Security Directory

L

La Région Auvergne-Rhône-Alpes

europeenauvergnerhonealpes.fr

61

The website www.europeenauvergnerhonealpes.fr is the official digital presence of the Auvergne-Rhône-Alpes regional government in France, focusing on European funding and project support. It serves as a comprehensive resource for beneficiaries such as local authorities, associations, companies, and research entities seeking information and assistance with European funds and programs. The site is well-branded, professionally designed, and provides clear navigation and relevant content tailored to its target audience. Technically, the site is built on Drupal 10, leveraging modern web technologies including Matomo for analytics and lazy loading for performance optimization. It is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although the absence of certain security headers suggests room for improvement. From a security and compliance perspective, the site demonstrates GDPR compliance with clear privacy and cookie policies. However, the WHOIS data is unavailable, which slightly impacts trustworthiness but is mitigated by the official nature of the site and its consistent branding. No vulnerabilities or malicious content were detected. Overall, the website is a trustworthy, professional government portal with strong content quality and user experience. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and monitoring third-party scripts for security risks.

P

Pivovar Hostivar

pivovar-hostivar.cz

59

Pivovar Hostivar is a well-established Czech brewery and hospitality business operating since 2011. The company runs multiple restaurant locations, a bakery, and hosts cultural events such as concerts and cinema screenings. Their business model combines onsite hospitality services with an e-commerce platform for beer sales, targeting local residents and visitors interested in craft beer and cultural experiences. The website is built on Drupal 10 with modern frontend libraries, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though the absence of security headers and privacy policies indicates room for improvement. Overall, the domain registration and business information are consistent and trustworthy, supporting a medium-sized hospitality enterprise in the Czech Republic.

I

INRAE

inrae.fr

64

INRAE is a prominent French public research institute specializing in agriculture, food, and environmental sciences. The website reflects a mature digital presence with comprehensive content targeting researchers, students, policymakers, and the general public. It offers extensive resources including research dossiers, events, and collaboration opportunities. The site is multilingual and well-branded with official government logos and certifications, reinforcing its authoritative position. Technically, the website is built on Drupal 10, leveraging modern web standards and responsive design to ensure accessibility and usability across devices. The presence of cookie consent mechanisms and privacy policies indicates attention to regulatory compliance, particularly GDPR. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although explicit security headers could be improved. The WHOIS data is unavailable due to AFNIC policies, but the domain is active and updated, consistent with a legitimate public institution. No suspicious or malicious indicators were found. Overall, the website demonstrates a high level of professionalism, security, and compliance suitable for a government research entity.

L

Le Journal des Entreprises

lejournaldesentreprises.com

70

Le Journal des Entreprises is a French regional economic news media platform offering a website and monthly magazine with 14 local editions covering 27 departments. The site targets business professionals and regional economic actors, providing news, dossiers, podcasts, and company profiles. Technically, it is built on Drupal 10 with modern web technologies, including Google Tag Manager and Didomi for consent management. The website is well-structured, mobile-optimized, and uses HTTPS, but lacks visible security headers in the HTML source. No WHOIS data was found for the domain, which raises concerns about domain registration legitimacy. Overall, the site presents a professional and trustworthy business media presence but should verify domain registration and improve privacy policy visibility.

V

VDAB

vdab.be

68

VDAB is the official public employment service of Flanders, Belgium, providing comprehensive job search, training, and career guidance services. The website is well-branded and targets job seekers, employers, and partners within the Flemish region. It operates under the Flemish government umbrella, offering a trusted platform for employment-related services. Technically, the site uses Drupal 10 CMS with modern JavaScript frameworks and integrates consent management and chat services, reflecting a mature digital infrastructure. Security posture is good with HTTPS and OIDC authentication, though some security headers and explicit incident response contacts are missing. WHOIS data is restricted, but the site’s official nature and consistent branding support its legitimacy. Overall, the site is professional, secure, and compliant with privacy regulations, serving a large government audience effectively.

E

European Commission - Employment, Social Affairs and Inclusion

pesnetwork.eu

72

The European Network of Public Employment Services (PES Network) is an official initiative under the European Commission's Employment, Social Affairs and Inclusion domain. It serves as a collaborative platform for public employment services across EU member states and associated countries, aiming to improve labor market efficiency and support EU employment policies. The website is professionally designed using Drupal 10 and the European Commission's design system, ensuring accessibility, mobile optimization, and clear navigation. Security posture is strong with HTTPS, cookie consent, and no exposed vulnerabilities detected. However, WHOIS data is unavailable due to EURid privacy policies, which is typical for EU institutional domains. Overall, the site demonstrates high trustworthiness and professionalism, serving a broad European governmental and public audience.

A

Aviato

aviato.be

49

Aviato is a specialized employment platform focused on providing quality and sustainable job opportunities at Brussels Airport. It serves both job seekers and employers by offering job listings, internships, career advice, and organizing events such as job fairs and info sessions. The website is professionally designed using Drupal 10, with modern web technologies and good mobile optimization. It integrates analytics and marketing tools like Google Analytics and Facebook Pixel, and complies with GDPR through a comprehensive privacy and cookie policy. Security posture is adequate with HTTPS and secure form handling, though security headers could be improved. WHOIS data is restricted, but the website's content and social media presence indicate a legitimate and trusted organization within the transportation sector in Belgium.

T

Tisséo Collectivités

tisseo-collectivites.fr

56

Tisséo Collectivités is the public authority responsible for organizing and managing mobility services in the Toulouse metropolitan area, France. The organization focuses on sustainable urban transport solutions including metro lines, bus networks, and bike-sharing services. The website reflects a medium-sized public sector entity with a clear mission to serve local governments and residents by providing information and resources related to mobility projects and services. The company is well-positioned in its regional market as a key mobility authority. Technically, the website is built on Drupal 10, leveraging modern web technologies such as jQuery, Swiper for carousels, and FontAwesome for icons. The site is mobile-optimized with good SEO and accessibility features, although full RGAA compliance is partial. Hosting and domain registration are consistent with the organization's profile, and the site uses HTTPS with cookie consent mechanisms to comply with GDPR. From a security perspective, the site demonstrates good practices including HTTPS enforcement and cookie consent management. However, there is room for improvement in implementing security headers and publishing explicit security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and compliant with privacy regulations. It serves its public sector audience effectively with relevant content and clear navigation. Strategic recommendations include enhancing security headers, completing accessibility compliance, and publishing security and incident response policies to further strengthen trust and compliance.

M

Musée national et domaine du château de Pau

chateau-pau.fr

56

The Château de Pau website represents the official digital presence of the Musée national et domaine du château de Pau, a French national museum under the Ministry of Culture. The site offers comprehensive information about the museum's history, collections, exhibitions, events, and visitor services, targeting a broad audience including tourists, educators, researchers, and cultural professionals. The business model is government-funded, focusing on cultural preservation and public education. The museum maintains a strong market position as a recognized heritage site with partnerships with national cultural organizations.

The website www.paujeunes.fr serves as an official local government platform dedicated to supporting youth in Pau, France. It provides comprehensive information and resources related to education, employment, social engagement, and local aids for young people. The platform is well-branded with consistent city imagery and messaging, targeting students and young adults in the region. Technically, the site is built on Drupal 10 and integrates Matomo analytics with user consent mechanisms, reflecting a moderate level of digital maturity. The site is mobile-optimized and accessible, with good navigation and content relevance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks some advanced security headers and explicit security policies. The absence of WHOIS data is a notable gap but does not detract significantly from the site's legitimacy given its official branding and content. Overall, the platform is a trustworthy and valuable resource for its intended audience.

Pau Agglomération operates an official government website serving the city of Pau and its surrounding agglomeration in France. The site provides comprehensive information on daily life, urban planning, social services, culture, environment, and more, targeting residents and visitors. It is positioned as a key local government communication and service platform. Technically, the website is built on Drupal 10, employs Matomo for analytics, and uses modern web technologies ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is well addressed with privacy and cookie policies and consent mechanisms. However, explicit contact emails and phone numbers are not directly visible, and no terms of service or vulnerability disclosure pages were found. Overall, the website is professional, trustworthy, and well-maintained, reflecting a mature digital presence for a government entity.

H

hub.info

1819.brussels

11

hub.info is a government-supported platform providing comprehensive entrepreneurial guidance and support services to independent workers, merchants, and entrepreneurs in Brussels. The website offers multilingual content, including guides, events, financial aid information, and networking opportunities, positioning itself as a central resource for the Brussels entrepreneurial ecosystem. Technically, the site is built on Drupal 10, employs modern web technologies, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. Overall, the site is trustworthy, professional, and compliant with GDPR regulations.

W

Wake-up Clean-up

wakeupcleanup.brussels

66

Wake-up Clean-up is a Brussels-based non-profit organization dedicated to promoting environmental cleanliness through community clean-up events. The website serves as a platform for citizens and groups to join the movement, organize or participate in clean-ups, and access educational resources. The site is well-branded, multilingual, and provides clear calls to action for engagement. Technically, it is built on Drupal 10 with modern libraries and integrates common marketing and analytics tools such as Google Tag Manager and Facebook Pixel. Security practices include HTTPS enforcement and basic security headers, though there is room for improvement in advanced security configurations and accessibility compliance. Privacy and cookie policies are present and GDPR compliant, supporting user consent mechanisms. Overall, the website demonstrates a solid digital presence for a small non-profit with a focus on community and sustainability.

D

Delaware County, Pennsylvania

delcopa.gov

57

Delaware County, Pennsylvania operates an official government website providing comprehensive information and services to residents, businesses, and visitors. The site covers a wide range of county functions including courts, human services, health, public safety, elections, and parks. The website is built on Drupal 10 with modern frameworks like Bootstrap 4 and includes accessibility features such as AudioEye and Google Translate integration. The site demonstrates good content quality, clear navigation, and professional design consistent with government standards. Security posture is moderate with HTTPS implied but lacking explicit security headers and published policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain and website are legitimate and trustworthy, serving as a critical public resource for Delaware County.

M

MéthaFrance

methafrance.fr

41

MéthaFrance operates as a national informational portal focused on methanisation, a renewable energy process in France. The website provides comprehensive educational content, event information, FAQs, and resources targeted at the general public, agricultural stakeholders, and energy sector participants. It positions itself as a leading resource in the French renewable gas sector. Technically, the site is built on Drupal 10 with Bootstrap for responsive design and uses privacy-conscious analytics (Matomo) and cookie consent management (tarteaucitron). Security posture is good with HTTPS and captcha protections, though explicit security headers and policies are lacking. The absence of WHOIS registrant data slightly reduces trust but does not detract significantly from the site's legitimacy. Contact is available via a webform but lacks direct email or phone contacts. Overall, the site is professional, informative, and well-structured, serving its educational mission effectively.

F

Ferrero Caribe

ferreropr.com

50

Ferrero Caribe operates a consumer-facing website promoting its well-known confectionery brands such as Mon Chéri, Ferrero Rocher, and Raffaello. The site targets general consumers interested in premium chocolate products, primarily in the Caribbean region. The business model focuses on brand promotion and consumer engagement through product information and social media channels. The website is built on Drupal 10 CMS and leverages modern front-end libraries including Bootstrap and jQuery, indicating a moderate level of digital maturity. Mobile optimization and responsive design are well implemented, providing a good user experience. Security posture is moderate; while HTTPS is presumably enabled (not explicitly confirmed), the absence of security headers and cookie consent mechanisms indicates room for improvement. No forms or direct contact information are provided, limiting direct user interaction and data collection. Overall, the site is professional and trustworthy but could enhance privacy compliance and security transparency.

F

Ferrero

ferrerocareers.com

73

Ferrero Careers website presents a professional and comprehensive platform for job seekers interested in joining the global Ferrero family of companies. The site highlights Ferrero's strong global presence, diverse teams, and extensive brand portfolio, positioning itself as a leading confectionery manufacturer with a focus on employee development and inclusion. Technically, the site is built on Drupal 10, uses modern JavaScript libraries, and is hosted likely on AWS infrastructure, delivering a mobile-optimized and accessible user experience. Security posture is adequate with HTTPS and consent mechanisms in place, but lacks explicit security headers and published security policies, which could be improved. The absence of WHOIS registration data raises questions about domain registration legitimacy, though the website content and branding are consistent with Ferrero's corporate identity. Overall, the site is trustworthy and professional but would benefit from enhanced transparency in privacy and security disclosures.

A

ARP-GAN Bruxelles-Propreté

arp-gan.be

68

ARP-GAN Bruxelles-Propreté is a well-established public agency founded in 2004, responsible for waste management and urban cleanliness in the Brussels region. The website serves as an informative and service-oriented platform targeting both citizens and professionals, offering waste sorting guides, collection schedules, recycling park information, and citizen engagement initiatives. The agency holds ISO 9001 and ISO 14001 certifications, reinforcing its commitment to quality and environmental management. Technically, the site is built on Drupal 10, employs modern cookie consent tools, and integrates analytics and tracking services responsibly. Security posture is strong with HTTPS and cookie consent, though explicit security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the website is professional, trustworthy, and well-aligned with its public service mission.

B

Bruxelles Economie et Emploi

economie-emploi.brussels

62

Bruxelles Economie et Emploi is the official regional government agency responsible for promoting sustainable economic development and employment in the Brussels-Capital Region. The website serves as a comprehensive portal offering resources, guidance, and support for entrepreneurs, business owners, workers, and non-EU nationals. It provides multilingual content in French, Dutch, and English, reflecting the region's linguistic diversity. The agency collaborates with multiple regional partners to deliver services including business creation, management, worker training, and regulatory compliance assistance.

D

DFK Paris – Deutsches Forum für Kunstgeschichte Paris

dfk-paris.org

56

DFK Paris – Deutsches Forum für Kunstgeschichte Paris is an academic research institute affiliated with the Max Weber Stiftung, focusing on art history with a strong emphasis on German-French cultural exchange. The website provides comprehensive information about their research projects, publications, library services, funding opportunities, and events, targeting scholars, students, and cultural professionals. The institution positions itself as a specialized, small-sized educational and non-profit entity with a clear mission in the arts and humanities sector. Technically, the website is built on Drupal 10, employing modern web standards and technologies such as Matomo for analytics and Plyr for media. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Security-wise, HTTPS is enforced, and cookie consent mechanisms are in place, but there is room for improvement in publishing formal security policies and incident response contacts. The security posture is solid with no visible vulnerabilities or exposed sensitive data, but the absence of WHOIS data limits domain trust verification. The website is free from adult or questionable content, maintaining a professional and trustworthy online presence. Overall, the site reflects a mature digital infrastructure suitable for an academic institution, though enhancing transparency around security and incident response would strengthen trust further.

C

COSMO

cosmo-info.de

51

COSMO is a German company specializing in heating and ventilation products and services, targeting both end consumers and professional markets. Their website showcases a range of products including solar technology, radiators, underfloor heating, and air ventilation systems, supported by tools like energy saving calculators and floor planners. The company positions itself as a provider of high-quality, innovative heating and ventilation solutions with a focus on comfort and energy efficiency. Technically, the website is built on Drupal 10, leveraging modern front-end libraries such as Swiper.js for interactive elements, and integrates third-party services like Google Maps API and Adobe Launch for analytics and marketing. Usercentrics CMP is implemented for cookie consent, reflecting GDPR compliance efforts. Hosting is provided by Adacor, a reputable German hosting provider. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy compliance is partial due to the absence of a visible privacy policy and terms of service. Overall, the website is professional, well-structured, and trustworthy, with good content quality and technical implementation. Strategic improvements include publishing comprehensive privacy and security policies, adding security headers, and providing vulnerability disclosure information to enhance trust and compliance.

G

Gîtes de France®

gites-de-france.com

61

Gîtes de France® is a well-established French vacation rental platform offering a variety of accommodations including gîtes, chambres d'hôtes, camping, and citybreaks. The website targets families, couples, and groups seeking quality vacation rentals across France, leveraging a recognized quality label to build trust. The platform provides booking services, thematic stay inspirations, and gift cards, positioning itself as a leader in the French hospitality sector. Technically, the site is built on Drupal 10, employs modern JavaScript libraries, and integrates Google Tag Manager for analytics and marketing. The site is mobile-optimized, accessible, and SEO-friendly, providing an excellent user experience. Security-wise, the site uses HTTPS and secure Drupal forms but lacks visible advanced security headers, suggesting room for improvement. The absence of WHOIS registration data is a concern but does not detract significantly from the site's legitimacy given the strong branding and content quality. Overall, the site presents a professional, trustworthy, and user-friendly platform for vacation rental bookings in France.

The website www.pau.fr serves as the official digital portal for Pau Agglomération, a French municipal government entity. It provides comprehensive information and services related to daily life, urban planning, culture, social services, and community engagement for residents and visitors. The site is built on Drupal 10 and integrates Matomo analytics for privacy-conscious user tracking. The design is professional, mobile-optimized, and accessible, reflecting a mature digital presence for a government organization. Security posture is good with HTTPS and some security best practices observed, though explicit security policies and incident response information are not publicly visible. The absence of WHOIS data is a notable anomaly that warrants further verification but does not detract from the site's apparent legitimacy based on content and branding.

The Department of Veterans' Affairs (DVA) website serves as the official Australian government portal dedicated to providing comprehensive support, benefits, and services to veterans and their families. The site is well-positioned as a trusted government entity, offering a wide range of resources including claims processing, health and mental wellbeing support, education, employment assistance, and commemoration services. The target audience primarily includes veterans, their families, healthcare providers, and the general Australian public seeking information related to veterans' affairs. Technically, the website is built on Drupal 10 and hosted on GovCMS, reflecting a modern and secure content management infrastructure. The use of Google Tag Manager and other contemporary web technologies indicates a mature digital presence. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the website enforces HTTPS and employs best practices such as IP anonymization in analytics. However, explicit security headers and a public security or incident response policy are absent, representing areas for improvement. The WHOIS data is limited due to privacy policies typical for government domains but aligns with the domain's legitimacy and trustworthiness. Overall, the DVA website presents a professional, secure, and user-friendly platform that effectively supports its mission. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and improving privacy compliance transparency to further strengthen trust and security posture.

Revvity is a large healthcare technology company specializing in life sciences research solutions, diagnostics, clinical and pharma services, and imaging solutions. The company targets scientific researchers and pharmaceutical industries, providing comprehensive workflow solutions from target to cure. The website demonstrates a mature digital presence built on Drupal 10, integrating advanced marketing and analytics tools such as Google Tag Manager, Visual Website Optimizer, and Demandbase. The site is well-optimized for mobile and accessibility, with professional design and clear navigation. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly disclosed. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS data is a limitation but does not detract significantly from the overall legitimacy given the professional web presence and trust signals.

E

Epta Finland

epta-finland.com

70

Epta Finland is a specialized Finnish sales company established in 2003, providing comprehensive refrigeration solutions and services primarily to the Finnish food retail sector. The company operates multiple offices across Finland and emphasizes sustainable refrigeration technologies. Their business model focuses on product sales, installation, maintenance, and after-sales services, positioning themselves as a market leader in their niche. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site is built on Drupal 10 with modern front-end libraries and integrates marketing and analytics tools such as Google Tag Manager and Pardot. Security posture is solid with HTTPS and cookie consent mechanisms, though some improvements in security headers and incident response transparency are recommended. The absence of WHOIS domain registration data is a notable concern, suggesting either privacy protection or registration issues, which slightly impacts trustworthiness. Overall, the site is professional, compliant with GDPR, and serves its business purpose effectively.

R

RATP Dev Australia

ratpdevaustralia.com.au

66

RATP Dev Australia is a regional branch of the global RATP Dev group, specializing in the operation and maintenance of urban and intercity transportation systems. The company leverages the extensive experience of its parent, RATP Group, a major public transport operator with over a century of history. The website presents a professional image with detailed references to global operations, emphasizing expertise in automated metro systems and various transit modes. Technically, the site is built on Drupal 10 and integrates modern analytics tools with privacy-conscious configurations. Security posture is generally good with HTTPS and cookie consent implemented, though there is room for improvement in security headers and transparency of policies. WHOIS data is incomplete, which slightly impacts trust but does not detract from the overall legitimacy indicated by the website content and branding.

ATMO BFC is a regional environmental health organization focused on air quality, climate, energy, and mobility in Bourgogne-Franche-Comté, France. The website serves as an authoritative source for environmental data, publications, and public information. The organization appears well-established with a domain registered since 2017 and no privacy protection, indicating transparency. The site uses Drupal 10 CMS with modern JavaScript libraries and includes analytics via Matomo and cookie consent via CookieYes. Security posture is adequate with HTTPS and domain protections but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is partial due to the absence of a visible privacy policy page. Overall, the website is professional, content-rich, and trustworthy for its target audience.

T

Twisto

twisto.fr

61

Twisto is the primary public transportation provider for the Caen la mer urban community in France, offering bus and tramway services along with real-time traffic updates, route planning, and ticketing solutions. The website is professionally designed using Drupal 10, featuring a mobile-optimized interface and integrated journey planner widgets. It maintains a strong social media presence and provides comprehensive traffic alerts to its users. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. WHOIS data is not publicly available, indicating privacy protection, which is justified for this type of public service entity. Overall, the website is trustworthy, user-friendly, and compliant with privacy regulations.

T

TIC BRNO, příspěvková organizace

ticbrno.cz

63

TIC BRNO, příspěvková organizace, is a professional municipal agency dedicated to supporting tourism and cultural activities in Brno, Czech Republic. The organization operates the GOTOBRNO.cz portal, organizes public events such as Brněnské Vánoce and Gourmet Brno, manages Kino Art cinema, and offers services including ticket pre-sales and venue rentals. The website reflects a well-structured and professionally maintained digital presence targeting both locals and tourists interested in Brno's cultural and tourism offerings. The business model is non-profit and government-supported, positioning TIC BRNO as a key player in the city's tourism infrastructure. Technically, the website is built on Drupal 10 CMS, utilizing modern web technologies and integrating Google Analytics and CookieHub for analytics and cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks visible security headers and explicit incident response or security policy disclosures. Overall, the security posture is solid for a municipal site, with no detected vulnerabilities or suspicious content. The absence of WHOIS data reduces domain trust slightly but is mitigated by official city references and consistent business information. Strategic recommendations include enhancing security headers, formalizing incident response contacts, and maintaining compliance with evolving privacy regulations.

P

Point S Italia Srl Unipersonale

point-s.it

66

Point S Italia Srl Unipersonale operates as part of the global Point S Group, providing automotive tire and maintenance services in Italy since 2015. The company holds a strong market position as the largest independent network of tire dealers worldwide, offering a wide range of vehicle maintenance services. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to vehicle owners in Italy. Technically, the site is built on Drupal 10, integrates multiple analytics and marketing tools, and employs a robust consent management system to ensure GDPR compliance. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although a dedicated security policy and incident response contacts are absent. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

F

Fundación Española para la Ciencia y Tecnología, F.S.P. (FECYT)

fecyt.es

74

The Fundación Española para la Ciencia y Tecnología (FECYT) is a public foundation under the Spanish Ministry of Science, Innovation and Universities. It focuses on promoting the public and social value of science and innovation, supporting scientific culture, open science, and science communication. The website reflects a well-established government-affiliated entity with a clear mission and comprehensive service offerings in the science and technology sector. Technically, the site is built on Drupal 10 with modern libraries and frameworks, providing good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is strong with clear policies and GDPR adherence. Overall, the site is professional, trustworthy, and serves a broad audience including the scientific community and public sector stakeholders.

S

Sempra

sempra.com

68

Sempra is a major North American energy infrastructure company providing safe, reliable, and affordable energy to nearly 40 million consumers. The company focuses on electrification, resilient energy systems, and next-generation technologies, positioning itself as a leader in energy innovation and infrastructure development. Their website reflects a mature enterprise with strong market presence and recognized corporate responsibility. Technically, the site is built on Drupal 10 with modern web technologies, optimized for performance and mobile use, and incorporates security best practices such as HTTPS, reCAPTCHA, and Cloudflare services. However, the absence of visible cookie consent and detailed security policies indicates room for improvement in privacy compliance. The WHOIS data is unavailable or protected, which is common for large corporations but slightly reduces transparency. Overall, the website is professional, trustworthy, and well-maintained, supporting Sempra's business credibility and market position.

G

Jednodenní výlety z Brna tam, kde nejsou davy | Gofrombrno.cz

gofrombrno.cz

45

The website 'Go From Brno' is a regional tourism portal providing curated tips for day trips around Brno, Czech Republic. It targets families, hikers, cyclists, and tourists seeking less crowded destinations. The site offers event listings, travel guides, and regional exploration content. Technically, it is built on Drupal 10 CMS with integration of Google Analytics, Google Tag Manager, and CookieHub for consent management. The design is professional, mobile-optimized, and accessible with good SEO practices. Security posture is moderate with HTTPS implied but lacks explicit security headers and published privacy or terms policies. WHOIS data is unavailable, which limits trust assessment. Overall, the site is safe, family-friendly, and well-maintained but could improve transparency and security practices.

P

Pinault Collection

pinaultcollection.com

73

Pinault Collection operates as a prominent private art collection and cultural institution with museums in Paris and Venice. The website provides detailed information about exhibitions, membership benefits, and off-site events, targeting art enthusiasts and cultural tourists. The digital infrastructure is built on Drupal 10 with integration of modern analytics and marketing tools, reflecting a mature digital presence. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit security policies could be improved. The absence of WHOIS data limits domain trust analysis, but the professional site and consistent branding support legitimacy. Overall, the website is well-designed, user-friendly, and compliant with privacy regulations.

The Federal Communications Commission (FCC) is a United States government agency responsible for regulating interstate and international communications. The website serves as the official digital presence of the FCC, providing comprehensive information on regulatory proceedings, licensing, consumer resources, and public safety. It targets a broad audience including consumers, industry stakeholders, and government entities. The FCC maintains a strong market position as the primary federal communications regulator in the US, offering key services such as licensing databases, spectrum auctions, and consumer complaint handling. Technically, the website is built on Drupal 10, leveraging modern web technologies including Google Tag Manager and FontAwesome. Accessibility is enhanced through AudioEye tools, and the site is mobile-optimized with good SEO practices. The performance is moderate with a well-structured and professional design. From a security perspective, the site enforces HTTPS, employs secure forms, and publishes a vulnerability disclosure policy. While explicit security headers are not fully confirmed, the overall security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is good, with a comprehensive privacy policy and clear contact information, though a cookie consent mechanism is not detected. Overall, the FCC website is a highly credible, professional, and secure government resource. It demonstrates strong trust indicators and meets the expectations for a federal agency's digital presence. Minor improvements could include enhanced security header implementation and cookie consent compliance to further strengthen privacy and security assurances.

E

ELIXIR

elixir-europe.org

66

ELIXIR is a well-established European life sciences infrastructure that unites over 240 research institutes across multiple countries to facilitate access and analysis of life science data. The organization is funded partly by the European Commission and operates with a clear governance structure involving national Nodes and the EMBL-EBI. The website reflects a mature digital presence with comprehensive content targeting researchers, industry partners, and ELIXIR members. Technically, the site is built on Drupal 10 with modern frameworks like Bootstrap 5 and integrates Matomo for analytics, indicating a focus on privacy and performance. Security posture is solid with HTTPS enforced and domain registration well maintained, though improvements like DNSSEC and security headers could enhance protection. Privacy compliance is good with clear privacy and cookie policies, though a cookie consent mechanism is absent. Overall, ELIXIR's website demonstrates high professionalism, trustworthiness, and effective communication of its mission and services.

H

Harmonie Santé

harmonie-sante.fr

62

Harmonie Santé is a French health-focused media platform dedicated to providing prevention, health news, and social protection information. It operates under the editorial guidance of professional journalists and holds a press status, targeting a broad audience interested in health and societal well-being. The website is linked to Harmonie Mutuelle, a major mutual insurance group in France, which supports its credibility and market position. Technically, the site is built on Drupal 10, leveraging modern web technologies and analytics tools, with good mobile optimization and accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. The absence of WHOIS data is a concern but does not detract significantly from the site's legitimacy given the strong branding and content quality. Overall, Harmonie Santé presents a professional, trustworthy, and well-maintained digital presence in the healthcare media sector.

T

TEN7

ten7.com

68

TEN7 is a specialized digital agency focused on Drupal site building, rescue, and care, targeting small teams and organizations requiring expert Drupal and UX services. The company has a strong market position supported by over 100 years of combined team experience and long-term client relationships. Their business model is service-oriented, emphasizing collaboration and empathy. Technically, the website is built on Drupal 10, uses modern analytics and marketing tools like HubSpot and Google Analytics, and is hosted with Cloudflare DNS services. The site is well-optimized for performance, mobile, accessibility, and SEO. Security posture is solid with HTTPS enforced and domain transfer protection, though improvements can be made by enabling DNSSEC and publishing explicit security policies. Overall, the website is professional, trustworthy, and compliant with privacy regulations, making it a reliable digital presence for the company.

R

Région Ile-de-France

iledefrance.fr

68

The website www.iledefrance.fr is the official digital presence of the Région Île-de-France, the regional government authority for the Île-de-France area in France. It provides comprehensive information and services tailored to residents, professionals, associations, and local authorities. The site offers access to regional aids, news, events, and digital services, positioning itself as a key public service platform for the region. The business model is that of a government entity focused on public service and regional development. Technically, the website is built on Drupal 10, leveraging modern web technologies such as lazy loading images, Matomo analytics for privacy-respecting user tracking, and Clustaar webchat for user support. The site is mobile-optimized, accessible, and demonstrates good SEO practices. Performance is moderate with room for optimization. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not fully confirmed, the site shows good security hygiene with no exposed sensitive data or vulnerable libraries detected. The absence of WHOIS data is typical for French government domains and does not detract from the site's legitimacy. Overall, the site presents a low risk profile with strong trust indicators, professional design, and compliance with privacy regulations. Strategic recommendations include enhancing security headers, continuous monitoring of third-party scripts, and ensuring robust form security to maintain and improve the security posture.

Ú

Ústí Region Convention Bureau

ustecky-convention.cz

44

Ústí Region Convention Bureau operates as a regional partner for organizing conferences, corporate events, and incentive travel within the Ústecký region of the Czech Republic. The website serves as a comprehensive resource for venue selection, event planning assistance, and regional promotion, targeting event planners and corporate clients. The bureau is positioned as an official regional entity with partnerships including the Czech Convention Bureau and local government bodies. Technically, the website is built on Drupal 10, employs modern web technologies, and is hosted on a Czech hosting provider, ensuring regional alignment and performance. The site is mobile optimized and accessible, with a clear navigation structure and professional design. Security posture is moderate; HTTPS is used and cookie consent is implemented, but security headers and explicit security policies are absent. Privacy compliance is basic, with no visible privacy policy or terms of service pages. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and well-suited for its purpose but could improve in security and privacy transparency.

K

KTS Ekologie s.r.o.

kts-ekologie.cz

47

KTS Ekologie s.r.o. is a Czech company specializing in ecological waste management services, including waste collection, disposal, and compost sales. The company primarily serves municipalities, businesses, and citizens within the Czech Republic, positioning itself as a regional service provider with a focus on environmental sustainability. The website reflects a professional and consistent brand image, with clear contact information and integration of social media for community engagement. The presence of EU-funded projects further supports the company's legitimacy and public sector involvement. Technically, the website is built on Drupal 10 with Bootstrap 5, ensuring a responsive and modern user experience. The site loads with moderate performance and includes accessibility and SEO best practices, although some improvements could be made in accessibility and performance optimization. The hosting provider is inferred to be Webglobe based on DNS data, aligning with the domain registration information. From a security perspective, the site uses HTTPS and does not expose sensitive data. However, there is a lack of visible security headers and no published security or incident response policies, which are areas for improvement. Privacy compliance is partially met with a privacy policy present, but the absence of a cookie consent mechanism and vulnerability disclosure reduces compliance completeness. Overall, the security posture is moderate but could be enhanced with additional policies and technical controls. The overall risk assessment is low, with no signs of malicious activity or suspicious domain registration patterns. Strategic recommendations include implementing cookie consent, publishing security policies, adding security headers, and conducting regular security audits to strengthen the security posture and compliance. These steps will enhance trust and protect both the company and its users.

I

Institute of Molecular and Translational Medicine

imtm.cz

61

The Institute of Molecular and Translational Medicine (IMTM) is a well-established biomedical research institute based in the Czech Republic, founded in 2010. It focuses on understanding infectious diseases and cancer, developing medicines, diagnostics, and medical devices. The institute operates with a strong emphasis on public-private partnerships and international research collaborations. The website reflects a mature digital presence with comprehensive scientific content, including featured publications, research projects, and educational resources targeting researchers, students, and healthcare professionals. Technically, the website is built on Drupal 10 with modern front-end frameworks like Bootstrap and Font Awesome, ensuring good mobile optimization and accessibility. It integrates Google Analytics and Tag Manager for user tracking with anonymized IPs and provides a GDPR-compliant cookie consent mechanism. The hosting and domain registration are consistent with the organization's location and business nature. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent for privacy compliance. However, explicit security headers and a published security policy or incident response contacts are missing, representing areas for improvement. No vulnerabilities or suspicious content were detected. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with basic privacy standards.

I

Italian Trade Agency

machinesitalia.org

69

Machines Italia is a well-established B2B platform operated by the Italian Trade Agency, focused on connecting North American manufacturers with Italian machinery suppliers and associations. The website offers comprehensive sector information, events, educational programs, and B2B services, positioning itself as a key resource in the manufacturing and automation industry. The platform targets manufacturers, academic institutions, and public/private organizations interested in Italian technological innovations. Technically, the site is built on Drupal 10 with modern frameworks and libraries, ensuring good mobile optimization and user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and DNSSEC could be improved. Privacy compliance is evident with GDPR-aligned cookie policies and privacy statements. Overall, the site demonstrates high professionalism, trustworthiness, and business credibility.

EDF is a leading French energy company specializing in electricity production and supply, with a strong commitment to decarbonization and sustainable energy solutions. The website serves multiple audiences including individual consumers, businesses, communities, and job seekers, providing comprehensive information and services. The digital infrastructure is built on Drupal 10 with modern analytics and privacy management tools, reflecting a mature and professional technical setup. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly visible. The absence of WHOIS data is likely due to privacy protection and does not detract from the site's legitimacy. Overall, the site is well-designed, accessible, and trustworthy, supporting EDF's market position as a major energy provider in France.

S

Slovenský olympijský a športový výbor

olympic.sk

60

The Slovenský olympijský a športový výbor (Slovak Olympic and Sports Committee) operates a comprehensive and professionally designed website serving as the official portal for Slovak Olympic sports news, events, athlete information, and partner relations. The site targets Slovak sports enthusiasts, athletes, and partners, providing timely updates and resources related to Olympic activities. Technically, the website is built on Drupal 10, leveraging modern web technologies and integrating analytics and advertising tools responsibly. Security posture is strong with HTTPS, security headers, and secure form handling, though there is room for improvement in publishing explicit security policies and incident response information. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website demonstrates a high level of professionalism, trustworthiness, and digital maturity appropriate for a national sports governing body.

S

SPP Storage, s.r.o.

sppstorage.cz

56

SPP Storage, s.r.o. is a specialized energy sector company operating a significant underground natural gas storage facility in the Czech Republic. The company offers cross-border gas storage services with a capacity of 6.94 TWh, positioning itself as a reliable partner in the energy storage market. The website reflects a professional and consistent brand image, targeting business clients in the energy industry. Technically, the site is built on Drupal 10 with modern frontend technologies, providing good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie compliance, though some improvements in security headers and incident response transparency are recommended. Overall, the domain registration and website content align well, indicating a legitimate and established business presence.

U

Université PSL

psl.eu

60

Université PSL is a prestigious French university composed of multiple member institutions, offering a broad range of graduate programs, research initiatives, and innovation support. The website reflects a well-established educational institution with a strong international presence and a focus on excellence and sustainability. Technically, the site is built on Drupal 10, uses Matomo for analytics, and is hosted under a reputable registrar, OVH SAS. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

A

ALSA.z.s

zsalsa.cz

47

The website www.zsalsa.cz represents ALSA.z.s, a Czech non-profit organization dedicated to supporting patients diagnosed with ALS and their families. The organization provides counseling, therapy consultations, specialized equipment lending, rehabilitation stays, and specialist home visits. It is positioned as the sole organization in the Czech and Slovak Republics focusing on ALS patient support. The website is well-designed, mobile-optimized, and rich in relevant content including news, events, and media coverage links. Social media presence is active on Facebook, YouTube, and Instagram. Technically, the site is built on Drupal 10 with Bootstrap 5.2 and uses modern web technologies including Vue.js and Google Tag Manager for analytics. The site is accessible and SEO-optimized, though performance is moderate. Security posture is adequate with HTTPS implied but lacks visible security headers and explicit privacy or cookie policies, which are compliance gaps. No WHOIS data is available, which reduces domain trustworthiness and should be investigated further. Overall, the site is a credible and professional resource for ALS patients and their families, but improvements in privacy compliance and security hardening are recommended to enhance trust and regulatory adherence.

V

Vixio Regulatory Intelligence

gamblingcomplianceawards.com

51

The GamblingCompliance Awards website is a professionally maintained platform operated by Vixio Regulatory Intelligence, a UK-based company specializing in regulatory intelligence and compliance within the gambling industry. The site promotes the annual Global Regulatory Awards, which recognize excellence in compliance and responsible gambling. The business is well positioned as a leading organizer of these industry awards, targeting compliance professionals and stakeholders globally. The website provides comprehensive information about the awards, sponsors, history, and booking options, reflecting a mature and stable business model focused on event organization and sponsorship. Technically, the website is built on Drupal 10 with modern front-end frameworks like Bootstrap 4 and integrates Google Analytics and Tag Manager for tracking. Hosting appears to be on Amazon AWS infrastructure, supported by AWS DNS servers. The site is mobile optimized, accessible, and SEO friendly, with cookie consent mechanisms in place, indicating good digital maturity and compliance with privacy regulations. From a security perspective, the site enforces HTTPS and uses cookie consent banners, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. WHOIS data confirms a consistent and legitimate domain registration aligned with the business claims. Overall, the security posture is good but could be improved by adding formal security policies and enabling DNSSEC. The overall risk assessment is low, with no critical issues found. Strategic recommendations include publishing a security policy, adding incident response and vulnerability disclosure information, enabling DNSSEC, and implementing additional security headers to enhance protection and trust. The website is trustworthy, professional, and compliant with relevant privacy and security standards.