Security Directory

H

Hamburger Triathlonverband

triathlonhamburg.de

54

The Hamburger Triathlonverband website serves as the official digital presence of the regional triathlon association in Hamburg, Germany. It provides comprehensive information about triathlon events, youth programs, training, and organizational matters. The site targets athletes, clubs, and sports enthusiasts within the Hamburg region, offering event calendars, news updates, and resources for members. The business model is that of a non-profit sports federation focused on community engagement and sport promotion. Technically, the website is built on Drupal 10, leveraging modern web standards and technologies. It is hosted on servers associated with rzone.de, indicating a professional hosting environment. The site is mobile-optimized, accessible, and SEO-friendly, with structured navigation and rich content. Google Analytics is used for anonymized statistical tracking, integrated with a GDPR-compliant cookie consent mechanism. From a security perspective, the site enforces HTTPS and includes a Content-Security-Policy nonce, indicating attention to security best practices. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not present, representing areas for improvement. No vulnerabilities or suspicious content were detected, and the domain registration appears consistent with the organization's profile. Overall, the website is professional, trustworthy, and well-maintained, with strong compliance to privacy regulations. Strategic recommendations include publishing security and incident response policies, adding terms of service, and enhancing security headers to further strengthen the security posture.

L

Landesjugendring Berlin

ljrberlin.de

46

The Landesjugendring Berlin website serves as the digital presence of a non-profit umbrella organization representing 37 youth associations in Berlin. It focuses on youth political engagement, training programs such as Juleica, and project support. The website is built on Drupal 10 and employs Matomo analytics, reflecting a privacy-conscious approach. The site is well-structured, mobile-optimized, and provides clear navigation for its target audience of youth and youth organizations in Berlin. However, the absence of an explicit privacy policy and terms of service pages limits full compliance transparency. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks advanced security headers and incident response information.

N

Nasscom

nasscom.in

70

Nasscom is a well-established, not-for-profit industry association representing the Indian IT BPM sector, with over 3,000 members and a market influence over a $282.6 billion industry. The website effectively communicates its mission to empower members through policy advocacy, industry insights, skilling, and networking events. Technically, the site is built on Drupal 10 with modern front-end frameworks and integrates multiple analytics and monitoring tools, indicating a mature digital infrastructure. Security posture is strong with HTTPS, CAPTCHA protections, and security headers, though explicit security policies and incident response details are absent. Privacy compliance is partial, lacking a visible cookie consent mechanism despite tracking scripts. Overall, the site is professional, trustworthy, and well-positioned in its market niche.

F

Financial Conduct Authority

fca.org.uk

66

The Financial Conduct Authority (FCA) is the UK's independent financial regulatory body responsible for overseeing financial services firms and markets to ensure consumer protection and market integrity. The website serves as a comprehensive portal for consumers, firms, and stakeholders, offering regulatory guidance, firm authorisation information, consumer alerts, and access to various FCA systems. The FCA operates with a clear mandate to promote competition, protect consumers, and enhance market integrity, funded through fees charged to the financial services industry. Technically, the FCA website is built on Drupal 10, leveraging modern web technologies including Google Tag Manager and New Relic for performance monitoring. The site demonstrates good mobile optimization, accessibility, and SEO practices, providing a professional and user-friendly experience. Security is robust with HTTPS enforced and cookie consent mechanisms in place, although explicit HTTP security headers and a published security policy could enhance the posture further. Despite the absence of WHOIS registration details due to domain naming restrictions, the website's legitimacy is strongly supported by consistent branding, official contact information, and trust indicators such as the Plain Language Commission Gold Award. No security vulnerabilities or suspicious activities were detected in the content or technical configuration. Overall, the FCA website represents a high-quality, authoritative resource for financial regulation in the UK, with strong business credibility and a solid security foundation. Strategic recommendations include enhancing security header implementation, publishing explicit security and incident response policies, and maintaining vigilance on third-party scripts to sustain trust and compliance.

C

Commodity Futures Trading Commission

cftc.gov

68

The Commodity Futures Trading Commission (CFTC) is a U.S. federal government agency responsible for regulating derivatives markets including futures and swaps. The website serves as the official portal for regulatory information, market data, enforcement actions, and consumer protection resources. It targets market participants, industry professionals, and the general public with authoritative content and timely news updates. The CFTC holds a strong market position as the primary derivatives regulator in the United States. Technically, the website is built on Drupal 10 with Bootstrap for responsive design, leveraging modern web technologies and third-party services such as Google Tag Manager and DigitalGov Web Vitals for analytics and performance monitoring. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes multiple security headers. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a cookie consent mechanism and explicit incident response policies suggests room for improvement in privacy compliance and transparency. Overall, the website is trustworthy, professional, and secure, with minor gaps in privacy and security policy disclosures. The incomplete WHOIS data is typical for .gov domains and does not detract from the site's legitimacy. Strategic recommendations include implementing cookie consent, publishing incident response and vulnerability disclosure policies, and adding terms of service to enhance user trust and compliance.

D

Digitale Allianz Typ 2

diabetes-stimme.de

61

The website 'Deine Diabetes-Stimme' represents the Digitale Allianz Typ 2, a coalition of diabetes organizations and medical societies in Germany focused on raising awareness, improving care, and advocating for people with diabetes. The site serves as an informational and community platform with campaigns like #SagEsLaut to increase visibility for people with Type 2 diabetes. Technically, the site is built on Drupal 10, uses Matomo for privacy-conscious analytics, and implements Klaro for cookie consent management, reflecting a modern and privacy-aware infrastructure. Security posture is solid with HTTPS and consent mechanisms, though some HTTP security headers and explicit security policies could enhance protection. Overall, the site is professional, trustworthy, and compliant with GDPR, targeting a general audience interested in healthcare advocacy.

W

werk21 GmbH

werk21system.de

58

werk21 GmbH is a specialized technology company based in Berlin, Germany, focusing on delivering digital sovereignty through open source solutions and secure IT infrastructure. Their offerings include Drupal CMS, BigBlueButton videoconferencing, Nextcloud, AI/GenAI services, and dedicated AI servers, targeting government, political organizations, NGOs, and associations. The company positions itself as a niche provider emphasizing data protection, accessibility, and digital sovereignty. Technically, the website is built on Drupal 10 with modern libraries such as Font Awesome and Matomo analytics, complemented by a GDPR-compliant cookie consent manager (Klaro). The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security-wise, the site enforces HTTPS, uses CAPTCHA on forms, and disables cookies in analytics to protect privacy. However, explicit security headers and incident response contacts are not published, representing areas for improvement. Overall, the domain registration data aligns well with the website content, supporting legitimacy and trustworthiness.

D

diabetesDE - Deutsche Diabetes-Hilfe

diabetesde.org

67

diabetesDE - Deutsche Diabetes-Hilfe is a prominent German non-profit organization dedicated to providing expert-reviewed information, support, and advocacy related to diabetes mellitus. The website serves as a comprehensive resource for people with diabetes, their families, healthcare professionals, and the general public. It offers extensive educational content, risk assessments, therapy guidance, and community support services. The organization holds a strong market position in Germany's healthcare sector as a trusted source for diabetes-related knowledge and political representation. Technically, the website is built on Drupal 10, leveraging modern web technologies and privacy-conscious analytics tools such as Matomo and eTracker. It employs a consent management platform (Klaro) to comply with GDPR requirements, demonstrating a mature digital infrastructure. The site is mobile-optimized, accessible, and well-structured, providing an excellent user experience. From a security perspective, the site enforces HTTPS, uses appropriate security headers, and respects user privacy by disabling cookies in analytics and providing clear cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a dedicated security policy or vulnerability disclosure page suggests room for improvement in transparency and incident response readiness. Overall, diabetesDE exhibits a high level of professionalism, trustworthiness, and compliance with privacy regulations. The lack of WHOIS data due to a malformed response limits domain registration insights, but the website content and external partnerships strongly indicate legitimacy and a well-established presence. Strategic recommendations include publishing explicit security policies, enhancing incident response communication, and maintaining regular security audits to sustain trust and compliance.

A

Australian Prudential Regulation Authority

apra.gov.au

80

The Australian Prudential Regulation Authority (APRA) is the official Australian government prudential supervisor responsible for ensuring the stability, competitiveness, and efficiency of the financial system. The website serves as a comprehensive resource for regulated industries including banking, insurance, superannuation, and financial corporations, providing regulatory standards, consultations, data, and licensing information. APRA holds a key position in Australia's financial regulatory landscape with a large organizational footprint and a clear mandate. Technically, the website is built on Drupal 10, leveraging modern web technologies such as Google reCAPTCHA v3 and Google Tag Manager for security and analytics. The site is well-optimized for mobile and accessibility, with fast performance and professional design. Security posture is strong with HTTPS enforced and secure form handling, although explicit security headers could be verified and a dedicated security policy page would enhance transparency. The WHOIS data is limited due to privacy and registrar policies but aligns with Australian government domain registration norms, supporting legitimacy. No suspicious or malicious indicators were found. The site maintains good privacy compliance with clear privacy and cookie policies and uses consent mechanisms. Overall, APRA's website is a trustworthy, authoritative source for prudential regulation information in Australia, with strong business credibility and technical maturity. Minor improvements in security policy transparency and vulnerability disclosure could further strengthen its security posture.

M

Multilateral Investment Guarantee Agency

miga.org

72

The Multilateral Investment Guarantee Agency (MIGA) website serves as a comprehensive platform for the World Bank Group's guarantee products, focusing on political risk insurance and credit enhancement guarantees to promote foreign direct investment in developing countries. The site is well-positioned within the international finance and development sector, leveraging its affiliation with the World Bank Group to establish credibility and trust. It targets investors, lenders, governments, and development organizations seeking risk mitigation solutions for emerging market projects. The business model centers on providing guarantees that reduce investment risks, thereby facilitating economic growth and poverty reduction.

P

POELLATH

pplaw.com

69

POELLATH is a professional law firm with a website built on Drupal 10, targeting corporate clients and business sectors primarily in Germany. The site demonstrates a modern digital presence with GDPR-compliant cookie consent managed by Usercentrics and tracking via LinkedIn Insight. However, the absence of WHOIS registration data raises questions about domain legitimacy, though the website content and design indicate a credible business. Security posture is generally good with HTTPS enforced, but lacks explicit security headers and published privacy or incident response policies. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and compliance documentation.

D

Delegation of the European Union to Bosnia and Herzegovina & European Union Special Representative in Bosnia and Herzegovina

europa.ba

72

The Delegation of the European Union to Bosnia and Herzegovina serves as the official representation of the EU in Bosnia and Herzegovina, providing comprehensive information on EU activities, projects, and policies in the country. The website is professionally designed, well-structured, and targets a broad audience including citizens, media, and stakeholders interested in EU-Bosnia relations. Technically, the site is built on Drupal 10 with modern web standards, ensuring good performance, mobile responsiveness, and accessibility. Security posture is strong with HTTPS enforced and standard security headers likely in place, although explicit security policies and incident response details are not published. Privacy compliance is robust, featuring clear privacy and cookie policies with consent mechanisms aligned with GDPR. The domain is part of the official europa.eu space, managed by EU authorities, ensuring high legitimacy despite the absence of WHOIS details due to privacy policies. Overall, the site reflects a mature, trustworthy, and authoritative EU governmental presence in Bosnia and Herzegovina.

B

Barry Callebaut

barry-callebaut.com

75

Barry Callebaut is a global leader in the manufacturing of high-quality chocolate and cocoa products, with a strong emphasis on sustainability through its Forever Chocolate strategy. The website serves a broad international audience with comprehensive product, service, and corporate information. Technically, the site is built on Drupal 10, employs modern analytics and consent management tools, and is optimized for performance and mobile use. Security posture is solid with HTTPS and no exposed sensitive data, though explicit security headers and a dedicated security policy are absent. WHOIS data is missing or unavailable, which slightly impacts trust but does not detract from the professional presentation and business credibility of the site.

R

Red.es

red.es

69

Red.es is a Spanish government entity under the Ministry of Economic Affairs and Digital Transformation, dedicated to promoting digital transformation across businesses, citizens, and public administrations. The website serves as a comprehensive portal for initiatives, news, and resources related to digital innovation and funding programs in Spain. The site is well-structured, professionally designed, and targets a broad audience including SMEs, entrepreneurs, and public sector entities. Technically, the website is built on Drupal 10 with modern front-end frameworks like Bootstrap 4.6 and utilizes Google Tag Manager for analytics. It demonstrates good mobile optimization, accessibility, and SEO practices. Security measures include HTTPS enforcement, cookie consent management, and antibot protections on forms. However, some security headers could be improved. The security posture is strong with multiple certifications such as ISO 27001 and compliance with the Spanish National Security Scheme (ENS). No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust with clear GDPR-aligned policies and cookie management. Overall, the website reflects a mature digital presence consistent with a government agency, with high trustworthiness and professionalism. The domain WHOIS data is restricted as per .es domain policies, which is typical and appropriate for this entity.

I

Instituto Nacional de Ciberseguridad (INCIBE)

incibe.es

11

INCIBE (Instituto Nacional de Ciberseguridad) is the official Spanish national cybersecurity institute dedicated to providing cybersecurity assistance, awareness, and incident response services to citizens, businesses, and government entities. The website serves as a comprehensive portal offering educational resources, cybersecurity tools, incident reporting, and training programs. It holds a strong market position as a government entity focused on national cybersecurity initiatives. Technically, the website is built on Drupal 10 CMS, leveraging modern web technologies including Bootstrap for responsive design and various analytics tools such as Google Analytics and Siteimprove. The site is mobile-optimized, accessible, and well-structured, providing a professional user experience. Cookie consent mechanisms and privacy compliance are implemented effectively. From a security perspective, the site enforces HTTPS and employs best practices such as cookie consent and secure content delivery. However, explicit security headers are not evident in the provided data, and there is room for improvement by publishing security.txt files and enhancing incident response contact transparency. No vulnerabilities or suspicious content were detected. Overall, INCIBE's website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. The lack of WHOIS data is due to Red.es restrictions but does not detract from the site's legitimacy as a government cybersecurity resource. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure information, and improving contact information for security incidents.

R

Red.es

nic.es

67

Dominios.es is the official Spanish government entity responsible for managing the registration of .es country code top-level domains. It operates under the umbrella of Red.es, a public enterprise of the Spanish government. The website provides comprehensive information and services related to domain registration, management, and security, targeting individuals, businesses, and authorized registrars. The entity holds recognized certifications such as ISO 9001, ISO 27001, and ENS, underscoring its commitment to quality and security. Technically, the site is built on Drupal 10 with modern web technologies and integrates Google Tag Manager and CookiesJSR for analytics and cookie management. The site is well-optimized for mobile and accessibility, with clear navigation and professional design.

J

Jewelers Mutual Group

jewelersmutual.com

10

Jewelers Mutual Group is a specialized insurance provider focusing on personal jewelry and jewelry business insurance. With over 110 years of expertise and a strong market presence evidenced by more than 11,000 five-star reviews, the company targets jewelry owners and businesses seeking dedicated insurance solutions. The website reflects a mature digital presence built on Drupal 10, integrating advanced analytics and marketing tools such as Google Tag Manager, Mixpanel, and Visual Website Optimizer, alongside a robust consent management system via TrustArc. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, although the absence of a dedicated security policy or incident response information is noted. Privacy compliance is well addressed with clear privacy and cookie policies and user consent mechanisms. However, the lack of WHOIS data transparency slightly reduces domain trustworthiness. Overall, the website is professional, secure, and compliant, serving a large enterprise in the finance sector with a focus on jewelry insurance.

B

Barry Callebaut

chocolate-academy.com

68

The Chocolate Academy website represents a professional educational platform operated by Barry Callebaut, targeting artisans and chefs globally with chocolate training, recipes, and community support. The site is well-structured, content-rich, and optimized for mobile with modern technologies including Drupal 10, Google Tag Manager, and Plausible Analytics. Privacy and cookie policies are comprehensive and GDPR compliant, with a clear consent mechanism in place. Security posture is strong with HTTPS and security headers, though explicit security and incident response policies are not published. The absence of WHOIS registration data for the domain is a notable concern, potentially indicating privacy protection or registration issues, which slightly impacts business credibility. Overall, the site is trustworthy and professional but would benefit from enhanced transparency in domain registration and direct contact information.

C

Callebaut

callebaut.com

69

Callebaut is a well-established Belgian chocolate brand with a rich history dating back to 1911. The company offers a comprehensive range of chocolate products and culinary tools targeted primarily at artisans and professional chefs worldwide. Their website reflects a strong commitment to quality, sustainability, and community engagement, including professional training through the Chocolate Academy. Technically, the website is built on Drupal 10, uses modern web technologies, and demonstrates good performance and mobile optimization. Security posture is strong with HTTPS and security headers in place, though there is room for improvement in publishing explicit security policies and incident response information. The absence of WHOIS data is a notable gap but does not detract significantly from the overall legitimacy given the brand's global recognition and consistent online presence.

A

Ardo

ardo.com

62

Ardo is a well-established company specializing in supplying high-quality fresh-frozen vegetables, herbs, and fruits, targeting foodservice, industry, and retail sectors with a strong emphasis on sustainability. The company has a mature online presence with a website built on Drupal 10, integrating modern tracking and consent management tools such as Google Tag Manager and Cookiebot. The website demonstrates good content quality, professional design, and clear navigation, supporting a positive user experience. Security-wise, the site employs HTTPS and domain transfer protections but could enhance security headers and DNSSEC to further strengthen its posture. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and GDPR-aligned policies. Overall, Ardo presents a credible and trustworthy digital footprint consistent with its business claims.

V

Verbraucherzentrale

post-aerger.de

57

The website www.verbraucherzentrale.de is an official consumer protection platform in Germany, operated by the Verbraucherzentrale organization. It provides comprehensive consumer advice, here specifically about traceable postal letter services. The site is well-structured, professionally designed, and uses modern technologies including Drupal 10 and Matomo analytics. It is mobile optimized and accessible, with a clear privacy policy and multiple regional links. Security posture is good with HTTPS enforced, though some security headers are not explicitly visible. Contact is primarily via contact forms rather than direct emails or phone numbers on this page. Overall, the site is trustworthy and serves a large audience of German consumers seeking reliable information.

V

Verbraucherzentrale Baden-Württemberg

vz-bawue.de

59

Verbraucherzentrale Baden-Württemberg is a well-established regional consumer protection organization providing independent advice, information, and advocacy services to consumers in Baden-Württemberg, Germany. The website serves as a comprehensive portal offering educational content, consultation services, project information, and access to various consumer-related resources. It targets a broad audience including consumers, students, parents, seniors, and refugees. The organization positions itself as a trusted non-profit entity with a strong regional presence and multiple service offerings.

V

Verbraucherzentrale

fakeshop-finder.de

60

Verbraucherzentrale.de operates as a leading German consumer protection organization providing educational resources and tools such as the Fakeshop-Finder to help consumers identify fraudulent online shops. The website is well-structured, professionally designed, and targets German consumers seeking trustworthy information on online shopping safety. Technically, the site is built on Drupal 10 with modern JavaScript libraries and integrates Matomo analytics for user tracking while maintaining GDPR compliance through clear privacy and cookie policies. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. WHOIS data is minimal but the strong branding and government affiliation support legitimacy. Overall, the site is a trustworthy, high-quality resource for consumer protection.

W

WIR FÜR GESUNDHEIT GMBH

wir-fuer-gesundheit.de

48

WIR FÜR GESUNDHEIT GMBH operates the largest German cross-provider healthcare network offering enhanced medical services and private patient comfort through its PlusCard product. The company targets employees, employers, clinics, and families in Germany, providing flexible health insurance tariffs and access to a broad network of approximately 450 partner clinics. The website is professionally designed using Drupal 10, integrates modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Pardot, and is hosted behind Akamai CDN infrastructure. Contact information is clearly presented, but explicit privacy and terms of service pages are missing. Cookie consent mechanisms are implemented, indicating some level of GDPR compliance.

L

Landkreis Böblingen

mitmachen-kreisbb.de

53

The website mitmachen-kreisbb.de serves as the official participatory platform for the Landkreis Böblingen government, enabling citizens to engage in local projects and provide feedback. It is positioned as a regional government engagement tool with key services including citizen participation, information dissemination, and media resources. The platform targets residents of the Böblingen district and operates under a government business model. Technically, the site is built on Drupal 10 CMS, leveraging modern libraries such as Font Awesome and CookiesJSR for cookie management. It uses Matomo Analytics configured to respect user privacy and Do Not Track settings. The hosting is managed via Gandi.net nameservers, indicating a reputable infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with good performance. From a security perspective, the site enforces HTTPS and implements consent-based loading of third-party content, enhancing privacy compliance. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with comprehensive cookie and privacy policies and a clear consent mechanism. Overall, the website is trustworthy, professionally designed, and suitable for general audiences. It demonstrates a solid security posture with room for improvement in security policy transparency and header implementation. The absence of direct contact information on the homepage is noted but may be available on other pages. The site is free from adult or questionable content, aligning with its government function.

N

Nationale Parken

nationaleparken.nl

65

Nationaleparken.nl is an authoritative informational website dedicated to showcasing the national parks of the Netherlands. It provides educational content, news, and a knowledge platform aimed at the general public interested in nature and conservation. The website is professionally designed using Drupal 10 and integrates modern technologies such as Google Tag Manager and Cookiebot for analytics and privacy compliance. The domain is well-established since 2003, reinforcing its credibility and trustworthiness. Security practices are generally good with HTTPS enforced and cookie consent mechanisms in place, though some security headers and DNSSEC could be improved. Contact is primarily via a contact form, with no direct emails or phone numbers published. Overall, the site demonstrates a mature digital presence with good privacy compliance and user experience.

I

International Committee of the Red Cross

icrc.org

70

The International Committee of the Red Cross (ICRC) is a globally recognized humanitarian organization dedicated to providing assistance and protection to people affected by armed conflict and violence. The website reflects the organization's mission of neutrality, impartiality, and independence, offering extensive information on their activities, global presence, and urgent appeals for donations. The site is multilingual and professionally designed, targeting a broad audience including donors, affected populations, and humanitarian partners. Technically, the website is built on Drupal 10, employs modern security and privacy technologies such as hCaptcha and Usercentrics CMP, and integrates Google Tag Manager for analytics. Security posture is strong with HTTPS enforced and secure form handling, though explicit security headers and a public security policy are absent. Overall, the website is trustworthy, compliant with GDPR, and provides a safe user experience.

E

EDB

enterprisedb.com

76

EnterpriseDB (EDB) operates a professional and comprehensive website focused on their flagship product, EDB Postgres AI, the world's first sovereign AI and data platform. The company positions itself as a leader in sovereign AI data management, targeting enterprises, industries, and nations with hybrid and cloud deployment options. Their offerings include a suite of Postgres-based products, hybrid management tools, AI factory capabilities, and extensive support and training services. Technically, the website is built on Drupal 10 with modern web technologies, includes multimedia content, and integrates analytics and consent management tools. Security posture is strong with HTTPS enforced and a dedicated Trust Center, though explicit security headers and incident response policies could be improved. The absence of WHOIS data is a notable concern, reducing domain trustworthiness despite the professional presentation and strategic partnerships. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility, but the domain registration opacity warrants caution.

M

Memoriav

memobase.ch

59

MEMOBASE, operated by Memoriav, is a specialized Swiss portal dedicated to preserving and providing access to the country's audiovisual heritage. The platform aggregates collections from archives, museums, and libraries, serving researchers, historians, and the general public interested in Swiss cultural history. Supported by the Swiss Federal Office of Culture, MEMOBASE holds a strong position as a national cultural heritage resource. The website is professionally designed, multilingual, and offers curated showcases and search capabilities for audiovisual materials. Technically, the site is built on Drupal 10 with modern libraries such as Mapbox GL JS for interactive maps, ensuring good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and cookie compliance mechanisms in place, though it lacks explicit security policies and incident response information. Overall, the site is trustworthy, content-rich, and compliant with privacy regulations, making it a valuable resource for its target audience.

E

Eventbranche.nl

eventbranche.nl

70

Eventbranche.nl is a well-established Dutch media platform serving the event industry with news, job listings, and supplier directories. The website targets event professionals and festival organizers, offering valuable content and membership benefits. Technically, it is built on Drupal 10 with modern web standards, including mobile optimization and accessibility features. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, professional, and compliant with GDPR requirements.

L

Linagora

linagora.com

72

Linagora is a French-based open source software publisher and SaaS solutions provider, established in 2000, with a strong focus on ethical and sovereign digital transformation. The company offers a broad portfolio of open source software products, professional services including support and maintenance for over 500 open source applications, and consulting services. Their market position is that of a pioneer and leader in the French open source ecosystem, serving enterprise clients including government and large corporations. Technically, the website is built on Drupal 10, employs modern web technologies, and integrates Matomo analytics and Altcha CAPTCHA for user interaction and security. The site is well-optimized for mobile and SEO, with good accessibility features. Security posture is solid with HTTPS enforced and clientTransferProhibited domain status, though improvements such as DNSSEC and explicit security policies could be made. Overall, the domain registration data aligns well with the company's history and legitimacy. The website content is professional, comprehensive, and safe for general audiences.

F

Fundacja Panoptykon

panoptykon.org

41

Fundacja Panoptykon is a Polish non-profit organization dedicated to human rights and digital privacy advocacy. Established in 2009, it operates primarily in Poland and provides a range of services including publications, campaigns, legal complaints, and public awareness initiatives. The website serves as a platform for disseminating information and engaging the public on issues related to surveillance, privacy, and freedom in the digital age. The organization maintains a strong presence through various content types such as articles, reports, podcasts, and videos, targeting a general audience interested in digital rights and privacy.

L

L'Ouvre-Boîtes, Coopérative activité emploi

ouvre-boites.coop

66

L'Ouvre-Boîtes is a French cooperative focused on supporting the creation and development of business activities within a secure and cooperative framework, primarily serving the Loire-Atlantique and Vendée regions. The website reflects a regional cooperative model with a clear mission to assist entrepreneurs and small business owners through cooperative employment structures. The site is built on Drupal 10 and uses Matomo analytics to respect user privacy. The design is professional and content is relevant to its target audience, with good navigation and mobile optimization. Security measures such as HTTPS and security headers are properly implemented, though explicit privacy and cookie policies are missing, representing a compliance gap. Overall, the website presents a trustworthy and professional image consistent with its cooperative business model.

P

Portland State University

pdx.edu

65

Portland State University is a large public research university located in downtown Portland, Oregon, offering a wide range of undergraduate and graduate academic programs. The website serves prospective and current students, faculty, staff, alumni, and community members with comprehensive information about academics, admissions, student life, research, and events. The university emphasizes affordability, diversity, and urban engagement. Technically, the site is built on Drupal 10 and integrates multiple analytics and marketing tools, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS and modern CMS usage, though explicit security headers and cookie consent mechanisms could be improved. WHOIS data is unavailable due to .edu domain restrictions, but the domain and website content strongly indicate legitimacy. Overall, the site is professional, accessible, and trustworthy.

H

Heinlein Support GmbH

jpberlin.de

64

JPBerlin is a well-established German web hosting provider specializing in secure, privacy-focused services for politically engaged individuals and organizations. Operated by Heinlein Support GmbH since 1989, it offers web hosting, mailing lists, email services, and domain registration with a strong emphasis on open source technology, GDPR compliance, and eco-friendly hosting. The website is professionally designed using Drupal 10, with good mobile optimization and clear navigation. Security practices include HTTPS enforcement and spam/virus protection, though explicit security policies and incident response contacts are not publicly detailed. The domain registration data is consistent and supports the legitimacy of the business. Overall, JPBerlin presents a trustworthy and niche-focused hosting provider with a solid technical and business foundation.

U

Université catholique de Louvain

uclouvain.be

66

Université catholique de Louvain is a prominent Belgian higher education institution offering a broad range of academic programs and research activities. The website serves multiple audiences including prospective and current students, researchers, staff, alumni, and external partners. It is built on Drupal 10 and employs privacy-conscious technologies such as Matomo analytics and a cookie consent mechanism to comply with GDPR requirements. The site is well-structured with clear navigation and multilingual support, primarily in French with English alternatives. Security posture is moderate with room for improvement in publishing explicit security policies and headers. WHOIS data is unavailable due to registry restrictions, but the domain and content strongly indicate legitimacy. Overall, the site demonstrates good digital maturity and business credibility appropriate for a large educational institution.

H

Heinlein Support GmbH

heinlein-support.de

60

Heinlein Support GmbH is a German-based IT consulting company specializing in Linux expertise, secure communication, and data center solutions. The company offers a range of services including IT administration, consulting, training (Akademie), hosting, and SLA contracts. Their market position is that of a trusted Linux and open source specialist with a strong presence in the German IT sector, supported by multiple customer testimonials and references. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content targeting IT professionals and enterprises. Technically, the site is built on Drupal 10 with modern JavaScript libraries and is hosted by JPBerlin, a reputable German hosting provider. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit security policies are missing. Privacy compliance is adequate with a privacy policy and cookie policy present, but lacks a consent mechanism. Overall, the site demonstrates a mature digital presence with moderate tracking via Matomo analytics and a strong focus on trust and professionalism.

T

Think Blue Data

thinkbluedata.com

47

Think Blue Data is a technology service provider specializing in interactive data experiences, custom data tools, and workflows tailored to client branding. Founded in 2012, the company positions itself as a niche player in data visualization and big data integration, targeting businesses seeking to transform complex data into actionable insights. The website is built on Drupal 10 with modern front-end frameworks and big data technologies, hosted by GoDaddy. The site demonstrates good design quality, mobile optimization, and accessibility, but lacks explicit privacy and cookie policies, as well as security headers and incident response information. The domain registration is consistent with the business age and shows no suspicious patterns. Overall, the website is professional and trustworthy but could improve compliance and security posture.

P

Pro Natura Zentrum Champ-Pittet

pronatura-champ-pittet.ch

64

Pro Natura Zentrum Champ-Pittet is a Swiss non-profit environmental organization focused on nature conservation, environmental education, and visitor engagement through exhibitions, protected natural areas, and a restaurant. The website reflects a well-established regional center with clear business objectives centered on public education and nature preservation. Technically, the site is built on Drupal 10, uses modern web technologies, and integrates privacy compliance tools such as Usercentrics for cookie consent. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response policies are absent. Overall, the website is trustworthy, professional, and compliant with GDPR requirements.

P

Pro Natura Zentrum Aletsch

pronatura-aletsch.ch

63

Pro Natura Zentrum Aletsch is a Swiss non-profit nature conservation and education center located in the Alps near the Aletsch Glacier. The organization offers visitor experiences including nature center visits, accommodation, dining, guided excursions, and educational programs targeting families, schools, and nature enthusiasts. The website is professionally designed with clear navigation, multilingual support, and strong branding consistency. Technically, it is built on Drupal 10, uses modern web technologies, and integrates consent management and analytics tools responsibly. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website reflects a trustworthy and credible organization with a strong focus on environmental education and conservation.

A

AGC Glass Europe

agc-yourglass.com

57

AGC Glass Europe is a leading European manufacturer and marketer of flat glass products serving the construction, automotive, and solar power sectors. The company operates under the global AGC brand with a strong presence across Europe and a workforce of approximately 13,000 employees. The website targets architects, specifiers, distributors, and other stakeholders in the glass and construction industries, offering extensive product information, technical support, and digital tools such as a glass configurator. Technically, the site is built on Drupal 10, employs modern web technologies, and integrates marketing and analytics tools like Google Tag Manager and Visual Website Optimizer. Security posture is good with HTTPS and CAPTCHA protections, though some security headers and policies could be improved. The WHOIS data is unavailable or indicates the domain may not be registered, which is a concern for domain legitimacy, but the website content and branding strongly suggest a legitimate business entity. Overall, the site is professional, well-structured, and compliant with privacy regulations.

P

Pro Natura

pronatura.ch

73

Pro Natura is a well-established Swiss non-profit organization dedicated to nature conservation, managing over 800 nature reserves and engaging the public through education and advocacy. The website reflects a mature digital presence built on Drupal 10, with modern technologies and compliance tools such as Usercentrics for cookie consent and Google Tag Manager for analytics. The security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the site is professional, trustworthy, and aligned with its mission, serving a broad audience interested in environmental protection.

D

Dry January

dryjanuary.ch

52

Dry January is a Swiss-based non-profit campaign focused on encouraging individuals to abstain from alcohol during January. The website serves as an informational and engagement platform offering event details, partner programs, and merchandise sales to support the campaign. It targets a general audience with an emphasis on health and alcohol awareness. The site is built on Drupal 10 with Commerce 2, integrating modern web technologies and analytics tools such as Matomo and Google Tag Manager. The technical infrastructure is solid, with good mobile optimization and secure HTTPS implementation. However, the site lacks critical privacy and cookie policies, which impacts GDPR compliance and user trust. Security posture is generally good but could be improved by adding security headers and incident response information. Overall, the website is professional and trustworthy but should address compliance gaps to enhance user confidence and legal adherence.

B

Blaukreuz-Brockis

blaukreuz-brocki.ch

58

Blaukreuz-Brockis operates as a Swiss non-profit organization focused on retailing second-hand goods through multiple physical Brocki shops across Switzerland. Their business model supports social causes, including addiction support and integration services. The website reflects a mature digital presence built on Drupal 10, integrating Google Maps for location services and Matomo for privacy-conscious analytics. The site is professionally designed, mobile-optimized, and provides clear contact information for various locations. Security posture is solid with HTTPS and security headers in place, though explicit privacy and cookie policies are missing, which impacts compliance. No incident response or vulnerability disclosure information is provided, representing an area for improvement. Overall, the website is trustworthy and serves its target audience effectively.

B

Bank Frick AG

bankfrick.li

65

Bank Frick AG is a well-established full-service bank based in Liechtenstein, specializing in providing banking services to financial intermediaries and professional clients. Founded in 1998, the bank has positioned itself as an innovative leader in blockchain banking and digital financial solutions. Its modular service offerings include intermediary solutions, blockchain banking, fund and capital market solutions, and acquiring services, targeting clients primarily in the EEA/EU, Switzerland, and Liechtenstein. The website reflects a professional and trustworthy brand with comprehensive content and clear navigation.

I

ISBA

isba.org.uk

76

ISBA is a UK-based membership organization representing brand owners in the advertising industry. It provides advocacy, resources, events, and a knowledge hub to support marketers and brand owners. The website is professionally designed using Drupal 10, with modern web technologies and good mobile optimization. Privacy and cookie policies are comprehensive and GDPR compliant. Security posture is strong with HTTPS and secure forms, though security headers could be improved. WHOIS data for the queried domain is unavailable due to an invalid domain query, but the website content and branding indicate a legitimate and established organization.

M

Maestrani Schweizer Schokoladen AG

maestrani.ch

63

Maestrani Schweizer Schokoladen AG is a well-established Swiss family-owned chocolate manufacturer with a history dating back to 1852. The company produces and markets Swiss chocolate under its own brands Minor and Munz, operates a B2B webshop for promotional chocolates, and offers a visitor experience called Chocolarium. The website is professionally designed, multilingual, and provides comprehensive information about the company, its products, and career opportunities. Technically, the site is built on Drupal 10 with modern web technologies, is mobile-optimized, and includes GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS and consent management, though some security headers and explicit policies could be improved. Overall, the site reflects a mature digital presence aligned with the company's market position and business model.

B

blindekuh

blindekuh.ch

51

blindekuh is a well-established Swiss hospitality and cultural foundation operating unique dark restaurants in Zürich and Basel. The business offers immersive dining experiences, events, courses, and gift vouchers, positioning itself as a pioneer in the niche dark restaurant market. The website reflects a mature digital presence built on Drupal 10, with modern UI/UX and compliance with privacy regulations. Security posture is strong with HTTPS and cookie consent mechanisms, though formal security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and well-optimized for users.

V

Verein Auswärtige Liegenschaftsbesitzer Bergün Filisur (ALB)

alb-berguen.ch

52

The website represents the Verein Auswärtige Liegenschaftsbesitzer Bergün Filisur (ALB), a small non-profit association founded in 2015 in Switzerland. It advocates for the interests of second-home owners and long-term tenants in the Bergün-Filisur region, fostering collaboration between local residents and external property owners. The site provides organizational information, event announcements, and contact details, targeting property owners and local stakeholders. Technically, the site is built on Drupal 10 with modern web technologies and includes Google Analytics for visitor tracking. The design is professional, mobile-optimized, and accessible, offering a good user experience. Security posture is adequate with HTTPS enforced but lacks security headers and formal privacy or cookie policies, indicating room for compliance improvement. Overall, the site is legitimate, trustworthy, and safe for general audiences.

V

Verein Parc Ela

parc-ela.ch

68

Verein Parc Ela operates the Parc Ela nature park located in the heart of Graubünden, Switzerland, uniting the three linguistic cultures of Romansh, German, and Italian. The organization focuses on preserving valuable landscapes, promoting cultural heritage, and fostering innovative projects and products through a network of engaged individuals. The website reflects a well-structured, professionally designed platform built on Drupal 10, with good mobile optimization and accessibility features. It employs Google Tag Manager for analytics and tracking, alongside a cookie consent mechanism, indicating a moderate level of privacy compliance. Security posture is strong with HTTPS and inferred security headers, though explicit security policies and incident response information are absent. Overall, the site presents a trustworthy and credible non-profit entity with a clear mission and community focus.