Security Directory

G

Gewerkschaft Erziehung und Wissenschaft

gew-shop.de

49

The GEW Shop is an e-commerce platform operated by the Gewerkschaft Erziehung und Wissenschaft, a German educational union. The website offers a variety of union-related merchandise including promotional items, printed materials, office supplies, and campaign materials targeted primarily at union members and educational professionals. The platform positions itself as a niche provider within the education sector, supporting union activities and member engagement through its product offerings. The site is well-branded, consistent, and provides clear contact information and policies, enhancing user trust. Technically, the website is built on Magento 2 using the Smartwave Porto theme, incorporating modern web technologies such as jQuery, RequireJS, and Bootstrap. It is hosted on infrastructure associated with DomainControl (likely GoDaddy). The site is mobile-optimized and includes standard e-commerce functionalities such as shopping cart, user accounts, and search. Performance is moderate with good SEO and accessibility basics. From a security perspective, the site enforces HTTPS, uses secure cookies, and includes CAPTCHA on login forms to mitigate automated abuse. However, it lacks explicit HTTP security headers and a public security policy or vulnerability disclosure mechanism. Matomo analytics is used for user tracking with moderate tracking levels and GDPR-compliant cookie management. Overall, the website presents a low-risk profile with good business credibility and privacy compliance. Strategic improvements could include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure channel to strengthen security posture and trust further.

#

#stayonboard

stayonboard.org

50

The website stayonboard.org represents a focused advocacy initiative aimed at legal reform in Germany to allow board members of stock corporations to temporarily pause their mandates during family-related absences without resigning. The initiative has achieved legislative success, positioning itself as a niche but impactful player in corporate governance reform. Technically, the site is built on WordPress with a modern tech stack including Matomo analytics and Borlabs Cookie for consent management. Security posture is generally good with HTTPS and domain transfer protections, though improvements like DNSSEC and security headers are recommended. Privacy compliance is moderate due to the absence of explicit privacy and terms of service pages. Overall, the site is professional, trustworthy, and serves a specialized audience effectively.

F

FCEM Femmes Chefs d'Entreprises Mondiales

fcem.org

52

FCEM (Femmes Chefs d'Entreprises Mondiales) is a well-established global non-profit association founded in 1945, dedicated to connecting women entrepreneurs worldwide. The organization operates as a membership network with over 120 countries and millions of businesses represented. It holds consultative status with major international bodies such as the United Nations and the Council of Europe, reinforcing its credibility and influence. The website serves as a hub for information on events, awards, and educational resources, targeting women business leaders and national associations globally. Technically, the site is built on WordPress with a modern theme and includes standard plugins for analytics and cookie consent, hosted by OVH sas. Security posture is good with HTTPS and domain protections, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-aligned with the organization's mission.

É

École des hautes études en sciences sociales

ehess.fr

63

The École des hautes études en sciences sociales (EHESS) is a prestigious French academic institution specializing in higher education and research in social sciences. The website reflects a well-established organization with a large community of students and researchers, offering advanced degrees, research programs, and public dissemination of knowledge. The institution maintains a strong presence in academic publishing, events, and international collaborations. Technically, the website is built on Drupal 7 with modern front-end frameworks and integrates multiple multimedia and social media platforms, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data is notable but likely due to AFNIC registry policies rather than malicious intent. Overall, the website is professional, trustworthy, and compliant with privacy regulations.

A

Avignon Université

univ-avignon.fr

47

Avignon Université is a well-established public higher education institution located in France, offering multidisciplinary academic programs and research opportunities. The website serves as the official digital presence, targeting students, faculty, researchers, alumni, and the local community. It provides comprehensive information about academic offerings, campus life, research activities, and administrative resources. The university positions itself as a regional educational leader with a focus on quality education and community engagement. Technically, the website is built on a modern WordPress CMS platform, utilizing current web technologies such as Bootstrap, jQuery, and Google Fonts. It demonstrates good mobile optimization and accessibility basics, with a moderate performance profile. The use of Matomo analytics indicates a commitment to privacy-conscious data collection. The site employs HTTPS and cookie consent mechanisms, reflecting adherence to contemporary web security and privacy standards. From a security perspective, the site shows a solid posture with HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not found, representing areas for improvement. The WHOIS data confirms the domain's legitimacy, with a long registration history consistent with the university's profile. Overall, the website is professional, trustworthy, and well-maintained, with minor gaps in privacy and security policy disclosures. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing accessibility, and formalizing incident response and vulnerability disclosure processes to strengthen compliance and user trust.

G

Gewerkschaft Erziehung und Wissenschaft (GEW)

gew.de

53

The Gewerkschaft Erziehung und Wissenschaft (GEW) is a prominent educational trade union in Germany representing approximately 280,000 professionals in education and science sectors. The website serves as a comprehensive platform offering information on union activities, collective bargaining, member services, publications, and events. It targets educators, researchers, students, and unemployed pedagogues, positioning itself as a key player in the German education labor market. The business model is non-profit, focusing on advocacy and support for its members.

E

Eisenbahn- und Verkehrsgewerkschaft (EVG)

evg-online.org

64

The Eisenbahn- und Verkehrsgewerkschaft (EVG) is a well-established German labor union representing railway and transport workers. The organization focuses on advocating for employee rights, fair tariff agreements, and workplace co-determination. The website serves as a comprehensive portal for members and prospective members, offering news, member benefits, educational resources, and political information. The union has a strong presence in Germany with multiple regional offices and active social media channels. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries and analytics tools such as Google Analytics and Matomo. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. Privacy compliance is well addressed with a clear privacy policy, cookie consent banner, and GDPR adherence. From a security perspective, the site enforces HTTPS and employs secure login forms with encryption attributes. However, it lacks explicit security headers and published security or incident response policies, which could be improved. The absence of WHOIS data limits the ability to fully verify domain legitimacy, but the website content and branding strongly indicate a legitimate and trustworthy organization. Overall, the EVG website is a robust, professional platform supporting a major labor union in Germany. Strategic improvements in security transparency and domain registration clarity would enhance trust and compliance further.

The website www.vychodni-cechy.info serves as the official tourism portal for the Pardubický kraj region in the Czech Republic. It provides comprehensive and updated information about tourist attractions, events, accommodation, and activities tailored for various audiences including families, seniors, school groups, and corporate clients. The portal is multilingual, linking to partner sites in multiple languages, enhancing accessibility for international visitors. The business model focuses on regional tourism promotion supported by the local government entity Pardubický kraj. Technically, the website employs a mature and common technology stack including jQuery, Bootstrap, and Matomo analytics, ensuring a responsive and user-friendly experience. The site is well-structured with good SEO practices and mobile optimization. However, some modern security headers are missing, and the WHOIS data is unavailable, which limits domain registration transparency. From a security perspective, the site uses HTTPS and cookie consent mechanisms, indicating a baseline compliance with privacy regulations such as GDPR. No critical vulnerabilities or exposed sensitive data were detected in the provided content. The absence of explicit security policies or incident response contacts suggests room for improvement in security governance. Overall, the website presents a trustworthy and professional front for regional tourism, with good content quality and technical implementation. Strategic enhancements in security headers, explicit contact information, and WHOIS transparency would further strengthen its security posture and trustworthiness.

E

Europa-Universität Viadrina Frankfurt (Oder)

europa-uni.de

60

Europa-Universität Viadrina Frankfurt (Oder) is a public university located in Germany offering Bachelor's and Master's degree programs primarily in law, economics, and cultural studies. The institution emphasizes internationality, with partnerships across 280 universities and a diverse student body from over 100 countries. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive academic content targeting prospective and current students, researchers, and academic staff. The university's business model centers on education and research services with a strong regional and international focus. Technically, the website is built on Infopark CMS Fiona and uses modern web technologies including Bootstrap, jQuery, and FontAwesome. It employs Matomo Analytics configured to disable cookies, indicating a privacy-conscious approach. The site is mobile-optimized and accessible, with good SEO practices. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS with a good SSL configuration and follows best practices such as disabling cookies in analytics. However, it lacks explicit security headers and a cookie consent mechanism. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the university's identity, enhancing trustworthiness. Overall, the website is professional, secure, and compliant with GDPR, though improvements in cookie consent and security headers are recommended. The risk profile is low, with no critical issues identified.

U

Université Perpignan Via Domitia

univ-perp.fr

59

Université Perpignan Via Domitia is a public higher education institution based in France, offering a broad range of academic programs and research activities across multiple faculties and institutes. The website serves students, researchers, and academic staff, providing access to educational resources, campus life information, and international cooperation details. The institution maintains a professional online presence with multilingual support and clear navigation. Technically, the website uses the K-Sup CMS platform, jQuery, and Matomo analytics, reflecting a moderate level of digital maturity with good mobile optimization and accessibility. Security posture is adequate with HTTPS and cookie consent mechanisms in place, though security headers and explicit incident response policies are absent. WHOIS data is unavailable due to privacy protection, which is common for .fr domains, but the website's content and branding strongly support its legitimacy. Overall, the site is well-maintained, trustworthy, and compliant with privacy regulations.

S

Sciences Po Strasbourg

sciencespo-strasbourg.fr

49

Sciences Po Strasbourg is a reputable educational institution specializing in social sciences and political studies, integrated within the University of Strasbourg. The website presents a professional and well-structured digital presence, leveraging TYPO3 CMS and modern web technologies. It offers comprehensive information about academic programs, admissions, research, and student life, targeting prospective and current students, alumni, and academic partners. The institution maintains active social media channels and provides clear contact and navigation pathways. Security-wise, the site enforces HTTPS and uses spam protection for emails, but lacks some advanced security headers and explicit cookie consent mechanisms. WHOIS data is unavailable, which slightly impacts trust but does not undermine the site's legitimacy given its university affiliation and professional presentation.

W

WebsiteNI

websiteni.com

72

WebsiteNI is a well-established Northern Ireland-based digital agency specializing in bespoke web design, eCommerce solutions, and digital marketing services. With nearly two decades of experience, the company serves businesses primarily in Belfast and Dungannon, focusing on delivering creative, user-friendly websites and effective marketing strategies. Their portfolio spans multiple sectors including construction, healthcare, agriculture, and hospitality, demonstrating a broad industry reach. Technically, the website is built on WordPress and leverages a modern technology stack including Google Analytics, Matomo, Hotjar, and various marketing and tracking tools. The site is mobile-optimized, accessible, and uses Cloudflare for DNS and CDN services, ensuring reliable performance and security. Multiple forms are protected by hCaptcha, indicating attention to spam prevention and user data security. From a security perspective, the site enforces HTTPS and employs domain status protections to prevent unauthorized transfers or updates. However, DNSSEC is not enabled and security headers are not explicitly detected, suggesting room for improvement. No explicit security policy or incident response information is published, which could enhance trust and compliance. Privacy and cookie policies are present and appear GDPR compliant, supporting responsible data handling. Overall, WebsiteNI presents a professional, trustworthy digital presence with strong business credibility and technical maturity. Strategic enhancements in security policy transparency and DNS security would further strengthen their posture. The website is safe for general audiences and does not contain any adult or questionable content.

I

Interreg

interreg-rhin-sup.eu

51

The website www.interreg-rhin-sup.eu represents the official online presence of the Interreg Upper Rhine program, a European Union initiative supporting cross-border cooperation projects between France, Germany, and Switzerland. The site provides comprehensive information about funding opportunities, project libraries, events, and resources for beneficiaries. It targets public authorities, project partners, and stakeholders involved in regional development and cooperation. The website is professionally designed, multilingual (French primary with German alternate), and well-structured to facilitate navigation and user engagement. Technically, the site is built on WordPress CMS with modern frameworks such as Bootstrap and uses privacy-conscious analytics via Matomo. Cookie consent is managed through tarteaucitron.js, reflecting compliance with EU privacy regulations. The site is mobile-optimized and SEO-friendly, leveraging Yoast SEO plugin. However, some security best practices like explicit security headers are not visibly implemented, and no public security or incident response policies are found. From a security perspective, the site enforces HTTPS and does not expose sensitive data. The domain WHOIS data is not publicly available due to EURid privacy policies, which is typical for .eu domains. The website shows no signs of malicious activity or vulnerabilities. Social media presence and partner logos enhance trustworthiness. Overall, the site demonstrates a mature digital infrastructure suitable for a government-funded program. The risk assessment is low, with recommendations to improve security headers, publish security policies, and enhance accessibility compliance. The domain legitimacy is supported by consistent content and EU affiliation despite the lack of WHOIS transparency. The website is safe for general audiences and does not contain adult or questionable content.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend

erfolgsfaktor-familie.de

62

The website www.erfolgsfaktor-familie.de is a professional government-backed platform operated by the Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend. It serves as the central hub for the 'Erfolgsfaktor Familie' program, which promotes family-friendly workplace policies in Germany. The platform offers free support, networking, and resources to employers to facilitate work-family balance, positioning itself as a key player in this niche within the German government and economic sectors. Technically, the site employs modern web technologies including Matomo for privacy-conscious analytics, FriendlyCaptcha for form protection, and uses HTTPS with good privacy practices such as IP pseudonymization. The site is well-optimized for mobile and accessibility, with clear navigation and comprehensive content. However, no explicit security policy or incident response information is published, and no direct company contact emails or phone numbers are provided, relying instead on contact forms. From a security perspective, the site demonstrates strong GDPR compliance and privacy measures, including a clear cookie consent mechanism and data retention policies. The SSL configuration is excellent, and no vulnerabilities or suspicious patterns were detected. The domain WHOIS data is limited but consistent with a government program, with no privacy protection or suspicious registrations. Overall, the website is trustworthy, professionally maintained, and compliant with relevant privacy regulations. Strategic recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure information to further enhance trust and security posture.

B

Bundesministerium für Familie, Senioren, Frauen und Jugend

pausentaste.de

62

The website pausentaste.de is an official government-supported platform operated under the Bundesministerium für Familie, Senioren, Frauen und Jugend. It provides comprehensive support, information, and resources for children and adolescents who care for family members. The site is well-branded, professionally designed, and targets a sensitive audience with appropriate content and privacy considerations. Technically, it is built on TYPO3 CMS and uses Matomo analytics configured for privacy compliance, including IP anonymization and opt-in consent mechanisms. Security posture is good with HTTPS and cookie consent, though explicit security headers and incident response policies are not published. Overall, the site is trustworthy, accessible, and compliant with GDPR requirements.

A

Antidiskriminierungsstelle des Bundes

antidiskriminierungsstelle.de

62

The Antidiskriminierungsstelle des Bundes is a German federal government agency dedicated to combating discrimination and providing support to affected individuals. The website serves as an official portal offering comprehensive information about discrimination laws, consultation services, research, and publications. It targets individuals experiencing discrimination, public authorities, and the general public seeking information or assistance. The agency operates under a public service model, funded by the government, and holds a strong market position as the central anti-discrimination authority in Germany. Technically, the website is built on the Government Site Builder CMS, featuring a modern and accessible design optimized for mobile devices. It employs Matomo analytics with a clear cookie consent mechanism, reflecting a mature digital infrastructure with moderate performance. The site demonstrates good SEO and accessibility practices, ensuring broad usability and compliance with privacy regulations. From a security perspective, the site enforces HTTPS and provides cookie consent controls, but lacks explicit security policy documentation and incident response contacts. No critical vulnerabilities or suspicious elements were detected. The WHOIS data aligns with the official government entity, confirming legitimacy and trustworthiness. Overall, the website presents a professional, secure, and privacy-conscious platform that effectively supports its mission. Strategic improvements could include publishing a dedicated security policy and incident response information to enhance transparency and trust further.

S

Stiftung Erinnerung, Verantwortung und Zukunft (EVZ)

stiftung-evz.de

47

The Stiftung Erinnerung, Verantwortung und Zukunft (EVZ) is a German non-profit foundation dedicated to fostering remembrance culture, encouraging historical education, and supporting related projects across society. The foundation operates with a clear mission to engage diverse audiences in active historical reflection and education. Their website reflects a mature digital presence, built on TYPO3 CMS, with modern JavaScript libraries and Matomo analytics for privacy-conscious tracking. The site is well-structured, mobile-optimized, and provides comprehensive information about their funding programs, organizational structure, and news updates. Security posture is solid with HTTPS enabled and no visible vulnerabilities, although some security headers could be improved. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the foundation presents a trustworthy and professional online presence consistent with its mission and organizational type.

O

Oranto GmbH

gutes-aufwachsen-mit-medien.de

48

Gutes Aufwachsen mit Medien is a German non-profit initiative focused on promoting positive and responsible media use among children, youth, parents, and educators. The website serves as a central hub offering practical guides, advice, local network connections, online conferences, and newsletters to support media education and youth media protection. Supported by the German Federal Ministry for Family Affairs, Senior Citizens, Women and Youth, it holds a credible position in the national educational landscape. Technically, the website is built on TYPO3 CMS, employs Bootstrap for responsive design, and uses Matomo analytics configured to disable cookies, reflecting a privacy-conscious approach. The site is mobile-optimized, accessible, and SEO-friendly, with good content quality and consistent branding. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and uses privacy-respecting analytics but lacks explicit security headers and a formal security or incident response policy. No cookie consent mechanism was detected, which is a minor compliance gap. The domain registration data is consistent and transparent, enhancing trustworthiness. Overall, the website is professional, trustworthy, and well-suited for its educational mission, with recommendations to enhance privacy compliance and security posture for improved user trust and regulatory alignment.

S

Stiftung Digitale Chancen

digitale-chancen.de

69

Stiftung Digitale Chancen is a German non-profit foundation dedicated to researching the societal impacts of digitalization and promoting equal internet access for all. Established in 2002 and based in Berlin, the foundation operates various national and international projects focused on digital inclusion, media literacy, and social empowerment, targeting diverse groups including seniors and LGBTQ+ youth. The organization collaborates with partners such as O₂ Telefónica to enhance digital mobility and resilience. Technically, the website is built on TYPO3 CMS with Bootstrap and jQuery, offering a responsive, accessible, and well-structured user experience. Privacy is respected through clear cookie consent mechanisms and the use of Matomo analytics with IP anonymization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the website reflects a professional, trustworthy, and mission-driven organization with strong digital maturity and compliance practices.

jugendschutz.net is a German non-profit organization dedicated to youth protection on the internet. The website provides comprehensive educational content, awareness campaigns, and mechanisms for reporting violations related to youth safety online. It targets parents, educators, and professionals involved in child and youth protection. The organization holds a leading position in Germany for internet youth protection and operates with a professional and consistent brand presence. Technically, the website is built on TYPO3 CMS and leverages modern front-end technologies such as Bootstrap, jQuery, and Slick Carousel. It is optimized for mobile devices and provides a good user experience with clear navigation and rich content. The site uses HTTPS and Matomo analytics, indicating a focus on privacy and security. From a security perspective, the site enforces HTTPS and uses secure forms but lacks some advanced security headers and a published security.txt file. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence. However, no explicit incident response or security contact information is published. Overall, the website is trustworthy, professionally maintained, and safe for general audiences. The missing WHOIS data is a concern but does not outweigh the legitimacy signals from the website content and imprint. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure information, and improving incident response transparency.

B

Bundesamt für Familie und zivilgesellschaftliche Aufgaben

ausschuss-fuer-mutterschutz.de

60

The Ausschuss für Mutterschutz website serves as the official online presence of a German federal government committee dedicated to maternity protection. It provides authoritative information, guidelines, and resources to support employers and pregnant or breastfeeding women in complying with maternity protection laws. The site is well-structured, professionally designed, and targets a specialized audience including government bodies, employers, and affected individuals. Technically, the site is built on TYPO3 CMS, hosted by a reputable German provider, and employs Matomo analytics configured for privacy compliance. Security posture is strong with HTTPS enforced and privacy-respecting analytics, though some security headers could be improved. Overall, the site demonstrates high trustworthiness and compliance with GDPR, with clear contact information and cookie consent mechanisms.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend (BMFSFJ)

informationsportal-kinderwunsch.de

62

The website www.informationsportal-kinderwunsch.de is an official information portal operated by the German Federal Ministry for Education, Family, Seniors, Women and Youth (BMFSFJ). It provides comprehensive information and resources related to infertility, including causes, diagnostics, treatment options, psychosocial counseling, and financial support. The portal targets individuals and couples facing challenges with conception, offering trusted, government-backed content and services. The site is well-positioned as a reliable public sector resource in the healthcare and family support domain within Germany. Technically, the website employs a modern and accessible design with responsive layouts, SVG icons, and progressive enhancement techniques. It uses jQuery UI and Matomo for analytics, with strong privacy controls including IP pseudonymization and explicit cookie consent mechanisms. The site is hosted on servers using ns14.net name servers, with HTTPS enforced and no visible blocking or WAF interference. SEO and accessibility are well implemented, supporting a broad user base including those requiring easy language and sign language options. From a security perspective, the site demonstrates good practices such as encrypted connections, privacy-respecting analytics, and cookie consent. However, it lacks explicit security headers and published security policies or incident response contacts, which could be improved to enhance trust and compliance. No vulnerabilities or suspicious patterns were detected in the content or WHOIS data. Overall, the security posture is solid for a government informational site. The overall risk is low given the official nature, quality content, and privacy compliance. Strategic recommendations include adding security headers, publishing a security policy and incident response contacts, and considering a vulnerability disclosure policy to further strengthen security culture and transparency.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend

serviceportal-zuhause-im-alter.de

64

The website www.serviceportal-zuhause-im-alter.de is an official German government service portal managed by the Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend. It provides comprehensive information, programs, and resources related to age-appropriate housing, social services, neighborhood help, and funding projects for older adults. The portal targets seniors, caregivers, municipalities, and community organizations, positioning itself as a trusted and authoritative source in the social services sector. The content is well-structured, professionally designed, and accessible, supporting a broad audience with clear navigation and accessibility tools such as ReadSpeaker.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend

wegweiser-demenz.de

63

Wegweiser Demenz is an official German government website operated by the Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend. It serves as a comprehensive informational portal focused on dementia, providing resources for affected individuals, caregivers, families, and professionals. The site offers detailed guidance on medical, legal, and everyday care topics, alongside community engagement tools such as forums and local alliance maps. The platform is well-positioned as a trusted government resource in the healthcare and social support sector in Germany. Technically, the website employs a modern and privacy-conscious infrastructure, including the use of Matomo analytics configured for GDPR compliance with IP pseudonymization and no cookies without consent. The site uses common JavaScript libraries like jQuery UI and mapping tools such as OpenLayers, and integrates FriendlyCaptcha for form security. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. From a security perspective, the site enforces HTTPS, uses privacy-respecting analytics, and implements cookie consent mechanisms. However, it lacks publicly available formal security policies and incident response contacts, which could enhance transparency and trust. No vulnerabilities or suspicious elements were detected in the content or domain registration data. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable source for dementia-related information. Strategic improvements could include publishing explicit security and incident response policies to further strengthen user confidence and compliance posture.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend

programm-altersbilder.de

63

The website www.programm-altersbilder.de is an official German government platform managed by the Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend. It focuses on promoting new and realistic societal images of aging through various programs, exhibitions, publications, and competitions. The site targets a broad audience including seniors, families, and social stakeholders. Technically, it is built on TYPO3 CMS with jQuery and uses Matomo analytics configured to respect user privacy with anonymized IP tracking and consent-based data collection. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS and privacy-conscious analytics, though it lacks explicit security headers and incident response disclosures. Overall, the site is trustworthy, professional, and compliant with GDPR requirements.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend

pflegeausbildung.net

56

The website pflegeausbildung.net is an official German government portal managed by the Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend. It provides comprehensive information about nursing education, career opportunities, and training programs in Germany. The site targets prospective nursing students, career changers, and educational institutions, positioning itself as a trusted and authoritative resource in the healthcare education sector. The content is well-structured, professionally presented, and supported by official government branding and social media channels. Technically, the site is built on TYPO3 CMS and uses Matomo analytics with privacy-conscious configurations, including IP anonymization and cookie consent mechanisms compliant with GDPR. The website demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. However, the WHOIS data for the domain is missing or inaccessible, which is unusual for a government domain and slightly reduces trustworthiness from a domain registration perspective. Security-wise, the site enforces HTTPS and employs cookie consent for tracking, but lacks visible security headers in the HTML content. No vulnerabilities or exposed sensitive data were detected. Privacy policies and cookie management are comprehensive and transparent, aligning with GDPR requirements. Overall, the site maintains a strong security posture appropriate for a government informational platform. The main risk factor is the absence of WHOIS registration data, which may be due to privacy protection or technical issues but warrants monitoring. Strategic recommendations include implementing security headers, publishing incident response policies, and adding a security.txt file to enhance transparency and trust.

B

Bundesprogramm Mehrgenerationenhaus

mehrgenerationenhaeuser.de

60

The website www.mehrgenerationenhaeuser.de represents the Bundesprogramm Mehrgenerationenhaus, a German federal program supporting over 530 community centers that foster intergenerational interaction and social cohesion. The site provides extensive information about the program's goals, activities, and news updates, targeting a broad audience including families, seniors, and volunteers. The site is professionally designed using TYPO3 CMS and modern web technologies, with good mobile optimization and accessibility. It employs Matomo analytics configured to disable cookies, reflecting privacy-conscious practices. However, explicit privacy and cookie policies are not found, representing a compliance gap. Security posture is solid with HTTPS enforced but lacks visible security headers and incident response contacts. WHOIS data is minimal but consistent with the hosting provider, Schlundtech, and the domain appears legitimate for a government program. Overall, the site is trustworthy, content-rich, and professionally maintained, but could improve privacy compliance and security transparency.

B

Boys'Day

boys-day.de

53

Boys'Day is a well-established non-profit initiative in Germany focused on career orientation and life planning for boys starting from the 5th grade. The website serves as a comprehensive platform providing information, educational materials, and event coordination for boys, schools, and participating companies. It enjoys a strong market position as a nationwide recognized event with government ministry involvement and active social media presence. Technically, the website employs modern JavaScript technologies, uses Matomo for privacy-conscious analytics, and implements cookie consent mechanisms. The site is hosted via DomainControl (GoDaddy) and demonstrates good mobile optimization, accessibility, and SEO practices. The design is professional and user-friendly, supporting a positive user experience. From a security perspective, the site enforces HTTPS, uses standard security headers, and avoids exposing sensitive data. However, it lacks a dedicated security policy or incident response contact page, which could be improved. No vulnerabilities or suspicious domains were detected, and the WHOIS data is consistent and transparent. Overall, Boys'Day presents a low-risk profile with strong privacy compliance and business credibility. Strategic recommendations include publishing explicit security policies, enhancing incident response transparency, and maintaining regular security audits to uphold trust and compliance.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend

aktion-zusammen-wachsen.de

59

The website 'Aktion zusammen wachsen' is an official German government initiative managed by the Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend. It focuses on supporting and coordinating mentoring and patenschaft projects aimed at children and youth with refugee backgrounds. The platform provides project databases, informational materials, event announcements, and resources for both project coordinators and interested volunteers. The site is well-positioned as a credible and authoritative source within the social integration and education sector in Germany. Technically, the website is built on TYPO3 CMS, a robust and widely used content management system, and employs Matomo analytics with strong privacy controls including IP anonymization and explicit user consent mechanisms. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Hosting appears professional with domain control via domaincontrol.com nameservers. From a security perspective, the site uses HTTPS and enforces cookie consent, but lacks explicit security headers and published security or incident response policies. No vulnerabilities or suspicious content were detected. Privacy compliance is strong, with GDPR-aligned policies and transparent data handling. Overall, the security posture is solid but could be improved with additional headers and formal policies. The overall risk assessment is low, with the site representing a trustworthy government resource. Strategic recommendations include enhancing security headers, publishing incident response contacts, and considering a vulnerability disclosure policy to further strengthen trust and security culture.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend

wege-zur-pflege.de

66

The website 'Wege zur Pflege' is an official German government portal managed by the Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend. It provides comprehensive information and support resources for family caregivers, employers, and care recipients, focusing on caregiving laws, financial support, and counseling services. The site is well-positioned as an authoritative source in the caregiving sector within Germany, targeting a broad audience including caregivers and employers. Technically, the site employs modern web technologies with a privacy-respecting Matomo analytics setup, hosted likely on German infrastructure, and demonstrates good mobile optimization and accessibility features. Security posture is solid with HTTPS and privacy controls, though explicit security headers and incident response policies are not publicly documented. Overall, the site is professional, trustworthy, and compliant with GDPR, making it a reliable resource for its users.

B

Bundesamt für Familie und zivilgesellschaftliche Aufgaben

esf-regiestelle.de

60

The website www.esf-regiestelle.de is an official German federal government portal operated by the Bundesamt für Familie und zivilgesellschaftliche Aufgaben. It serves as the ESF-Regiestelle, managing and coordinating European Social Fund programs on behalf of the Federal Ministry for Education, Family, Seniors, Women and Youth. The site provides comprehensive information about current and past ESF funding periods, programs, and related news targeted at public administration, social organizations, families, and municipalities. The business model is centered on public administration and program management within the government sector, positioning the Bundesamt as a key facilitator of EU social funding in Germany. Technically, the website is built on TYPO3 CMS, a mature open-source content management system, and uses Matomo analytics hosted locally in Germany to ensure privacy compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices. The cookie consent mechanism is implemented with GDPR compliance, including anonymized IP tracking and opt-in/out options. No WAF or blocking mechanisms were detected, and the site is fully accessible. From a security perspective, the site follows good privacy practices, including anonymizing analytics data and requiring consent before setting cookies. However, no explicit security policy, incident response contacts, or vulnerability disclosure information is published, which could be improved. The WHOIS data is limited but consistent with the official nature of the site. Overall, the site is trustworthy, professional, and compliant with relevant privacy regulations. The overall risk is low, with recommendations focusing on enhancing transparency around security policies and incident response, adding security headers, and publishing vulnerability disclosure information to further strengthen trust and security posture.

B

Bundesamt für Familie und zivilgesellschaftliche Aufgaben

bundesfreiwilligendienst.de

62

The Bundesfreiwilligendienst.de website is an official German government platform managed by the Bundesamt für Familie und zivilgesellschaftliche Aufgaben. It provides comprehensive information and services related to the Bundesfreiwilligendienst (Federal Volunteer Service), targeting volunteers, deployment sites, and educational centers. The site offers resources such as placement searches, educational seminars, event information, and downloadable materials, positioning itself as a key informational hub for voluntary civic engagement in Germany. Technically, the website is built on the TYPO3 CMS platform, utilizing modern web technologies including jQuery, Bootstrap, CKEditor, and Leaflet.js for interactive maps. It employs Matomo for privacy-conscious analytics with IP anonymization and cookie consent mechanisms, reflecting a mature digital infrastructure with good mobile optimization and accessibility features. From a security perspective, the site enforces HTTPS, uses cookie consent banners compliant with GDPR, and anonymizes user data in analytics. However, it lacks explicit published security policies, incident response contacts, and security headers, which are recommended for enhanced security posture. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the website demonstrates a high level of trustworthiness and professionalism appropriate for a government service. It complies well with privacy regulations and provides clear contact channels, though it could improve transparency around security policies and incident handling.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend

regenbogenportal.de

66

The Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend (BMFSFJ) is a German federal government ministry dedicated to policies and programs supporting families, seniors, women, youth, and equality issues including sexual and gender diversity. The website provides comprehensive information on queer politics and gender diversity, including policy plans, legal frameworks, and public awareness initiatives. It targets a broad audience including citizens, policymakers, and the LSBTIQ* community. The site is professionally designed with clear navigation and strong branding consistent with government standards. Technically, the website uses a custom or proprietary CMS with a modern tech stack including JavaScript and CSS, and employs Matomo for privacy-conscious analytics. Hosting is provided by a German technical service provider, ensuring data residency compliance. The site is mobile-optimized and accessible, with good SEO practices and privacy compliance including GDPR-aligned cookie consent mechanisms. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though explicit security headers and incident response information are not publicly detailed. No vulnerabilities or suspicious elements were detected. WHOIS data confirms the domain's legitimacy and consistency with a government entity. Overall, the website is a trustworthy, professional government resource with strong privacy and content quality, suitable for general audiences seeking information on equality and diversity policies in Germany.

B

Bundesministerium für Familie, Senioren, Frauen und Jugend

kinder-ministerium.de

70

The Kinder-Ministerium website is an official German government portal managed by the Bundesministerium für Familie, Senioren, Frauen und Jugend. It provides educational content focused on children's rights and family-related topics, targeting children and families. The site is well-branded, consistent, and professionally maintained, reflecting its government affiliation. Technically, it is built on TYPO3 CMS and uses Matomo for privacy-conscious analytics. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and anonymized tracking, though some security headers and explicit security policies could be improved. Privacy compliance is strong, with clear cookie consent and GDPR-aligned policies. Overall, the site is trustworthy and safe for general audiences.

B

Bundesamt für Familie und zivilgesellschaftliche Aufgaben

bafza.de

58

The Bundesamt für Familie und zivilgesellschaftliche Aufgaben (BAFzA) is a German federal government agency dedicated to supporting families and civil society through various programs, services, and initiatives. The website serves as an official portal providing information, resources, and contact points for citizens, social organizations, and professionals. It holds a strong market position as a trusted government entity with a broad scope of social engagement and support services. The site features comprehensive content, clear navigation, and professional design consistent with government standards. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including Matomo for privacy-conscious analytics. The infrastructure is hosted by domainfactory in Germany, ensuring data residency compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Privacy and cookie consent mechanisms are well implemented, reflecting GDPR compliance. From a security perspective, the site employs best practices such as IP anonymization in analytics and cookie consent enforcement. However, explicit security headers and incident response policies are not evident, suggesting room for improvement in security posture. No vulnerabilities or suspicious content were detected, and the domain registration appears legitimate with no privacy protection masking ownership. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen trust and resilience.

Optigrün international AG is a well-established European leader in green roofing and roof garden solutions, boasting 50 years of expertise. The company offers a comprehensive range of innovative products and services aimed at enhancing urban ecological balance and sustainability. Their target audience includes architects, project planners, and specialized firms seeking professional green roof systems and consulting services. Technically, the website is built on TYPO3 CMS with Bootstrap framework, incorporating modern analytics and bot protection tools such as Matomo and Google reCAPTCHA. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security-wise, HTTPS is enforced and cookie consent mechanisms are in place, though explicit security policies and vulnerability disclosures are absent, suggesting room for improvement. Overall, the website is professional, trustworthy, and compliant with GDPR, but the lack of WHOIS data and domain registration transparency slightly reduces trust from a domain legitimacy perspective.

M

MullenLowe Global

mullenloweglobal.com

74

MullenLowe Global is a prominent marketing communications company headquartered in London and part of the Interpublic Group of Companies. The company operates a global network of agencies providing creative and advertising services to a diverse business audience. Their website reflects a mature digital presence with comprehensive content, multimedia integration, and consistent branding across multiple global offices. Technically, the site uses modern web technologies including jQuery, Matomo analytics, and OneTrust for cookie consent, hosted on a WordPress CMS platform. The site is mobile-optimized and accessible, with good SEO practices and privacy compliance mechanisms in place. Security posture is solid with HTTPS enforced and cookie consent implemented, though additional security headers could enhance protection. The absence of WHOIS data is a notable anomaly, potentially indicating recent domain registration or privacy protection, but the overall business credibility remains high due to strong branding and association with a major parent company. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen trust and compliance.

M

MullenLowe GGK Bratislava

mullenloweggk.sk

73

MullenLowe GGK Bratislava is a reputable advertising and creative agency operating as part of the global MullenLowe network. The company offers a range of marketing and communication services, targeting businesses seeking professional advertising solutions in Slovakia. Their website showcases a portfolio of client works and news updates, reflecting an active and engaged agency. Technically, the website is built on WordPress, leveraging modern technologies such as jQuery, Matomo Analytics, and OneTrust for cookie consent management. The site is well-optimized for mobile devices and demonstrates good SEO and accessibility practices, although some accessibility improvements could be made. Security-wise, the website enforces HTTPS, uses cookie consent mechanisms, and does not expose sensitive data. However, it lacks explicit security policies and incident response information, which could be improved to enhance trust and compliance. Overall, the website is professional, trustworthy, and compliant with GDPR, with a strong digital presence and active social media engagement.

J

Joachim Herz Stiftung

joachim-herz-stiftung.de

65

The Joachim Herz Stiftung website represents a well-established non-profit foundation focused on promoting innovative solutions in research, education, and climate protection. The organization supports transfer-oriented research, entrepreneurial talent development, and digital transformation in vocational education. The website is professionally designed, built on TYPO3 CMS, and employs privacy-conscious analytics via Matomo with anonymized IP tracking and no cookies. Cookie consent is managed via Cookiebot with a clear consent mechanism. However, explicit privacy policy and terms of service pages were not found in the provided content, which is a compliance gap. Contact information is primarily via a contact form, with no direct emails or phone numbers visible. WHOIS data is minimal, lacking registrant details, which slightly reduces trust but does not contradict the professional nature of the site. Security posture is good with HTTPS and consent management but could be improved by adding security headers and explicit security policies. Overall, the site is trustworthy, privacy-aware, and professionally maintained, serving a medium-sized non-profit audience in Germany.

E

Eurodesk

rausvonzuhaus.de

43

Rausvonzuhaus is a German non-profit youth information platform operated by Eurodesk, providing free, neutral, and personal advice on international youth programs such as volunteering, student exchanges, work & travel, au-pair, and internships. The website targets young people interested in short- or long-term stays abroad and offers a last-minute marketplace, event information, and newsletters to support their journey. The platform is well-positioned in the youth education sector in Germany, leveraging trusted branding and a comprehensive content offering. Technically, the site is built on TYPO3 CMS with modern frontend technologies including Alpine.js and Vite for asset management. It employs a self-hosted Matomo analytics solution and Usercentrics for GDPR-compliant cookie consent management, reflecting a mature approach to privacy and data protection. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site uses HTTPS and consent mechanisms but lacks explicit security headers and a published security policy or vulnerability disclosure. WHOIS data is minimal but does not raise immediate concerns. Overall, the security posture is adequate but could be improved with additional transparency and technical controls. The overall risk is low given the non-commercial, informational nature of the site and its compliance with privacy standards. Strategic recommendations include publishing privacy and security policies, adding vulnerability disclosure mechanisms, and enhancing security headers to strengthen trust and compliance.

W

Wobsah s.r.o.

placla.cz

43

PlaCla.cz, operated by Wobsah s.r.o., is a Czech-based service specializing in the publication and management of PR articles across a broad network of over 843 media outlets. The platform offers a streamlined process for advertisers to publish promotional content efficiently, leveraging bulk purchasing to secure competitive pricing and saving clients significant time. The website demonstrates a mature digital presence with a professional design, clear navigation, and integration of modern web technologies such as WordPress, Yoast SEO, Matomo analytics, and Tawk.to live chat support. The company maintains active social media channels and provides transparent contact information, reinforcing its credibility. However, the site lacks explicit cookie consent mechanisms and detailed security or incident response policies, which are areas for improvement.

I

InnoCraft

innocraft.com

78

InnoCraft is the creator and maintainer of Matomo, a leading open-source digital analytics platform emphasizing privacy, data ownership, and GDPR compliance. The company offers a range of services including support plans, cloud-hosted analytics, and premium features tailored to businesses of all sizes globally. With offices primarily in New Zealand and a strong European presence, InnoCraft positions itself as a trusted alternative to major analytics providers, focusing on openness and customer relationships. Technically, the website is built on WordPress with modern plugins and frameworks, delivering a fast, accessible, and SEO-optimized experience. Security practices are solid with HTTPS enforcement, privacy-respecting analytics, and form protections, though explicit security policies and vulnerability disclosure mechanisms could be enhanced. Overall, the domain registration and WHOIS data align well with the company's profile, indicating legitimacy and stability.

F

Federal Institute for Vocational Education and Training (BIBB)

apprenticeship-toolbox.eu

63

The Federal Institute for Vocational Education and Training (BIBB) operates as a recognized German government institution specializing in research and development of vocational education and training. The website serves as a comprehensive resource hub, particularly through the Apprenticeship Toolbox, targeting VET stakeholders across multiple countries with dual apprenticeship systems. The organization holds a strong market position as a national authority in vocational education, supported by the German Federal Ministry of Education and Research. Technically, the website employs a modern and professional infrastructure with HTML5, CSS3, JavaScript, and jQuery, supplemented by Matomo analytics for user tracking. The site is mobile-optimized, accessible, and SEO-friendly, though it lacks some advanced security headers and explicit cookie consent mechanisms. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data, reflecting a mature security posture. However, it could improve by publishing security policies, incident response contacts, and implementing cookie consent to enhance GDPR compliance. No vulnerabilities or suspicious activities were detected. Overall, the website is trustworthy, professionally maintained, and serves its educational mission effectively. Strategic improvements in privacy and security transparency would further strengthen its compliance and user trust.

F

Federal Institute for Vocational Education and Training

refernet.de

61

ReferNet Germany is a professionally maintained website operated by the Federal Institute for Vocational Education and Training (BIBB), serving as a key European information network for vocational education and training (VET). The site provides comprehensive resources including publications, news, and data related to VET systems in Germany and Europe, targeting policymakers, researchers, and stakeholders in the education sector. It holds a strong market position as a recognized competence center affiliated with European institutions such as Cedefop. Technically, the website employs modern web standards with HTML5, CSS3, and JavaScript, and uses Matomo for analytics. The site is hosted on servers associated with bringe.net and demonstrates good performance, mobile optimization, and accessibility. SEO practices are well implemented with proper meta tags and structured navigation. From a security perspective, the site enforces HTTPS and shows no signs of exposed sensitive data or vulnerable libraries. However, it lacks explicit security headers and publicly available security or incident response policies. Privacy compliance is partial, with a privacy policy present but no visible cookie consent mechanism. Overall, the website is trustworthy, safe, and professionally operated with a high legitimacy score. Strategic recommendations include enhancing privacy compliance with cookie consent, publishing security policies, and implementing security headers to strengthen the security posture.

F

Federal Institute for Vocational Education and Training (BIBB)

deqa-vet.de

57

The website www.deqa-vet.de represents the German Reference Point for Quality Assurance in Vocational Education and Training, operated by the Federal Institute for Vocational Education and Training (BIBB). It serves as a national competence center providing research, publications, and quality assurance mechanisms for vocational education and training in Germany. The site targets education professionals, policymakers, and stakeholders in vocational training, offering resources such as studies, peer reviews, and news updates. The business model is that of a government research institution focused on advancing vocational education quality. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with a responsive design and accessibility features. It uses Matomo analytics for privacy-conscious user tracking and integrates a French government design system framework for UI consistency. Hosting details are limited but DNS servers indicate a stable German hosting environment. Performance is moderate with good mobile optimization and SEO practices. From a security perspective, the site enforces HTTPS and uses secure forms but lacks explicit security headers and a cookie consent mechanism, which are recommended for enhanced security and GDPR compliance. No vulnerabilities or exposed sensitive data were detected in the HTML content. Contact information is provided via a contact form, with no direct emails or phone numbers visible. Social media presence is established through official BIBB accounts. Overall, the website is trustworthy, professional, and well-aligned with its governmental educational mission. Strategic improvements include implementing cookie consent, adding security headers, and publishing incident response and security policies to strengthen compliance and security posture.

F

Federal Institute for Vocational Education and Training (BIBB)

govet.international

62

The website www.govet.international represents GOVET, the German Office for International Cooperation in Vocational Education and Training, operated by the Federal Institute for Vocational Education and Training (BIBB). It serves as a government-affiliated platform providing advisory services, presentations, workshops, and international cooperation in vocational education and training. The site targets international VET stakeholders, policymakers, and educators. The content is rich, professionally presented, and consistent with the organization's mission. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript, and Matomo analytics, with good mobile optimization and accessibility. Security posture is solid with HTTPS enforced, though security headers and explicit incident response policies are absent. Privacy compliance is good with a comprehensive privacy policy but lacks a cookie consent mechanism. WHOIS data is malformed and incomplete, limiting domain trust verification, but the website content and branding strongly indicate legitimacy. Overall, the site is professional, trustworthy, and well-maintained with minor areas for security and privacy improvement.

I

iMOVE at the Federal Institute for Vocational Education and Training (BIBB)

imove-germany.de

52

The website www.imove-germany.de is a government-backed platform operated by iMOVE at the Federal Institute for Vocational Education and Training (BIBB). It focuses on promoting international cooperation in vocational education and training, providing resources such as a provider pool, B2B marketplace, and informational content targeted at both international users and German providers. The site is professionally designed with consistent branding and clear navigation, supporting a medium-sized government initiative in the education sector based in Germany. Technically, the site uses standard web technologies including jQuery and Matomo analytics with privacy-conscious configurations such as disabled cookies. The site is mobile-optimized and SEO-friendly, though no CMS or hosting provider details are explicitly identified. Security posture is good with HTTPS enforced and privacy policies in place, but lacks explicit security headers and published incident response or vulnerability disclosure policies. Overall, the site is trustworthy, safe, and compliant with GDPR, serving as a credible resource for vocational education stakeholders.

KOVOLASER s.r.o. is a Czech small manufacturing company specializing in laser cutting and CNC punching of thin-walled sheet metals. Founded in 2004, it operates three high-performance machines from TRUMPF and AMADA and serves various industrial sectors including machinery, electrical, food, agriculture, and advertising. The company emphasizes quality manufacturing services with a focus on sheet metal processing. The website reflects a professional SME with clear contact details and a business-oriented presentation. Technically, the site uses a PHP-based CMS (IPO), jQuery libraries, Google reCAPTCHA, and Matomo analytics, indicating a moderate level of digital maturity. However, the use of older jQuery versions and lack of modern security headers suggest room for technical improvements. Security posture is moderate; HTTPS status is unknown but reCAPTCHA is implemented, and no sensitive data is exposed. The absence of privacy and cookie policies, as well as missing WHOIS data, lowers compliance and trust scores. Overall, the site is accessible, safe, and business-focused but would benefit from enhanced security and privacy practices.

R

Research Data Centre of the Federal Statistical Office and the statistical offices of the Länder

forschungsdatenzentrum.de

58

The Research Data Centre of the Federal Statistical Office and the statistical offices of the Länder operates as an official government entity providing access to German official microdata for scientific research. The website serves researchers and statisticians by offering various data supply options, clear terms of use, and user support. The business model is government-funded with user charges for data access. The site is well-branded and consistent with government standards. Technically, the website is built on Drupal 10 CMS, uses Matomo for analytics with privacy-conscious configurations, and includes modern JavaScript libraries such as Hyphenopoly. The site is mobile-optimized, accessible, and SEO-friendly, though hosting provider details are not explicit. Performance is moderate with no critical technical issues detected. Security posture is solid with HTTPS enforced and privacy-respecting analytics. However, no explicit security policy or incident response information is published, and security headers are not evident. No vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. Overall, the website is trustworthy, professional, and safe, with a high legitimacy score. Strategic improvements include publishing a formal security policy, incident response contacts, and adding security.txt for vulnerability disclosure to enhance transparency and security maturity.

S

Statistische Ämter des Bundes und der Länder

statistikportal.de

58

Statistikportal.de is the official joint statistical portal of the Statistical Offices of the Federation and the Länder in Germany. It provides comprehensive and authoritative statistical data, interactive maps, and thematic information for researchers, policymakers, and the general public. The portal is well-structured, professionally designed, and offers a broad range of data products and services related to demographics, economy, environment, and more. Technically, the site is built on Drupal 10, uses modern JavaScript libraries, and integrates Matomo analytics with privacy-conscious settings. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The domain registration data aligns with the official nature of the site, enhancing trustworthiness. Overall, the portal demonstrates a mature digital infrastructure suitable for a government entity.