies and privacy documentation are not found in the provided content. Overall, the website is professional, trustworthy, and well-positioned in its niche.

K

Kulturforum Witten

kulturforum-witten.de

42

Kulturforum Witten is a public cultural institution operating multiple cultural facilities and event venues in the city of Witten, Germany. It serves as a central hub for cultural activities including museums, libraries, music schools, and archives, supported by approximately 100 employees. The website reflects a well-established organization with a strong community and cultural focus, offering diverse programs and events. Technically, the site uses modern web technologies including Bootstrap, UIkit, and Matomo analytics, with good mobile optimization and accessibility features. Security practices include HTTPS, CSRF protection, and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie consent. The domain WHOIS data is minimal but consistent with a legitimate public institution. Overall, the website is professional, trustworthy, and well-maintained.

S

Stadtmarketing Witten GmbH

stadtmarketing-witten.de

61

Stadtmarketing Witten GmbH operates a comprehensive tourism and local commerce website focused on the city of Witten, Germany. The company provides key services including tourist information, ticket sales for events, guided tours, and retail of souvenirs and vouchers. The website positions itself as the largest ticket provider in Witten for entertainment events such as concerts, festivals, and theater. The target audience includes tourists, local residents, and event attendees. The business model centers on service provision and retail within the hospitality and tourism sectors.

K

Kubus Software GmbH

vhs-wwh.de

42

The website www.vhs-wwh.de represents a regional adult education provider serving the Witten, Wetter, and Herdecke areas in Germany. It offers a broad portfolio of courses including languages, health, arts, and professional development, targeting lifelong learners and adults seeking continuing education. The business operates under the Kubus Software GmbH platform, leveraging TYPO3 CMS for content management and Matomo for privacy-conscious analytics. The site is well-structured with clear navigation and professional design, supporting a positive user experience. Contact information and legal pages such as privacy policy and terms of service are present, enhancing business credibility. Technically, the website uses a modern CMS and includes responsive design elements, with moderate performance and good SEO practices. Hosting is provided by kasserver.com, and the site is secured with HTTPS. However, there is no visible cookie consent mechanism, and security headers are not evident, which are areas for improvement. The presence of a demo login with credentials disclosed in a modal could pose a minor security risk if not properly managed. From a security perspective, the site demonstrates good baseline practices such as HTTPS and no exposed sensitive data. The use of Matomo analytics aligns with privacy best practices. Nonetheless, the absence of incident response contacts and security policies limits transparency in security readiness. No vulnerabilities or suspicious patterns were detected in the WHOIS data or site content, supporting a trustworthy profile. Overall, the website scores well in content quality, technical implementation, and business credibility, with moderate privacy compliance and security posture scores. Strategic improvements in cookie consent, security headers, and incident response transparency would enhance the security and compliance posture further.

C

CNMlab

cnmlab.fr

52

CNMlab is a French think tank and research laboratory affiliated with the Centre national de la musique, focusing on music industry research and academic collaboration. The website serves as a platform for publications, scientific council information, and calls for contributions, targeting academics and music professionals. Technically, the site is built on WordPress with a modern tech stack including Gravity Forms, WP Rocket, and WPML for multilingual support. The site is well-optimized for performance and SEO, with good mobile responsiveness and privacy-conscious analytics via Matomo. Security posture is solid with HTTPS and domain transfer protection, though it lacks explicit security headers and a cookie consent mechanism. Overall, the domain registration is consistent and trustworthy, matching the business entity and history. The site content is safe, professional, and relevant to its niche audience.

C

Centre national de la musique

cnmwork.fr

49

CNMwork is a professional portal operated by the Centre national de la musique (CNM) focused on providing a directory and job, internship, and service offers within the French music sector. It serves as a national platform connecting music industry professionals and job seekers, positioning itself as a key resource in the French music employment ecosystem. The website is well-branded with official logos and government affiliation, enhancing its credibility. Technically, the site is built using modern web technologies including React, Next.js, and Material-UI, with Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although accessibility compliance could be improved. Performance is moderate, with no blocking or WAF detected, indicating reliable availability. Security posture is solid with HTTPS enforced and secure cookie settings, but lacks explicit security headers and documented security policies or incident response information. Privacy compliance is strong with clear cookie consent mechanisms and a comprehensive privacy policy aligned with GDPR requirements. Overall, CNMwork presents a trustworthy and professional digital presence for the French music sector, though improvements in security headers and accessibility would enhance its posture. The absence of WHOIS data is a minor concern but does not detract significantly from the site's legitimacy given its official backing.

W

wer denkt was GmbH

xn--mngelmelder-l8a.de

63

Mängelmelder.de is a German nationwide platform enabling citizens to report public infrastructure issues directly to their local municipalities. The platform facilitates transparent tracking of reported issues via web and mobile apps, promoting civic engagement and municipal responsiveness. The service operates on a voluntary basis by municipalities and is supported by the company wer denkt was GmbH. The website is professionally designed, mobile-optimized, and integrates interactive mapping and multimedia content to enhance user experience. Technically, the site leverages modern web technologies including Vue.js, OpenLayers for mapping, jQuery, and FontAwesome icons. Hosting is provided via Amazon AWS infrastructure, ensuring reliable performance and scalability. Analytics are handled through Matomo with a cookie consent mechanism respecting user privacy. The site demonstrates good SEO and accessibility practices, though some accessibility features could be improved. From a security perspective, the site enforces HTTPS and employs cookie consent for tracking scripts. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data is consistent and transparent, with no privacy protection or suspicious patterns, indicating a legitimate and trustworthy domain. Overall, Mängelmelder.de presents a solid digital presence with a clear civic mission, good technical implementation, and a moderate to strong security posture. Enhancements in security policy transparency and accessibility could further strengthen trust and compliance.

L

La culture avec la copie privee

aidescreation.org

57

The website aidescreation.org serves as a centralized database for cultural aid actions funded by collective management organizations in France, fulfilling a legal requirement established by the law of July 7, 2016. It aggregates and publishes data about cultural funding, supporting transparency and public access to information. The platform targets cultural stakeholders, beneficiaries, and the general public interested in cultural aid. The business operates as a non-profit entity, with a clear mission aligned with French cultural policy and copyright management frameworks. Technically, the website employs a modern but straightforward technology stack including jQuery, Bootstrap, DataTables, Owl Carousel, and Matomo analytics with privacy by design. It uses HTTPS and is hosted by OVH sas, a reputable provider. The site includes a cookie consent mechanism compliant with GDPR requirements. While the site lacks some advanced security headers and DNSSEC, it maintains a good security posture overall with no visible vulnerabilities or exposed sensitive data. Security-wise, the site benefits from HTTPS encryption and cookie consent but could improve by enabling DNSSEC and adding security headers such as Content-Security-Policy. There is no published security or incident response policy, which is a gap for transparency and readiness. The WHOIS data is consistent and transparent, reinforcing the legitimacy of the domain and its alignment with the stated business purpose. Overall, aidescreation.org is a trustworthy, well-maintained platform providing valuable cultural aid data with good privacy compliance and moderate technical sophistication. Strategic improvements in security policies and technical hardening would enhance its posture further.

The website www.technisches-sicherheitsmanagement.de represents the Technisches Sicherheitsmanagement (TSM) program operated by DVGW e.V., a prominent organization in the German energy sector. The site offers comprehensive information and services related to voluntary self-assessment and verification of technical safety management for gas and water supply companies. It positions itself as a trusted partner providing independent expert reviews, guidelines, and service coordination through its subsidiary DVGW Service & Consult GmbH. The business model focuses on compliance, efficiency, and transparency in technical process management, targeting medium to large energy sector enterprises in Germany. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and frameworks such as jQuery and Bootstrap. It integrates Matomo analytics for user tracking and employs a cookie consent mechanism compliant with GDPR. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some accessibility features could be enhanced. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses cookie consent banners to manage privacy. However, explicit security headers are not detected, and no public incident response or vulnerability disclosure policies are published. No vulnerabilities or exposed sensitive data were found in the content. The domain registration data aligns well with the business identity, supporting legitimacy and trustworthiness. Overall, the website presents a professional, trustworthy, and compliant digital presence for a specialized service in the energy sector. Strategic improvements in security headers, incident response transparency, and accessibility would further strengthen its posture.

E

EDUSPORT

edusport.cz

55

EDUSPORT is a Czech-based company providing innovative digital solutions for physical education, targeting schools, teachers, and sports clubs. Their platform facilitates lesson planning, progress tracking, and motivation of students through digital tools and multimedia content. The website is built on WordPress with modern plugins like Elementor and WooCommerce, indicating a mature digital infrastructure. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks some security headers and explicit privacy policy documentation. The absence of WHOIS data limits domain trust verification, though the site content and design appear professional and trustworthy. Overall, the business shows promise in the edtech sector with a focus on digital transformation in physical education.

The website www.oberhausen.de serves as the official digital portal for the city of Oberhausen, Germany, providing residents and visitors with comprehensive information on city life, public services, tourism, and cultural events. The site is well-structured with clear navigation and a focus on accessibility and user experience. It employs modern web technologies including Matomo for analytics and Cookiebot for GDPR-compliant cookie consent management, reflecting a mature digital infrastructure. Security posture is adequate with HTTPS enforced and privacy-conscious analytics, though explicit security policies and contact information for incident response are not evident in the provided content. Overall, the site demonstrates a professional and trustworthy presence consistent with a municipal government entity.

S

Stadt Mülheim an der Ruhr

muelheim-ruhr.de

68

The website cms.muelheim-ruhr.de serves as the official digital portal for the city of Mülheim an der Ruhr, Germany. It provides comprehensive information and services related to city administration, cultural events, social services, urban development, and citizen engagement. The site targets residents, visitors, and local businesses, positioning itself as a trusted government resource with a broad range of public services and community information. The content is well-maintained, professionally presented, and highly relevant to its audience. Technically, the site is built on Drupal 11, leveraging modern web technologies such as Bootstrap 5, jQuery, and Matomo for privacy-conscious analytics. The hosting is managed via Versatel nameservers, indicating a stable and professional infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, ensuring a positive user experience across devices. From a security perspective, the website enforces HTTPS and employs a cookie consent mechanism via Klaro, reflecting GDPR compliance. While explicit security headers are not visible in the HTML, the platform's inherent security features and absence of exposed sensitive data suggest a solid security posture. However, the site lacks published incident response contacts and vulnerability disclosure policies, which could be improved to enhance transparency and readiness. Overall, cms.muelheim-ruhr.de is a high-quality, trustworthy municipal website with strong content, technical maturity, and privacy compliance. Strategic recommendations include enhancing security header implementation, publishing security policies, and maintaining regular updates to Drupal and third-party components to sustain security and compliance.

S

Stadt Bottrop

bottrop.de

54

Stadt Bottrop operates as the official municipal government website for the city of Bottrop, Germany. It provides comprehensive citizen services including online appointment booking, event calendars, political information, and social services. The website targets residents and citizens, offering a broad range of public sector services and information. The site is well-branded, consistent, and professionally maintained, reflecting its role as a trusted government portal. Technically, the website uses a Sitepark CMS platform with modern JavaScript libraries such as Slick Slider and TinyMCE. It integrates Matomo analytics for privacy-conscious user tracking with explicit consent mechanisms. The site is mobile-optimized, accessible, and SEO-friendly, ensuring good user experience across devices. From a security perspective, the site enforces HTTPS, uses cookie consent banners, and anonymizes analytics data. However, it lacks explicit security policies, incident response contacts, and security headers, which are recommended for enhanced security posture. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is a secure, compliant, and professional municipal portal with strong privacy practices and good user experience. Strategic improvements in security policy transparency and incident response readiness would further strengthen its trustworthiness and resilience.

C

CP/COMPARTNER

cp-compartner.de

54

CP/COMPARTNER is a well-established German communication agency specializing in sustainable and meaningful communication solutions for clients in politics, society, and the economy. With over 30 years of experience, the agency emphasizes strategic and creative communication that builds trust and simplifies complex topics. Their service portfolio is broad, including campaign management, design, content creation, digital tools, and public relations. The website is professionally designed, mobile-optimized, and uses TYPO3 CMS with integrated consent management and self-hosted analytics, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and formal security policies. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact information, supporting strong business credibility.

DVGW Kongress GmbH is a specialized event organizer focused on the gas and water sectors in Germany. As a wholly owned subsidiary of the reputable DVGW association, it develops and manages innovative conferences, seminars, congresses, trade fairs, and online event formats. The company holds a strong market position within the energy and water industry, targeting professionals and stakeholders with a comprehensive portfolio of events and services including agency and sponsorship offerings. The website reflects a professional and consistent brand image with excellent content quality and clear navigation. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries and privacy-respecting analytics via Matomo. The site is mobile optimized and demonstrates good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website presents a trustworthy and professional digital presence aligned with its business objectives. The domain registration data is consistent with the business claims, enhancing legitimacy. Privacy and cookie policies are comprehensive and GDPR compliant, supporting strong privacy compliance. Strategic recommendations include publishing formal security and incident response policies, enhancing security headers, and maintaining regular audits of third-party scripts to further strengthen security and compliance posture.

The DVGW-Forschungsstelle am Engler-Bunte-Institut (DVGW-EBI) is a reputable research institution affiliated with the Karlsruhe Institute of Technology, focusing on innovations in gas and water to support the energy transition. The organization provides research, testing, and certification services primarily in the energy sector, emphasizing safety, environmental protection, and technical standards. The website reflects a mature digital presence with professional design, clear navigation, and bilingual support. Technically, it leverages TYPO3 CMS and integrates privacy-conscious analytics (Matomo) alongside a robust cookie consent mechanism. Security posture is solid with HTTPS and some security best practices, though explicit security policies and incident response contacts are absent. Overall, the website is trustworthy, well-maintained, and compliant with GDPR requirements.

3

3D Ouest

3douest.com

58

3D Ouest is a French software company specializing in management solutions for local governments and public sector entities. Established in 2003, it offers a suite of SaaS applications tailored to various municipal needs such as childcare, municipal hall management, tourist tax collection, cemetery management, and scheduling. The company positions itself as a specialist provider with a strong focus on adapting to client-specific management modes and providing personalized support. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting French local authorities. Technically, the website is built on WordPress with modern plugins including Yoast SEO and LayerSlider, and uses Matomo for privacy-conscious analytics. The site is hosted by OVH sas, a reputable French hosting provider. The technical implementation is solid with good mobile optimization and SEO practices, though some security enhancements like DNSSEC and security headers could be improved. From a security perspective, the site uses HTTPS and hCaptcha to protect forms, but lacks published security policies or incident response contacts. No critical vulnerabilities or suspicious content were detected. Privacy compliance is strong with clear privacy and cookie policies, and GDPR considerations are evident. Overall, 3D Ouest presents a trustworthy and professional online presence consistent with its business claims. Strategic improvements in security headers and incident response transparency would further enhance its security posture and trustworthiness.

M

Accueil | Médiathèques Plaine Commune

mediatheques-plainecommune.fr

47

The website www.mediatheques-plainecommune.fr serves as the online presence for Médiathèques Plaine Commune, a public media library network likely serving the Plaine Commune area in France. The site provides cultural and educational resources to the general public, positioning itself as a government or public service entity. The website is built on Drupal 10 CMS and utilizes Matomo Analytics with DoNotTrack enabled, reflecting a moderate level of digital maturity and privacy awareness. However, the absence of visible privacy and cookie policies, as well as the lack of security headers, indicates room for improvement in compliance and security practices. The WHOIS data is not publicly available, suggesting privacy protection, which is common for public institutions but reduces transparency. Overall, the site is functional and safe but would benefit from enhanced security and privacy disclosures.

K

KB Pojišťovna

komercpoj.cz

60

KB Pojišťovna is a Czech Republic-based insurance company offering a broad range of life and non-life insurance products including property, travel, liability, and investment-linked insurance. The company targets individuals and families seeking comprehensive insurance coverage. The website is professionally designed, well-structured, and provides clear navigation and relevant content to support customer engagement and service delivery. Technically, the site uses modern JavaScript frameworks such as React, integrates analytics tools like Matomo and Facebook Pixel, and includes accessibility features via UserWay widget. The site is mobile optimized and SEO friendly, contributing to a positive user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although HTTP security headers are not visibly configured, and no explicit security policy or incident response information is published. WHOIS data is unavailable, which slightly reduces trust but the overall professional presentation and business information support legitimacy. The site is free from adult or questionable content and is fully accessible without WAF or blocking mechanisms. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to improve transparency and trust.

K

KB Pojišťovna

kbpojistovna.cz

59

KB Pojišťovna is a Czech Republic-based insurance company offering a broad range of life and non-life insurance products including property, travel, liability, and investment-linked insurance. The website presents a professional and consistent brand image targeting individuals and families seeking insurance solutions. The company maintains a strong digital presence with clear contact information and social media channels, enhancing customer engagement and trust. Technically, the website is built on modern frameworks including Kentico CMS and React, with integrated analytics and accessibility tools, ensuring a good user experience and compliance with privacy regulations. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response details are absent, representing an area for improvement. The absence of WHOIS data limits domain legitimacy verification, but the overall business credibility and digital maturity suggest a trustworthy entity. Strategic recommendations include publishing security policies, enhancing security headers, and providing vulnerability disclosure information to further strengthen trust and compliance.

The Maison Départementale des Personnes Handicapées de Seine-et-Marne (MDPH 77) is a government entity providing centralized access to rights and benefits for persons with disabilities in the Seine-et-Marne region of France. The website serves as an official portal offering information, application processing, partner resources, and event updates tailored to the disabled community and their families. It is positioned as a trusted regional public service with a clear mission and strong local government backing. Technically, the website is built on Drupal 8, hosted by Scaleway, and employs modern web standards including responsive design, SVG icons, and privacy-focused analytics via Matomo. Cookie consent is managed through a compliant mechanism (Tarteaucitron), reflecting good privacy practices. The site demonstrates good SEO, accessibility, and user experience, with clear navigation and professional branding consistent with government standards. From a security perspective, the site uses HTTPS with a good SSL configuration and clientTransferProhibited domain status, indicating protection against unauthorized domain transfers. While explicit security headers are not visible in the HTML, the overall posture is solid with no exposed sensitive data or vulnerabilities detected. However, the site lacks publicly visible security policies or incident response contacts, which could be improved. Overall, the website is a well-maintained, trustworthy government portal with strong compliance to privacy regulations and a clear focus on serving its target audience. The risk profile is low, with recommendations to enhance security headers and publish security policies to further strengthen trust and resilience.

D

Dirtbikes.cz

dirtbikes.cz

53

Dirtbikes.cz operates as a specialized e-commerce and physical retail business focused on motorcycles, ATVs, scooters, and related accessories primarily serving the Czech Republic market. The company offers a wide range of products from well-known brands such as Kawasaki, CFMOTO, and Vespa, complemented by professional servicing and rental services. The website is well-structured, professionally designed, and provides clear navigation and product information, targeting motorsport enthusiasts and vehicle buyers. Technically, the site employs modern tracking and analytics tools including Google Tag Manager, Matomo, and Facebook Pixel, alongside a custom e-commerce platform. Security posture is solid with HTTPS enforced and consent management for tracking, though explicit security headers and policies are not fully implemented. The absence of public WHOIS data suggests privacy protection, which is common but slightly reduces transparency. Overall, the site is trustworthy, safe, and professionally maintained, with room for improvement in security disclosures and WHOIS transparency.

T

Thailand Convention & Exhibition Bureau (TCEB)

businesseventsthailand.com

59

The Thailand Convention and Exhibition Bureau (TCEB) operates as the premier government agency responsible for organizing and promoting MICE (Meetings, Incentives, Conventions, and Exhibitions) activities in Thailand. The website showcases a comprehensive event calendar, detailed service offerings, and extensive information about the bureau's governance and operational structure. It targets event organizers, corporate clients, and government entities seeking MICE solutions in Thailand. The bureau positions itself as a key player in the regional MICE industry with a strong government affiliation and multiple regional offices. Technically, the website employs modern web technologies including Bootstrap, jQuery UI, Slick Carousel, and Select2 for enhanced user experience and interactivity. It integrates multiple analytics platforms such as Google Analytics and Matomo, and uses Facebook SDK for social engagement. The site is mobile-optimized and features a cookie consent mechanism, indicating awareness of privacy compliance requirements. However, explicit security headers are not detected, and no terms of service or incident response policies are publicly available. From a security perspective, the site uses HTTPS and implements cookie consent, but lacks visible advanced security headers and explicit incident response information. The absence of WHOIS data for the domain reduces trust signals, although the website content and branding strongly suggest legitimacy as a government entity. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the site demonstrates a mature digital presence with room for improvement in security transparency and WHOIS data availability. The overall risk assessment is moderate to low, with recommendations to enhance security headers, publish incident response and security policies, and verify domain registration details to improve trustworthiness and compliance posture.

The website represents the official digital presence of the Conseil départemental de Seine-et-Marne, a French local government entity. It provides a broad range of public services and information targeting residents, professionals, and partners within the Seine-et-Marne department. The site is well-structured with clear navigation and integrates social media channels to enhance outreach. Technically, it is built on Drupal 8, hosted by SCALEWAY, and uses Matomo for analytics, indicating a modern and privacy-conscious approach to user tracking. Security posture is solid with HTTPS and domain transfer protections, though it lacks explicit security headers and published privacy or cookie policies, which are areas for improvement. Overall, the domain registration and website content are consistent and legitimate, reflecting a trustworthy government service portal.

P

Plaine Commune Grand Paris

plainecommune.fr

56

Plaine Commune Grand Paris is a public territorial establishment serving a large population in the northern Paris region. The website provides comprehensive information about the institution's services, projects, and community engagement. It targets residents, local businesses, and public stakeholders with a focus on urban development, culture, mobility, and environmental initiatives. The digital infrastructure is built on TYPO3 CMS with modern JavaScript libraries, ensuring a responsive and user-friendly experience. Security measures include HTTPS, RSA encryption for login forms, and a GDPR-compliant cookie consent mechanism. However, formal security policies and incident response contacts are not publicly available, representing an area for improvement. Overall, the website demonstrates a strong commitment to transparency, accessibility, and user engagement, positioning it as a trustworthy government portal.

DVGW Deutscher Verein des Gas- und Wasserfaches e.V. is a well-established, independent association focused on providing reliable, technically sound, and safe gas and water supply standards and services. With a history spanning over 165 years, it serves as a recognized rule setter and innovation driver in the German gas and water sectors, also engaging internationally. The organization offers a broad range of services including standardization, certification, research, vocational training, and technical consulting, targeting professionals and stakeholders in the energy and water industries. Technically, the website is built on TYPO3 CMS, hosted on Microsoft Azure infrastructure, and employs modern web technologies including SVG graphics, JavaScript libraries, and privacy-conscious analytics tools like Matomo and eTracker. The site is well-optimized for mobile devices and accessibility, with good SEO practices. Cookie consent mechanisms are implemented, reflecting attention to privacy compliance. From a security perspective, the site uses HTTPS and integrates cookie consent and privacy-respecting analytics. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not found, representing areas for improvement. No critical vulnerabilities or suspicious content were detected, and the domain WHOIS data aligns well with the organization's profile, indicating high legitimacy. Overall, the website presents a professional, trustworthy, and content-rich platform for its audience, with a strong business credibility and technical foundation. Strategic enhancements in privacy and security transparency would further strengthen its posture.

D

Deutsche Vereinigung für Wasserwirtschaft, Abwasser und Abfall e.V. (DWA)

dwa-digital.de

59

The Deutsche Vereinigung für Wasserwirtschaft, Abwasser und Abfall e.V. (DWA) operates the website dwa-digital.de as a platform dedicated to the digital transformation of the water management sector in Germany and Europe. The organization is a leading non-profit association with approximately 14,000 members from diverse sectors including municipalities, academia, industry, and government. The website offers expert knowledge, educational programs such as the Digitale Akademie, and events like the Digitaler Dienstag to foster digital innovation and skills development in water and wastewater management. Technically, the website is built using RapidWeaver with Foundation framework and various stacks plugins, leveraging Matomo for analytics and CookieHub for consent management. The site is well-structured, mobile-optimized, and employs HTTPS with a good security posture. Privacy compliance is strong with clear cookie consent and a comprehensive privacy policy. However, formal security policies and incident response contacts are not publicly disclosed. Security-wise, the site shows good practices including encrypted connections and no visible vulnerabilities or exposed sensitive data. The use of privacy-respecting analytics and cookie management tools further supports compliance. No WAF or blocking mechanisms interfere with content access, ensuring full transparency and accessibility. Overall, the website represents a credible, professional, and trustworthy digital presence for the DWA, effectively supporting its mission to lead digital transformation in water management. Strategic improvements could include publishing explicit security policies and vulnerability disclosure information to enhance trust and preparedness.

V

Vodárna Zlín a.s.

vodarnazlin.cz

44

Vodárna Zlín a.s. is a regional water utility company serving the Zlín region in the Czech Republic. The company provides essential water supply services and maintains a professional online presence with clear branding and comprehensive customer information. The website is designed using Bootstrap 3.3.7 and integrates privacy compliance tools such as a cookie consent management platform and Matomo analytics. The site is accessible without any blocking or WAF challenges, indicating good availability. However, the absence of WHOIS data limits transparency and trust assessment. Security posture is moderate with HTTPS enforced but lacking explicit security headers and incident response information. Overall, the website reflects a stable and professional utility service provider with room for improvement in security and transparency.

L

Liechtensteinische Landesverwaltung

opendata.li

59

The website www.opendata.li is the official open data portal of the Liechtenstein National Administration, providing public access to various government data sets. It serves private individuals, businesses, and national administration entities, positioning itself as a trusted government data provider. The portal offers multilingual support and clear navigation, reflecting a professional and consistent brand image aligned with government standards. Technically, the site employs modern web technologies including HTTPS, Matomo analytics with opt-out capabilities, and security headers, indicating a mature digital infrastructure. However, it lacks explicit cookie consent mechanisms and a dedicated security policy page, which are areas for improvement. Security posture is strong with no detected vulnerabilities or exposed sensitive data. Overall, the site is trustworthy, well-maintained, and compliant with GDPR principles, though enhancements in privacy transparency and incident response readiness are recommended.

D

Datenschutzstelle Fürstentum Liechtenstein

datenschutzstelle.li

60

The Datenschutzstelle Fürstentum Liechtenstein is the official data protection authority for the Principality of Liechtenstein. The website serves as a comprehensive resource for citizens, businesses, and associations, providing information, guidance, complaint forms, and event details related to data privacy and protection. It positions itself as a trusted government entity with a clear focus on GDPR compliance and data protection education. Technically, the website is built on Concrete CMS and leverages modern web technologies including jQuery, FontAwesome, and the Foundation framework. It uses Matomo analytics, which aligns with privacy-conscious data collection practices. The site is mobile-optimized and demonstrates good SEO and accessibility basics, though there is room for improvement in security headers and cookie consent mechanisms. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a published security or incident response policy. No vulnerabilities or suspicious patterns were detected. The WHOIS data confirms the domain's legitimacy as a government entity, enhancing trust. Overall, the website is professional, trustworthy, and well-suited for its governmental role. Strategic improvements in security headers, cookie consent, and incident response transparency would further strengthen its security posture and compliance standing.

R

Roissy Pays de France

roissypaysdefrance.fr

57

Roissy Pays de France is the official website of the local government community agglomeration serving 42 communes in the Roissy area of France. The site provides comprehensive information and services related to local governance, culture, sports, employment, sustainable development, and community life. It targets residents and stakeholders within the region, offering news, event agendas, interactive maps, and support for entrepreneurship and local economy initiatives. The website is built on TYPO3 CMS and uses modern web technologies including jQuery, Foundation CSS, and privacy-respecting analytics via Matomo. It demonstrates good digital maturity with mobile optimization, accessibility features, and a clear navigation structure. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and incident response contacts are not published. The absence of WHOIS data for the domain reduces transparency and trust slightly, but the official nature and content quality support legitimacy. Overall, the website is a well-maintained government portal with good privacy compliance and user experience.

C

CY Cergy Paris Université

cyu.fr

56

CY Cergy Paris Université is a prominent French higher education institution formed by the merger of Université de Cergy-Pontoise and EISTI, serving over 25,000 students and engaging in extensive research and academic programs. The university emphasizes sustainable development, academic excellence, and student experience, partnering strategically with ESSEC Business School. The website reflects a mature digital presence with comprehensive academic and research information, clear navigation, and modern analytics tools. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. WHOIS data is unavailable, which slightly impacts domain trustworthiness but does not detract from the institution's legitimacy given its public nature and .fr domain. Overall, the website is professional, accessible, and trustworthy for its target audience.

S

Sitewalk

sitewalk.com

62

Sitewalk is a Liechtenstein-based web development and online marketing company specializing in creating modern websites and web applications primarily for small and medium-sized enterprises, associations, organizations, and government entities. With nearly 30 years of experience, they position themselves as pioneers in the web space, offering services that include website development, online marketing consulting, SEO, and social media strategy. The website is professionally designed, content-rich, and targets German-speaking audiences in the DACH region. Technically, the site uses Concrete5 CMS, integrates privacy-friendly Matomo analytics alongside Google Tag Manager, and employs Usercentrics for consent management, reflecting a mature digital infrastructure. Security posture is generally good with HTTPS enforced and anti-spam measures on contact forms, though explicit security headers are not detected and could be improved. The WHOIS data for the domain is missing, which raises some concerns about domain registration transparency, but the website's professional content, client references, and clear contact information mitigate trust issues. Overall, Sitewalk demonstrates a strong business and technical foundation with room for security enhancements.