Security Directory

M

Media Business Insight (MBI)

globalproductionawards.com

47

The Global Production Awards website represents a professional event platform dedicated to recognizing excellence in sustainable film and TV production worldwide. Operated by Media Business Insight (MBI), a subsidiary of GlobalData, the site serves industry professionals and stakeholders with event information, award shortlists, winners, and sponsorship opportunities. The business model centers on event organization and media partnerships, positioning itself as a prestigious global awards entity within the media sector. Technically, the website employs a modern tech stack including jQuery, Slick Carousel, and the SHOWOFF CMS by ASP.events. The site is well-structured, mobile-optimized, and accessible, with good SEO practices and performance. However, some improvements are recommended in security headers and cookie consent mechanisms to enhance compliance and security posture. Security-wise, the site uses HTTPS and avoids exposing sensitive data. Tracking via Permutive is present, indicating moderate user tracking. The absence of WHOIS data for the domain is a notable concern, potentially indicating registration issues or privacy protection, which impacts domain legitimacy assessment. Overall, the website is trustworthy and professional, but the lack of WHOIS transparency and cookie consent mechanisms suggest areas for improvement to bolster compliance and trust. Strategic recommendations include enhancing security headers, publishing incident response contacts, and implementing cookie consent to align with GDPR and best practices.

D

Deutscher Paritätischer Wohlfahrtsverband - Gesamtverband e. V.

der-paritaetische.de

62

Der Paritätische Gesamtverband is a large, well-established non-profit umbrella organization in Germany representing over 10,800 independent social welfare organizations. The website serves as an information hub, providing news, publications, events, and services to its members and the public. It is built on TYPO3 CMS with modern web technologies and demonstrates a high level of digital maturity. The site is professionally designed, mobile-optimized, and accessible, with clear navigation and comprehensive content. Security posture is strong with HTTPS, cookie consent, and privacy-conscious analytics (Matomo with disabled cookies). However, explicit security policies and incident response contacts are not published. Overall, the website reflects a trustworthy and credible organization with a strong market position in the non-profit social welfare sector.

M

Media Business Insight Ltd (MBI)

screenfilmsummit.com

58

The Screen Film Summit website represents a professional event platform focused on the UK independent film industry, organized by Media Business Insight Ltd, a subsidiary of GlobalData. The site provides detailed information about the annual summit, including event descriptions, partners, speakers, and galleries, targeting producers, financiers, and distributors within the film sector. The business model centers on industry networking and knowledge sharing through events. Technically, the website is built on the SHOWOFF CMS by ASP.events, utilizing modern JavaScript libraries such as jQuery, Slick Carousel, and Magnific Popup. The site is mobile-optimized, accessible, and employs HTTPS with good performance. However, some security best practices like security headers and cookie consent mechanisms are missing or not detected. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. Tracking is done via Permutive, indicating moderate user tracking. The absence of WHOIS registration data is a concern, though the association with a reputable parent company supports legitimacy. No critical vulnerabilities or adult content were found, and privacy compliance is basic but present. Overall, the website is a credible and professional platform with room for improvement in security headers, privacy compliance, and transparency of contact information. The lack of WHOIS data should be investigated further to confirm domain legitimacy.

Y

YOVOTOGO

yovotogo.fr

52

YOVOTOGO is a French non-profit association dedicated to international solidarity, primarily focusing on supporting children and youth with disabilities in northern Togo, promoting female leadership, and enhancing education through access to computing. Founded in 2011, the organization operates with a clear humanitarian, secular, and apolitical mission. Its market position is niche, serving a specific regional and social cause with a small organizational size. The website reflects this mission with relevant content, clear navigation, and active social media engagement.

L

La note touristique

lanotetouristique.com

52

La Note Touristique is a small French business founded in 2020 that provides environmental labeling services for furnished tourism accommodations. The website presents a professional and consistent brand image focused on sustainability in the hospitality sector. Technically, the site is built using modern frameworks such as Nuxt.js and Vue.js and is hosted by OVH sas, a reputable provider. The site is accessible without any WAF or security challenges and implements HTTPS with a good SSL configuration. However, it lacks explicit privacy and terms of service policies, contact information, and security headers, which are important for compliance and trust. Cookie consent is implemented, indicating some attention to privacy regulations. Overall, the security posture is moderate but could be improved with additional headers and policies.

A

L'Agenda du Libre

agendadulibre.org

54

L'Agenda du Libre is a community-focused platform dedicated to aggregating and promoting events related to free and libre software, arts, data, hardware, and commons. It serves a niche audience interested in open source and libre culture, providing a comprehensive calendar of events, organization listings, and news updates. The website is closely associated with the April organization and related libre initiatives, reinforcing its position within the free software community. Technically, the site uses modern web technologies such as HTML5, CSS3, JavaScript, and Turbolinks, offering a mobile-responsive and user-friendly experience. However, there is a lack of explicit privacy, cookie, and terms of service policies, which impacts compliance and user trust. Security posture is moderate with no visible security headers or incident response information, and WHOIS data is unavailable, limiting domain trust verification. Overall, the site is functional and relevant for its target audience but would benefit from enhanced security and privacy transparency.

Artilect FabLab is a collaborative maker space and coworking hub located in Toulouse, France. It offers a variety of services including access to digital fabrication machines such as 3D printers and laser cutters, professional and hobbyist training courses, coworking spaces, and event hosting including team building activities. The website is built on the Odoo CMS platform and integrates modern web technologies and analytics tools such as Google Tag Manager and Plausible Analytics. The site is well-structured, mobile-optimized, and provides clear navigation and contact information. However, it lacks a publicly accessible privacy policy and terms of service, which are important for compliance and user trust. Security headers are not detected, indicating room for improvement in security posture. WHOIS data for the domain is unavailable, limiting the ability to fully verify domain legitimacy. Overall, the website presents a professional and trustworthy image for its target audience of makers, entrepreneurs, and creatives.

A

Association des élèves de l'INP Toulouse

inpt.fr

49

The website www.bde.inp-toulouse.fr serves as the official portal for the student association of INP Toulouse, providing information about student clubs, events, and elected representatives. It targets students within the INP Toulouse network and associated schools, offering community engagement and event participation opportunities. The business model is non-profit and focused on student services and communication. Technically, the site uses standard web technologies including jQuery, Bootstrap, and FontAwesome, with a responsive design suitable for mobile devices. The site is accessible without WAF or blocking mechanisms and loads with moderate performance. However, there is a lack of advanced security headers and no detected analytics or tracking scripts, indicating a minimalistic technical footprint. From a security perspective, the site uses HTTPS but lacks security headers and formal privacy or cookie policies, which are important for GDPR compliance. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. The absence of WHOIS data reduces domain trustworthiness slightly, but the content and external links align with a legitimate student association portal. Overall, the site is functional and serves its intended audience well but would benefit from improved security practices, privacy compliance, and enhanced contact transparency to strengthen trust and compliance posture.

T

Tisséo Collectivités

tisseo-collectivites.fr

56

Tisséo Collectivités is the public authority responsible for organizing and managing mobility services in the Toulouse metropolitan area, France. The organization focuses on sustainable urban transport solutions including metro lines, bus networks, and bike-sharing services. The website reflects a medium-sized public sector entity with a clear mission to serve local governments and residents by providing information and resources related to mobility projects and services. The company is well-positioned in its regional market as a key mobility authority. Technically, the website is built on Drupal 10, leveraging modern web technologies such as jQuery, Swiper for carousels, and FontAwesome for icons. The site is mobile-optimized with good SEO and accessibility features, although full RGAA compliance is partial. Hosting and domain registration are consistent with the organization's profile, and the site uses HTTPS with cookie consent mechanisms to comply with GDPR. From a security perspective, the site demonstrates good practices including HTTPS enforcement and cookie consent management. However, there is room for improvement in implementing security headers and publishing explicit security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and compliant with privacy regulations. It serves its public sector audience effectively with relevant content and clear navigation. Strategic recommendations include enhancing security headers, completing accessibility compliance, and publishing security and incident response policies to further strengthen trust and compliance.

G

GBS/CIDP Foundation International

gbs-cidp.org

60

GBS/CIDP Foundation International is a well-established non-profit organization dedicated to supporting individuals and families affected by Guillain-Barré syndrome, chronic inflammatory demyelinating polyneuropathy, and related neurological conditions. The foundation provides educational resources, funds research grants, advocates for patient needs, and fosters community engagement through events and volunteer programs. It holds a strong market position as a leading global non-profit in its healthcare niche, supported by trust indicators such as a Charity Navigator Four Star rating and membership in the National Health Council. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates multiple third-party analytics and marketing tools including Google Analytics, Facebook Pixel, and ShareThis. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Performance is moderate with room for optimization. From a security perspective, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data. However, it lacks a visible cookie consent mechanism and dedicated security or incident response policies, which are areas for improvement. No critical vulnerabilities or suspicious patterns were detected. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic enhancements in privacy compliance and security transparency would further strengthen its posture and user trust.

S

Site officiel de la Ville de Tarbes

tarbes.fr

48

The website www.tarbes.fr serves as the official digital portal for the city of Tarbes, France, providing residents and visitors with comprehensive information about municipal services, news, urban planning, social programs, and cultural activities. The site is positioned as a key communication channel for the local government, offering a broad range of public service information and administrative resources. The target audience primarily includes local citizens, businesses, and visitors seeking official city information. Technically, the website is built on the WordPress CMS platform, utilizing popular plugins such as Yoast SEO for search engine optimization and Matomo for analytics, alongside Google Analytics which is disabled by default pending user consent. The site incorporates modern web technologies including jQuery, FontAwesome, and Leaflet for interactive maps. Mobile optimization and navigation clarity are well addressed, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR principles. However, the absence of a published privacy policy, terms of service, and incident response contact information represents gaps in compliance and transparency. The WHOIS data is unavailable, which slightly reduces trustworthiness but does not detract significantly given the official nature and branding of the site. Overall, the website demonstrates a solid foundation in content quality, technical implementation, and business credibility, with room for improvement in privacy compliance and security best practices. Strategic recommendations include publishing comprehensive privacy and terms documents, enhancing security headers, and establishing clear incident response channels to strengthen trust and compliance.

P

Potisk Vylita

vylita.cz

39

Potisk Vylita is a Czech Republic-based company specializing in high-quality one- and multicoloured industrial and promotional printing services. Positioned as one of the largest printing companies in the Czech Republic, they offer rapid turnaround times including bulk orders, design proposals, and sample evaluations. Their business model focuses on B2B manufacturing and printing services targeting companies requiring customized printed products. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, including a GDPR-compliant privacy policy page. Technically, the website is built on WordPress using Bootstrap and jQuery, with Google reCAPTCHA implemented for form security. The site uses HTTPS with good SSL configuration but lacks some advanced security headers. Advertising is limited to Google Ads and Seznam Retargeting, with minimal user tracking observed. The site lacks explicit cookie consent mechanisms and security or incident response policies. Security posture is solid with HTTPS and reCAPTCHA, but could be improved by adding security headers and publishing incident response contacts. The absence of WHOIS data reduces domain trustworthiness, but the website content and contact details support legitimacy. Overall, the site is safe, business-focused, and compliant with GDPR, with room for security and privacy enhancements. Strategic recommendations include implementing security headers, adding cookie consent, publishing security policies, and maintaining up-to-date software to enhance trust and compliance.

T

TELEKO digital, a.s.

teleko.cz

60

TELEKO digital, a.s. is a Czech company specializing in digital and analog radio broadcasting services, operating a network of FM and DAB+ transmitters across the Czech Republic. The company is positioned as a regional leader in digital radio transmission, offering clean sound and a broad program selection to listeners in multiple regions. They also operate an e-commerce platform, PUREradio.cz, selling DAB+ receivers. The website reflects a mature digital presence with modern technologies and a clear focus on their core services. Technically, the site is built on Joomla CMS with Bootstrap and integrates Google Maps for coverage visualization. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking published privacy and security policies. Overall, the site is professional and trustworthy, with room for improvement in compliance documentation and security transparency.

H

Happy Robots s.r.o.

happy-robots.cz

50

Happy Robots s.r.o. is a small Czech technology company founded in 2020 specializing in chatbot and voicebot solutions aimed at automating customer support and e-commerce interactions. Their website presents a professional and consistent brand image, offering both custom chatbot development and a platform for chatbot management. The company targets businesses seeking to improve customer engagement and reduce operational costs through automation. Technically, the website uses modern frontend technologies such as Bootstrap, jQuery, and FontAwesome, with moderate performance and good mobile optimization. However, it lacks advanced security headers and published privacy or cookie policies, which impacts its privacy compliance score. Security posture is adequate with HTTPS and secure form handling but could be improved with additional headers and incident response information. Overall, the website is trustworthy and safe, with no adult or questionable content detected.

C

Com&Trombones

com-trombones.fr

52

Com&Trombones is a small independent administrative and communication assistance service based in France, targeting professionals, artisans, TPE/PME, and individuals. The company offers tailored administrative support including document management, invoicing, client follow-ups, and communication services such as social media management and content creation. The website is professionally designed using WordPress and Elementor, with a clear structure and good user experience. Technical infrastructure includes modern web technologies and hosting via Scaleway with DNS managed by o2switch.net. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks explicit security headers and published privacy policies. Overall, the site presents a trustworthy and professional image suitable for its niche market.

A

APPA Renovables

appa.es

56

APPA Renovables is a well-established national association representing companies in the renewable energy sector in Spain. With over 30 years of experience, it advocates for renewable technologies including wind, photovoltaic, biomass, and hydraulic energy. The website reflects a professional and consistent brand presence, targeting industry professionals and companies involved in renewable energy. The business model is non-profit and focused on sector representation, advocacy, and member services. Technically, the site is built on WordPress with a modern plugin ecosystem including WooCommerce, Yoast SEO, and event management tools, indicating a mature digital infrastructure. Security posture is good with HTTPS enabled and cookie consent mechanisms in place, though explicit security headers and incident response information are not publicly detailed. Overall, the site is trustworthy, compliant with privacy regulations, and provides clear contact channels. The lack of WHOIS data is due to query restrictions but does not detract from the site's legitimacy. Strategic recommendations include enhancing security header implementation and publishing a vulnerability disclosure policy.

A

Asociación Empresarial Hotelera de Madrid

aehm.es

55

The Asociación Empresarial Hotelera de Madrid (AEHM) is a prominent industry association representing over 300 hospitality establishments in the Madrid region, encompassing hotels, hostels, and apartments with more than 75,000 accommodation places. The organization serves as a key advocate and promoter of the hotel sector, providing services such as employment facilitation, event management, and sector representation. Their website is professionally designed using WordPress and Elementor, featuring comprehensive content and clear navigation tailored to industry stakeholders and professionals. Technically, the site employs modern web technologies and plugins, including Yoast SEO for search optimization and Complianz for GDPR cookie compliance. The presence of Google Analytics and Metricool tracking indicates moderate user behavior tracking, balanced with visible cookie consent mechanisms ensuring privacy compliance. Mobile optimization and accessibility are adequately addressed, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and includes cookie consent banners, but lacks explicit security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data due to registry restrictions limits domain trust verification, though the website's professional presentation and consistent branding support its legitimacy. Overall, AEHM's digital presence reflects a mature and credible organization within the hospitality sector, with room for improvement in security transparency and WHOIS data availability to enhance trust and compliance posture.

G

GEISTER MEDIZINTECHNIK GMBH

gbluelabel.de

41

GEISTER MEDIZINTECHNIK GMBH is a well-established German company specializing in the manufacture and supply of premium surgical instruments under the G BLUE LABEL™ brand. With a heritage spanning approximately 100 years, the company targets medical professionals and institutions requiring high-quality, innovative surgical tools. Their business model is primarily B2B, focusing on product excellence and custom solutions to meet surgical needs. The website reflects a professional and consistent brand image, supporting their market position as a premium instrument provider. Technically, the website employs modern JavaScript frameworks such as Vue.js and Axios, alongside jQuery and FontAwesome for UI elements. The site is mobile-optimized with good navigation and SEO practices, though performance is moderate. The CMS appears custom-built with PHP components. Analytics are implemented via Google Analytics and Tag Manager, indicating moderate user tracking. From a security perspective, the site uses HTTPS and includes verification meta tags for Google and Facebook, but lacks visible security headers and explicit cookie consent mechanisms. No sensitive data exposure or vulnerabilities were detected in the content. The WHOIS data is minimal but consistent with the business, showing no suspicious patterns. However, contact information is not explicitly provided on the main page, which could impact user trust. Overall, the website is professional and trustworthy with room for improvement in privacy compliance and security best practices. Strategic enhancements in cookie consent, security headers, and contact transparency would strengthen their security posture and user confidence.

G

German U15 e.V.

german-u15.de

53

German U15 e.V. is a non-profit association representing fifteen leading research-intensive universities in Germany. The organization focuses on promoting excellent research, innovative teaching, and international cooperation among its member institutions. The website serves as an information hub for policy statements, publications, events, and news related to higher education and research in Germany. The association holds a significant position in the German academic landscape, advocating for science policy and fostering collaboration. Technically, the website is built on the Infopark CMS Fiona platform using Ruby on Rails, with a modern tech stack including HTML5, CSS3, JavaScript, and jQuery. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some improvements in accessibility could be made. Hosting appears to be managed through German academic networks, ensuring reliability and alignment with the organization's profile. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, indicating a baseline security posture. However, it lacks several recommended security headers and does not provide explicit vulnerability disclosure or incident response contacts. Privacy compliance is partially met with a privacy policy present, but the absence of a cookie consent mechanism is a notable gap. Contact information is primarily available via contact forms rather than direct emails or phone numbers. Overall, the website is professional, trustworthy, and well-aligned with the organization's mission. Strategic recommendations include enhancing security headers, implementing cookie consent for GDPR compliance, and providing clearer contact channels for security incidents to strengthen trust and compliance.

E

EpilepsyCourses

epilepsycourses.com

64

EpilepsyCourses is a specialized educational platform offering SEEG and epilepsy-related courses primarily targeting neurologists and neurosurgeons. The website presents detailed course information, including upcoming events in 2025 and 2026, with a focus on expert training to improve epilepsy care. The business operates in the healthcare and education sectors, with a small organizational size and a domain age consistent with its recent founding in 2021. Technically, the site is built on WordPress using Elementor and related plugins, hosted by Infomaniak Network SA, and demonstrates good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and domain transfer protection, though DNSSEC and security headers are absent. Privacy and cookie policies exist but lack advanced compliance features such as consent mechanisms or GDPR explicit statements. Contact is primarily via a web form, with no direct emails or phone numbers published. Overall, the site is professional, trustworthy, and safe for general audiences.

V

Vanesta reklama s.r.o.

vanesta.cz

45

Vanesta reklama s.r.o. is a Czech-based advertising agency specializing in physical advertising solutions including graphic design, digital and large-format printing, production, and installation services. Established in 1991, the company serves a broad range of clients from small local businesses to larger companies across the Czech Republic. Their business model focuses on providing end-to-end advertising services with in-house production capabilities, enabling control over quality and delivery timelines. The website reflects a professional and consistent brand image with clear service offerings and contact channels.

L

Le Palais Art Hotel Prague

lepalaishotel.eu

60

Le Palais Art Hotel Prague is a luxury boutique hotel located in the prestigious Vinohrady district of Prague. The hotel combines historical charm with modern luxury, offering elegant accommodation and a unique artistic experience with interiors adorned by renowned artists. The website reflects a professional hospitality business with a clear market position targeting tourists and business travelers seeking high-end services including accommodation, dining, conferences, weddings, and wellness. Technically, the site is built on WordPress with a modern tech stack including Google Analytics, Tag Manager, and consent management via Didomi, ensuring compliance with privacy regulations. Security posture is good with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, well-branded, and compliant with GDPR, with no detected vulnerabilities or suspicious elements.

W

wegewerk GmbH

wegewerk.com

65

wegewerk GmbH is a specialized communication agency based in Germany, focusing on campaigns and online communication for political and societal topics. Their key services include campaign management, web design, and social media strategies primarily targeting non-profit organizations, NGOs, associations, and political entities. The website demonstrates a professional and consistent brand presence with excellent content quality and user experience. Technically, the site is built on TYPO3 CMS with integrations of modern JavaScript libraries and analytics tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies are absent. The absence of WHOIS registration data is a notable anomaly that requires further verification to confirm domain legitimacy. Overall, the website is trustworthy, well-structured, and compliant with GDPR requirements.

S

STACK

managewithstack.com

52

STACK is a specialized SaaS provider delivering curated software solutions tailored for healthcare organizations, particularly pharmacies and associations. The platform focuses on operational needs such as accreditation, licensing, compliance, and asset management, positioning itself as a unique vertical healthcare ecosystem. The company targets healthcare professionals seeking streamlined business operations and compliance management. Technically, the website is built on WordPress with modern plugins and integrates analytics and scheduling tools, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS and CAPTCHA protections, though improvements in security headers and privacy compliance are recommended. The absence of WHOIS data introduces some risk regarding domain legitimacy, but the website content and business information appear professional and trustworthy overall.

C

Capitole du Libre

capitoledulibre.org

50

Capitole du Libre is a well-established non-profit event organizer focused on free software advocacy and community engagement in Toulouse, France. The website promotes the 2025 edition of their annual event featuring conferences, workshops, and community activities. The organization targets both experts and the general public interested in open source software. Their business model relies on free registration, sponsorships, and merchandise sales. Technically, the website is built on modern frameworks such as Next.js and React, hosted by Infomaniak, and optimized for mobile devices. However, it lacks some advanced SEO and accessibility features. Security-wise, the site uses HTTPS and has domain transfer protections but lacks security headers and explicit privacy or cookie policies, which are compliance gaps. No WAF or blocking mechanisms are detected, and the domain registration is consistent and trustworthy. Overall, the site is professional and trustworthy but could improve privacy compliance and security hardening.

L

LSVD⁺ – Verband Queere Vielfalt e.V.

lsvd.de

51

LSVD⁺ – Verband Queere Vielfalt e.V. is a prominent German non-profit organization advocating for the rights and interests of lesbian, gay, bisexual, trans*, intersex, and queer (LSBTIQ*) individuals. The organization focuses on political advocacy, legal advice, public awareness, and community support, positioning itself as a leading voice for queer diversity and human rights in Germany. Their website reflects a professional and comprehensive approach to content delivery, targeting both the queer community and allies with educational resources, event information, and legal guidance. Technically, the website employs modern web technologies including jQuery, Slick Carousel, and the Foundation framework, hosted on DomainControl nameservers, and uses Matomo analytics to maintain privacy-conscious user tracking. Security posture is adequate with HTTPS enforced and AJAX-based contact forms, but lacks visible security headers and a cookie consent mechanism, which are areas for improvement. Overall, the site is accessible, well-structured, and trustworthy, with clear contact information and active social media engagement.

C

CHE gemeinnütziges Centrum für Hochschulentwicklung

che.de

52

CHE gemeinnütziges Centrum für Hochschulentwicklung is a well-established German non-profit think tank specializing in higher education research and policy. With over 30 years of experience, it provides studies, project work, and recommendations to stakeholders in the academic and education sectors. The website is professionally designed, primarily in German with English alternatives, and offers comprehensive content relevant to its target audience of academics, policymakers, and students. Technically, the site runs on WordPress with modern libraries and frameworks, ensuring good performance and mobile optimization. Security measures include HTTPS, Google reCAPTCHA, and GDPR-compliant cookie consent, though some security headers could be improved. No critical vulnerabilities or suspicious indicators were found. Overall, the site demonstrates a mature digital presence aligned with its business goals.

G

Global Higher Education Alliance for the 21st Century

ghea21.org

62

The Global Higher Education Alliance for the 21st Century (GHEA21) is a recently established educational network focused on advancing access to liberal arts and sciences education globally, particularly for displaced and refugee learners. It builds on the legacy of the Open Society University Network and offers degree programs, certificates, fellowships, and global learning opportunities. The organization targets students, faculty, and academic institutions with a mission to prepare engaged global citizens. Technically, the website is built on a TerminalFour CMS platform, uses standard web technologies including jQuery, Modernizr, and Google Analytics, and is hosted and registered via Cloudflare. The site is moderately optimized for performance and mobile use, with good design and navigation clarity. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and visible security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy practices.

I

IMCAS

imcas.com

68

IMCAS is a professional organization specializing in organizing congresses and educational events in dermatology, aesthetic medicine, and plastic surgery. The website serves as a platform for medical professionals to access event information, register, and engage with the community. The company holds a strong market position as a leading global congress organizer in its sector. Technically, the website employs modern web technologies including jQuery, Tailwind CSS, and various UI libraries, ensuring a responsive and user-friendly experience. The presence of Google Tag Manager and Facebook Pixel indicates active marketing and analytics efforts. Security-wise, the site enforces HTTPS and implements key security headers, reflecting a good security posture. However, the absence of WHOIS data and a dedicated security policy page suggests areas for improvement in transparency and trust. Overall, the site is professional, secure, and compliant with privacy regulations, though domain registration details should be verified to enhance credibility.

N

naviti GmbH

naviti.ch

10

naviti GmbH is a Swiss-based small technology company specializing in web design, webshop development, and custom software solutions primarily targeting private clients, SMEs, industries, foundations, and associations within the region of Kanton Aargau. Their business model focuses on affordable, customized digital solutions using their proprietary CMS platform navitiCms, complemented by training, support, and hosting coordination services. The company positions itself as a regional web agency emphasizing transparency, customer involvement, and modern technology.

S

Skeepers

mfb.li

63

Skeepers operates a customer experience platform, as evidenced by the backend login portal branded with their name and logo. The website serves primarily as an access point for users to sign in, including support for Single Sign-On (SSO) via SAML2, indicating enterprise-grade user management. The technical infrastructure leverages common web technologies such as jQuery, Bootstrap, and third-party widgets like Zendesk and Stonly for support and user guidance. However, the site lacks visible privacy and cookie policies, which are critical for compliance and user trust. Security measures are basic, with no explicit security headers or anti-CSRF tokens detected, though HTTPS is implied by the URL scheme. Overall, the site is functional but could benefit from enhanced security and privacy features.

S

Stereotaxis

stereotaxis.com

65

Stereotaxis is a medical technology company specializing in pioneering endovascular robotics to advance interventional medicine and improve patient care. The company targets healthcare professionals, patients, caregivers, and investors, positioning itself as an innovator in robotic systems for vascular procedures. The website reflects a professional and consistent brand presence with multimedia content and active social media engagement. Technically, the site uses modern web technologies including Bootstrap 4, jQuery, and Google Analytics, delivering a moderate performance and good mobile optimization. However, the absence of visible security headers and privacy policies indicates gaps in security and compliance maturity. The WHOIS data is missing, which raises concerns about domain registration transparency and trustworthiness. Overall, the site is functional and professional but would benefit from enhanced security practices and clearer privacy disclosures.

G

GEISTER MEDIZINTECHNIK GMBH

geister.com

54

GEISTER MEDIZINTECHNIK GMBH is a German-based manufacturer specializing in premium reusable surgical instruments, including titanium instruments and various clamps for cardiovascular and thoracic surgery. The company emphasizes German craftsmanship, precision, and sustainability, targeting medical professionals and OEM partners globally. Their website reflects a mature digital presence with multilingual support and detailed product highlights. Technically, the site uses modern JavaScript frameworks such as Vue.js and integrates Google Tag Manager for analytics, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though the absence of explicit security headers and incident response information suggests room for improvement. The WHOIS data is notably missing, which raises some concerns about domain registration transparency but does not directly contradict the professional business presence. Overall, the website is trustworthy and well-maintained but would benefit from enhanced security disclosures and contact transparency.

B

Berliner Hochschule für Technik

beuth-hochschule.de

65

Berliner Hochschule für Technik (BHT) is a public technical university in Berlin offering over 70 Bachelor and Master degree programs in engineering, natural sciences, and economics. The institution emphasizes practical, family-friendly education with strong ties to industry and research. The website is built on TYPO3 CMS and features comprehensive content including study programs, research focus, events, and student services. Technically, the site uses modern web technologies and provides good mobile optimization and accessibility. Security posture is adequate with HTTPS and cookie consent mechanisms, though security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected. Overall, the site reflects a professional, trustworthy educational institution with a strong digital presence.

B

Bard College

bard.edu

69

Bard College is a well-established four-year liberal arts and sciences institution located in upstate New York, approximately 90 miles north of New York City. The college offers a broad range of undergraduate and graduate programs, including early college and international study opportunities. Bard emphasizes scholarship, the arts, and civic engagement, positioning itself as a private college operating in the public interest. The website reflects a professional and consistent brand image, targeting prospective students, current students, faculty, alumni, and families. Technically, the website employs a modern technology stack including jQuery, Google Analytics, Google Tag Manager, TikTok Analytics, and various UI/UX libraries such as AOS and Jarallax for animations and parallax effects. The site is mobile-optimized, accessible, and SEO-friendly, with a custom CMS backend inferred from PHP includes. Performance is moderate with asynchronous loading of scripts and multimedia content. From a security perspective, the site enforces HTTPS with good SSL configuration and anonymizes IP addresses in analytics. However, it lacks visible security headers and a cookie consent mechanism, which are important for privacy compliance. WHOIS data is unavailable due to the .edu domain registry policies, but the domain and content strongly indicate legitimacy. No critical vulnerabilities or suspicious patterns were detected. Overall, Bard College's website demonstrates a mature digital presence with strong business credibility and good security posture, though improvements in privacy compliance and security headers are recommended to enhance trust and regulatory adherence.

NETQUES . daten & diagnostik GmbH operates the NQAP platform, a GDPR-compliant online application management system designed primarily for public sector and educational institutions in Germany. The platform digitizes and automates application processes, reducing paperwork and accelerating decision-making. The company positions itself as a niche technology provider with a focus on secure, efficient, and user-friendly application workflows. The website is professionally designed, consistent in branding, and targets organizations requiring compliant digital application solutions. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, and various UI enhancement libraries. Security is well considered with HTTPS, Content Security Policies, and secure form handling including CSRF tokens and honeypot anti-spam measures. However, some security headers could be improved, and no cookie consent mechanism was detected despite GDPR emphasis. The WHOIS data is unavailable due to registry restrictions common for .es domains, but the website content and business information indicate a legitimate and professional operation. Overall, the security posture is strong with good data protection practices and ISO-certified hosting claims. The absence of vulnerability disclosure and incident response contacts are areas for improvement. The website is safe for general audiences, with no adult or questionable content. The business credibility is high, supported by clear contact information and trust signals such as LinkedIn presence and ISO certifications. Strategically, NETQUES should enhance transparency by adding cookie consent, incident response information, and vulnerability disclosure policies. Improving accessibility and adding additional security headers would further strengthen their security posture and compliance. These steps will enhance trust and align with their GDPR-focused business model.

Convertri is a technology company offering a high-performance funnel and landing page builder targeted at agencies, coaches, and solopreneurs. The platform emphasizes speed and conversion optimization, positioning itself as a leading solution in the marketing software space. The website is professionally designed with clear branding and content tailored to its target audience. Technically, the site employs modern analytics and marketing tools such as Google Analytics, Google Tag Manager, and Facebook Pixel, indicating a mature digital marketing infrastructure. Security-wise, the site uses HTTPS with a strong SSL configuration but lacks visible security headers and formal privacy or cookie policies, which are areas for improvement. The absence of WHOIS registration data raises questions about domain legitimacy, although the website content and SSL presence suggest a legitimate business. Overall, the site presents a good user experience and professional appearance but would benefit from enhanced transparency and compliance documentation.

C

Collabora Limited

apertis.org

56

Apertis is an open source GNU/Linux distribution and infrastructure platform primarily targeting automotive and embedded device markets. It is developed and maintained by Collabora Limited, a reputable company in the open source ecosystem. Apertis emphasizes security, modularity, and production readiness, offering extensive software management, testing frameworks, and resilient upgrade capabilities. The platform also provides tools and cloud services to optimize development and reliability. The website reflects a mature and professional project with frequent releases and commercial support options. Technically, the website is built using modern web technologies including Hugo static site generator, Bootstrap, jQuery, and FontAwesome. It is well-structured, mobile-optimized, and SEO-friendly. The site uses HTTPS exclusively, indicating good baseline security. However, some security best practices such as explicit security headers and cookie consent mechanisms are not evident. The WHOIS data is unavailable due to privacy protection, but the domain appears legitimate and consistent with the business identity. Security posture is solid with no visible vulnerabilities or exposed sensitive data. The absence of a published security policy or vulnerability disclosure page is a minor gap. Contact information is limited to an email address, with no phone numbers or incident response contacts. Privacy compliance is good with a comprehensive privacy policy and terms of use clearly linked. No advertising or tracking beyond minimal service monitoring is present, supporting user privacy. Overall, Apertis presents a trustworthy and professional open source platform with strong technical foundations and a clear focus on security and modularity. Strategic improvements in security headers, cookie consent, and incident response transparency would further enhance trust and compliance.

A

ATMO GrandEst

atmo-grandest.eu

59

ATMO GrandEst operates as a regional environmental monitoring organization focused on air quality and pollen indices for the Grand Est region in France. The website provides detailed geographic and environmental data for numerous communes, serving residents and local authorities. The business model aligns with public service and environmental data dissemination, positioning ATMO GrandEst as a key regional authority in environmental monitoring. Technically, the website is built on Drupal 9 CMS, utilizing modern web fonts, icon libraries, and analytics tools such as Microsoft Clarity and Google Analytics. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Security practices include HTTPS usage and asynchronous loading of tracking scripts, though security headers and explicit privacy mechanisms are not evident. The security posture is moderate with no detected vulnerabilities or WAF blocking. However, the absence of visible privacy and cookie policies, as well as contact information, reduces privacy compliance and user trust. The WHOIS data is unavailable due to EURid privacy restrictions, which is typical for .eu domains, and does not raise immediate legitimacy concerns. Overall, the website is functional and serves its informational purpose but would benefit from enhanced privacy compliance, clearer contact channels, and improved security headers to strengthen trust and regulatory adherence.

S

Splio

splio.com

77

Splio is a French-based SaaS company specializing in CRM marketing solutions tailored for the retail sector. Their platform centralizes customer data, automates marketing campaigns, and supports loyalty programs, positioning them as a key player in retail marketing technology. The website reflects a mature digital presence with professional design and consistent branding, targeting retail businesses seeking advanced CRM and loyalty solutions. Technically, the site is built on WordPress with modern performance optimizations such as lazy loading and uses reputable third-party services for fonts, analytics, and consent management. Security posture is solid with HTTPS enabled and domain registration consistent with the business age, though there is room for improvement in security headers and explicit security policies. Privacy compliance is partially addressed via Cookiebot consent management, but lacks visible privacy and terms of service pages. Overall, the website is trustworthy and professional, supporting the company's market position in retail CRM SaaS.

F

Fotokino

fotokino.org

49

Fotokino is a well-established cultural arts organization based in Marseille, France, specializing in visual arts exhibitions, workshops, conferences, and publishing. The organization operates a physical venue and an online presence that includes an e-shop and a rich events calendar. Their market position is niche, focusing on contemporary design and visual arts with a strong local and regional cultural impact. The website reflects a professional and consistent brand image with clear contact information and active social media engagement. Technically, the site is built on WordPress with modern plugins and libraries, hosted by Infomaniak, and optimized for mobile users. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced DNS security and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professionally maintained, serving a general audience interested in arts and culture.

A

Ag Art cz s.r.o.

webmeeting.cz

54

WebMeeting, operated by Ag Art cz s.r.o., is a Czech-based online communication platform offering solutions for meetings, webinars, training, and conferences. It targets both business and private users within the Czech Republic, providing a localized and installation-free environment. The platform offers two main products: WebMeeting kavárna for quick, small meetings, and WebMeeting PRO for larger, professional online events. The company maintains a professional web presence with detailed contact information, client references, and social media engagement. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates analytics and marketing tools such as Matomo and Facebook Pixel. Security practices include HTTPS, reCAPTCHA, and cookie consent mechanisms, though explicit security policies and incident response details are not publicly available. WHOIS data is unavailable, which slightly impacts trust but is mitigated by the transparent business information and active customer support channels.

H

Happy Robots s.r.o.

chytrecallcentrum.cz

43

ChytreCallcentrum.cz is a Czech Republic based small technology company specializing in voicebot automation solutions for call centers. Their core offering includes AI-driven conversational robots that automate telephone interactions, replacing traditional IVR systems and improving customer experience. The company targets small to medium businesses seeking to reduce operational costs and improve call handling efficiency. The website presents a professional and consistent brand image with clear contact information and demo scenarios illustrating GDPR compliance in voicebot interactions. Technically, the site uses modern frontend frameworks such as Bootstrap and jQuery, with good mobile optimization and moderate performance. However, the site lacks explicit privacy and cookie policies, and security headers are not detected, indicating room for improvement in security posture and compliance. Analytics tracking is present but commented out, suggesting privacy considerations or incomplete implementation. Overall, the domain registration data aligns well with the business profile, supporting legitimacy. The website is safe for general audiences and does not contain any adult or questionable content.

I

Ijoomla Demo

ijoomlademo.com

65

Ijoomla Demo is a small media-focused lifestyle blog providing content on makeup, politics, music, clothes, and general lifestyle topics. The website targets a general audience interested in lifestyle improvements and cultural insights. It operates on a WordPress platform with a professional design and consistent branding. The technical infrastructure includes common WordPress plugins such as Yoast SEO Premium and jQuery, hosted likely via GoDaddy given the registrar data. Security posture is moderate with HTTPS enabled but lacking advanced security headers and DNSSEC. Privacy compliance is limited, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. The site includes affiliate links to gambling-related domains but does not directly offer gambling services. Overall, the domain age and WHOIS data support legitimacy and consistent business operation.

L

LOCASTE s. r. o.

palacvina.cz

63

Palác vína, operated by LOCASTE s. r. o., is a specialized retailer focused on offering high-quality wines and delicacies primarily from small family wineries and farms across Europe and Chile. The company also supports charitable causes such as foster families through partnerships with non-profit organizations. The website presents a professional and well-structured digital presence with clear business information, contact details, and e-commerce capabilities. Technically, the site is built on the ByznysWeb.cz CMS platform, uses modern web technologies, and enforces HTTPS with basic security measures including captcha protection on forms and cookie consent mechanisms. However, the absence of WHOIS data for the domain reduces transparency and slightly impacts trust. Privacy policies and cookie consent are well implemented and GDPR compliant. The site targets mature audiences due to alcohol sales but contains no explicit adult content.

O

Offline Online

offline-online.ch

50

Offline Online is a niche online journal affiliated with ECAL, focusing on art, design, and cultural content. The website offers interviews, portfolios, workshops, exhibitions, and travel reports primarily in French, targeting a general audience interested in creative fields. The business model centers on content publishing and cultural journalism with a small-scale operation linked to an educational institution. Technically, the site is built on WordPress with a modern tech stack including jQuery, FullPage.js, Bootstrap, and performance optimizations via WP Rocket. It is mobile-optimized and SEO-friendly but lacks some accessibility features. Security posture is solid with HTTPS and local Matomo analytics, but missing security headers and explicit policies reduce compliance maturity. No privacy or cookie policies are found, and contact information is not clearly provided, which impacts trust and privacy compliance scores. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security documentation.

E

ECAL/Ecole cantonale d’art de Lausanne

ecal-shop.ch

47

ECAL Shop is the official e-commerce platform of the Ecole cantonale d’art de Lausanne (ECAL), specializing in selling art and design publications, limited edition art prints, objects, and collaborations created by students, graduates, and affiliated designers. The website targets art enthusiasts, collectors, and the general public interested in contemporary art and design products. It operates as a niche educational retail platform with a clear focus on quality and exclusivity. The platform supports multilingual access (French and English) and integrates modern e-commerce functionalities via WooCommerce. Technically, the website is built on WordPress with WooCommerce, enhanced by Bootstrap for responsive design, and uses several modern libraries such as jQuery, Slick Carousel, and FontAwesome. SEO is managed through Yoast SEO, and multilingual support is provided by WPML. Performance is moderate with caching via WP Rocket. The site is mobile-optimized and accessible with a clear navigation structure. From a security perspective, the site enforces HTTPS and uses Matomo analytics with privacy considerations. Cookie consent is implemented, and no sensitive data is exposed in the HTML. However, explicit security headers are not detected, and no formal security or incident response policies are published. There are no detected vulnerabilities or suspicious elements, indicating a generally secure posture suitable for its business model. Overall, ECAL Shop presents a professional, trustworthy, and well-maintained online presence aligned with its educational and artistic mission. Strategic improvements could include enhancing security headers, publishing a security policy, and adding incident response contacts to strengthen trust and compliance further.

F

Freie Universität Berlin

fu-berlin.de

50

Freie Universität Berlin is a leading German excellence university established in 1948, offering over 150 academic programs across twelve faculties and three central institutes. The website serves a diverse audience including students, researchers, staff, and international partners, providing comprehensive information on study programs, research, international cooperation, and campus services. The site is well-structured, professionally designed, and supports accessibility and mobile optimization. Technically, it is built on a Ruby on Rails framework with Infopark CMS Fiona, leveraging modern web standards and security best practices such as HTTPS and security headers. However, it lacks a visible cookie consent mechanism and explicit security or incident response policies, which are areas for improvement. Overall, the website demonstrates a strong security posture with no detected vulnerabilities or suspicious content, reflecting the institution's credibility and trustworthiness.

E

Eqvista

eqvista.com

70

Eqvista is a specialized equity management and valuation service provider founded in 2018, targeting startups and private companies. The company offers a SaaS platform combined with expert advisory services, including cap table management, 409A valuations, financial modeling, and various valuation services such as software, IP, gift and estate tax, and portfolio valuations. Eqvista has established a strong market position with over 20,000 customers and significant assets under administration, supported by professional certifications and a robust digital presence. Technically, the website is built on WordPress with modern web technologies including jQuery, Google Tag Manager, and Cloudflare DNS. The site demonstrates good SEO practices, mobile optimization, and a professional design that supports a positive user experience. Analytics and marketing tools are extensively used, indicating a mature digital marketing strategy. From a security perspective, the site uses HTTPS with a good SSL configuration and Cloudflare DNS but lacks DNSSEC and some advanced security headers like Content Security Policy. There is no visible security policy or incident response contact, which could be improved. No critical vulnerabilities or blocking mechanisms were detected, and no sensitive data exposure was found. Overall, Eqvista presents a trustworthy and professional online presence with strong business credibility and a good security posture. Strategic improvements in DNS security and formal security policies would enhance their security maturity and compliance posture.

A

Atmo France

atmo-france.org

62

Atmo France operates as the national federation coordinating regional associations responsible for monitoring air quality across France and its overseas territories. The organization provides comprehensive data, alerts, and educational resources to the general public, local authorities, businesses, and educational institutions. Their market position is that of an authoritative, government-aligned non-profit entity focused on environmental health and air quality surveillance. Technically, the website is built on Drupal 9, leveraging modern web technologies such as Bootstrap, Google Fonts, and FontAwesome for styling and responsiveness. Analytics are handled via Matomo, indicating a preference for privacy-conscious tracking. The site is mobile-optimized and accessible, with clear navigation and interactive features such as maps and indices for air quality and pollen. From a security perspective, the site uses HTTPS and includes some anti-bot measures, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is basic, with no visible privacy or cookie policies, which is an area for improvement. Overall, the website presents a trustworthy and professional front for a public-interest environmental organization. The lack of WHOIS data due to privacy protection is typical for such entities and does not detract from legitimacy. Strategic recommendations include enhancing privacy disclosures, implementing security headers, and publishing clear contact and incident response information to strengthen trust and compliance.