Security Directory

F

Foire de Toulouse

foiredetoulouse.com

60

Foire de Toulouse is a regional event organizer focused on the International Fair of Toulouse, providing event information and services to visitors and exhibitors. The website is built on Drupal 10 and integrates modern web technologies such as Matomo analytics, Google Tag Manager, and accessibility tools, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS implied and cookie consent implemented, but lacks visible security headers and formal privacy or incident response policies. The absence of WHOIS registration data raises concerns about domain legitimacy, though the website content and branding appear professional and consistent with a legitimate event. Strategic improvements in security headers, privacy disclosures, and domain registration transparency are recommended to enhance trust and compliance.

F

Foire de Lyon 2026 - du 20 au 30 mars - Lyon Eurexpo

foiredelyon.com

61

Foire de Lyon is a regional event organizer hosting a major fair in Lyon, France, scheduled for March 20-30, 2026. The website provides comprehensive information about the event, including exhibitor details, visitor guides, and partner information. The digital infrastructure is built on Drupal 10 with integrations for video content, analytics, and cookie consent management, reflecting a modern and mature web presence. Security posture is generally good with HTTPS enforced and privacy compliance mechanisms in place, though some improvements in security headers and incident response transparency are recommended. The absence of WHOIS data introduces some uncertainty about domain legitimacy, but the professional content and strong social media presence support trustworthiness. Overall, the site is well-positioned to serve its audience effectively with moderate risk factors to monitor.

F

Page d'accueil | Foire Orléans

foirexpo-orleans.fr

58

The website www.foirexpo-orleans.fr represents an event or expo based in Orléans, France, likely targeting a general audience interested in local exhibitions or fairs. The site is built on Drupal 10, indicating a modern CMS infrastructure, and integrates common web technologies such as FontAwesome for icons, YouTube iframe API for video content, Matomo for analytics, and Google Tag Manager for marketing tags. The presence of a cookie consent mechanism via Tarteaucitron shows some attention to privacy compliance, although no explicit privacy or terms of service pages were detected. Security posture is moderate but lacks visible security headers and detailed policies, and WHOIS data is unavailable, limiting domain legitimacy verification. Overall, the site is functional and accessible but would benefit from enhanced transparency and security practices.

A

ADEME

carnetadapt.org

66

CarNet'Adapt is a French government-backed initiative managed by ADEME to create a Caribbean network focused on climate change adaptation, particularly in agriculture and food sectors. The project is co-financed by the Interreg Caraïbes program and involves multiple regional partners. The website is bilingual, professionally designed, and provides comprehensive information about the project, partners, events, and resources. Technically, the site is built on Drupal 10 and uses Cloudflare DNS services, though DNSSEC is not enabled. Security posture is adequate with HTTPS and domain protection flags but lacks published security policies and some security headers. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Contact is primarily via a web form, with no direct emails or phone numbers published. Overall, the site is trustworthy, well-maintained, and serves a niche governmental and non-profit audience.

B

Bureau Veritas

bureauveritas.hr

66

Bureau Veritas Croatia is a local branch of the global Bureau Veritas group, a leader in testing, inspection, and certification services since 1828. The website presents a professional and comprehensive overview of their services across multiple industries including energy, transport, manufacturing, finance, and government sectors. The company targets businesses requiring compliance and certification services, offering a broad portfolio including management system certification, product certification, inspection, and training. Technically, the website is built on Drupal 10, uses modern consent management tools, and integrates Google Tag Manager for analytics. The site is well-structured, mobile-optimized, and includes GDPR-compliant cookie consent mechanisms. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policy and incident response information are not published. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

J&J MedTech operates as a global healthcare technology provider specializing in medical devices and solutions for healthcare professionals. The website serves as a multilingual portal offering localized content across multiple regions including North America, Asia Pacific, Europe, Middle East & Africa, and Latin America. The company is positioned as a large enterprise under the Johnson & Johnson corporate umbrella, targeting healthcare professionals with a B2B business model. The site demonstrates consistent branding and professional content quality, supporting its market position as a leading medical technology provider. Technically, the website leverages modern web technologies including Drupal 10 as its CMS and React for dynamic components, supported by analytics and tracking tools such as Google Tag Manager and Hotjar. The site is mobile optimized and accessible, with good SEO practices evident from meta tags and structured content. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR compliance. However, explicit security headers are not evident in the HTML content, and no public security policy or incident response information is provided. The absence of WHOIS data for the domain is a notable anomaly that reduces trustworthiness and warrants further investigation. Overall, the website presents a professional and trustworthy front for J&J MedTech, but improvements in transparency around security policies, contact information, and domain registration details are recommended to enhance credibility and compliance.

The website 'Demokratisk bæredygtighed' is a professional initiative by VELUX FONDEN focusing on the intersection of democracy and sustainability. It serves as a platform for research, knowledge sharing, and community engagement around democratic sustainability challenges and solutions in Denmark. The site is well-structured, content-rich, and targets researchers, practitioners, and citizens interested in sustainable democratic transformation. Technically, it is built on Drupal 10 with a custom theme, includes multimedia content, and uses privacy-friendly analytics (Plausible). However, it lacks explicit privacy, cookie, and terms of service policies, and no direct contact information is provided on the site. Security headers are not detected, and the WHOIS data shows an unusual future domain creation date, which may be a data anomaly or pre-registration. Overall, the site is credible and trustworthy but would benefit from enhanced privacy compliance and security best practices.

I

IBA Group

iba-worldwide.com

68

IBA Group is a globally recognized leader in particle accelerator technology, specializing in healthcare and industrial applications. Their business focuses on innovative solutions for cancer diagnosis and treatment, including proton therapy, dosimetry, radiopharma, and industrial sterilization. The company targets healthcare providers and industrial clients with a B2B model, supported by multiple specialized subsidiary domains. Technically, the website is built on Drupal 10 with modern analytics and consent management tools, offering a professional and mobile-optimized user experience. Security posture is good with HTTPS and privacy compliance, though lacks explicit security policies and incident response information. The WHOIS data is missing or unavailable, which raises some concerns about domain registration legitimacy despite the professional web presence. Overall, the site is trustworthy, well-branded, and content-rich, suitable for its target audience.

A

Adaptive Web Ltd

adaptive.co.uk

70

Adaptive Web Ltd is a specialized Drupal agency based in the Midlands, UK, focusing on Drupal website support, development, hosting, AI integration for Drupal, and performance and security optimization. The company positions itself as an experienced service provider catering to businesses seeking Drupal-related digital solutions. The website reflects a professional and modern technical infrastructure built on Drupal 10 with Commerce 2, enhanced by marketing and analytics tools such as HubSpot, Google Tag Manager, and Visual Website Optimizer. Cookie consent is managed via Cookiebot, indicating attention to privacy compliance. However, the absence of explicit privacy and terms of service policies on the homepage and the lack of visible contact information limit transparency. The WHOIS data is unavailable and shows an error indicating the domain cannot be registered due to naming rules, which is inconsistent with the website's live status and reduces trustworthiness. Security posture is moderate, with HTTPS implied but no explicit security headers detected. Overall, the website is functional and professional but would benefit from improved transparency and security practices.

I

Institut du monde arabe

imarabe.org

63

Institut du monde arabe is a well-established cultural and educational institution based in France, dedicated to promoting the knowledge and understanding of the Arab world through exhibitions, language courses, library services, and cultural events. The website reflects a mature digital presence with comprehensive content, clear navigation, and multilingual support focused on French. Technically, the site is built on Drupal 10, uses modern multimedia elements, and integrates cookie consent and analytics tools responsibly. Security posture is good with HTTPS and cookie consent mechanisms, though some HTTP security headers and incident response contacts are missing. The WHOIS data is unavailable due to malformed query output, which limits domain trust verification but the website content and external links strongly indicate legitimacy. Overall, the site is professional, trustworthy, and serves a broad audience including families, professionals, educators, and researchers.

A

American College of Physicians

acponline.org

70

The American College of Physicians (ACP) is a large, well-established professional medical organization focused on internal medicine. It serves a global membership of over 162,000 physicians, subspecialists, and medical students, providing advocacy, education, clinical guidance, and certification resources. The website reflects a mature digital presence with comprehensive content, professional design, and clear navigation tailored to healthcare professionals. Technically, the site is built on Drupal 10 and integrates modern analytics and marketing tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced and secure forms, though explicit security headers and policies could be improved. Privacy compliance is evident with a detailed privacy policy and cookie consent mechanisms. WHOIS data is unavailable due to privacy protection, which is typical for such organizations. Overall, the site is trustworthy, professional, and well-positioned in its market.

COPE (Committee on Publication Ethics) is a well-established non-profit membership organization dedicated to promoting integrity in scholarly research and publication. Founded in 2008, it serves the global scholarly publishing community by providing guidance, tools, events, and forums to uphold ethical standards. The website reflects a professional and comprehensive digital presence with clear navigation, rich content, and a strong brand identity. Technically, the site is built on Drupal 10, uses Cloudflare DNS, and integrates modern analytics and consent management tools, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement, domain protection statuses, and bot mitigation via Google reCAPTCHA, though enabling DNSSEC and explicit security headers would enhance security further. Privacy compliance is robust, featuring a comprehensive cookie policy and consent mechanism aligned with GDPR requirements. Overall, the site demonstrates high professionalism, trustworthiness, and a commitment to ethical standards in scholarly publishing.

I

IFAC

ifac.org

11

IFAC is a globally recognized non-profit organization dedicated to serving the public interest by strengthening the accountancy profession worldwide. It provides international standards, professional guidance, and advocacy to support accounting professionals and related stakeholders. The website reflects IFAC's authoritative position with comprehensive content, professional design, and a clear focus on compliance and governance. Technically, the site is built on Drupal 10, leveraging modern analytics and marketing tools while maintaining strong privacy and cookie consent mechanisms. Security posture is robust with HTTPS, cookie security, and no evident vulnerabilities, although explicit security headers could be enhanced. Overall, IFAC's digital presence aligns well with its mission and market position, offering a trustworthy and professional user experience.

V

VELUX FONDEN

veluxfonden.dk

11

VELUX FONDEN is a well-established Danish non-profit foundation founded in 1999, dedicated to supporting democratic and sustainable societal development through grants in research, social initiatives, culture, and environmental projects. The website is professionally designed using Drupal 10, featuring comprehensive content, clear navigation, and mobile optimization. Security posture is good with HTTPS enabled and no visible vulnerabilities, though improvements can be made by enabling DNSSEC and security headers. Privacy compliance is strong with a detailed privacy policy and GDPR adherence, but lacks a cookie consent mechanism. Overall, the foundation demonstrates high business credibility and trustworthiness with transparent contact information and governance disclosures.

V

Velux Foundations

veluxfoundations.dk

59

Velux Foundations is a Danish non-profit organization associated with VELUX FONDEN and Villum Fonden, focusing on philanthropic foundation activities. The website serves as a portal to these foundations, providing basic information and navigation. The site is built on Drupal 10, uses SVG logos for branding, and employs Plausible Analytics for privacy-conscious visitor tracking. The technical infrastructure is modern and mobile-optimized, though some security best practices such as security headers and DNSSEC are not implemented. No privacy or cookie policies are present, and no contact information is provided on the main page, which limits transparency and user trust. The domain is well-established since 2009, registered with a reputable registrar, and consistent with the website's branding and purpose.

J

JTRE a.s.

ganzhouse.com

55

Ganz House is a premium real estate development project located in the heart of Bratislava, Slovakia, operated by JTRE a.s. The website showcases luxury residences, boutique offices, and commercial spaces, emphasizing sustainability and advanced building certifications such as BREEAM and WELL. The site targets affluent buyers and tenants seeking high-end urban living and working environments. Technically, the website is built on Drupal 10 with modern JavaScript libraries for animations and user experience enhancements. It features responsive design, accessibility considerations, and GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforcement, anti-bot protections on forms, and domain transfer restrictions, though DNSSEC and additional security headers could be improved. Overall, the site presents a professional, trustworthy, and well-maintained digital presence aligned with its luxury real estate market positioning.

J

JTRE a.s.

ganzhouse.sk

51

Ganz House is a premium real estate development project by JTRE a.s., offering luxury residences, boutique offices, and exclusive commercial spaces in Bratislava's downtown. The website reflects a high level of professionalism with comprehensive content, modern design, and clear navigation targeting affluent buyers and business professionals. Technically, the site uses Drupal 10 CMS with modern JavaScript libraries, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, DNSSEC, and anti-bot protections, though additional HTTP security headers and a published security policy would enhance trust. Privacy compliance is well addressed with GDPR-aligned privacy and cookie policies and explicit consent mechanisms. Overall, the domain registration data supports the legitimacy of the business, with consistent WHOIS information and appropriate domain age.

G

G.U.T.-GRUPPE

gut-gruppe.de

55

G.U.T.-GRUPPE is a German-based consortium of experienced family-owned companies specializing in building and environmental technology wholesale. The company emphasizes sustainability, innovation, and digital services such as their DigitalBox and FinanzBox, positioning itself as a strong partner for craftsmen, planners, suppliers, and wholesalers. The website reflects a mature digital presence built on Drupal 10, with modern UX features and GDPR-compliant cookie management via Usercentrics. Security posture is solid with HTTPS and compliance pages, though some security headers and incident response contacts could be improved. Overall, the site is professional, trustworthy, and well-structured, supporting the company's market position in the energy and manufacturing sectors.

H

Hrvatska turistička zajednica

htz.hr

58

The website www.htz.hr is the official portal of the Croatian National Tourist Board (Hrvatska turistička zajednica), a government entity dedicated to promoting tourism in Croatia. It provides comprehensive information on tourism projects, support programs, market insights, business events, and promotional materials. The site targets tourism professionals, businesses, and stakeholders within the Croatian tourism sector. The business model is government-driven, focusing on national tourism promotion and support. The website is well-branded, consistent, and professionally maintained with a large content base and multilingual support.

S

Saint-Gobain España

saint-gobain.es

55

Saint-Gobain España operates as the Spanish branch of the global Saint-Gobain group, specializing in manufacturing and distributing construction materials and sustainable building solutions. The website reflects a mature enterprise with a strong focus on sustainability, innovation, and market leadership in Spain. The digital presence is professional, well-structured, and optimized for multiple devices, targeting construction professionals and stakeholders interested in sustainable construction. Technically, the website is built on Drupal 10, leveraging modern analytics and tracking tools such as Google Tag Manager and Microsoft Clarity. The site employs HTTPS and cookie consent mechanisms, indicating compliance with privacy regulations like GDPR. However, explicit security headers and a published security policy are absent, representing an area for improvement. Security posture is solid with no evident vulnerabilities or exposed sensitive data, but the lack of incident response contact information and vulnerability disclosure mechanisms suggests room for enhancement in security transparency and readiness. Overall, the website is trustworthy, with strong brand consistency and multiple trust signals including official social media accounts and comprehensive privacy policies. Recommendations include adding security headers, publishing a security policy and incident response contacts, and implementing a vulnerability disclosure program to further strengthen security posture and stakeholder trust.

R

Rigips GmbH

rigips.de

62

Rigips GmbH is a leading German manufacturer specializing in sustainable drywall and building materials for walls, ceilings, floors, and facades. As part of the Saint-Gobain group, it holds a strong market position with a comprehensive product portfolio and a focus on environmentally friendly construction solutions. The website targets construction professionals, architects, and distributors, providing product information, technical downloads, and a dealer locator. Technically, the site is built on Drupal 10, employs modern tracking and consent tools, and is hosted on reliable infrastructure. Security posture is strong with HTTPS, security headers, and no exposed vulnerabilities detected. Privacy compliance is well addressed with detailed policies and consent mechanisms. Overall, the site demonstrates good digital maturity, professional design, and trustworthy business representation.

S

SolarEdge

solaredge.com

72

SolarEdge is a globally leading provider of smart energy technology solutions, specializing in photovoltaic systems, energy storage, electric vehicle charging, and energy optimization. The company targets residential, commercial, and utility sectors with advanced energy solutions. The website reflects a mature digital presence built on Drupal 10, integrating modern analytics and marketing tools such as Google Tag Manager and Microsoft Clarity, indicating a well-maintained technical infrastructure. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and no visible vulnerabilities, although explicit security policies and incident response contacts are not publicly available. Overall, the website presents a professional and trustworthy image, though the absence of WHOIS registrant data slightly reduces domain trustworthiness.

Eurovea Riverside is a residential real estate project by JTRE a.s., located in Bratislava, Slovakia, offering luxury apartments with river views as part of the larger Eurovea City development. The website is professionally designed using Drupal 10, with modern analytics and marketing tools integrated, including Google Analytics, Google Tag Manager, and Google reCAPTCHA v3 for form security. The site demonstrates good privacy compliance with a comprehensive privacy policy and cookie consent mechanism. Security posture is strong with HTTPS, DNSSEC, and anti-bot protections, though explicit security headers and incident response policies are not published. Contact information is clear and accessible, supporting business credibility. Overall, the website is trustworthy, well-maintained, and suitable for its target audience.

J

JTRE a.s.

euroveacity.sk

51

Eurovea City is a premier real estate development project in Bratislava, Slovakia, managed by JTRE a.s. The website showcases a comprehensive portfolio of residential, office, shopping, and leisure projects, including Slovakia's first skyscraper, Eurovea Tower. The site is professionally designed, mobile-optimized, and uses modern technologies such as Drupal 10, Google Analytics, and Facebook Pixel. Privacy and cookie compliance are well implemented, with clear policies and consent mechanisms. Security posture is strong with HTTPS, DNSSEC, and reCAPTCHA, though some security headers could be improved. Contact information is complete and transparent, supporting business credibility. Overall, the website reflects a mature digital presence aligned with a large real estate business.

K

Kleintheater Schlösslekeller

schloesslekeller.li

59

Kleintheater Schlösslekeller is a small cultural theater venue located in Vaduz, Liechtenstein, offering a variety of cultural events including concerts, readings, and theater performances. The website serves as an information and ticketing portal for local audiences interested in cultural activities. The business operates likely as a community or non-profit entity supported by sponsors and ticket sales. Technically, the website is built on Drupal 10 with modern frontend frameworks and uses Matomo for privacy-conscious analytics. The site is mobile optimized and accessible, with clear navigation and good content quality. Security posture is solid with HTTPS enforced and anti-bot measures on forms, though some security headers and vulnerability disclosures are missing. Privacy compliance is adequate with a privacy policy present but lacks a cookie consent mechanism. Overall, the domain registration details align well with the business claims, indicating legitimacy and trustworthiness.

S

Stadtwerke Schwerin GmbH

swsn.de

49

Stadtwerke Schwerin GmbH is a regional utility provider based in Germany, offering a broad range of services including electricity, gas, heating, fiber-optic internet, and water supply. The company positions itself as a reliable and experienced service provider with over 30 years of operation, targeting both private and business customers in the Schwerin region. Their business model focuses on comprehensive energy and telecommunications services with customer-centric portals and digital tools such as tariff calculators. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its audience. Technically, the website is built on Drupal 10, leveraging modern web technologies and privacy-focused analytics via Matomo with cookies disabled. The presence of Usercentrics consent management indicates a strong commitment to GDPR compliance and user privacy. The site uses HTTPS and shows good security practices, although explicit security headers and a published security policy are not evident. No security incidents or vulnerabilities are visible in the content. Overall, the security posture is solid with room for improvement in publishing incident response contacts and security policies. The domain WHOIS data is minimal but does not raise concerns, aligning with the company's regional and established presence. Privacy and cookie policies are comprehensive and implemented with consent mechanisms. The site is free from adult or questionable content, making it safe for general audiences. Strategically, the company should consider enhancing transparency around security policies and incident response to further build trust. Continued investment in technical modernization and privacy compliance will support their market position as a trusted regional utility provider.

J

JTRE a.s.

euroveatower.sk

10

Eurovea Tower is a premium real estate project by JTRE a.s., offering luxury residential apartments in Bratislava. The website presents a professional and well-branded digital presence with clear business information and contact details. The technical infrastructure is modern, leveraging Drupal 10 CMS, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site is mobile optimized and SEO friendly. Security posture is good with HTTPS and DNSSEC enabled, though some security headers could be improved. Privacy compliance is addressed with a cookie consent mechanism and a basic privacy policy. No critical vulnerabilities or suspicious content were detected, indicating a trustworthy and legitimate business website.

J

JTRE a.s.

jtre.sk

53

JTRE a.s. is a leading real estate development company based in Slovakia with a strong presence in the Central and Eastern European market. The company specializes in a wide range of real estate projects including residential, office, multifunctional, hotel, retail, and industrial developments. Their website reflects a mature and professional business with a clear market position and extensive project portfolio. The content is well-structured, professionally designed, and targets investors, tenants, and clients interested in real estate development in the region. Technically, the website is built on Drupal 10 with modern JavaScript libraries and tracking tools, ensuring good mobile optimization and user experience. Security posture is solid with HTTPS and DNSSEC enabled, though some security headers could be improved. Privacy compliance is strong with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Overall, the website and business demonstrate high credibility and trustworthiness.

D

digitales MV

digitalesmv.de

67

digitales MV is a government-supported digital innovation and community platform focused on Mecklenburg-Vorpommern, Germany. It serves as a hub for information dissemination, event promotion, and fostering digital competencies across various sectors including government, business, and academia. The platform is well-positioned regionally with strong branding and partnerships, leveraging modern web technologies such as Drupal 10 and integrating multimedia and interactive widgets to engage its audience effectively. Technically, the website is well-implemented with good mobile optimization, accessibility, and SEO practices, though hosting provider details are not explicit. Security posture is strong with HTTPS and security headers in place, but lacks explicit security policies or incident response information. Privacy compliance is robust with clear cookie consent mechanisms and a comprehensive privacy policy in German. Overall, digitales MV presents a professional, trustworthy, and content-rich digital presence aligned with its mission to promote digital transformation in the region.

P

Paysan Breton

paysanbretoncharcuterie.com

56

Paysan Breton is a French brand specializing in charcuterie products made from 100% Breton pork, raised by cooperative farmers emphasizing quality, sustainability, and regional economic development. The website presents a professional and consistent brand image, targeting general consumers interested in authentic regional food products. Technically, the site is built on Drupal 10 with modern JavaScript libraries and includes GDPR-compliant cookie management. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and parent company linkage to Eureden support its authenticity. Security posture is moderate with cookie consent implemented but lacking visible security headers and explicit contact information on the homepage. Overall, the site is well-designed and functional but would benefit from enhanced security practices and clearer business contact details.

P

Paysan Breton

paysanbretonsurgeles.com

59

Paysan Breton Les Surgelés is a cooperative brand specializing in frozen vegetables and prepared vegetable mixes cultivated by a network of Breton farmer-cooperators. The brand emphasizes quality, freshness, and sustainable agricultural practices, targeting general consumers primarily in France. The website is built on Drupal 10 and uses modern web technologies with good mobile optimization and user experience. Privacy and cookie compliance are well implemented with a comprehensive cookie consent mechanism. Security posture is solid with HTTPS enforced, though some security headers are missing and no explicit security or incident response policies are published. The absence of WHOIS data for the domain is unusual and may indicate a registration or data retrieval issue, warranting further verification. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, serving as a credible digital presence for the cooperative brand.

H

Hrvatski sabor

sabor.hr

60

Hrvatski sabor is the official legislative body of the Republic of Croatia, providing comprehensive information about parliamentary activities, legislative processes, and public services. The website serves citizens, government officials, media, and researchers by offering access to session schedules, legislative documents, press releases, and educational resources. It holds a strong market position as the authoritative source for Croatian parliamentary information. Technically, the website is built on Drupal 10, leveraging modern web technologies and ensuring good mobile optimization and accessibility, including an integrated accessibility widget. The hosting is managed by CARNET, a reputable Croatian academic and research network, ensuring reliable infrastructure. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR. While explicit security headers are not fully visible in the HTML, the overall posture is strong with no exposed sensitive data or vulnerable libraries detected. However, the site lacks a published security policy, incident response information, and vulnerability disclosure mechanisms, which are recommended for enhanced security maturity. Overall, Hrvatski sabor's website is professional, trustworthy, and compliant with privacy regulations, making it a reliable platform for public legislative information. Strategic improvements in security transparency and incident response readiness would further strengthen its security posture.

B

Blumenfabrik Coworking & Eventspace GmbH

blumenfabrik.at

11

Blumenfabrik Coworking & Eventspace GmbH operates a sustainable coworking and event space located in Vienna, Austria. The company targets individuals and organizations interested in sustainability, climate protection, and community engagement. Their business model focuses on providing flexible workspaces and event venues with a strong emphasis on environmental friendliness and social inclusivity. The website reflects a niche market position with a clear community and sustainability focus, supported by professional content and branding.

S

Stadtwerke Schwerin GmbH

stadtwerke-schwerin.de

50

Stadtwerke Schwerin GmbH is a regional utility provider delivering electricity, gas, heat, fiber-optic internet, and water services primarily to customers in Schwerin, Germany. The company positions itself as a reliable and experienced service provider with over 30 years in the market, emphasizing personal customer service and sustainable regional engagement. Their website targets both private and business customers, offering detailed product information, customer portals, and interactive tariff calculators. Technically, the site is built on Drupal 10, uses Matomo for analytics, and integrates Usercentrics for cookie consent management, reflecting a modern and privacy-conscious digital infrastructure. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers could be improved. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the website is professional, well-structured, and trustworthy, supporting the company's market position as a key regional energy and telecommunications provider.

M

MANDARIN CARE

mandarin-care.de

58

MANDARIN CARE is a specialized digital transformation partner focused on the healthcare and social economy sectors in Germany. The company offers services including employer branding, digital recruiting, digital communication, marketing, and IT services tailored to organizations such as social welfare associations, healthcare providers, municipalities, and public administration. Their market position is that of a niche provider with a professional and consistent brand presence supported by a well-structured and mobile-optimized website. Technically, the website is built on Drupal 10, leveraging modern web technologies and integrating comprehensive cookie consent management aligned with GDPR requirements. The site demonstrates good SEO, accessibility, and performance characteristics, with active use of analytics and marketing tools such as Google Analytics and Facebook Pixel, managed through a granular consent mechanism. From a security perspective, the site enforces HTTPS and integrates consent-based tracking controls but lacks explicit security policy documentation and incident response contacts. No critical vulnerabilities or suspicious patterns were detected, though security headers could be improved. WHOIS data is minimal but consistent with the business identity, supporting legitimacy. Overall, the website and business demonstrate a mature digital presence with strong privacy compliance and professional credibility. Strategic improvements could focus on enhancing security transparency and incident response readiness to further strengthen trust and compliance.

S

sweet & salty

sweet-and-salty.de

55

sweet & salty is a specialized German agency focused on content marketing and corporate journalism, delivering high-quality, data-driven storytelling services to businesses with a strong value orientation. The company positions itself as a premium provider emphasizing handcrafted content and deep research, targeting clients who seek meaningful and sustainable content strategies. Technically, the website is built on Drupal 10, employs Google Tag Manager for analytics, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS and anti-bot measures, though lacks explicit security headers and incident response information. Privacy compliance is strong with clear GDPR-aligned policies and cookie consent mechanisms. Overall, the site presents a professional and trustworthy digital presence with moderate technical and security maturity.

B

BNW Bundesverband Nachhaltige Wirtschaft e.V.

bnw-bundesverband.de

61

BNW Bundesverband Nachhaltige Wirtschaft e.V. is a well-established German non-profit association founded in 1992, focused on promoting sustainable and socially responsible economic practices. It serves as a network and political voice for progressive companies committed to ecological and social transformation. The website is professionally designed using Drupal 10, optimized for mobile, and includes rich content such as member testimonials, news, and event information. The technical infrastructure is modern and hosted by Hetzner, with good performance and accessibility standards. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers and explicit incident response policies are not visible. The domain registration is consistent with the organization's history and location, indicating legitimacy and trustworthiness.

N

National Education Union

neu.org.uk

62

The National Education Union (NEU) is a prominent UK-based education union focused on representing teachers and education professionals. The website serves as a comprehensive platform for member services, campaigns, advice, training, and union news. It targets education sector professionals and union members, positioning itself as a leading union organization with a strong advocacy role. The business model is non-profit, centered on member support and campaigning for better education funding and teacher pay. Technically, the website is built on Drupal 10 with Commerce 2, leveraging modern analytics and marketing tools such as Google Tag Manager and Microsoft Clarity. The site is hosted by 123-Reg Limited and demonstrates good performance, mobile optimization, and accessibility. The presence of structured navigation, meta tags, and SEO best practices indicates a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs standard security headers, and integrates a cookie consent mechanism compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the NEU website is professional, trustworthy, and well-maintained, with a high legitimacy score supported by consistent WHOIS data. The site effectively balances user experience, privacy compliance, and security, making it a reliable resource for its audience.

G

Groupe Interaction

interaction-interim.com

55

Interaction Interim is a French staffing agency specializing in interim employment across multiple sectors including transport, logistics, industry, healthcare, building, and commerce. The company operates a professional and content-rich website built on Drupal 10, featuring job offers, training programs, and benefits for temporary workers. The site is well-structured, mobile-optimized, and includes GDPR-compliant privacy and cookie policies. Analytics and tracking are implemented via Matomo, Google Tag Manager, Hotjar, and Facebook Pixel, indicating a mature digital marketing approach. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, though the absence of a published security policy and incident response information is noted. WHOIS data is unavailable, which raises some questions about domain registration transparency, but the website content and branding suggest a legitimate business presence. Overall, the site scores well on content quality, technical implementation, and business credibility, with recommendations to improve security transparency and WHOIS data availability.

F

Felix Burda Stiftung

felixburda.de

56

The Felix Burda Stiftung is a well-established German non-profit organization dedicated to the prevention and early detection of colorectal cancer. Founded in 2001 by Dr. Christa Maar and Prof. Dr. Hubert Burda, it honors their son Felix Burda who died of colorectal cancer. The foundation is a recognized leader in health awareness campaigns, digital health tools, and advocacy within Germany. Their website reflects a mature digital presence built on Drupal 10, featuring comprehensive content, multimedia, and strong privacy compliance mechanisms including GDPR-aligned cookie consent. Contact information and social media presence are transparent and professional. Security posture is good with HTTPS and consent-based tracking, though some security headers could be improved. Overall, the site is trustworthy, user-friendly, and serves a broad audience interested in health prevention.

I

Instituto de la Juventud (Injuve)

injuve.es

65

Instituto de la Juventud (Injuve) is a Spanish government agency dedicated to youth policies and programs. It operates under the Ministry of Youth and Childhood and offers a wide range of services including grants, awards, youth information centers, and international youth programs such as Erasmus+. The website is well-structured, multilingual, and professionally designed to serve young people and youth organizations in Spain. Technically, the site uses Drupal 10 with modern frontend frameworks and integrates Google Tag Manager for analytics. Security posture is adequate with HTTPS and no visible vulnerabilities, though security headers could be improved. Privacy and cookie policies are present and GDPR compliant. Overall, the site is trustworthy, transparent, and serves its public sector mission effectively.

E

Envision Saint John: The Regional Growth Agency

discoversaintjohn.com

56

Discover Saint John is a professionally developed regional tourism website operated by Envision Saint John: The Regional Growth Agency. It serves as a comprehensive portal for visitors to explore events, accommodations, and trip planning resources in the Saint John Region of New Brunswick, Canada. The website is well-positioned as a regional tourism authority with a strong digital presence and multiple marketing integrations. Technically, the site is built on Drupal 10 with modern web technologies and is optimized for mobile and accessibility. Security posture is good with HTTPS and privacy policies in place, though explicit security headers and incident response information are lacking. The absence of WHOIS data introduces some uncertainty about domain registration legitimacy, but the site content and branding indicate a trustworthy and established organization. Overall, the website demonstrates a mature digital infrastructure supporting regional tourism promotion with room for security and compliance enhancements.

F

Four Agency Worldwide Limited

joipolloi.com

72

Four Agency Worldwide Limited is a UK-based creative technology agency that acquired Joi Polloi in 2022, integrating their team into its award-winning Creative Technology Unit. The company specializes in building interactive content, immersive experiences, and digital platforms for clients primarily in the cultural and media sectors. Their portfolio includes work for notable clients such as the BBC, Channel 4, and the Natural History Museum, positioning them as a reputable player in the creative technology industry. The website reflects a professional and consistent brand image with comprehensive service offerings and client case studies. Technically, the website is built on Drupal 10 and leverages modern analytics and marketing tools including HubSpot, Microsoft Clarity, and Google Tag Manager. It is mobile-optimized, accessible, and includes a cookie consent mechanism aligned with GDPR requirements. The site demonstrates good SEO practices and performance, although explicit hosting provider details are not disclosed. From a security perspective, the site enforces HTTPS and employs cookie consent banners, but lacks visible security headers and explicit incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable or privacy protected, which is common for businesses of this type and size, and does not detract from the site's legitimacy given the professional content and clear contact information. Overall, the website presents a secure, compliant, and credible digital presence for Four Agency Worldwide Limited, with room for improvement in security transparency and incident response readiness.

J

JINT

jint.be

55

JINT is a Belgian non-profit organization serving as the National Agency for Erasmus+ Youth and the European Solidarity Corps in Flanders. It coordinates youth exchange programs and supports youth organizations with project guidance, information, and events. The website reflects a mature digital presence with a modern Drupal 10 CMS, good mobile optimization, and clear navigation. It integrates GDPR-compliant privacy and cookie policies with consent management. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response information are not publicly detailed. WHOIS data is restricted, which is common for privacy reasons but limits domain transparency. Overall, JINT presents a trustworthy and professional online presence aligned with its government and non-profit sector role.

E

EURAXESS Croatia

euraxess.hr

70

EURAXESS Croatia is a national portal affiliated with the European Commission, providing comprehensive information and personalized support services to researchers and their families to facilitate mobility and career development within Croatia and Europe. The platform offers job listings, funding opportunities, and practical guidance on visas, healthcare, accommodation, and other essential topics. The website targets researchers, entrepreneurs, research organizations, and businesses, positioning itself as a key facilitator in the European research ecosystem. Technically, the website is built on Drupal 10, leveraging modern web technologies and adhering to good practices in mobile optimization, accessibility, and SEO. Hosting appears to be managed by CARNET, a Croatian academic and research network, which aligns with the domain registration data. The site performs moderately well with a clean, professional design and clear navigation. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism, reflecting compliance with GDPR and privacy standards. However, there is room for improvement in security headers and publishing explicit security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Overall, EURAXESS Croatia presents a trustworthy, professional, and well-maintained online presence that effectively serves its target audience. Strategic recommendations include enhancing security headers, publishing a security policy, and expanding contact information to improve transparency and user trust.

O

Opetushallitus

oph.fi

67

Opetushallitus is the Finnish National Agency for Education, serving as a key government authority responsible for early childhood education, school curricula, lifelong learning, and internationalization in education. The website reflects a mature digital presence with comprehensive educational content, services, and resources targeted at educators, students, and organizations within Finland and internationally. The site is built on Drupal 10, employs modern web technologies, and demonstrates good mobile optimization and accessibility standards. Privacy and cookie policies are clearly presented with consent mechanisms in place, indicating compliance with GDPR requirements. Security posture is strong with HTTPS enforced and appropriate security headers detected. No critical vulnerabilities or suspicious activities were found. Overall, the website is professional, trustworthy, and well-aligned with its role as a national education authority.

C

CIDJ

cidj.com

66

CIDJ.com is a French educational and informational website focused on providing resources related to studies, careers, internships, and youth orientation. The site targets students, young adults, parents, and educators, offering articles, job listings, and newsletters. Technically, the site is built on Drupal 10 and integrates modern web technologies including Google Tag Manager, Matomo analytics, and consent frameworks for cookie management. The website is mobile-optimized and accessible with a professional design and clear navigation. Security-wise, the site uses HTTPS and consent mechanisms but lacks explicit security headers and published privacy or incident response policies. The WHOIS data for the domain is unavailable, which slightly impacts trust but the website content and structure support legitimacy. Overall, CIDJ.com presents a solid digital presence with room for improvement in transparency and security best practices.

O

Opetushallitus

cimo.fi

67

Opetushallitus is the Finnish National Board of Education, serving as a key government agency responsible for early childhood education, school curricula, lifelong learning, and internationalization services in Finland. The website reflects a mature digital presence with comprehensive educational content, funding information, and international cooperation programs. The site is built on Drupal 10, leveraging modern web technologies and strong privacy controls, including cookie consent management and minimal user tracking. Security posture is robust with HTTPS enforcement and best practices in place, though explicit security headers could be enhanced. Contact information is transparent and includes phone numbers, physical address, and social media channels, reinforcing trust and accessibility. Overall, the website is professional, well-structured, and highly trustworthy, serving a broad audience of educators, students, and institutions.

J

JINT vzw

gostrange.be

63

Go Strange! is a Belgian non-profit platform operated by JINT vzw, dedicated to guiding Flemish youth towards intercultural experiences abroad. The website offers comprehensive information on scholarships, group exchanges, internships, studying abroad, language learning, volunteering, and working holiday opportunities. The platform targets young people in Flanders, providing free resources to facilitate international cultural engagement. Technically, the site is built on Drupal 10, leveraging modern front-end libraries and Google Analytics for user insights. The site is mobile-optimized and accessible, with a cookie consent mechanism compliant with EU regulations. Security posture is adequate with HTTPS enabled, but lacks some security headers and explicit security policies. WHOIS data confirms a long-established domain consistent with the organization's history, enhancing trustworthiness. Overall, the site is professional, user-friendly, and trustworthy, serving its educational mission effectively.

C

City of Saint John

saintjohn.ca

63

The City of Saint John website serves as the official digital presence for the municipal government of Saint John, New Brunswick. It provides residents, businesses, and visitors with comprehensive information on city services, transit, community events, public safety, and governance. The site positions itself as a trusted source for local news, emergency alerts, and civic engagement platforms, targeting a broad audience within the city and surrounding areas. Technically, the website is built on Drupal 10, leveraging modern web technologies including Google Analytics for user tracking and Google Maps API for transit and location services. The site is hosted behind Cloudflare DNS and CDN services, ensuring reliable performance and security. Mobile optimization and accessibility features are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs domain transfer protections. However, it lacks advanced security headers and does not provide publicly accessible security or incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. No vulnerabilities or suspicious content were detected. Overall, the website demonstrates a solid business credibility and technical foundation suitable for a government entity, but could improve in privacy compliance and security transparency to enhance trust and regulatory adherence.