Security Directory

H

Hortim

hortim.sk

64

Hortim is a well-established company specializing in wholesale and farming of fresh fruit and vegetables, with over 30 years of market presence. The company operates a group of five companies and two premium brands, providing end-to-end services including importing, farming, packaging, storage, ripening, and logistics. Their target audience primarily consists of business customers in the fresh produce supply chain. Technically, the website is built on WordPress with modern technologies such as jQuery, Bootstrap, and multilingual support via WPML. The site is mobile optimized and SEO friendly, with integration of Google Tag Manager and Facebook SDK for analytics and marketing. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and incident response transparency. Overall, the website is professional, trustworthy, and compliant with GDPR regulations.

A

Aviato

aviato.be

49

Aviato is a specialized employment platform focused on providing quality and sustainable job opportunities at Brussels Airport. It serves both job seekers and employers by offering job listings, internships, career advice, and organizing events such as job fairs and info sessions. The website is professionally designed using Drupal 10, with modern web technologies and good mobile optimization. It integrates analytics and marketing tools like Google Analytics and Facebook Pixel, and complies with GDPR through a comprehensive privacy and cookie policy. Security posture is adequate with HTTPS and secure form handling, though security headers could be improved. WHOIS data is restricted, but the website's content and social media presence indicate a legitimate and trusted organization within the transportation sector in Belgium.

M

Media Business Insight (MBI)

globalproductionawards.com

47

The Global Production Awards website represents a professional event platform dedicated to recognizing excellence in sustainable film and TV production worldwide. Operated by Media Business Insight (MBI), a subsidiary of GlobalData, the site serves industry professionals and stakeholders with event information, award shortlists, winners, and sponsorship opportunities. The business model centers on event organization and media partnerships, positioning itself as a prestigious global awards entity within the media sector. Technically, the website employs a modern tech stack including jQuery, Slick Carousel, and the SHOWOFF CMS by ASP.events. The site is well-structured, mobile-optimized, and accessible, with good SEO practices and performance. However, some improvements are recommended in security headers and cookie consent mechanisms to enhance compliance and security posture. Security-wise, the site uses HTTPS and avoids exposing sensitive data. Tracking via Permutive is present, indicating moderate user tracking. The absence of WHOIS data for the domain is a notable concern, potentially indicating registration issues or privacy protection, which impacts domain legitimacy assessment. Overall, the website is trustworthy and professional, but the lack of WHOIS transparency and cookie consent mechanisms suggest areas for improvement to bolster compliance and trust. Strategic recommendations include enhancing security headers, publishing incident response contacts, and implementing cookie consent to align with GDPR and best practices.

M

Media Business Insight Ltd (MBI)

screenfilmsummit.com

58

The Screen Film Summit website represents a professional event platform focused on the UK independent film industry, organized by Media Business Insight Ltd, a subsidiary of GlobalData. The site provides detailed information about the annual summit, including event descriptions, partners, speakers, and galleries, targeting producers, financiers, and distributors within the film sector. The business model centers on industry networking and knowledge sharing through events. Technically, the website is built on the SHOWOFF CMS by ASP.events, utilizing modern JavaScript libraries such as jQuery, Slick Carousel, and Magnific Popup. The site is mobile-optimized, accessible, and employs HTTPS with good performance. However, some security best practices like security headers and cookie consent mechanisms are missing or not detected. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. Tracking is done via Permutive, indicating moderate user tracking. The absence of WHOIS registration data is a concern, though the association with a reputable parent company supports legitimacy. No critical vulnerabilities or adult content were found, and privacy compliance is basic but present. Overall, the website is a credible and professional platform with room for improvement in security headers, privacy compliance, and transparency of contact information. The lack of WHOIS data should be investigated further to confirm domain legitimacy.

S

Sunzil

sunzil.com

49

Sunzil is a well-established company specializing in photovoltaic solar energy solutions, with a 40-year presence in French overseas territories. The company develops, constructs, and operates solar power plants for both residential and professional clients, offering turnkey solutions and consulting services. The website reflects a mature digital presence with comprehensive content, customer testimonials, and recognized certifications such as ISO 9001 and ISO 14001, reinforcing its market credibility. Technically, the website is built on WordPress with WooCommerce and Gravity Forms, leveraging modern JavaScript libraries and analytics tools including Google Analytics and Facebook Pixel. The site is mobile-optimized and includes GDPR-compliant cookie consent mechanisms, indicating a good level of digital maturity and privacy awareness. From a security perspective, the site enforces HTTPS and employs cookie consent banners, but lacks explicit security policies and incident response information. Some JavaScript errors related to WooCommerce payment gateway dependencies were noted, which could affect user experience. The absence of WHOIS domain registration data raises concerns about domain legitimacy, although the website content and certifications suggest a legitimate business. Overall, Sunzil presents a professional and trustworthy online presence with room for improvement in security transparency and domain registration clarity.

K

KBE Energy

kbe-energy.com

67

KBE Energy is a French company specializing in the installation, maintenance, and expertise of photovoltaic solar power plants. Established since 2006, it serves a broad range of clients including farmers, industrial investors, local authorities, and large retail and tertiary sectors. The company offers comprehensive photovoltaic solutions including large roof installations, floating parks, agrivoltaics, self-consumption systems, turnkey buildings, and project management assistance. It also provides financing options such as third-party investment and crowdfunding. The company is certified with ISO 14001, ISO 9001, Qualifelec RGE, and AQPV, reflecting its commitment to quality and environmental standards. Technically, the website is built on WordPress using the Divi theme and incorporates modern web technologies such as Google reCAPTCHA, Yoast SEO, GSAP animations, and WP Rocket for performance optimization. The site is well-optimized for SEO, mobile-friendly, and provides a good user experience with clear navigation and professional design. Security measures include HTTPS enforcement, cookie consent management, and CAPTCHA integration, although explicit security headers and a published security policy are absent. The security posture is solid but could be improved by adding explicit security headers and publishing incident response information. The WHOIS data for the domain is unavailable, which raises some concerns about domain registration transparency, although the website content and certifications support legitimacy. Overall, the site demonstrates a mature digital presence with good compliance to privacy regulations and a strong focus on renewable energy services. Strategic recommendations include enhancing security headers, publishing a security policy and incident response contacts, verifying domain registration details, and maintaining regular security audits to ensure ongoing protection and trustworthiness.

W

We Are ILL

wearewellnessweekend.com

52

We Are ILL is a non-profit organization dedicated to supporting Black women living with multiple sclerosis and other autoimmune disorders through its signature annual event, Wellness Week(end). The event offers education, community, and wellness activities, expanding its reach to include lupus and NMOSD patients and their support networks. The website is professionally designed using Squarespace, with a clear focus on community and advocacy. The event is hosted in Atlanta, GA, with ticketing managed via Eventbrite. Social media presence is active on Instagram, YouTube, and Facebook. The domain WHOIS data is unavailable, which raises some concerns about domain registration legitimacy, but the website content and external links indicate a legitimate operation.

R

RI OKNA

ri-okna.fr

53

RI OKNA is a traditional Czech manufacturer specializing in high-quality windows and doors, operating since 1994 with nearly 30 years of experience. The company targets both domestic and international markets, offering a wide range of products including PVC, aluminum, wood, and composite windows and doors. Their business model focuses on manufacturing and direct sales, emphasizing quality materials and customer service. The website is professionally designed, multilingual, and optimized for French-speaking customers, reflecting a medium-sized enterprise with a strong market position in manufacturing.

L

Les Amis du Palais de Tokyo

lesamisdupalaisdetokyo.com

60

Les Amis du Palais de Tokyo is a cultural association founded in 2019 that supports the Palais de Tokyo contemporary art center in Paris through membership and patronage. The website serves as a platform to inform members and potential donors about exclusive events, artist meetings, and benefits. The site is well-branded, consistent, and targets art enthusiasts and patrons. Technically, the site uses modern web technologies including Laravel backend, Google Analytics, Facebook SDK, and Google reCAPTCHA, hosted by OVH sas. The site is mobile optimized with good SEO and accessibility basics. Security posture is solid with HTTPS, CSRF tokens, and cookie consent, but lacks advanced security headers and formal security policies. No blocking or WAF challenges were detected, allowing full content access. Overall, the site is trustworthy and professionally maintained, with room for improvement in security policy transparency and incident response readiness.

R

Rozum a Cit, z. s.

pestouni-rac.cz

10

Rozum a Cit, z. s. is a Czech non-profit organization dedicated to supporting foster families and promoting substitute family care in the Czech Republic for over 20 years. The organization offers comprehensive services including foster family accompaniment, counseling and therapy, education for foster parents, and facilitating contact with biological families. Their market position is stable within the non-profit sector, focusing on social support and education. The website is professionally designed with clear navigation and good content relevance, targeting foster families and professionals in the field. Technically, the site uses a modern stack including jQuery, Bootstrap, and various UI libraries, with a CMS named inPage. Performance and mobile optimization are good, though accessibility is basic. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks explicit security headers and incident response information. WHOIS data is missing, which reduces domain trustworthiness, but the site content and contact details appear legitimate and consistent with the organization's claims.

E

ECOncrete

econcretetech.com

65

ECOncrete is a specialized technology company focused on providing nature-inclusive design solutions for responsible marine construction. Their proprietary technology targets shoreline protection and infrastructure for waterfront and offshore environments, positioning them as an innovative niche player in the sustainable energy sector. The company appears to be small-sized, founded in 2012, with a consistent domain registration history and a professional online presence. Technically, the website is built on WordPress with modern libraries and plugins, offering good mobile optimization and SEO practices. Security posture is moderate with HTTPS enabled and reCAPTCHA in use, but lacks DNSSEC and security headers, which are recommended for enhancement. Privacy compliance is partial, with a cookie consent mechanism present but no privacy policy page found. Overall, the website is professional and trustworthy but could improve in privacy and security policy transparency.

H

Hortim

hortim.cz

65

Hortim is a well-established Czech company specializing in the wholesale and comprehensive service of fresh fruit and vegetables, including farming, packing, storage, ripening, and logistics. The company operates multiple subsidiaries and brands, serving a broad market with significant annual throughput. Their website reflects a mature digital presence with multilingual support and detailed service descriptions. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance and SEO optimization. Security posture is solid with HTTPS, cookie consent, and reCAPTCHA, though some security headers and explicit incident response information are missing. The absence of WHOIS data limits domain trust verification, but the professional presentation and certifications support business credibility. Overall, Hortim demonstrates a strong market position with room for enhanced transparency and security documentation.

L

LSVD⁺ – Verband Queere Vielfalt e.V.

lsvd.de

51

LSVD⁺ – Verband Queere Vielfalt e.V. is a prominent German non-profit organization advocating for the rights and interests of lesbian, gay, bisexual, trans*, intersex, and queer (LSBTIQ*) individuals. The organization focuses on political advocacy, legal advice, public awareness, and community support, positioning itself as a leading voice for queer diversity and human rights in Germany. Their website reflects a professional and comprehensive approach to content delivery, targeting both the queer community and allies with educational resources, event information, and legal guidance. Technically, the website employs modern web technologies including jQuery, Slick Carousel, and the Foundation framework, hosted on DomainControl nameservers, and uses Matomo analytics to maintain privacy-conscious user tracking. Security posture is adequate with HTTPS enforced and AJAX-based contact forms, but lacks visible security headers and a cookie consent mechanism, which are areas for improvement. Overall, the site is accessible, well-structured, and trustworthy, with clear contact information and active social media engagement.

B

Bard College

bardathletics.com

64

Bard College Athletics operates an official website dedicated to providing comprehensive information about the college's sports teams, schedules, rosters, and related athletics resources. The site serves students, athletes, alumni, and sports enthusiasts interested in Bard College's Division III athletics programs. The business model focuses on community engagement and information dissemination within the educational sector. Technically, the website leverages a modern JavaScript stack including jQuery, RequireJS, and Knockout.js, hosted on Cloudfront CDN with DNS managed by Rackspace. The site is mobile optimized and accessible, with good SEO practices and structured navigation. Security-wise, the site enforces HTTPS and uses reputable hosting but lacks DNSSEC and some security headers, which are recommended for enhanced protection. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional and trustworthy but could improve in security and privacy transparency.

J

Jacques Delors Centre | Hertie School

delorscentre.eu

69

The Jacques Delors Centre is a reputable academic and policy research center focused on European affairs, operating under the Hertie School in Berlin. It provides research publications, policy briefs, events, teaching programs, and a podcast aimed at academics, policymakers, and stakeholders interested in European governance and integration. The website is professionally designed, well-structured, and offers clear navigation and comprehensive content relevant to its target audience. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and frameworks, ensuring good performance and mobile responsiveness. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although some HTTP security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies. WHOIS data is privacy protected, which is typical for EU domains, but the website's affiliation with Hertie School and partner organizations supports its legitimacy. Overall, the site demonstrates a mature digital presence with a high level of professionalism and trustworthiness.

T

Terumo Europe NV

terumo-ps.com

69

Terumo Pharmaceutical Solutions is a division of Terumo Corporation, a global healthcare technology leader founded in 1921 and headquartered in Tokyo, Japan. The division specializes in pharmaceutical and medical device manufacturing, offering injection, infusion, and primary packaging solutions alongside contract development and manufacturing services (CDMO). The company targets pharmaceutical professionals worldwide, emphasizing patient comfort and product quality. The website reflects a mature, professional business with a strong global presence and comprehensive product portfolio. Technically, the site is built on Microsoft SharePoint, leveraging modern JavaScript libraries and frameworks such as jQuery and Bootstrap, with integrated Google Analytics and Tag Manager for user tracking. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is good with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and incident response information. WHOIS data is incomplete, indicating possible privacy protection, which slightly reduces domain transparency but does not detract from the overall legitimacy given the strong brand presence and external references. Overall, the website is professional, trustworthy, and well-maintained, serving a specialized B2B healthcare market.

T

The Conference Forum

poddconference.com

55

The PODD Conference website represents a well-established annual event focused on the pharmaceutical, biotech, and drug delivery sectors. It provides a platform for industry professionals to explore innovative drug delivery technologies, network, and collaborate. The site is professionally designed with good content quality and clear navigation, targeting pharma and biotech scientists, business development professionals, and investors. The business model centers on event organization, sponsorship, and registration revenue, positioning PODD as a key player in its niche market. Technically, the site uses a modern tech stack including jQuery, Bootstrap, and various analytics and marketing tools, hosted on AWS infrastructure. Security posture is adequate with HTTPS and reCAPTCHA implemented, but lacks advanced security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain is legitimate, well-aged, and consistent with the business claims.

T

Terumo India Private Limited

terumoindiaskilllab.com

10

Terumo India Skill Lab is a specialized e-learning platform focused on interventional cardiology, interventional radiology, and perfusion medicine education. It serves healthcare professionals and patients by providing simulation-based learning, webinars, masterclasses, and patient resources. The platform is operated by Terumo India Private Limited, a subsidiary of Terumo Corporation, and targets the Indian healthcare market with a medium-sized business presence. The website demonstrates consistent branding, professional content, and a clear business model centered on medical education and training. Technically, the website employs modern web technologies including Bootstrap, jQuery, Google reCAPTCHA, and analytics tools such as Google Analytics and Microsoft Clarity. It uses WordPress as the CMS and integrates multiple security features like HTTPS and CAPTCHA to protect user data. The site is mobile-optimized and provides a good user experience with clear navigation and structured content. From a security perspective, the site has a good posture with HTTPS, CAPTCHA on forms, and detailed privacy and cookie policies that indicate GDPR compliance. However, some improvements are recommended such as implementing Content-Security-Policy headers and enhancing password handling mechanisms. No critical vulnerabilities or WAF blocking were detected, indicating stable and secure operations. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. It effectively supports its business goals of providing specialized healthcare education while maintaining user security and privacy.

T

Terumo Europe NV

terumopharmaceuticalsolutions.com

11

Terumo Pharmaceutical Solutions is a division of Terumo Corporation, a global leader in healthcare technology since 1921. The division specializes in providing pharmaceutical and medical device manufacturers with high-quality injection, infusion, and primary packaging solutions, including contract development and manufacturing services. Their market position is strong, supported by a comprehensive portfolio and global reach, targeting pharmaceutical professionals worldwide. The website reflects a professional and consistent brand image with clear navigation and rich content tailored to its B2B audience. Technically, the website is built on Microsoft SharePoint, leveraging modern JavaScript libraries such as jQuery and Bootstrap for UI components. It integrates Google Analytics and Tag Manager for user tracking and marketing insights. The site is mobile-optimized with good SEO practices and accessibility features, although some accessibility aspects could be enhanced. Performance is moderate, typical for SharePoint-based sites. From a security perspective, the site enforces HTTPS and employs domain transfer protection. However, DNSSEC is not enabled, and some security headers like Content-Security-Policy are missing. There is no publicly available security policy or incident response contact, which could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. Overall, the website presents a low-risk profile with strong business credibility and good privacy practices. Strategic improvements in security headers and incident response transparency would further enhance trust and security posture.

T

Terumo Europe NV

terumo-europe.com

61

Terumo Europe NV operates as a healthcare company providing medical devices and services across the Europe, Middle East, and Africa region. The website reflects a well-established business with a broad product portfolio targeting healthcare professionals and patients. The company is a subsidiary of Terumo Corporation, a global medical device manufacturer headquartered in Japan. The site offers comprehensive product information, clinical programs, and corporate news, indicating a mature digital presence. Technically, the website is built on Microsoft SharePoint, leveraging modern web technologies such as jQuery, Bootstrap, and Slick Carousel. It integrates Google Analytics and Google Tag Manager for user behavior tracking and marketing insights. The site is mobile optimized and provides a good user experience with clear navigation and professional design. However, performance is moderate and accessibility features are basic, suggesting room for improvement. From a security perspective, the site enforces HTTPS and uses standard tracking scripts responsibly. There is no evidence of exposed sensitive data or vulnerable libraries in the provided content. However, the absence of security headers and lack of explicit security or incident response policies are areas to address. The WHOIS data is missing, which is unusual and reduces trustworthiness, though the website content and branding strongly indicate legitimacy. Overall, the website presents a professional and trustworthy front for Terumo Europe NV, with solid privacy compliance and business credibility. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would enhance the security posture and trust further.

T

Terumo Medical Canada Inc.

terumocanada.ca

68

Terumo Medical Canada Inc. is a Canadian subsidiary of the global Terumo Corporation, specializing in manufacturing and distributing medical devices for cardiothoracic surgery, interventional procedures, and transfusion medicine. The company operates with a strong market position in Canada, supported by a professional and well-structured website that reflects its healthcare industry focus. The website provides comprehensive product information, clear contact details, and complies with privacy regulations including GDPR. Technically, the site uses modern tools such as Adobe Experience Manager CMS, Google Analytics, Hotjar, and Ensighten for tag management, hosted likely on Azure infrastructure. Security posture is good with HTTPS and clientTransferProhibited domain status, though improvements like enabling DNSSEC and additional security headers are recommended. Overall, the website is trustworthy, professional, and safe for general audiences.

S

Skeepers

mfb.li

63

Skeepers operates a customer experience platform, as evidenced by the backend login portal branded with their name and logo. The website serves primarily as an access point for users to sign in, including support for Single Sign-On (SSO) via SAML2, indicating enterprise-grade user management. The technical infrastructure leverages common web technologies such as jQuery, Bootstrap, and third-party widgets like Zendesk and Stonly for support and user guidance. However, the site lacks visible privacy and cookie policies, which are critical for compliance and user trust. Security measures are basic, with no explicit security headers or anti-CSRF tokens detected, though HTTPS is implied by the URL scheme. Overall, the site is functional but could benefit from enhanced security and privacy features.

F

Ferrero Caribe

ferreropr.com

50

Ferrero Caribe operates a consumer-facing website promoting its well-known confectionery brands such as Mon Chéri, Ferrero Rocher, and Raffaello. The site targets general consumers interested in premium chocolate products, primarily in the Caribbean region. The business model focuses on brand promotion and consumer engagement through product information and social media channels. The website is built on Drupal 10 CMS and leverages modern front-end libraries including Bootstrap and jQuery, indicating a moderate level of digital maturity. Mobile optimization and responsive design are well implemented, providing a good user experience. Security posture is moderate; while HTTPS is presumably enabled (not explicitly confirmed), the absence of security headers and cookie consent mechanisms indicates room for improvement. No forms or direct contact information are provided, limiting direct user interaction and data collection. Overall, the site is professional and trustworthy but could enhance privacy compliance and security transparency.

N

Nonin Medical Inc

nonin.com

53

Nonin Medical Inc is a healthcare-focused company specializing in the design and manufacture of noninvasive pulse oximeters, regional oximeters, sensors, and related software platforms. The company positions itself as a leading global provider of pulse and regional oximetry solutions, serving healthcare professionals, hospitals, clinics, OEM customers, and homecare providers. Their product portfolio includes FDA-cleared devices and a cloud-based data management platform aimed at improving clinical workflows and patient care. Technically, the website is built on WordPress CMS with a modern tech stack including jQuery, UIkit, and multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, and Piwik PRO. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a professional and consistent branding approach. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS registration data reduces trust signals, but the website's professional content and external references support its legitimacy. Overall, the website presents a strong business and technical profile with good privacy compliance and user experience. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would enhance trust and security posture.

T

Terumo Corporation

terumo.com

66

Terumo Corporation is a leading global healthcare company specializing in medical devices and solutions across multiple sectors including interventional systems, cardiovascular care, and blood and cell technologies. The website reflects a mature enterprise with a strong global presence and comprehensive business information targeting healthcare professionals, investors, and partners. Technically, the site is built on Drupal 11 with modern web technologies, optimized for mobile and accessibility, and integrates Google Tag Manager and Ensighten for analytics and marketing. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit incident response and vulnerability disclosure information are not found. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though WHOIS data is unavailable, slightly impacting domain trust assessment.

H

Hochschule für soziale Arbeit und Pädagogik (HSAP)

hsap.de

47

Hochschule für soziale Arbeit und Pädagogik (HSAP) is a specialized higher education institution based in Berlin, Germany, focusing on social work, childhood pedagogy, and inclusive education. The institution offers a variety of bachelor and master degree programs, including dual and part-time study formats, often in cooperation with external partners such as the Paritätische Akademie. The website reflects a professional and well-maintained digital presence with clear navigation, relevant content, and active updates on news and publications. Technically, the website is built on TYPO3 CMS, utilizing common JavaScript libraries like jQuery and Slick Carousel for interactive elements. It employs Google Tag Manager for analytics with a strong emphasis on user consent and privacy compliance, including GDPR-aligned cookie management. The site is served over HTTPS with good SSL configuration, although some security headers are missing, which could be improved. From a security perspective, the website demonstrates a solid baseline with encrypted connections and consent management but lacks published security policies or incident response contacts. No vulnerabilities or suspicious activities were detected in the content or WHOIS data. Overall, the site is trustworthy and suitable for its educational audience. Strategically, HSAP should consider enhancing its security posture by implementing recommended HTTP security headers and publishing a formal security policy and incident response information to further build trust and compliance.

H

Hertie School

hertie-school.org

68

The Hertie School is a well-established educational institution based in Berlin, Germany, specializing in governance, public policy, and related social sciences. Founded in 2004 and supported by the Hertie Foundation, it offers a range of graduate and doctoral programs, executive education, and conducts interdisciplinary research. The school is recognized and accredited by reputable bodies, positioning itself as a top-ranked university in its field in Europe. The website reflects a professional and consistent brand image, targeting students, researchers, and professionals seeking advanced education and knowledge in governance and public affairs. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries such as Flickity, Slick Carousel, and Selectize to enhance user experience. It integrates Google Tag Manager for analytics and employs a cookie consent mechanism to comply with privacy regulations. The site is mobile-optimized, accessible, and SEO-friendly, providing a smooth user experience. From a security perspective, the site enforces HTTPS and implements privacy and cookie policies aligned with GDPR requirements. However, it lacks explicit security headers and a public security policy or incident response contact, which are recommended for enhanced security posture. No vulnerabilities or suspicious activities were detected in the content or technical setup. Overall, the Hertie School's website demonstrates a strong digital presence with high content quality, good technical implementation, and solid privacy compliance. The absence of WHOIS data limits domain registration insights, but the professional nature of the site and its consistent branding support its legitimacy. Strategic recommendations include improving security headers and publishing a security policy to further strengthen trust and security.

NETQUES . daten & diagnostik GmbH operates the NQAP platform, a GDPR-compliant online application management system designed primarily for public sector and educational institutions in Germany. The platform digitizes and automates application processes, reducing paperwork and accelerating decision-making. The company positions itself as a niche technology provider with a focus on secure, efficient, and user-friendly application workflows. The website is professionally designed, consistent in branding, and targets organizations requiring compliant digital application solutions. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, and various UI enhancement libraries. Security is well considered with HTTPS, Content Security Policies, and secure form handling including CSRF tokens and honeypot anti-spam measures. However, some security headers could be improved, and no cookie consent mechanism was detected despite GDPR emphasis. The WHOIS data is unavailable due to registry restrictions common for .es domains, but the website content and business information indicate a legitimate and professional operation. Overall, the security posture is strong with good data protection practices and ISO-certified hosting claims. The absence of vulnerability disclosure and incident response contacts are areas for improvement. The website is safe for general audiences, with no adult or questionable content. The business credibility is high, supported by clear contact information and trust signals such as LinkedIn presence and ISO certifications. Strategically, NETQUES should enhance transparency by adding cookie consent, incident response information, and vulnerability disclosure policies. Improving accessibility and adding additional security headers would further strengthen their security posture and compliance. These steps will enhance trust and align with their GDPR-focused business model.

B

Bonial

bonial.com

68

Bonial is a leading digital advertising platform specializing in retail and brand marketing in Germany and France. The company offers innovative solutions such as digital flyer alternatives and location-based marketing to over 1,500 retailers and brands, reaching 14.4 million unique users monthly. Their business model focuses on efficient, relevant, and sustainable advertising to drive retail sales. Technically, the website is built on HubSpot CMS with modern marketing tools and tracking integrations, providing a good user experience and mobile optimization. Security posture is solid with HTTPS and consent management, though improvements in security headers and library updates are recommended. The absence of WHOIS data for the domain introduces some trust concerns, but the professional content and branding mitigate this risk. Overall, Bonial presents a credible and mature digital advertising business with room for technical and security enhancements.

L

Lemuscle.fr - AFM-Téléthon

lemuscle.fr

52

Lemuscle.fr is a French non-profit health awareness website dedicated to educating the public about the importance of muscle health. It is affiliated with AFM-Téléthon and organizes the annual 'Semaine du Muscle' event to promote muscle health knowledge and prevention. The website offers educational content, quizzes, videos, and pedagogical tools targeting a broad audience including the general public and educators. Technically, the site is built on WordPress with modern libraries such as Bootstrap, jQuery, and OwlCarousel, and implements GDPR-compliant cookie consent via tarteaucitron.js. Security posture is good with HTTPS and no evident vulnerabilities, though additional HTTP security headers could enhance protection. Overall, the site is professional, trustworthy, and well-positioned as a national health awareness platform.

3

366

366.fr

48

366 is a French advertising media agency specializing in local and regional media, offering services across print, digital, multiscreen, and magazines. The company positions itself as an expert in territorial advertising, reaching millions daily. The website is professionally designed, mobile-optimized, and uses modern technologies such as WordPress, jQuery, and performance tools like WP Rocket. Analytics are handled via Matomo, and privacy tools are partially integrated. Security posture is good with HTTPS enforced and lazy loading implemented, but lacks explicit security headers and visible privacy or cookie policies. WHOIS data is missing, which raises concerns about domain registration legitimacy. Overall, the site is trustworthy and professional but would benefit from enhanced transparency and security disclosures.

studierendenWERK BERLIN is a large, well-established public service organization dedicated to supporting students in Berlin's universities with a broad range of services including housing, cafeteria (Mensa), financial aid (BAföG), counseling, cultural programs, childcare, and international student support. The website reflects a professional and comprehensive digital presence with clear navigation and rich content tailored to its target audience of students. Technically, the site uses modern frameworks such as Bootstrap and jQuery, integrates privacy-conscious analytics (Matomo), and employs a consent management platform (Usercentrics) to comply with GDPR. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. WHOIS data is privacy protected but consistent with a legitimate entity. Overall, the site demonstrates a mature digital infrastructure and trustworthy business model.

F

Friends Of OpenPGP

foopgp.org

49

Friends Of OpenPGP is a small non-profit association founded in 2020 focused on promoting OpenPGP technologies among businesses and citizens. The organization facilitates adoption through events, training, workshops, and community support. Their website reflects a niche market position with a clear mission to educate and support OpenPGP users and developers. Technically, the site is built with modern static site generator Hugo and uses popular frontend libraries such as Bootstrap and jQuery, hosted by OVH sas. The website is mobile responsive and well-structured, though it lacks some advanced accessibility features and security headers. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but DNSSEC is not enabled and security policies are absent. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but could improve in compliance and security transparency.

N

Nadace Preciosa

nadacepreciosa.cz

51

Nadace Preciosa is a well-established non-profit foundation affiliated with the Preciosa company, focusing on charitable activities primarily in the Liberec region of the Czech Republic. The foundation supports social, cultural, educational, health, and sports initiatives and has donated over 250 million CZK in its 27 years of operation. The website presents a professional and consistent brand image with clear navigation and relevant content targeted at donors, volunteers, and beneficiaries. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Google Tag Manager, with good mobile optimization and SEO practices. Security posture is strong with HTTPS enforced and a comprehensive cookie consent mechanism, although some security headers are missing and no explicit security policies are published. The absence of WHOIS registration data is a notable gap, reducing domain trustworthiness, but external media references and the association with Preciosa company support legitimacy. Overall, the website is professional, secure, and compliant with privacy regulations, serving its non-profit mission effectively.

E

ebabx école supérieure des beaux-arts de Bordeaux

ebabx.fr

52

The website www.ebabx.fr represents the ebabx école supérieure des beaux-arts de Bordeaux, a public higher education institution specializing in art and design under the French Ministry of Culture. The site provides detailed information about academic programs, workshops, events, and international mobility, targeting students, artists, and cultural professionals. The business model is that of a public educational entity with a medium-sized presence in the French education sector. Technically, the website is built on Drupal 8 CMS, utilizing modern JavaScript libraries such as jQuery and Slick Carousel for interactive content. Google Analytics is integrated with IP anonymization to track user engagement. The site is mobile-optimized and accessible, with good SEO practices evident from meta tags and structured navigation. From a security perspective, the site uses HTTPS (implied by canonical URLs) but lacks visible security headers in the provided data. No privacy or cookie policies are explicitly found, which is a compliance gap. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and institutional affiliation suggest authenticity. Overall, the website is professional and content-rich but would benefit from enhanced security headers, explicit privacy and cookie policies, and verification of domain registration details to strengthen trust and compliance.

I

Ijoomla Demo

ijoomlademo.com

65

Ijoomla Demo is a small media-focused lifestyle blog providing content on makeup, politics, music, clothes, and general lifestyle topics. The website targets a general audience interested in lifestyle improvements and cultural insights. It operates on a WordPress platform with a professional design and consistent branding. The technical infrastructure includes common WordPress plugins such as Yoast SEO Premium and jQuery, hosted likely via GoDaddy given the registrar data. Security posture is moderate with HTTPS enabled but lacking advanced security headers and DNSSEC. Privacy compliance is limited, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. The site includes affiliate links to gambling-related domains but does not directly offer gambling services. Overall, the domain age and WHOIS data support legitimacy and consistent business operation.

G

Groupe EBRA

ebra.fr

63

Groupe EBRA is the leading French regional daily press group, publishing multiple well-known regional newspapers and offering advertising, audiovisual, and event services. The website reflects a professional media company with a strong market position in France. The technical infrastructure uses modern JavaScript libraries and includes GDPR-compliant cookie consent mechanisms, indicating digital maturity. Security posture is good with HTTPS and security headers, but lacks explicit published security policies or incident response information. WHOIS data is unavailable, which limits domain legitimacy verification and slightly reduces trust. Overall, the website is well-designed, content-rich, and trustworthy for its audience.

S

SUEZ

suez.com

68

SUEZ is a global enterprise specializing in water and waste management, offering circular economy solutions to local authorities and businesses. The company positions itself as an expert in environmental services, supporting sustainable development and resource management. The website reflects a mature digital presence with comprehensive content, professional design, and clear navigation tailored to a corporate audience. Technically, the site employs modern web standards, including HTTPS, security headers, and optimized fonts, ensuring a secure and performant user experience. Security posture is strong with no evident vulnerabilities or exposed sensitive data, though the absence of a public vulnerability disclosure policy and incident response contacts suggests room for improvement. Overall, the website is trustworthy and well-maintained, but the lack of WHOIS data raises questions that warrant further registrar-level verification.

M

Musée d'Aquitaine

musee-aquitaine-bordeaux.fr

60

Musée d'Aquitaine is a prominent cultural institution in Bordeaux, France, dedicated to preserving and showcasing the history and heritage of Bordeaux and the Aquitaine region. The museum offers a variety of exhibitions, educational programs, and online resources targeting a broad audience including families, students, researchers, and tourists. It operates under the auspices of the City of Bordeaux, reflecting its important role in regional cultural preservation. Technically, the website is built on Drupal 11, leveraging modern web technologies such as jQuery, Bootstrap, and specialized tools like Piano Analytics for visitor tracking and Tarteaucitron for cookie consent management. The site is well-optimized for mobile devices, accessible, and SEO-friendly, providing a smooth user experience with clear navigation and rich content. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and publicly available security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analysis. The WHOIS data is not publicly available, likely due to privacy protection, which is justified given the nature of the institution. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen the security posture and user trust.

A

Alliance Digitale

iabfrance.com

63

Alliance Digitale is a French non-profit industry association dedicated to structuring and defending the digital marketing sector in France. It brings together experts, advertisers, agencies, and technology providers to promote innovative and responsible solutions, ensuring a reliable and high-performing industry. The organization offers certifications such as the Privacy Protection Pact and Drive to Trust, publishes reports and guides, and hosts events and webinars to foster collaboration and knowledge sharing. The website reflects a mature digital presence with professional design, comprehensive content, and active engagement with its members and the broader industry. Technically, the site is built on WordPress with modern plugins and frameworks, optimized for SEO and mobile use. Security posture is good with HTTPS and no obvious vulnerabilities, though some security headers and incident response policies are not explicitly published. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the site is trustworthy and well-positioned within its niche, though improvements in transparency and compliance would enhance its security and privacy posture.

A

Alliance Maladies Rares

alliance-maladies-rares.org

49

Alliance Maladies Rares is a French non-profit organization dedicated to promoting research, mutual aid, information dissemination, training, and advocacy related to rare diseases and rare disabilities. Established since 2001, it serves patients, families, healthcare professionals, and researchers within the rare disease community in France. The website reflects a professional and consistent brand presence, targeting a general audience interested in healthcare and support services for rare conditions. Technically, the website is built on WordPress, utilizing common libraries such as jQuery and Bootstrap, hosted by OVH sas, a reputable French hosting provider. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO practices in place. Cookie consent mechanisms are implemented, indicating awareness of GDPR requirements, although privacy and terms of service policies are missing. From a security perspective, the site uses HTTPS and has domain status protections to prevent unauthorized transfers or deletions. However, DNSSEC is not enabled, and no security headers were detected, representing areas for improvement. No incident response or vulnerability disclosure policies are published, which could enhance trust and compliance. No adult or explicit content is present, making the site safe for general audiences. Overall, the website is credible and trustworthy, with a solid business foundation and technical infrastructure. Strategic improvements in privacy compliance, security headers, and DNSSEC implementation would strengthen its security posture and regulatory adherence.

E

ECAL/Ecole cantonale d’art de Lausanne

ecal-shop.ch

47

ECAL Shop is the official e-commerce platform of the Ecole cantonale d’art de Lausanne (ECAL), specializing in selling art and design publications, limited edition art prints, objects, and collaborations created by students, graduates, and affiliated designers. The website targets art enthusiasts, collectors, and the general public interested in contemporary art and design products. It operates as a niche educational retail platform with a clear focus on quality and exclusivity. The platform supports multilingual access (French and English) and integrates modern e-commerce functionalities via WooCommerce. Technically, the website is built on WordPress with WooCommerce, enhanced by Bootstrap for responsive design, and uses several modern libraries such as jQuery, Slick Carousel, and FontAwesome. SEO is managed through Yoast SEO, and multilingual support is provided by WPML. Performance is moderate with caching via WP Rocket. The site is mobile-optimized and accessible with a clear navigation structure. From a security perspective, the site enforces HTTPS and uses Matomo analytics with privacy considerations. Cookie consent is implemented, and no sensitive data is exposed in the HTML. However, explicit security headers are not detected, and no formal security or incident response policies are published. There are no detected vulnerabilities or suspicious elements, indicating a generally secure posture suitable for its business model. Overall, ECAL Shop presents a professional, trustworthy, and well-maintained online presence aligned with its educational and artistic mission. Strategic improvements could include enhancing security headers, publishing a security policy, and adding incident response contacts to strengthen trust and compliance further.

S

Svobodná účetní - Seyfor, a. s.

svobodnaucetni.cz

41

Svobodná účetní - Seyfor, a. s. operates an online educational platform focused on training individuals to become independent accountants within three months. The business targets both beginners and experienced accountants seeking freelance opportunities. Their model combines video lessons, software training, expert consultations, and certification endorsed by the Czech accounting association Svaz účetních. The website is professionally designed, mobile-optimized, and integrates modern technologies such as WordPress, jQuery, and Google Tag Manager. Privacy and cookie consent mechanisms are implemented, reflecting GDPR compliance. Security posture is solid with HTTPS and secure forms, though some security headers could be improved. The absence of WHOIS data is a notable concern but does not detract from the overall legitimacy suggested by the website content and partnerships.

G

Good Design Store

good-designstore.com

49

Good Design Store is a French-based e-commerce retailer specializing in Scandinavian and Nordic design furniture, lighting, and home decoration products. Established in 2014, the company operates both online and through physical boutiques in Marseille and Nice, targeting consumers seeking high-quality contemporary design. The website presents a professional and well-structured platform powered by PrestaShop, integrating modern analytics and marketing tools such as Microsoft Clarity and Google Tag Manager. Privacy compliance is well addressed with GDPR-aligned cookie consent mechanisms and comprehensive privacy policies. Security posture is good with HTTPS enforced and secure payment options, though improvements are recommended in DNS security and HTTP headers. Overall, the site demonstrates a mature digital presence with strong business credibility and user trust.

R

RI OKNA

ri-okna.cz

56

RI OKNA is a well-established Czech manufacturer specializing in windows and doors, with nearly 30 years of experience and a strong market presence in the Czech Republic and EU. The company offers a wide range of products made from various materials including plastic, wood, aluminum, and composite materials, supported by customer service and installation offerings. The website reflects a mature digital presence with multilingual support and a professional design. Technically, the site is built on WordPress with modern frameworks and includes multiple marketing and analytics tools. Security posture is adequate with HTTPS and secure forms, but lacks some security headers and explicit privacy and cookie policies. WHOIS data is unavailable, which slightly impacts domain trustworthiness. Overall, the site is professional and trustworthy, serving a broad general audience in the manufacturing sector.

D

Del Monte Foods Corporation II Inc.

delmontefoodservice.com

65

Del Monte Foodservice is a well-established B2B foodservice supplier offering a wide range of produce, broths, and snacks to professional foodservice customers. The company leverages its long history and brand recognition to maintain a strong market position. The website is professionally designed, mobile-optimized, and provides clear navigation and rich content tailored to its target audience. Technically, the site is built on Drupal 9 with integrations of HubSpot forms and Google Analytics, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though explicit security headers and incident response information are absent. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the site presents a trustworthy and professional digital presence, though WHOIS data absence warrants further verification.

D

Del Monte Foods

delmontefoods.com

68

Del Monte Foods is a well-established food manufacturing and retail company with a rich history spanning over 135 years. The company offers a portfolio of well-known brands focused on wholesome and quality food products, targeting general consumers and grocery buyers primarily in the United States. Their business model centers on manufacturing and brand management with a strong emphasis on sustainability and corporate responsibility. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content that supports their market position. Technically, the website is built on the Drupal CMS platform, utilizing modern web technologies including jQuery, Google Analytics, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site is mobile optimized and includes accessibility features such as the UserWay widget. Performance is moderate, with good SEO and meta tag implementation. However, some security headers are not explicitly present, and there is no visible cookie consent mechanism, which could be improved for compliance. From a security perspective, the site enforces HTTPS and uses secure analytics scripts, but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The WHOIS data is unavailable, which reduces trustworthiness from a domain registration perspective, though the website content and branding strongly indicate legitimacy. Overall, the security posture is good but could benefit from enhanced header policies and privacy compliance features. The overall risk assessment is low, with recommendations to improve privacy compliance by adding cookie consent, publish security policies, and enhance security headers. These steps will strengthen trust and regulatory adherence while maintaining a professional and secure online presence.

R

Risewell

mojetehotenstvi.cz

46

MojeTehotenstvi.cz is a Czech-language community website focused on pregnancy, childbirth, parenting, and related health topics. It offers forums, pregnancy diaries, articles, multimedia content, and clubs for mothers and parents. The site is built on Drupal 8 and integrates Google Analytics and Adsense for tracking and monetization. However, the site suffers from spammy user-generated posts promoting online pharmacies, which undermines content quality and trust. No privacy or cookie policies are clearly presented, and WHOIS data is unavailable, indicating privacy protection or registration issues. The technical infrastructure is moderate with responsive design but lacks visible security headers and comprehensive privacy compliance. Overall, the site serves a niche audience but requires improvements in security, content moderation, and compliance to enhance trust and user safety.

N

National Infusion Center Association

infusioncenter.org

63

The National Infusion Center Association (NICA) is a well-established nonprofit trade association founded in 2007, dedicated to representing non-hospital infusion providers and outpatient care settings. The organization focuses on advocacy, standards development, education, and membership services to support community-based infusion centers across the United States. Their website reflects a professional and comprehensive digital presence with detailed information about their mission, team, and services, positioning them as a leading voice in infusion therapy advocacy. Technically, the website is built on WordPress using the Betheme theme, incorporating modern technologies such as Google Tag Manager, HubSpot, and various analytics and marketing tools. The site is mobile-optimized and SEO-friendly, with good performance and accessibility features. Hosting appears to be managed via GoDaddy, consistent with the domain registrar information. From a security perspective, the site enforces HTTPS and employs domain locking statuses to protect domain integrity. However, it lacks DNSSEC, advanced security headers, and a published security.txt file, which are areas for improvement. Privacy compliance is basic, with no explicit privacy or cookie policies detected, and no consent mechanisms for cookies, which could pose compliance risks. Overall, the website is trustworthy, professional, and serves its target audience effectively. Strategic improvements in privacy compliance and security hardening would enhance its risk posture and user trust.