Security Directory

M

Ministerstvo životního prostředí

cr2030.cz

58

The website www.cr2030.cz serves as the official platform for the Czech Republic's sustainable development strategy, known as Česká republika 2030. It provides comprehensive information on national goals, strategic frameworks, projects, and public engagement opportunities related to sustainable development. The site is managed by the Ministry of the Environment of the Czech Republic, indicating a government-backed initiative with a focus on environmental and social governance. The platform targets a broad audience including citizens, government stakeholders, NGOs, and international partners. Technically, the website is built on Drupal 10 CMS, leveraging modern web technologies such as responsive design and accessibility features. The site demonstrates good SEO practices and mobile optimization, ensuring usability across devices. No blocking or WAF mechanisms were detected, and the site uses HTTPS with a secure SSL configuration. However, explicit security headers are not evident, suggesting room for security enhancements. From a security and compliance perspective, the site includes a cookie consent mechanism aligned with GDPR requirements and provides a privacy policy in Czech. Contact information is clearly presented with official government email and phone contacts, enhancing trust. The absence of WHOIS data limits domain registration trust analysis, but the official nature of the content and domain usage supports legitimacy. Overall, the website presents a professional, secure, and informative platform supporting the Czech Republic's sustainable development agenda. Strategic recommendations include improving security headers, publishing a vulnerability disclosure policy, and enhancing transparency around data collection and retention.

M

Multifamily Executive

multifamilyexecutive.com

65

Multifamily Executive is a professional media publication focused on apartment and condominium news, business strategies, and market insights for multifamily property owners, managers, and developers. It operates under the parent company Questex and serves the US real estate industry with a medium-sized digital presence. The website uses Drupal 10 CMS and integrates modern web technologies including Bootstrap, Google Tag Manager, and various advertising and analytics platforms. The content quality is good, with relevant industry news and professional presentation. However, the absence of WHOIS registration data and lack of explicit privacy and cookie policies reduce the overall trust and privacy compliance scores. Security posture is moderate but could be improved by implementing security headers and ensuring strong SSL configurations. Overall, the site is a credible industry resource but would benefit from enhanced transparency and security practices.

C

Cech topenářů a instalatérů České republiky z.s.

cechtop.cz

47

Cech topenářů a instalatérů České republiky z.s. is a well-established professional guild association founded in 2000, serving the heating and plumbing industry in the Czech Republic. The organization provides a range of services including professional training, certifications, publications, and event organization, targeting industry professionals and educational institutions. The website reflects a mature digital presence with a clear focus on industry support and member services. Technically, the website is built on Drupal 10 with Bootstrap 4 and uses modern web technologies such as jQuery and Colorbox for UI enhancements. The site is hosted likely by WEDOS, consistent with the WHOIS data. It is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Cookie consent and privacy policies are implemented, indicating good privacy compliance. From a security perspective, the site uses HTTPS and has no visible security blocking mechanisms or exposed sensitive data. However, security headers are not detected and could be improved. No incident response or vulnerability disclosure policies are found. Overall, the security posture is solid but could benefit from enhancements. The domain registration data is consistent with the website content and business claims, with a long domain age supporting legitimacy. The site is free from suspicious or malicious indicators and maintains good trust signals through partner logos and comprehensive contact information.

D

Dožít doma

dozitdoma.cz

52

Dozitdoma.cz is a Czech non-profit healthcare website dedicated to promoting and supporting mobile hospice care services. The site provides comprehensive information about hospice care, emphasizing the importance of dignified end-of-life care at home. It features an interactive map of hospice providers across Czechia and encourages early engagement with hospice services. The website is built on Drupal 10 and integrates modern web technologies including Google Maps API and social media tracking tools. It demonstrates good digital maturity with mobile optimization and cookie consent mechanisms in place. Security posture is solid with HTTPS and tracking controls, though some security headers could be improved. Overall, the site is trustworthy and professionally presented, serving a critical healthcare niche with clear and relevant content.

I

INRAE

inra.fr

64

INRAE is a prominent French public research institute focused on agriculture, food, and environmental sciences. The website reflects a well-established institution with a broad range of scientific research themes and public engagement through events, publications, and social media. The site is built on Drupal 10, indicating a modern CMS platform with good mobile optimization and accessibility. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks visible security headers and explicit privacy policies. WHOIS data is unavailable, which limits domain trust assessment, but the institutional branding and content strongly support legitimacy. Overall, the website is professional, content-rich, and serves a diverse audience including researchers, students, and policymakers.

A

AFCEA International

afcea.org

71

AFCEA International is a well-established non-profit association focused on advancing global security dialogues through conferences, networking, education, and media. The organization serves professionals and companies in defense, intelligence, cybersecurity, and technology sectors, primarily targeting government and military audiences. The website reflects a mature digital presence with extensive content, active event listings, and member resources. Technically, the site is built on Drupal 10 and integrates modern analytics and security tools such as Google Analytics, Google Tag Manager, and reCAPTCHA. Security posture is strong with HTTPS and secure forms, though explicit security headers could be improved. Privacy compliance is moderate with cookie consent implemented but no clear privacy policy page detected in the provided content. WHOIS data is missing or malformed, which limits domain trust verification but the website content and branding strongly indicate legitimacy. Overall, the site is professional, trustworthy, and well-maintained.

K

Københavns Kommune

kk.dk

64

Københavns Kommune operates an official municipal website serving the residents of Copenhagen, Denmark. The site provides comprehensive information and services related to citizen services, environment, housing, employment, health, education, and social welfare. It is positioned as the primary digital portal for municipal government interactions and public information dissemination. The website targets local citizens and residents, offering a broad range of public service resources and contact points. Technically, the website is built on Drupal 10, leveraging modern web technologies including JavaScript and CSS. It demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. The site employs HTTPS and cookie consent mechanisms aligned with GDPR requirements, reflecting a mature digital infrastructure suitable for a government entity. From a security perspective, the site enforces HTTPS and uses cookie consent banners with categorized cookies. However, explicit security headers are not detected, and no dedicated security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the content. The WHOIS data is unavailable or privacy protected, which is common for government domains, but the domain legitimacy is supported by consistent branding and official content. Overall, the website presents a low-risk profile with strong trust indicators and compliance with privacy regulations. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen security posture and transparency.

Stream TV Show is a media and event platform focused on the streaming television industry, providing industry news, events, and networking opportunities primarily for professionals in the OTT and streaming media sectors. The website is linked to Questex, a recognized event and media company, which supports its business credibility. The platform uses modern web technologies including Drupal 10 CMS and Bootstrap 4.6.1 framework, and integrates multiple third-party marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Omeda Analytics. While the website is professionally designed and mobile optimized, it lacks visible privacy and cookie policies, which is a compliance concern. Security posture is moderate with no detected security headers and missing WHOIS data, which raises transparency questions about domain registration. Overall, the site is functional and relevant to its niche audience but requires improvements in privacy compliance and security best practices.

M

Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.

mintz.com

70

Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. is a large, well-established Am Law 100 law firm with a global presence and a broad range of legal services including corporate law, litigation, and intellectual property. The firm maintains a professional and content-rich website built on Drupal 10, integrating modern analytics and marketing technologies while ensuring GDPR and cookie compliance. The security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not publicly available. Overall, the website reflects a mature digital presence consistent with a top-tier legal services provider.

U

Umbreit Content

umbreitcontent.de

46

Umbreit Content appears to be a German-based content platform or service requiring user authentication, as evidenced by the login page. The website is built on Drupal 10 CMS with the Gin theme, indicating a modern and maintainable technical infrastructure. The site is mobile optimized and uses standard web technologies such as jQuery and FontAwesome. However, the public-facing content is minimal, focusing solely on user login without additional business or contact information. Security posture is moderate with secure form inputs but lacks visible security headers and public security policies. No privacy or cookie policies are present, which may impact compliance. Overall, the site is functional and safe but lacks transparency and comprehensive user-facing information.

R

Recupel

recupel.be

63

Recupel is a Belgian organization dedicated to reducing electronic waste by promoting repair, reuse, and proper recycling of electrical appliances. The website targets consumers and businesses interested in sustainable waste management solutions. It operates likely as a non-profit or collective organization with a strong environmental mission. The site uses modern web technologies including Drupal 10 CMS, Google Tag Manager, and Cookiebot for cookie consent management, reflecting a mature digital infrastructure. Security posture is adequate with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and explicit privacy policies. The extensive use of major advertising and tracking platforms is balanced by a clear consent mechanism. Overall, the website is professional, trustworthy, and well-optimized for mobile and SEO, serving its audience effectively.

P

Pfarrbriefservice.de

pfarrbriefservice.de

47

Pfarrbriefservice.de is a specialized website serving the German-speaking church community by providing resources for church newsletters and public relations. The site offers images, texts, advice, and a newsletter subscription service, positioning itself as a trusted non-profit resource in this niche. The business operates with clear contact information and maintains a consistent brand presence, targeting church public relations professionals and volunteers. Technically, the website is built on Drupal 10, leveraging modern libraries such as Matomo for privacy-conscious analytics and Bootstrap for responsive design. Hosting is provided by webhosting-franken.de, and the site demonstrates good mobile optimization and basic accessibility features. Performance is moderate, with room for improvement in SEO and accessibility. From a security perspective, the site enforces HTTPS and disables cookies in Matomo to enhance privacy. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with a comprehensive privacy policy and GDPR adherence, though a cookie consent mechanism is absent. Overall, the website is trustworthy, professionally maintained, and well-aligned with its mission. It poses low risk but could benefit from enhanced security practices and transparency regarding incident response and terms of service.

E

einhard verlagsbuchhandlung gmbh

domshop-aachen.de

50

DomShop Aachen, operated by einhard verlagsbuchhandlung gmbh, is a specialized retail bookstore and gift shop located in Aachen, Germany. It focuses on religious literature, religious art, and related gift items, serving both local residents and visitors interested in faith-based products. The company has a longstanding presence of nearly 30 years, positioning itself as a trusted local business with a niche market. The website supports online shopping and provides rich content including book recommendations and thematic product lists. Technically, the site is built on Drupal 10 with modern frontend libraries, offering good mobile optimization and accessibility features. Security posture is adequate with HTTPS usage and spam protection on forms, though explicit security headers and policies are not evident. Privacy compliance is mostly met with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-aligned with its business goals.

E

einhard verlag gmbh

einhardverlag.de

46

Einhard Verlag GmbH is a small regional publishing company based in Aachen, Germany, specializing in religious and cultural publications including a church newspaper (KirchenZeitung), book publishing, and retail through a partner DomShop. The website is built on Drupal 10 and uses modern web technologies, providing a good user experience with clear navigation and mobile optimization. Security posture is adequate with HTTPS enabled but lacks some security headers and cookie consent mechanisms. The WHOIS data is limited but does not raise significant concerns. Overall, the site is professional and trustworthy within its niche.

N

National Education Union

teachers.org.uk

62

The National Education Union (NEU) is a prominent UK-based education union focused on advocating for better school funding, teacher pay, and member support. The website serves as a comprehensive platform offering campaigns, advice, training courses, and union publications targeted at education professionals and union members. The NEU positions itself as a leading union in the education sector with a large membership base and a strong advocacy role. Technically, the website is built on Drupal 10 with Commerce 2, leveraging modern web technologies and analytics tools such as Google Tag Manager and Microsoft Clarity. The site demonstrates good digital maturity with responsive design, accessibility features, and SEO optimization. Performance is moderate, with room for optimization. From a security perspective, the site employs HTTPS with strong SSL configuration and security headers. It includes a cookie consent mechanism aligned with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not publicly available, which could be improved. Overall, the NEU website is a professional, trustworthy, and well-maintained platform that effectively supports its business objectives. The risk profile is low, with recommendations focusing on enhancing transparency around security policies and incident response to further strengthen trust and compliance.

C

Communauté de communes du Pays de Barr

paysdebarr.fr

45

The website www.paysdebarr.fr serves as the official portal for the Communauté de communes du Pays de Barr, a regional community organization in Alsace, France. It provides comprehensive information on local tourism, economic development, cultural heritage, and community services across 20 communes. The site targets residents, tourists, and local businesses, promoting the region's viticulture, heritage sites, and local economy. The business model is that of a public community portal aimed at information dissemination and regional promotion. Technically, the website is built on Drupal 10, leveraging modern web technologies including Google Maps API for interactive maps, Piwik PRO and Google Analytics for visitor tracking, and Facebook SDK for social media integration. It employs a cookie consent management system (Tarteaucitron) to comply with privacy regulations. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers could be improved. From a security perspective, the site enforces HTTPS and manages cookie consent effectively, with no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response information are not present, which could be enhanced to improve transparency and trust. The WHOIS data is not publicly available, indicating privacy protection, which is typical for such public-facing community websites. Overall, the website presents a professional, trustworthy, and well-maintained digital presence for the Pays de Barr community, with strong content quality and compliance with privacy standards. Strategic improvements could focus on enhancing security headers and publishing detailed security and incident response policies.

T

Turun yliopistollinen keskussairaala – Tyks

tyks.fi

57

Turun yliopistollinen keskussairaala (Tyks) is a major university hospital in Finland providing specialized healthcare services to the Varsinais-Suomi region. The website serves as an information portal for patients, relatives, and healthcare professionals, offering comprehensive details about treatments, hospital locations, and online services such as appointment booking. The site is well-structured, professionally designed, and uses Drupal 10 as its content management system, reflecting a mature digital infrastructure. Technical implementation includes modern web standards, mobile optimization, and accessibility features, ensuring a good user experience across devices. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly detailed. Privacy compliance is evident through a cookie consent mechanism and a comprehensive privacy policy, aligning with GDPR requirements. WHOIS data confirms the legitimacy of the domain, matching the healthcare entity's identity and showing no suspicious patterns. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance appropriate for a public healthcare institution.

S

SIG Strasbourg

sigstrasbourg.fr

46

SIG Strasbourg is a professional basketball club based in Strasbourg, France, operating an official website to engage fans and provide services such as ticket sales and merchandise. The website is built on Drupal 10 and integrates modern web technologies including Google Analytics and Bootstrap 5, reflecting a moderate level of digital maturity. The site is well-branded, mobile-optimized, and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks published privacy policies, security headers, and explicit contact information for security or general inquiries. Overall, the domain registration is consistent and legitimate, supporting the trustworthiness of the site.

T

Tower Health

towerhealth.org

67

Tower Health is a large regional healthcare provider based in the United States, founded in 2017. The organization offers a comprehensive range of healthcare services including hospitals, urgent care, virtual care, pharmacy, and specialized medical services such as cancer care and neuroscience. The website reflects a mature digital presence with a professional design, clear navigation, and strong branding consistency. It targets patients, medical professionals, and the community with a focus on coordinated and accessible healthcare. Technically, the website is built on Drupal 10, leveraging modern JavaScript libraries and accessibility tools. It integrates Google Analytics and Tag Manager for analytics and marketing, and uses The Trade Desk for advertising and retargeting. The site is mobile optimized and includes accessibility features, although performance is moderate. Security measures include HTTPS enforcement and some security headers, but DNSSEC is not enabled and cookie consent mechanisms are absent. From a security perspective, the site demonstrates good practices with secure forms and no exposed sensitive data. However, it lacks explicit incident response contacts and vulnerability disclosure policies, which are recommended for enhanced security posture. Privacy policies are comprehensive and GDPR compliant, but cookie consent is missing, which could be a compliance gap. Overall, Tower Health's website is professional, trustworthy, and well-positioned in its market. Strategic improvements in DNS security, privacy compliance, and incident response transparency would further strengthen its security and compliance posture.

C

Cerea, a.s.

cerea.cz

51

Cerea, a.s. is a Czech-based company operating primarily in the agricultural and energy sectors, offering products such as bagged mixtures, agro services, coal, and briquettes. It is a member of the AGROFERT group, which supports its market position and credibility. The website is professionally designed using Drupal 10 CMS, with good mobile optimization and accessibility features. It provides clear navigation and relevant content targeted at agricultural businesses and related industries. The company maintains a presence on LinkedIn and Facebook, enhancing its business credibility. From a technical perspective, the website employs modern technologies and enforces HTTPS, ensuring secure communication. Cookie consent mechanisms are implemented in compliance with GDPR, reflecting a strong privacy posture. However, the absence of explicit security headers and published security policies indicates room for improvement in security best practices. The lack of WHOIS data is a notable gap, reducing domain trustworthiness despite the legitimate business content. Overall, the security posture is solid but could be enhanced by adding security headers, incident response information, and vulnerability disclosure mechanisms. The website's content safety rating is safe, with no adult or questionable content detected. The domain's WHOIS data absence is a concern but does not currently impact the operational legitimacy of the business. Strategic recommendations include improving transparency around security policies and enhancing domain registration visibility to boost trust.

L

Lovochemie, a.s.

lovochemie.cz

53

Lovochemie, a.s. is a Czech chemical manufacturing company specializing in various types of fertilizers, including nitrogenous, foliar, and NPK/NP fertilizers. It operates as a member of the AGROFERT group, a large conglomerate in the Czech Republic. The website presents a professional corporate image with clear navigation and relevant content targeted at agricultural businesses and contractors. The company provides comprehensive privacy and cookie policies in compliance with GDPR, reflecting a mature approach to data protection. Technically, the website is built on Drupal 10, with moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers are missing and no incident response or vulnerability disclosure information is publicly available. WHOIS data is missing, which reduces trustworthiness from a domain registration perspective and should be verified externally. Overall, the website is professional, secure, and compliant, with room for improvement in security transparency and WHOIS data availability.

C

Zajímavá místa na Cestovinky.cz - Váš průvodce při cestování

cestovinky.cz

57

Cestovinky.cz is a Czech-language travel guide website providing rich content including destination guides, travel tips, photo galleries, videos, quizzes, and blogs. The site targets travel enthusiasts primarily in the Czech Republic and operates a content publishing business model monetized through advertising networks such as Google Adsense and OpenX. The website uses Drupal 10 CMS and integrates modern web technologies and analytics tools like Gemius and Google Tag Manager. Security posture is moderate with HTTPS enabled but lacks some security headers and explicit privacy or cookie policies. WHOIS data is unavailable, which reduces domain trustworthiness, but the website content and technical setup appear professional and legitimate. Contact information includes a company email and social media presence on Facebook. Overall, the site is safe, family-friendly, and well-structured for its audience.

C

Centrale Méditerranée

centrale-marseille.fr

66

Centrale Méditerranée is a reputable French engineering school providing high-level scientific education from Bachelor to Doctorate levels, emphasizing responsible engineering, digital transformation, and international exposure. The institution maintains strong partnerships with academic and industry players and offers a broad range of programs including Grande École engineering, Bachelor, Masters, Doctorate, and continuing education. The website is professionally designed, well-structured, and accessible, reflecting the institution's commitment to quality education and research. Technically, the website is built on Drupal 10 CMS, utilizing modern JavaScript libraries such as Swiper.js for UI components and Matomo for privacy-respecting analytics. The site implements cookie consent management via tarteaucitron.js, indicating compliance with privacy regulations. Security headers and HTTPS are properly configured, enhancing the site's security posture. While the WHOIS data is not publicly available due to privacy protection, the website content and affiliations strongly indicate legitimacy. No critical security vulnerabilities or compliance gaps were detected. However, the site lacks explicit security policy and incident response information, which could be improved to enhance transparency and trust. Overall, Centrale Méditerranée's digital presence is robust, secure, and compliant, supporting its mission as a leading educational institution. Strategic recommendations include publishing a security policy, incident response contacts, and vulnerability disclosure information to further strengthen trust and security culture.

C

Centrale Méditerranée

centrale-mediterranee.fr

66

Centrale Méditerranée is a reputable French engineering school offering a range of educational programs from Bachelor to Doctorate levels, emphasizing high scientific standards, innovation, and international exposure. The institution maintains a strong market position with numerous international partnerships and a clear focus on research and professional training. Technically, the website is built on Drupal 10, employs modern JavaScript libraries such as Swiper.js, and uses Matomo for privacy-conscious analytics. The site is well-optimized for mobile and accessibility, with a professional design and clear navigation. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response information are not published. Overall, the website reflects a trustworthy and professional educational institution with good privacy compliance and user experience.

R

Rhein-Main Universitäten (RMU)

rhein-main-universitaeten.de

47

Rhein-Main Universitäten (RMU) is a strategic alliance of three major German universities collaborating in research, teaching, and regional development. The alliance serves over 95,000 students and 1,500 professors, aiming to strengthen scientific excellence and cooperation in the Frankfurt-Rhein-Main region. The website is professionally designed using Drupal 10, with modern web technologies and privacy-conscious analytics (Matomo). It offers multilingual content and clear navigation, targeting students, researchers, and academic partners. Security posture is strong with HTTPS and privacy-respecting analytics, though cookie consent mechanisms are absent. Contact information is comprehensive and transparent, enhancing trust.

I

International Coalition of Library Consortia (ICOLC)

icolc.net

59

The International Coalition of Library Consortia (ICOLC) operates as an informal global coalition of approximately 200 library consortia, facilitating collaboration and dialogue on library-related issues. The organization targets library consortia and educational institutions worldwide, providing services such as meetings, statements, and reports to support its members. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its audience. Technically, the website is built on Drupal 10 with Bootstrap frameworks, leveraging modern web technologies and responsive design. Hosting and DNS services are provided through Amazon Registrar and AWS Route53, ensuring reliable infrastructure. Google Analytics is used for visitor tracking, although no explicit cookie consent mechanism is present. The site demonstrates good mobile optimization and accessibility features. From a security perspective, the site uses HTTPS and registrar-level domain protections but lacks DNSSEC and security headers, which are recommended for enhanced security. No privacy or cookie policies were found, indicating gaps in compliance with privacy regulations such as GDPR. The absence of a security policy or incident response contact further limits the security posture. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the organization. The overall risk is moderate with recommendations to improve privacy compliance, enable DNSSEC, and implement security best practices. Enhancing transparency and user trust through published policies and consent mechanisms would strengthen the website's credibility and compliance.

T

Turun yliopisto

utu.fi

11

Turun yliopisto is a large Finnish university serving approximately 25,000 students and staff, focusing on education, research, and societal impact. The website reflects a mature digital presence with comprehensive academic content, clear navigation, and strong branding consistency. The technical infrastructure is modern, leveraging Drupal 10 CMS, Cloudflare for security and performance, and multiple third-party analytics and marketing tools integrated with GDPR-compliant consent mechanisms. Security posture is robust with HTTPS enforcement, security headers, and no visible vulnerabilities. Privacy compliance is well addressed with detailed policies and cookie consent. Overall, the site demonstrates high professionalism and trustworthiness suitable for an academic institution.

A

AFM Productions

afmproductions.fr

49

AFM Productions is a specialized audiovisual production company founded in 1997 by the AFM-Téléthon association, focusing on creating documentaries and educational content about rare genetic diseases and medical research. The company targets a general audience interested in health, science, and social issues, leveraging storytelling to raise awareness and inform the public. The website reflects a professional and consistent brand identity aligned with its mission. Technically, the website is built on Drupal 10 with Bootstrap and uses modern libraries such as Swiper.js for UI components. It integrates Google Analytics and a GDPR-compliant cookie consent mechanism via CookieYes, indicating a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS and has implemented cookie consent but lacks explicit security headers and dedicated security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain legitimacy verification, but the website content and contact information suggest a trustworthy entity. Overall, the site presents a low-risk profile with good compliance and technical standards, though improvements in security headers and transparency policies are recommended.

M

Muséum de Bordeaux - sciences et nature

museum-bordeaux.fr

57

The Muséum de Bordeaux - sciences et nature is a well-established public museum located in Bordeaux, France, focusing on natural history and cultural exhibitions. It serves a broad audience including families, schools, leisure professionals, journalists, and patrons. The museum offers permanent and temporary exhibitions, educational workshops, events, and virtual tours, positioning itself as a key cultural institution in the region. Technically, the website is built on Drupal 10 with modern libraries such as jQuery UI, Slick Carousel, Leaflet.js for maps, and FontAwesome for icons. It demonstrates good mobile optimization, accessibility, and SEO practices. The site includes a cookie consent mechanism and privacy policies aligned with GDPR requirements, reflecting a mature digital presence. From a security perspective, the site uses HTTPS with a good SSL configuration and implements cookie consent. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, and no dedicated security or incident response policies are published. The WHOIS data is unavailable, which limits domain registration insights but does not detract from the site's legitimacy given its professional content and official nature. Overall, the website is secure, compliant, and professionally maintained, with no signs of blocking or malicious activity. Strategic improvements include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to further strengthen trust and security posture.

FerreroSuppliers.com is a professional B2B portal designed to facilitate supplier engagement for Ferrero, a major confectionery manufacturer. The website provides access to various supplier-related applications including responsible sourcing, purchase order and invoice management, catalogues, quality specifications, and delivery tracking. It also offers a supplier application form to onboard new suppliers. The site is well-branded, consistent with Ferrero's corporate identity, and targets suppliers globally. Technically, the site is built on Drupal 10, uses modern JavaScript libraries like Glide.js, and integrates Google Analytics and OneTrust for tracking and cookie consent. Hosting includes Amazon S3 for static assets, indicating a hybrid hosting approach. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are absent. The absence of WHOIS registration data is a notable anomaly, reducing trust slightly despite the professional presentation. Overall, the site is functional, secure, and compliant with basic privacy standards, serving its business purpose effectively.

V

Ville de Saint-Étienne

saint-etienne.fr

72

The website www.saint-etienne.fr is the official digital portal for the city government of Saint-Étienne, France. It serves as a comprehensive resource for residents and visitors, offering access to municipal services, news, cultural and sporting events, administrative procedures, and employment opportunities. The site is well-positioned as an authoritative source for local information and community engagement. Technically, the site is built on Drupal 10, leveraging modern web technologies including Google Tag Manager, Google Analytics (GA4), Matomo Analytics, and OneSignal for push notifications. It employs a robust cookie consent mechanism via Tarteaucitron, ensuring GDPR compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes essential security headers. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a publicly available security policy or incident response contact, which could enhance transparency and trust. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include publishing a formal security policy, incident response information, and a vulnerability disclosure program to further strengthen security posture and user trust.

F

Fonjep

fonjep.org

59

Fonjep is a well-established French non-profit organization founded in 1964, dedicated to supporting youth and popular education projects. The website clearly communicates its mission, services, and regional presence, targeting associations, public institutions, and youth engaged in educational and solidarity initiatives. The digital infrastructure is built on Drupal 10 with modern front-end technologies, ensuring good mobile optimization, accessibility, and user experience. The site employs a comprehensive cookie consent mechanism aligned with GDPR requirements, reflecting a mature privacy posture. Security-wise, the site uses HTTPS and cookie management best practices but lacks explicit security policies and incident response information. Overall, the website is professional, trustworthy, and compliant, with room for improvement in security transparency and direct contact information.

M

Mer et Marine

meretmarine.com

10

Mer et Marine is a French maritime news media organization providing continuous updates on maritime defense, merchant marine, shipbuilding, cruises, fishing, ports, and energy sectors. The website targets maritime professionals and enthusiasts, offering news articles, interviews, and reports. The site uses Drupal 10 CMS and integrates modern digital marketing and consent management tools such as Google Tag Manager and Didomi. The technical infrastructure is modern and supports good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The WHOIS data is missing or unavailable, which raises some concerns about domain registration legitimacy, but the website content and branding appear professional and trustworthy. Overall, the site is a reliable source of maritime news with good digital maturity but would benefit from clearer privacy policies and WHOIS transparency.

S

Sinklar Conference Management B.V.

wco-iof-esceo.org

10

The website www.wco-iof-esceo.org represents the 26th World Congress on Osteoporosis, Osteoarthritis and Musculoskeletal Diseases, a globally recognized clinical congress organized by reputable healthcare organizations IOF and ESCEO. The event targets healthcare professionals and researchers in musculoskeletal health, offering a comprehensive scientific program and various engagement opportunities such as abstract submissions and awards. The site is professionally designed using Drupal 10, with good mobile optimization and accessibility features. It includes GDPR-compliant cookie consent mechanisms and clear contact information, enhancing user trust and compliance. However, the absence of WHOIS data limits domain trust assessment, and security headers are not detected, suggesting room for security improvements.

I

International Osteoporosis Foundation

iof-regional.org

10

The International Osteoporosis Foundation (IOF) operates the website www.iof-regional.org to promote and manage the IOF Regional 9th Asia-Pacific Bone Health Conference scheduled for December 2025 in Tokyo. The organization is a reputable non-profit entity focused on advancing bone health awareness and research, particularly in the Asia-Pacific region. The website serves as an information hub for healthcare professionals, providing conference details, program information, registration, and partner engagement. The site demonstrates a professional and consistent brand presence with clear contact points and social media integration. Technically, the website is built on Drupal 10 with a Bootstrap Barrio theme, leveraging modern web technologies including Google Fonts and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, with a cookie consent mechanism aligned with GDPR requirements. Security posture is solid with HTTPS enforced and no evident vulnerabilities, though some security headers could be enhanced. The WHOIS data is incomplete due to privacy protection, which is justified for this type of non-profit organization. Overall, the website reflects a mature digital presence suitable for a professional healthcare conference organizer. It balances user experience, compliance, and security adequately, though improvements in explicit security policies and incident response disclosures could further strengthen trust and compliance.

I

International Osteoporosis Foundation

fundamentals-osteoporosis.org

10

The Fundamentals of Osteoporosis website is operated by the International Osteoporosis Foundation, a reputable non-profit organization based in Switzerland. The site offers specialized educational courses aimed at healthcare professionals to enhance their knowledge and clinical skills in osteoporosis diagnosis and management. The business model centers on providing training and certification, positioning itself as a key resource in osteoporosis education globally. Technically, the website is built on Drupal 10, leveraging modern web technologies such as Bootstrap, jQuery, and Font Awesome for a responsive and accessible user experience. The site includes a cookie consent mechanism compliant with GDPR standards and integrates Google Tag Manager for analytics. Performance and SEO optimizations are moderate to good, with clear navigation and mobile responsiveness. From a security perspective, the site uses HTTPS and implements cookie consent but lacks visible advanced security headers in the provided HTML. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable, which limits domain trust verification; however, the website content and branding strongly indicate legitimacy. Overall, the website presents a professional, trustworthy, and well-maintained platform for osteoporosis education. Strategic improvements in security headers and WHOIS transparency could further enhance trust and compliance.

I

International Osteoporosis Foundation

iofacademy.org

40

IOF Academy is a specialized e-learning platform dedicated to osteoporosis and bone health education, operated by the International Osteoporosis Foundation. It offers a range of CME accredited courses designed by global experts, targeting healthcare professionals and researchers. The platform is well-branded, professionally designed, and provides comprehensive educational content with certificates of achievement. Technically, the website is built on Drupal 10 with modern frameworks and libraries, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is strong with clear policies and GDPR adherence. Overall, the website demonstrates high business credibility and trustworthiness, supported by its association with a reputable international foundation.

F

Falling Walls Foundation

berlinscienceweek.com

65

Berlin Science Week is a well-established annual science and culture festival organized by the Falling Walls Foundation, showcasing hundreds of free events across Berlin. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support. It targets a broad audience including researchers, students, and the general public interested in science. The technical infrastructure is modern, leveraging Drupal 10 CMS, Bootstrap, and various analytics and consent management tools. Security posture is good with HTTPS enabled and consent mechanisms in place, though some security headers could be improved. The domain is long-standing and consistent with the organization's history, enhancing trustworthiness. Overall, the website demonstrates strong compliance with privacy regulations and offers a rich user experience.

C

Creative Bureaucracy Festival

creativebureaucracy.org

62

Creative Bureaucracy Festival is a well-established international event focused on public sector innovation, attracting thousands of participants from government and civil society. The website is professionally designed using Drupal 10, with modern analytics and consent management tools implemented. Security posture is solid with HTTPS and cookie consent mechanisms, though DNSSEC and security headers could be improved. The domain registration data aligns well with the festival's founding and operations, indicating legitimacy. Overall, the website effectively supports the festival's mission and audience engagement.

A

ACADEMIA d.o.o.

lahko.si

46

Lahko.si is a Slovenian educational platform dedicated to promoting lifelong learning through various educational programs, including live and online courses. The platform is supported by recognized educational entities such as ACADEMIA d.o.o. and ACS, positioning it as a reputable resource in the Slovenian education sector. The website offers video content with accessibility features like captions and transcripts, enhancing user engagement and inclusivity. Technically, the site is built on Drupal 10 with modern front-end technologies, ensuring a responsive and accessible user experience. However, explicit privacy policies and terms of service are not readily found, which may impact user trust and compliance. Security posture is moderate with HTTPS usage and no visible vulnerabilities, but lacks explicit security headers and incident response contacts. Overall, the platform is a credible educational resource with room for improvement in privacy and security transparency.

F

Filmlab Palestine

flp.ps

62

Filmlab Palestine is a well-established non-profit organization dedicated to promoting and expanding Palestinian cinema culture since 2014. The organization offers a variety of programs including workshops, film festivals, post-production studios, and streaming platforms targeting filmmakers, families, and the broader community interested in Palestinian audiovisual storytelling. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on Drupal 10 with modern front-end libraries and is mobile optimized, though performance is moderate. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks explicit security policies and headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and credible with active social media engagement and clear contact information.

H

Hessens Bauern

hessens-bauern.de

57

Hessens Bauern is a regional agricultural information platform representing farms and agricultural activities in Hessen, Germany. The website provides comprehensive information about local farms, plants, animals, products, and educational opportunities, targeting consumers, schools, and local communities. It promotes sustainable agriculture and regional products while fostering community engagement through events and social media. Technically, the website is built on Drupal 10 CMS, utilizing modern JavaScript libraries such as Leaflet for maps and Matomo for privacy-conscious analytics. The site is mobile-optimized with good SEO practices and a professional design, ensuring a positive user experience. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and disables cookies in analytics to enhance privacy. However, it lacks explicit security headers and dedicated security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy, well-maintained, and compliant with GDPR requirements. It effectively serves its regional agricultural audience with quality content and good technical implementation. Strategic improvements in security headers and incident response transparency could further enhance its security posture.

H

Hessischer Bauernverband e. V.

hessischerbauernverband.de

59

The Hessischer Bauernverband e. V. is a regional agricultural association representing approximately 18,000 agricultural enterprises in Hessen, Germany. The organization focuses on advocating for agricultural, economic, social, educational, and cultural interests of people working in agriculture and forestry. Their website serves as an information hub for members and the public, offering news, events, educational resources, and member services. The association maintains a strong presence on multiple social media platforms and partners with numerous related organizations.

F

Fernstudium Direkt

fernstudium-direkt.de

58

Fernstudium Direkt operates as a leading German online comparison portal specializing in distance learning and continuing education. The platform offers comprehensive information on courses, providers, costs, prerequisites, and user reviews, targeting individuals seeking flexible educational opportunities. It partners with over 120 educational providers, providing a broad catalog of nearly 5,000 courses and 1,200 study programs, positioning itself strongly in the German education market. Technically, the website is built on Drupal 10, leveraging modern web technologies including Google Tag Manager and Usercentrics for consent management, ensuring GDPR compliance. The site is well-optimized for mobile devices, fast loading, and accessible, with a professional design and clear navigation enhancing user experience. From a security perspective, the site enforces HTTPS and integrates consent-based script loading, but could improve by implementing explicit security headers like Content-Security-Policy and publishing a security.txt file. No critical vulnerabilities or exposed sensitive data were detected. Privacy policies and cookie consent mechanisms are present and comprehensive, supporting regulatory compliance. Overall, Fernstudium Direkt demonstrates a mature digital presence with strong business credibility and trust indicators. The absence of direct contact emails or phone numbers on the homepage slightly limits immediate contact transparency but is mitigated by extensive social media presence and legal pages. Strategic improvements in security policy transparency and incident response information would further enhance trust and security posture.

U

Universität Liechtenstein

uni.li

10

Universität Liechtenstein is a regional higher education institution in Liechtenstein offering a range of academic programs including bachelor's, master's, doctoral, and continuing education courses primarily in architecture, business, finance, law, and information systems. The university also engages in research and knowledge transfer activities, targeting students, researchers, and professionals seeking further education. The website is professionally designed with clear navigation and multilingual support, reflecting a mature digital presence. Technically, the site is built on Drupal 10 CMS, uses Matomo analytics with privacy-conscious configurations, and is served over HTTPS with good mobile optimization and accessibility features. Security posture is generally strong with encrypted connections and privacy-aware analytics, though it lacks some security headers and explicit privacy and cookie policies. Overall, the domain registration details align well with the university's identity, indicating legitimacy and trustworthiness.

W

WEMAG

wemag.com

46

WEMAG is a regional German energy and internet service provider specializing in sustainable solutions such as certified green electricity, natural gas, photovoltaic systems, heat pumps, and fiber-optic internet. The company targets private customers, businesses, and municipalities with tailored energy and telecommunications products. The website is built on Drupal 10 and incorporates modern technologies including lazy loading images and consent management via Usercentrics. Security posture is solid with HTTPS and consent mechanisms, though explicit privacy and security policies are not clearly presented. WHOIS data is unavailable, which slightly impacts trust but the professional presentation and clear service offerings support legitimacy. Overall, WEMAG demonstrates a mature digital presence with room for improvement in transparency and security disclosures.

E

European Free Trade Association (EFTA)

efta.int

70

The European Free Trade Association (EFTA) website serves as the official online presence of the intergovernmental organization comprising Iceland, Liechtenstein, Norway, and Switzerland. It provides comprehensive information about EFTA's role in promoting free trade and economic integration within Europe and globally. The site targets government officials, trade professionals, and policy makers, offering detailed resources on trade relations, legal texts, statistical cooperation, and organizational structure. The website is well-established, reflecting the organization's long history since 1997, and maintains a professional and authoritative tone.

D

Deutsche Triathlon Union e.V.

triathlonbundesliga.de

46

The website www.triathlonbundesliga.de serves as the official digital platform for the 1. Triathlon-Bundesliga, the premier triathlon league in Germany. It provides comprehensive information about events, teams, live streams, and news updates targeted at athletes, fans, and stakeholders within the German triathlon community. The site is professionally designed with consistent branding and a clear focus on sports content, positioning itself as a trusted source in its niche. Technically, the site is built on Drupal 10 CMS, leveraging modern web technologies such as jQuery and Flickity for interactive elements. It integrates Google Tag Manager and Google Analytics for tracking and analytics purposes, with a GDPR-compliant cookie consent mechanism in place. The website is mobile-optimized and accessible, offering a good user experience across devices. From a security perspective, the site enforces HTTPS and implements cookie consent controls, though it lacks some advanced security headers and a publicly available security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website content, showing a legitimate registration without privacy protection, enhancing trustworthiness. Overall, the site demonstrates a solid security posture, good privacy compliance, and professional business credibility. Strategic improvements could include adding a terms of service page, security policy, and enhanced security headers to further strengthen trust and compliance.

A

ActionAid UK

actionaid.org.uk

66

ActionAid UK is a well-established international charity focused on empowering women and girls living in poverty through humanitarian aid, development programs, and advocacy. The organization operates a comprehensive website built on Drupal 10, integrating modern fundraising and marketing tools such as Fundraise Up and Google Tag Manager. The site demonstrates strong content quality, clear navigation, and mobile optimization, targeting donors, supporters, and activists. Security posture is solid with HTTPS and cookie consent mechanisms, though additional security headers and a published security policy would enhance protection. WHOIS data retrieval failed due to querying an invalid domain format, but the website's content and charity registration details confirm legitimacy. Overall, the website is professional, trustworthy, and compliant with privacy regulations.

H

HNI Corporation

hnicorp.com

9

HNI Corporation is an established enterprise manufacturing workplace furnishings and residential building products since 1947. The company positions itself as a leading provider in its sector, offering a broad range of products for various work environments. The website is built on Drupal 10, uses modern web technologies including Bootstrap and FontAwesome, and integrates third-party services such as OneTrust for cookie consent and Google Tag Manager for analytics. While the website is professionally designed and content-rich, there is a lack of visible privacy policy, terms of service, and contact information, which are important for user trust and compliance. The absence of WHOIS data raises concerns about domain registration legitimacy, although the website content and branding appear consistent with a legitimate business. Security posture is moderate with no detected security headers and no visible incident response or vulnerability disclosure information.