Security Directory

H

Human Rights Watch

hrw.org

78

Human Rights Watch is a globally recognized non-profit organization dedicated to defending human rights in over 100 countries. The website serves as a comprehensive platform for publishing investigative reports, news releases, and advocacy materials. It targets a broad audience including the general public, human rights advocates, policymakers, and donors. The organization operates primarily through donations and maintains a strong international presence with multilingual support. Technically, the website is built on Drupal 10, employs modern analytics and tracking tools, and demonstrates good performance and accessibility standards. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and incident response information are not publicly detailed. Overall, the site is professional, trustworthy, and well-structured, supporting the organization's mission effectively.

W

World Organization of the Scout Movement

scout.org

77

The World Organization of the Scout Movement (WOSM) operates the website www.scout.org as a global platform to promote scouting as the world's leading educational youth movement. The organization focuses on empowering young people through leadership development, community service, and addressing social and environmental challenges. The website reflects a mature digital presence with comprehensive content, clear navigation, and multilingual support, targeting youth, volunteers, and member organizations worldwide. Technically, the site is built on Drupal 10 with modern front-end technologies and implements privacy and cookie consent mechanisms, indicating a good level of digital maturity. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response details are not published. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting the organization's global non-profit mission.

A

Association des communes genevoises

acg.ch

54

The Association des communes genevoises (ACG) website serves as the official institutional platform representing all 45 communes within the canton of Geneva, Switzerland. It functions as a non-profit association dedicated to defending and promoting the interests of its member municipalities. The site provides information about the association's governance, affiliated entities, and news updates relevant to local government officials and stakeholders. The target audience primarily includes municipal authorities and local government representatives within the Geneva region. Technically, the website is built on Drupal 10 with Bootstrap 5 for responsive design and incorporates Matomo analytics for user tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. The use of deferred and asynchronous script loading enhances page load efficiency. However, there is room for improvement in security headers and explicit privacy compliance mechanisms. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in its HTML content. Nonetheless, it lacks visible security headers and published policies related to incident response or vulnerability disclosure. The absence of explicit privacy and cookie policies, as well as consent mechanisms, represents a compliance gap, particularly concerning GDPR requirements. Overall, the website is trustworthy and professionally maintained, reflecting its role as a government-related institutional entity. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent management, enhancing security headers, and publishing incident response and vulnerability disclosure information to strengthen security posture and regulatory compliance.

F

Fribourg International Film Festival

fiff.ch

53

Fribourg International Film Festival (FIFF) is a well-established non-profit cultural organization based in Switzerland, dedicated to promoting intercultural understanding through cinema. The festival emphasizes films that provoke reflection and discussion, targeting film enthusiasts, cultural communities, and educational institutions. The website reflects a mature digital presence with multilingual support, rich content, and clear navigation tailored to its audience. The business model relies on ticket sales, partnerships, and sponsorships, positioning FIFF as a significant player in the international film festival circuit. Technically, the site is built on Drupal 10 with modern web technologies and integrates analytics and marketing tools such as Google Analytics, Facebook Pixel, and Google Tag Manager. Security measures include HTTPS enforcement, secure forms with reCAPTCHA, and standard security headers, although formal security policies and incident response plans are not publicly documented. Privacy compliance is partially addressed with a comprehensive data protection policy but lacks a visible cookie consent mechanism. Overall, the website is professional, trustworthy, and safe for general audiences.

G

Gerflor

gerflor.com

65

Gerflor is a large international manufacturing company specializing in flooring, wall, and finishing solutions with a strong global presence supported by multiple country-specific websites. The company targets architects, designers, contractors, and end customers with a B2B and B2C business model. The website is built on Drupal 10 and integrates modern web technologies including Google Tag Manager and Usercentrics for privacy compliance. The site is well-designed, mobile-optimized, and provides comprehensive privacy and cookie policies. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and registration transparency. Security posture is good with HTTPS enforced and secure forms, but lacks explicit security headers and published security policies. Overall, the website is professional and trustworthy but would benefit from improved domain registration transparency and enhanced security disclosures.

D

Deutscher Handwerkskammertag e.V.

handwerk.de

58

Das Handwerk.de is an official German platform operated by Deutscher Handwerkskammertag e.V., providing comprehensive information on handcraft professions, training, and career opportunities. The website targets young people seeking apprenticeships, businesses in the handcraft sector, and the general public interested in the industry. It serves as a trusted resource with extensive content, including educational materials, job listings, and promotional campaigns. Technically, the site is built on Drupal 10 with modern web technologies such as lazy loading and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Performance is moderate with good user experience and navigation clarity. From a security perspective, the site enforces HTTPS and uses a consent management platform (Cookiebot) for GDPR compliance. However, it lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear privacy and cookie policies. Overall, the website presents a low-risk profile with high business credibility and professional presentation. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms to further strengthen trust and security posture.

A

Avis d’expert‧e‧s

avisdexperts.ch

55

Avis d’expert‧e‧s is a Swiss platform born from collaboration among universities and public broadcasters RTS and RSI, aggregating thousands of expert interventions analyzing current events scientifically. It targets journalists and media professionals, providing direct expert contacts and additional content access for registered users. The platform holds a strong position in the Swiss academic-media ecosystem, emphasizing scientific expertise dissemination. Technically, the website is built on Drupal 10, uses Matomo for analytics, and implements modern web standards with good mobile optimization and SEO practices. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the site is professional, trustworthy, and compliant with privacy regulations, supporting its role as a credible media resource.

I

International Trade Administration

trade.gov

59

The International Trade Administration (ITA) is a U.S. government agency under the Department of Commerce focused on strengthening the competitiveness of U.S. industry, promoting trade and investment, and ensuring fair trade through trade laws and agreements. The website serves as a comprehensive resource for U.S. businesses, exporters, and investors, offering export solutions, trade data and analysis, problem resolution services, and virtual assistance. ITA positions itself as the authoritative source for navigating global markets and supporting U.S. economic growth through international trade. Technically, the website is built on Drupal 10, leveraging modern web technologies including jQuery, Google Tag Manager, and analytics tools such as Google Analytics and Crazy Egg. The site is mobile-optimized, accessible, and well-structured with clear navigation and professional design. Security best practices are observed with HTTPS enforcement, multiple security headers, and no visible vulnerabilities. Privacy and cookie policies are present and indicate GDPR compliance, enhancing user trust. The security posture is strong, with no detected vulnerabilities or exposed sensitive data. The domain is a .gov domain, which inherently provides a high level of trust and legitimacy. WHOIS data is limited due to .gov domain privacy norms but aligns with expectations for a government entity. Overall, the website demonstrates a mature digital presence with robust security and compliance measures. Strategically, ITA should consider publishing explicit security policies and vulnerability disclosure programs to further enhance transparency and trust. Regular updates to third-party scripts and continued monitoring of privacy compliance will maintain the site's integrity and user confidence.

I

Institut national de l'audiovisuel

ina.fr

70

Institut national de l'audiovisuel (INA) is a prominent French national audiovisual institute that provides extensive audio and video archives, educational content, media training, and subscription-based video services. The website reflects a well-established media organization with a strong digital presence and a focus on public access to audiovisual heritage. The site is professionally designed, mobile-optimized, and offers clear navigation and rich content relevant to its audience of media professionals, researchers, and the general public. Technically, the site is built on Drupal 10 with modern frameworks and includes consent management for privacy compliance. Security posture is good with HTTPS and consent mechanisms, though explicit security policies and vulnerability disclosures are not found. WHOIS data is unavailable, which is common for .fr domains, but the website's branding and social media presence strongly support its legitimacy. Overall, the site scores well on content quality, technical implementation, security, privacy compliance, and business credibility.

S

SALTO

salto.bz

68

SALTO is a well-established technology company specializing in electronic locking and access control solutions, targeting businesses and organizations requiring advanced security systems. The website is professionally designed using Drupal 10 and Bootstrap, with good mobile optimization and clear navigation. The technical infrastructure includes modern analytics and advertising tools managed with a robust cookie consent mechanism, ensuring GDPR compliance. Security posture is strong with HTTPS, security headers, and no detected vulnerabilities, although DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Overall, the website reflects a mature digital presence with a focus on privacy and user experience.

P

Pistor AG

pistor.ch

62

Pistor AG is a well-established Swiss wholesale partner specializing in bakery, gastronomy, hospital, and home care supplies. The company operates a comprehensive product range and offers expert consulting and reliable delivery services, supported by a unique specialist network. Their market position is strong within Switzerland, serving multiple sectors with a large partner network and a history spanning over 100 years. Technically, the website is built on Drupal 10, uses modern web technologies, and includes analytics and cookie consent mechanisms, reflecting a mature digital infrastructure. Security posture is good with HTTPS and basic best practices, though it lacks explicit security headers and public incident response policies. Overall, the website is professional, trustworthy, and well-optimized for users, but could improve privacy transparency and security disclosures.

Ä

Ärzte ohne Grenzen

aerzte-ohne-grenzen.at

69

Ärzte ohne Grenzen Österreich is a well-established humanitarian medical aid organization operating globally with a strong presence in Austria. The website reflects a professional, transparent, and donor-focused approach, emphasizing 100% private donation funding and extensive medical emergency services in over 70 countries. The technical infrastructure is modern, based on Drupal 10, with good mobile optimization and accessibility. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response details could be improved. Overall, the site is trustworthy, well-branded, and compliant with GDPR and privacy standards.

F

Fondation Restena

dns.lu

61

The website dns.lu is the official registry for the .lu national domain extension, managed by Fondation Restena. It provides domain registration infrastructure, accreditation for registrars, and DNS services including DNSSEC support. The site is professionally designed using Drupal 10, with good mobile optimization and accessibility. Security posture is strong, evidenced by ISO 27001 certification and secure DNS practices, although some security headers and explicit policies could be improved. The WHOIS data confirms the legitimacy of the domain ownership with consistent registrant information. Overall, the site serves a critical national infrastructure role with a trustworthy and professional online presence.

Ö

Österreichische Forschungsförderungsgesellschaft FFG

ffg.at

65

The Österreichische Forschungsförderungsgesellschaft (FFG) is Austria's national funding agency dedicated to supporting business-related research, development, and innovation. The organization operates a professional and comprehensive website that provides detailed information about funding programs, initiatives, and services targeted at Austrian companies and research institutions. The site is well-structured, mobile-optimized, and built on Drupal 10, reflecting a modern technical infrastructure. Analytics tracking is implemented via etracker, and a cookie consent mechanism is active, indicating attention to privacy compliance, although no explicit privacy policy or terms of service were found in the analyzed content. Security posture is moderate with HTTPS implied and some best practices observed, but there is room for improvement in publishing security policies and incident response contacts. Overall, the domain registration data aligns well with the organization's profile, supporting its legitimacy and trustworthiness.

D

Département des Bouches-du-Rhône

departement13.fr

67

The Département des Bouches-du-Rhône website serves as the official digital portal for the regional government entity in France, providing extensive information and services related to local administration, social welfare, culture, environment, education, and community engagement. The site targets residents, local officials, associations, and businesses within the department, offering a comprehensive resource for accessing government programs and updates. Technically, the website is built on Drupal 10, leveraging modern web technologies including JavaScript and CSS3, and integrates Matomo for analytics and tarteaucitron.js for GDPR-compliant cookie management. The hosting is provided by ScaleWay, a reputable provider, and the site demonstrates good mobile optimization, accessibility, and SEO practices. From a security perspective, the site enforces HTTPS and employs domain transfer protection. While explicit security headers and policies are not fully documented, the site avoids exposing sensitive data and uses a consent mechanism for cookies. No critical vulnerabilities or suspicious activities were detected, indicating a solid security posture appropriate for a government website. Overall, the website is professional, trustworthy, and compliant with privacy regulations, making it a reliable resource for its audience. Strategic recommendations include enhancing security headers, publishing a security policy, and adding incident response contacts to further strengthen trust and compliance.

Z

Zebralog GmbH

meinungfuer.koeln

53

The website meinungfuer.koeln is an official public participation portal for the city of Cologne, operated by Zebralog GmbH. It serves as a platform for citizens to engage in city planning and local projects, offering information on ongoing and past participations, events, and news. The site targets residents of Cologne and promotes transparent civic engagement. Technically, it is built on Drupal 10 with modern frontend libraries and uses Matomo Analytics respecting user privacy. The site is well-structured, mobile-optimized, and accessible, reflecting a mature digital infrastructure for a government service. Security posture is solid with HTTPS, security headers, and domain transfer protections, though DNSSEC is not enabled and no explicit security policies are published. Privacy compliance is strong with clear cookie consent and GDPR-aligned policies. Overall, the site is trustworthy, professional, and safe for general audiences.

A

A2A Energia

e-moving.it

73

A2A Energia is a major Italian energy company providing comprehensive electric vehicle charging solutions, including home wallbox installations and a widespread public charging network. Their digital presence includes a dedicated app for managing charging services and tailored tariff plans for customers. The website is well-structured, professionally designed, and targets electric vehicle owners and energy consumers in Italy. The company is part of the larger Gruppo A2A, reinforcing its market position. Technically, the site uses Drupal 10 CMS, integrates modern analytics and cookie consent tools, and demonstrates good mobile optimization and SEO practices. Security posture is strong with HTTPS, security headers, and secure forms, although explicit security policies and incident response details are not published. Privacy compliance is robust with clear GDPR-aligned policies and cookie consent mechanisms. Overall, the domain registration data aligns with the business identity, supporting legitimacy and trustworthiness.

R

Rapunzel Naturkost GmbH

rapunzelwelt.de

56

Rapunzel Welt is a German visitor attraction centered on organic food, sustainability, and cultural experiences. The website showcases museums, events, a bio-market, café, bakery, and group offerings, targeting a general audience interested in organic and sustainable lifestyles. The business positions itself as a niche regional attraction with strong branding and certifications such as Bioland-Partner. Technically, the site is built on Drupal 10 with modern libraries and frameworks, including Usercentrics for consent management and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and well-structured, providing a good user experience. Security posture is moderate with HTTPS implied but lacking explicit security headers and published security policies. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Overall, the domain registration aligns well with the business, indicating legitimacy and trustworthiness.

I

Interreg Europe

interregeurope.eu

69

Interreg Europe is an established European regional cooperation programme that facilitates policy learning and sharing of sustainable solutions among regional and local governments. The website serves as a comprehensive platform providing access to programme documents, project information, and policy solutions, targeting government entities and policy makers. The digital infrastructure is built on Drupal 10 CMS with modern JavaScript libraries, ensuring a professional and responsive user experience. Security posture is strong with HTTPS enforcement and secure login forms, though some security headers could be enhanced. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR adherence. Overall, the website presents a trustworthy and authoritative presence consistent with an official EU programme.

R

Royal Botanic Gardens Kew

kew.org

69

Royal Botanic Gardens Kew is a globally recognized non-profit botanical institution based in the United Kingdom, dedicated to plant science, conservation, and public education. The website serves a diverse audience including researchers, families, schools, and general visitors, offering access to botanical collections, scientific resources, educational programs, and membership opportunities. The institution holds a strong market position as a leading botanical garden and research center. Technically, the website is built on Drupal 10, leveraging modern web technologies and integrating tools such as Google Tag Manager and Visual Website Optimizer for analytics and user experience optimization. The site demonstrates good performance, excellent mobile responsiveness, and accessibility features, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs standard security headers, and integrates a comprehensive cookie consent mechanism compliant with GDPR. However, it lacks a publicly visible dedicated security policy or incident response contact, and no vulnerability disclosure or security.txt file is present. No vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and secure, with strong privacy compliance and clear business credibility. The absence of WHOIS data limits domain registration insights but does not detract from the site's legitimacy. Strategic recommendations include publishing explicit security policies and incident response information to enhance transparency and trust.

N

NatureServe

natureserve.org

62

NatureServe is a well-established nonprofit organization specializing in biodiversity data and conservation science across North America. With a 50-year history, it collaborates with a broad network of scientists and organizations to provide authoritative data that supports conservation efforts. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistent with its mission. Technically, the site is built on Drupal 10 with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and Mailchimp. The site is mobile-optimized and accessible, though performance is moderate. Security posture is solid with HTTPS and some security headers, but could be enhanced with additional headers and explicit cookie consent mechanisms. Overall, the security and privacy compliance is good, with a comprehensive privacy policy and clear contact information. The WHOIS data is limited due to privacy protection, but the domain and website content align well with the organization's claims, supporting legitimacy. No critical vulnerabilities or suspicious indicators were found. Strategically, NatureServe should focus on enhancing security headers, implementing explicit cookie consent, and maintaining transparency to further strengthen trust and compliance.

A

Arizona State University

asu.edu

70

Arizona State University (ASU) is a large, well-established public research university in the USA, offering a wide range of undergraduate and graduate degree programs, research initiatives, and community services. The website reflects a mature digital presence with consistent branding, comprehensive content, and a focus on accessibility and user experience. The technical infrastructure is based on Drupal 10 CMS with modern libraries and analytics tools, supporting a responsive and performant site. Security posture is good with HTTPS and secure forms, though explicit security headers and incident response information are not publicly disclosed. Privacy and cookie policies are present and GDPR compliant. The WHOIS data is unavailable, which limits domain registration trust analysis, but the overall legitimacy is supported by the website content and official social media presence.

I

Internet Stiftung (Internet Privatstiftung Austria)

netidee.at

63

netidee is a prominent Austrian internet funding initiative managed by the Internet Privatstiftung Austria, providing approximately 1 million euros annually to support internet-related projects, scholarships, and scientific research. The website targets the Austrian internet community, researchers, and developers, positioning itself as a leading grant provider in the technology sector. The business model focuses on fostering innovation and community engagement through funding and events. Technically, the site is built on Drupal 10, employs Matomo analytics with privacy-conscious configurations, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and consent management implemented, though explicit security headers and vulnerability disclosure mechanisms are absent. Overall, the site is professional, trustworthy, and compliant with GDPR, reflecting a mature digital presence for a non-profit foundation.

L

Liveurope

liveurope.eu

53

Liveurope is a well-established pan-European cultural initiative dedicated to supporting concert venues and promoting European music diversity. The organization operates across 24 countries with 23 venues and thousands of concerts supported, positioning itself as a key player in the European music and cultural sector. The website reflects a professional, content-rich platform with comprehensive news, stories, and event information targeted at music venues, artists, and cultural audiences. Technically, the site is built on Drupal 10, leveraging modern web technologies and analytics tools, with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are absent. Overall, the domain registration and website content are consistent and legitimate, supporting a high trustworthiness rating.

A

agefiph

agefiph-universite-rrh.fr

58

The website agefiph-universite-rrh.fr serves as the official platform for the Université du réseau des référents handicap (URRH), an event organized by agefiph focused on disability employment and inclusion in France. It targets professionals such as disability referents in private and public sectors, training organizations, and unions. The site provides event information, program details, speaker profiles, and partner acknowledgments, positioning itself as a reputable resource in the non-profit and government sector related to disability employment. Technically, the site is built on Drupal 10, hosted by OVH, and employs modern analytics tools including Matomo and Google Tag Manager. It uses a comprehensive cookie consent mechanism (Tarteaucitron) ensuring GDPR compliance. The site is mobile-optimized with good accessibility and SEO practices, though accessibility could be improved further. From a security perspective, the site enforces HTTPS and uses cookie consent best practices. However, it lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website content and organization, indicating legitimacy and consistency. Overall, the website presents a professional, trustworthy, and compliant digital presence for agefiph’s URRH event, with recommendations to enhance security transparency and incident readiness to further strengthen its posture.

F

Fastweb Digital Academy

fastwebdigital.academy

62

Fastweb Digital Academy is an Italian online education platform specializing in digital skills development, including courses in digital creativity, cybersecurity, digital workplace, soft skills, and digital marketing. The website targets Italian-speaking learners seeking to enhance their digital competencies. Technically, the site is built on Drupal 10 and integrates modern analytics and marketing tools such as Piwik PRO, Google Tag Manager, and Facebook Pixel, indicating a mature digital infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers and published privacy or terms of service policies, which are recommended for compliance and trust. The WHOIS data is unavailable or malformed, limiting domain trust assessment, but the website content and technical setup suggest a legitimate educational entity. Overall, the site scores well on content quality and business credibility but should improve privacy compliance and security transparency.

S

Selectra

stromliste.at

65

Stromliste.at is an Austrian energy comparison platform operated by the Selectra Group, offering free services to compare electricity and gas tariffs and providing expert telephone consultation to help consumers reduce energy costs. The website is professionally designed, mobile-optimized, and rich in relevant content, including guides, tariff comparisons, and customer testimonials. Technically, it is built on Drupal 10 with modern web technologies and integrates Google Tag Manager for analytics. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and explicit security policies are absent. WHOIS data is unavailable due to NIC.AT quota limits, but the website's business information and trust signals indicate legitimacy. Overall, the site presents a trustworthy and user-friendly service for Austrian energy consumers.

G

GazElektrik

gazelektrik.com

63

GazElektrik.com is a Turkish online platform providing comprehensive guides and application services related to electricity, natural gas, telecommunications, insurance, and security systems. The website serves as an information hub and lead generation portal for consumers seeking to manage utility subscriptions, switch providers, and pay bills. It targets residential and commercial users in Turkey, positioning itself as a niche market player with a focus on energy and telecom sectors. The business is linked to the AkıllıTarife.com brand, indicating a broader ecosystem of related services. Technically, the website is built on Drupal 10, hosted by OVH sas, and uses Cloudflare DNS. It integrates Google Analytics and Google Tag Manager for tracking and marketing purposes. The site is mobile-optimized with good navigation and content relevance, although accessibility features are basic. Security posture is adequate with HTTPS enabled and domain protections in place, but lacks DNSSEC and advanced security headers. Privacy compliance is basic with cookie consent implemented and a privacy policy linked in the footer, though no explicit GDPR compliance statements or security policies are found. Overall, the site is professional and trustworthy but could improve in security and compliance transparency.

A

Akıllı Tarife

akillitarife.com

67

Akıllı Tarife is a Turkish service platform founded in 2015 that offers consumers discounted electricity, natural gas, internet, TV, mobile, alarm systems, and insurance products. The website serves as a comparison and lead generation portal, helping users find cheaper utility and telecommunication services with detailed guides and application forms. The company targets Turkish consumers looking to reduce their bills and manage services efficiently, especially during moving. Technically, the site is built on Drupal 10, hosted by OVH sas, and uses Cloudflare DNS with Google Analytics and Tag Manager for tracking. The site is mobile optimized and well-structured, providing a good user experience. Security posture is solid with HTTPS and cookie consent, though some security headers and explicit policies are missing. WHOIS data is transparent and consistent with the business claims, supporting legitimacy. Overall, the site is professional, trustworthy, and compliant with basic privacy requirements.

E

European Cluster Collaboration Platform

clustercollaboration.eu

63

The European Cluster Collaboration Platform (ECCP) serves as a comprehensive online hub connecting over 50,000 European experts, businesses, and policymakers to foster collaboration and innovation across various industry clusters. The platform offers directories, funding information, expertise publications, news, events, and matchmaking services, positioning itself as a leading European government/non-profit initiative to strengthen industrial ecosystems and strategic autonomy. Technically, the website is built on Drupal 10 CMS, leveraging modern web technologies including jQuery UI, Font Awesome 6, Matomo Analytics, and Facebook Pixel for tracking and marketing. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a professional and consistent design that enhances user experience. From a security perspective, the site enforces HTTPS, employs cookie consent mechanisms compliant with GDPR, and avoids exposing sensitive data. While explicit security headers are not fully confirmed, the overall posture is strong with no detected vulnerabilities. The absence of WHOIS registrant data is due to privacy protection, which is justified for this type of EU platform. Overall, the ECCP website is a trustworthy, well-maintained, and professionally managed platform with a clear focus on European cluster collaboration. Strategic recommendations include enhancing security header implementation, publishing a formal security policy and incident response contacts, and adding a vulnerability disclosure mechanism to further strengthen trust and compliance.

B

Bpifrance

entrepreneuriat-quartiers-2030.fr

67

The website 'Quartiers 2030' is a government-backed initiative operated by Bpifrance to support entrepreneurship in priority neighborhoods (QPV) in France. It provides a comprehensive program including detection, financing, accompaniment, and acceleration of entrepreneurs, aiming to foster economic inclusion and job creation. The site is well-branded, professionally designed, and integrates multiple partner organizations and government entities, reflecting a strong institutional backing. Technically, the site is built on Drupal 10 with modern JavaScript libraries and CSS frameworks, ensuring a responsive and accessible user experience. It employs HTTPS and basic security measures but could improve with explicit security headers and incident response disclosures. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. Security posture is solid with no critical vulnerabilities detected, but the absence of a security.txt and incident response contacts suggests room for improvement. The domain registration is recent but consistent with the program's launch timeline and shows no suspicious patterns. Overall, the website presents a trustworthy, professional, and well-maintained digital presence for a public entrepreneurship support program, with recommendations to enhance security transparency and incident readiness.

A

Acquia

acquia.net

71

Acquia is a leading enterprise technology company specializing in cloud-based digital experience platforms. Their website presents a professional and comprehensive platform for content management, community engagement, and commerce solutions, targeting large organizations and enterprises. The company leverages modern web technologies including Drupal 10 CMS, Google Tag Manager, and Visual Website Optimizer to deliver a robust and optimized user experience. The site is well-structured, mobile-optimized, and supports multiple languages, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and use of security best practices, although explicit security policies and incident response contacts are not publicly detailed. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. WHOIS data is unavailable, likely due to privacy protection, but the website's professionalism and trust signals indicate legitimacy. Overall, Acquia's website demonstrates a high level of digital maturity and business credibility.

A

Acquia

widen.com

71

Acquia is an established enterprise technology company specializing in digital asset management solutions, as evidenced by their Acquia DAM product. The website presents a professional and consistent brand image, targeting businesses seeking to manage digital assets effectively across teams and channels. The technical infrastructure leverages Drupal CMS, integrates modern analytics and marketing tools such as Google Tag Manager and Visual Website Optimizer, and uses CDN services for performance optimization. Security posture is generally strong with HTTPS enforced and use of reputable third-party services, though explicit security headers and policies are not visible on the analyzed page. Privacy compliance is limited on this page, with no visible privacy or cookie policies, which is an area for improvement. Overall, the website is professional and trustworthy, but the lack of WHOIS data and contact information slightly reduces confidence.

I

International Union for Conservation of Nature (IUCN)

iucncongress2025.org

54

The IUCN World Conservation Congress website serves as the official digital platform for the quadrennial global event focused on nature conservation. It targets conservation experts, leaders, and decision-makers worldwide, providing comprehensive information about the Congress components, schedules, speakers, and partners. The site is well-branded, consistent, and professionally designed, reflecting the stature of the IUCN organization and its global conservation mission. Technically, the site is built on Drupal 10, leveraging modern web technologies and third-party integrations such as Google Tag Manager and social media pixels. While performance and mobile optimization are good, there is room for improvement in security headers and DNSSEC implementation. The security posture is solid with HTTPS and domain registrar protections, but lacks explicit incident response and security policy disclosures. Privacy compliance is partially addressed with cookie consent mechanisms, though a dedicated privacy policy page is not clearly found. Overall, the site is trustworthy, safe, and professionally maintained, suitable for its non-profit event purpose.

I

IUCN

iucn-events.org

54

The IUCN World Conservation Congress website serves as the official digital platform for a major global event focused on nature conservation, scheduled for October 2025 in Abu Dhabi. The site targets conservation experts, leaders, decision-makers, partners, and the interested public, providing comprehensive information about the Congress components including the Forum, Exhibition, and Members' Assembly. It also offers access to virtual platforms, multimedia content, and partner engagement opportunities. The website reflects a strong market position as a leading non-profit event organizer in the environmental sector. Technically, the site is built on Drupal 10, leveraging modern web technologies and CDNs for performance and global reach. It integrates Google Tag Manager, LinkedIn Insight, and Facebook Pixel for analytics and marketing, alongside a robust cookie consent mechanism. The site is mobile-optimized, accessible, and SEO-friendly, with a consistent and professional design. From a security perspective, the website enforces HTTPS, employs domain locking statuses, and uses reCAPTCHA for bot protection. However, DNSSEC is not enabled, and some advanced security headers are not explicitly detected. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is moderate due to the absence of a dedicated privacy policy page, though cookie documentation and consent are well implemented. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements include enabling DNSSEC, publishing a comprehensive privacy policy, and enhancing security headers to further strengthen trust and compliance.

C

Conservation Planning Specialist Group

cpsg.org

66

The Conservation Planning Specialist Group (CPSG) is a well-established non-profit organization dedicated to species conservation planning and capacity building. With over 40 years of experience, CPSG leverages scientific approaches and collaborative workshops to support global biodiversity goals. Their website reflects a professional and consistent brand, targeting conservationists, researchers, donors, and the general public interested in wildlife preservation. The organization offers key services including conservation planning workshops, training, scientific tools, and annual meetings. Technically, the website is built on Drupal 10 and incorporates modern JavaScript libraries and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and performs moderately well. Security posture is strong with HTTPS enabled and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable due to malformed output, but the website's professionalism and trust indicators suggest legitimacy. Privacy protection for domain registration is justified given the non-profit nature. Overall, the site demonstrates a mature digital presence with good compliance and security practices. Recommendations include enhancing security headers, publishing a security policy and incident response contacts, and adding a vulnerability disclosure mechanism to further strengthen trust and security posture.

P

Prognos AG

prognos.com

75

Prognos AG is a professional consulting and research firm specializing in economic and policy analyses, serving government, public sector, and business clients primarily in Germany and Europe. Their services encompass studies, forecasts, evaluations, and strategic consulting across sectors such as economy, innovation, climate, energy, and infrastructure. The company maintains a strong market position with over 200 experts and multiple European offices. Technically, the website is built on Drupal 10 with modern JavaScript libraries, offering good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not evident. WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but does not detract significantly given the professional site presentation. Overall, the site is well-designed, content-rich, and trustworthy, with moderate user tracking via Matomo analytics and compliance with GDPR indicated by comprehensive privacy and cookie policies.

S

Selectra

selectra.co.uk

69

Selectra is a UK-based comparison and advisory platform specializing in helping consumers and businesses save money on energy, broadband, and mobile services. Established in 2004, it holds a strong market position with comprehensive guides, comparison tools, and a solid reputation evidenced by a high Trustpilot rating. The website is built on Drupal 10, leveraging modern web technologies and Google services for analytics and advertising. The site is well-optimized for mobile and accessibility, providing a professional user experience. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security policies and incident response information are not published. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

S

Selectra

comparaiso.cl

62

Comparaiso.cl is a Chile-based online platform specializing in comparing telecommunications services including internet, mobile, fixed phone, and television plans. It operates under the parent company Selectra, providing consumers with comprehensive options to select the best plans suited to their needs. The website is well-positioned in the Chilean market, partnering with major telecom providers and offering additional services such as speed tests and streaming platform information. Technically, the site is built on Drupal 10, integrates Google Tag Manager for analytics, and uses Cloudflare DNS, reflecting a modern and maintainable infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is good, with clear privacy and cookie policies linked to the parent domain. Overall, the site presents a professional and trustworthy front to users, with clear contact channels and consistent branding.

S

Selectra India

selectra.in

67

Selectra India operates a comprehensive online platform focused on providing consumers in India with detailed comparisons of mobile, broadband, DTH, and OTT plans. The website is well-structured, leveraging Drupal 10 CMS and modern web technologies to deliver a user-friendly experience. It targets Indian telecom consumers seeking to make informed decisions about their telecom services. The platform positions itself as a trusted partner in telecom decision-making, offering consulting and plan recommendations. Technically, the site uses Google Fonts, Google Tag Manager, and Google Adsense for analytics and monetization, with a cookie consent mechanism in place to comply with privacy regulations. Security posture is solid with HTTPS enforced, though some security headers and explicit privacy policies are missing. No signs of WAF or content blocking were detected, and the WHOIS data aligns well with the business claims, indicating legitimacy. Overall, the site is professional, trustworthy, and provides valuable telecom information, but could improve privacy transparency and contact availability.

S

Selectra

selectra.es

72

Selectra is a well-established online platform specializing in helping consumers and businesses in Spain save money on utility bills such as electricity, gas, internet, mobile, alarms, insurance, and solar energy. The company positions itself as a trusted advisor with a large user base and multiple service offerings, supported by a professional and user-friendly website. The technical infrastructure is modern, leveraging Drupal CMS, Google Analytics, and other contemporary web technologies, ensuring good performance and mobile optimization. Security posture is solid with HTTPS, cookie consent mechanisms, and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations.

S

Selectra Italia S.r.l.

selectra.net

69

Selectra Italia S.r.l. operates a comprehensive online platform focused on comparing and facilitating activation of home utilities and telecom services in Italy, including electricity, gas, internet, mobile, insurance, and pay-TV. The company targets residential and business customers seeking cost savings and convenience through expert consultation and online tools. The website is well-established, with a domain age since 2007 and significant user traffic and customer base. Technically, the site is built on Drupal 10, employs modern analytics and marketing tools, and is hosted with reputable providers, ensuring moderate to good performance and mobile optimization. Security posture is adequate with HTTPS and domain protection flags, but lacks visible security headers and DNSSEC. Privacy compliance is weak due to missing explicit privacy and cookie policies. Overall, the site demonstrates high business credibility with strong trust signals but could improve transparency and security practices.

S

Selectra

selectra.ie

59

Selectra Ireland is a well-established utility and broadband comparison service operating since 2019 in Ireland, part of a larger international group founded in 2016. The company provides consumers with personalized advice and tools to compare and switch energy, broadband, waste, alarm, and insurance providers, aiming to save money on household bills. Their business model relies on affiliate commissions from partner providers, while offering a free service to customers. The website demonstrates a strong market position with a consistent brand and positive customer trust signals such as high Trustpilot and Google reviews. Technically, the website is built on Drupal 10, leveraging modern JavaScript libraries and Google Analytics for tracking. It is hosted behind Cloudflare DNS and CDN services, ensuring good performance and mobile optimization. The site includes GDPR-compliant cookie consent mechanisms and privacy policies, reflecting a mature digital infrastructure. However, some security best practices like DNSSEC and HTTP security headers could be improved. From a security perspective, the site uses HTTPS and does not expose sensitive data in the HTML. No critical vulnerabilities or malware indicators were found. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the company's history and no privacy protection, which supports legitimacy. Overall, the security posture is solid but could benefit from enhanced DNS security and published security policies. The overall risk assessment is low, with no blocking or WAF challenges detected. Strategic recommendations include enabling DNSSEC, implementing security headers, and publishing incident response contacts to further strengthen trust and compliance.

C

CallMePower

callmepower.be

56

CallMePower is a Belgian energy-focused service platform established in 2014, offering consumers multilingual support to save on their energy bills. The website is built on Drupal 10 and hosted by OVH, employing modern web technologies and tracking tools such as Google Tag Manager and Pagesense. The site demonstrates good design quality, mobile optimization, and accessibility, providing a positive user experience. However, it lacks explicit privacy policies, terms of service, and contact information, which are critical for trust and compliance. Security posture is adequate with HTTPS and cookie consent mechanisms but could be improved by adding security headers and incident response details. Overall, the site is safe, professional, and moderately trustworthy but would benefit from enhanced transparency and security practices.

A

Agefiph

agefiph.fr

61

Agefiph is a French non-profit association dedicated to supporting employment development for persons with disabilities. The organization provides financial aids, services, and training to individuals, employers, and training actors. The website is professionally designed using Drupal 10, with modern analytics and marketing tools integrated, including Matomo, Google Analytics, Hotjar, and AB Tasty. It features comprehensive cookie consent management and clear navigation tailored to multiple user profiles. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and policies could be improved. The WHOIS data is unavailable, likely due to privacy protection, but the website's legitimacy is supported by official social media presence and related partner domains. Overall, the site is a trustworthy and authoritative resource in its sector.

M

Mairistem

jvs-mairistem.fr

53

Mairistem is a French software publisher specializing in digital management solutions tailored for local governments and collectivités. With over 40 years of experience and a client base exceeding 15,000 collectivités, the company offers a comprehensive suite of interoperable software products covering finance, human resources, civil status, citizen services, and territory management. Their business model combines software licensing with cloud solutions, consulting, training, and dedicated client support, positioning them as a trusted partner in the government technology sector. Technically, the website is built on Drupal 10, leveraging modern JavaScript libraries and analytics tools such as Matomo and HubSpot, ensuring a responsive and user-friendly experience. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms, though it lacks a dedicated security policy or incident response contact details. The absence of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy, but the professional presentation and extensive business information mitigate this concern. Overall, Mairistem demonstrates a mature digital presence aligned with its market position, though improvements in transparency around security policies are recommended.

T

TPF

tpfingenieria.com

50

TPF is a large, international multidisciplinary engineering consultancy headquartered in Spain, with a presence in over 45 countries through multiple subsidiaries. The company offers a broad range of engineering services including consultancy, design, asset management, project supervision, and quality control, targeting businesses and public sector clients. Their market position is strong, supported by a diversified portfolio and global reach. Technically, the website is built on Drupal 10, uses modern JavaScript libraries such as jQuery and GSAP, and integrates privacy-conscious analytics via Plausible. The site is mobile-optimized and accessible, with good SEO practices. However, some security best practices such as DNSSEC and security headers are missing. Security posture is moderate with HTTPS enabled and no visible vulnerabilities, but lacks explicit security policies and incident response information. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanism. Overall, the website is professional and trustworthy, but improvements in privacy compliance and security hardening are recommended to enhance user trust and regulatory adherence.

T

TPF

tpf.ro

46

TPF is a well-established global multidisciplinary engineering consultancy headquartered in Belgium, active in over 40 countries with a strong portfolio in environment and water, transport and mobility, and building and cities sectors. The company offers a broad range of services including consultancy, design, technical asset management, and project management. It holds a reputable market position, evidenced by its ENR Top 50 ranking and BREEAM Excellent certifications. The website reflects a mature digital presence built on Drupal 10 with modern JavaScript libraries and a privacy-conscious analytics approach using Plausible. However, explicit privacy and cookie policies are missing, representing a compliance gap. Security posture is moderate with no visible security headers and no incident response or vulnerability disclosure information published. Contact information is clearly provided, enhancing business credibility.

T

TPF Engineering

tpfengineering.be

39

TPF Engineering is a large, established multidisciplinary engineering consultancy headquartered in Belgium, operating globally with subsidiaries in multiple countries. The company provides engineering design, construction, and operational services primarily targeting large public and private organizations. The website is built on Drupal 10 and hosted by OVH, featuring modern technologies such as jQuery, GSAP, and Fancybox. The site is professionally designed, mobile-optimized, and offers clear navigation and relevant content including news, projects, and company information. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and formal privacy/cookie policies. Analytics usage is minimal and privacy-friendly, but GDPR compliance could be improved by adding explicit policies and consent mechanisms. Overall, the domain registration data aligns well with the business claims, indicating a trustworthy and legitimate presence.

B

Bundesverband Freie Darstellende Künste e.V.

darstellende-kuenste.de

58

The Bundesverband Freie Darstellende Künste e.V. (BFDK) is a prominent non-profit umbrella organization representing approximately 27,000 free performing arts professionals in Germany. The website serves as a comprehensive platform offering news, projects, advocacy information, and resources tailored to artists, cultural policymakers, and networks within the free performing arts sector. The organization is well-positioned nationally, supported by the German Federal Government's cultural office, and actively engages its community through multiple projects and social media channels. Technically, the website is built on Drupal 10, leveraging modern web technologies including Alpine.js and Matomo for analytics. It demonstrates good mobile optimization, accessibility, and SEO practices. The site employs a robust cookie consent mechanism ensuring GDPR compliance, reflecting a mature approach to privacy and user data protection. From a security perspective, the site enforces HTTPS and implements cookie consent but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or suspicious activities were detected in the content or scripts. The WHOIS data aligns with the website's claims, showing consistent domain registration and no privacy protection, supporting legitimacy. Overall, the website presents a professional, trustworthy, and well-maintained digital presence for a cultural non-profit organization. Strategic improvements could include enhancing security headers and publishing a formal security policy to further strengthen trust and compliance.