Security Directory

R

RATP Group

ratpgroup.com

58

RATP Group is a leading global urban transport operator, ranked third worldwide, providing comprehensive mobility services, infrastructure management, real estate, and safety solutions. The company serves cities and regions primarily in France but also internationally, supported by a large workforce and multiple subsidiaries. The website reflects a mature digital presence with a focus on sustainability and corporate social responsibility. Technically, the site uses modern frameworks such as React and Next.js, hosted on Akamai infrastructure, and integrates privacy-conscious analytics via Matomo. Security posture is strong with HTTPS enforced and domain protections in place, though DNSSEC is not enabled and explicit security policies are not published. Overall, the site is professional, trustworthy, and well-optimized for performance and accessibility.

The website www.databaze-strategie.cz serves as the official national portal for strategic and conceptual documents in the Czech Republic, operated under the auspices of the Ministry for Regional Development (Ministerstvo pro místní rozvoj ČR) and supported by the National Network of Healthy Cities of the Czech Republic. It provides a comprehensive database of strategic documents at international, national, regional, and local levels, targeting public administration entities, municipalities, and professionals involved in strategic planning. The platform acts as a key tool for cohesion policy and strategic governance in the country. Technically, the site employs a modern JavaScript stack including jQuery, jQuery UI, Select2, and integrates analytics via Google Analytics and Matomo. It uses HTTPS and includes cookie consent mechanisms compliant with GDPR. The site is moderately optimized for performance and mobile use, with basic accessibility features. However, no CMS or hosting provider details are evident, and some security headers are missing. From a security perspective, the site demonstrates good baseline practices such as HTTPS and cookie consent but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. The absence of WHOIS registration data is a concern, reducing trustworthiness despite the official nature of the content. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site is a reliable government resource with good content quality and moderate technical maturity. Strategic recommendations include improving security headers, publishing security and incident response policies, enhancing mobile and accessibility compliance, and verifying domain registration details to strengthen trust and compliance.

ATMO BFC is a regional environmental health organization focused on air quality, climate, energy, and mobility in Bourgogne-Franche-Comté, France. The website serves as an authoritative source for environmental data, publications, and public information. The organization appears well-established with a domain registered since 2017 and no privacy protection, indicating transparency. The site uses Drupal 10 CMS with modern JavaScript libraries and includes analytics via Matomo and cookie consent via CookieYes. Security posture is adequate with HTTPS and domain protections but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is partial due to the absence of a visible privacy policy page. Overall, the website is professional, content-rich, and trustworthy for its target audience.

R

RATP Dev

ratpdev.com

66

RATP Dev is a global operator specializing in the operation and maintenance of urban and interurban transportation networks across five continents. The company offers a wide range of services including metro, tramway, bus, train, sightseeing, demand-responsive transport, and specialized services for persons with reduced mobility. The website reflects a mature enterprise with a strong international presence and multiple subsidiaries. Technically, the site is built on Drupal 10, uses modern analytics and mapping technologies, and implements cookie consent mechanisms, indicating a reasonable level of digital maturity. Security posture is good with HTTPS and some privacy measures, but lacks explicit security policies and vulnerability disclosure mechanisms. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, though the website content and branding align with the known RATP Group. Overall, the site is professional and trustworthy but would benefit from enhanced transparency in privacy and security disclosures.

F

Framasoft

framatube.org

56

Framatube is a PeerTube instance operated by the non-profit association Framasoft, dedicated to hosting and sharing videos related to their community and open source projects. The platform leverages decentralized video hosting technology to provide an alternative to mainstream video platforms, emphasizing privacy and open standards. The website is well-branded, consistent, and targets a general audience interested in free and open source software and community content. Technically, the site is built on the PeerTube platform using modern web technologies including Angular and TypeScript, with privacy-respecting Matomo analytics integrated. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content.

F

Framasoft

framagit.org

60

Framagit.org is a self-hosted GitLab instance operated by Framasoft, a French non-profit organization dedicated to promoting free software and digital commons. The platform provides hosting and collaboration tools for open source projects, targeting developers, contributors, and ethical digital communities. The website demonstrates a solid technical infrastructure leveraging GitLab, modern JavaScript frameworks, and privacy-conscious analytics via Matomo. Security posture is strong with HTTPS enforcement, CSRF protection, and domain transfer restrictions, although DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is partial, with privacy and terms pages present but lacking cookie consent mechanisms. Overall, the site is trustworthy, professionally maintained, and serves a niche community with a focus on ethical technology.

C

Collectif CHATONS

chatons.org

59

The website www.chatons.org represents the Collectif CHATONS, a French non-profit collective initiated by Framasoft in 2016. It focuses on providing ethical, transparent, and decentralized online services as alternatives to major tech companies, targeting users concerned about privacy and digital sovereignty. The site offers resources to find service providers ('chatons') by service type, location, or other criteria, and promotes community collaboration and support. Technically, the site is built on Drupal 8, uses Matomo for privacy-respecting analytics, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS and privacy-conscious analytics, though explicit security headers and cookie consent mechanisms are absent. WHOIS data is unavailable or malformed, limiting domain trust assessment, but the association with Framasoft and the quality of content support legitimacy. Overall, the site is professional, trustworthy, and well-aligned with its mission.

M

Městské muzeum Dvůr Králové nad Labem

muzeumdk.cz

52

Městské muzeum Dvůr Králové nad Labem is a municipal cultural institution offering three permanent exhibitions focused on local history, textile printing, and Christmas ornaments. The museum targets general public visitors, including schools, and provides educational programs, workshops, and an online catalog. The website is built on WordPress with modern frontend technologies such as Bootstrap and jQuery, and integrates analytics tools like Matomo and Google Tag Manager. It is well-structured, mobile-optimized, and provides clear navigation and relevant content in Czech with English language support. Security posture is solid with HTTPS enforced and GDPR-compliant cookie consent implemented, though some security headers and explicit incident response contacts are missing. Overall, the site is trustworthy, professional, and aligned with the museum's public service mission.

E

Encavis

encavis.com

67

Encavis is a large European renewable energy company specializing in solar parks and wind farms, with over 3.8 GW installed capacity. The company targets institutional investors, energy-intensive companies, and partners such as landowners and project developers. The website is professionally designed, mobile-optimized, and provides comprehensive information about their services and recent business activities. Technically, the site uses modern web technologies including JavaScript libraries, consent management, and self-hosted analytics, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though there is room for improvement in publishing dedicated security policies and incident response contacts. WHOIS data is unavailable, which slightly reduces trust but does not outweigh the professional presentation and business legitimacy. Overall, the site is safe, trustworthy, and well-positioned in the renewable energy sector.

Obec Řeka is a small municipal government website serving the village of Řeka in the Moravian-Silesian Beskids region of the Czech Republic. The site provides local government information, community news, event calendars, and tourism promotion. It targets local residents and visitors interested in the region's natural and cultural offerings. The website is built on a custom CMS platform (IPO Redakční systém by Antee s.r.o.) and uses common web technologies such as jQuery, Google reCAPTCHA, and Matomo analytics configured with privacy considerations. The site is accessible, mobile-optimized, and includes cookie consent mechanisms, reflecting a moderate level of digital maturity. However, the absence of WHOIS registration data and lack of visible security headers indicate areas for improvement in security posture. Overall, the site is functional and trustworthy as a local government portal but would benefit from enhanced security and compliance documentation.

Obec Morávka is a small municipal government entity serving the Morávka area in the Czech Republic. The website provides comprehensive local government information including public notices, events, administrative forms, and community resources. It targets residents and visitors seeking official information and services. The business model is typical of local government, focusing on public service and community engagement. Technically, the site uses a custom CMS (IPO), jQuery libraries, Google reCAPTCHA, and Matomo analytics, indicating a moderate level of digital maturity. The site is mobile optimized and accessible with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers and incident response information are lacking. WHOIS data is unavailable or privacy protected, which is common for such entities, but the domain and content appear legitimate and consistent with the municipality's identity. Overall, the site is professional, trustworthy, and serves its community well.

E

E. Gutzwiller & Cie, Banquiers

gutzwiller.ch

50

E. Gutzwiller & Cie, Banquiers is a well-established Swiss private bank specializing in wealth management services for private clients and third-party asset managers. Founded in 1886, the bank operates offices in Basel, Geneva, and Zurich, offering discretionary, advisory, and execution-only mandates alongside trading and custodial services. The website reflects a professional and consistent brand image, supported by regulatory compliance and membership in reputable Swiss banking associations. Technically, the site is built on WordPress with modern plugins and analytics tools, delivering good performance and mobile optimization. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers and policies could be enhanced. Overall, the site demonstrates high business credibility and trustworthiness, with no signs of suspicious activity or content.

L

Les Arcs Office de Tourisme

lesarcs.com

63

Les Arcs Office de Tourisme operates a comprehensive and professionally designed website promoting the Les Arcs ski resort and mountain destination in the French Alps. The site targets families and tourists interested in skiing, mountain activities, and year-round vacation options. It offers services such as accommodation booking, activity reservations, and detailed tourism information. The website is built on TYPO3 CMS and integrates modern web technologies including jQuery, Swiper.js, and Matomo analytics, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though some security headers and explicit security policies are absent. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. WHOIS data is unavailable or protected, which slightly reduces transparency but does not detract from the site's professional appearance and trustworthiness. Overall, the website is a high-quality, trustworthy digital presence for a medium-sized tourism entity in France.

D

DESTINATION NANCY

destination-nancy.com

39

DESTINATION NANCY is a public local company primarily focused on promoting tourism and organizing events in the Grand Nancy metropolitan area. It operates key event venues such as Centre Prouvé and Parc Expo, provides free advisory services through its Convention Bureau, and collaborates closely with the local government and tourism office. The website is professionally designed, multilingual (French and English), and regularly updated with event and news content. Technically, it is built on WordPress with modern plugins and analytics tools, delivering a good user experience with mobile optimization and SEO best practices. Security posture is solid with HTTPS and cookie consent, though there is room for improvement in security headers and explicit security policies. WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, the site is trustworthy, well-maintained, and serves its target audience effectively.

C

Communauté de Communes Pyrénées Cerdagne

pyrenees-cerdagne.fr

58

The website www.pyrenees-cerdagne.fr represents the Communauté de Communes Pyrénées Cerdagne, a local government entity serving the Pyrénées Cerdagne region in France. It provides public services including urban planning, waste management, cultural activities, and cross-border cooperation. The site targets residents and visitors of the region, offering information and access to community resources. The business model is typical of a public sector organization funded by government budgets. Technically, the site is built on Drupal 7 with Angular integration, leveraging modern mapping libraries such as Leaflet and Google Maps API. It uses Matomo for analytics and Sirdata's consent framework for cookie management, indicating a moderate level of digital maturity and privacy awareness. The site is mobile-optimized and has a clear navigation structure. From a security perspective, HTTPS is enforced, and cookie consent mechanisms are in place. However, no explicit security headers were detected in the HTML content, and no public security or incident response policies are published. The absence of WHOIS data is unusual for a .fr domain but does not appear to impact the legitimacy of the site based on content and branding. Overall, the website is professional, trustworthy, and serves its public sector purpose well. Strategic recommendations include enhancing security headers, publishing privacy and security policies explicitly, and improving WHOIS transparency if possible.

O

Office national des forêts

onf.fr

60

The Office national des forêts (ONF) is a major French government-related organization focused on sustainable forest management, environmental protection, and public engagement. The website reflects a well-established entity with a domain registered since 1996, consistent with its long-standing public service role. The site offers a variety of services including forest management, risk management, and services for local authorities and businesses. It targets a broad audience including public officials, enterprises, forest professionals, and the general public. Technically, the website employs modern JavaScript frameworks such as Vue.js, uses analytics tools like Matomo and Facebook Pixel, and integrates Google Tag Manager for marketing and tracking purposes. The site is mobile-optimized with good navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or suspicious patterns were detected. Privacy policies and terms of service are clearly presented, supporting GDPR compliance. Overall, the website is trustworthy, professional, and aligns well with the organization's mission and public service nature.

S

Scramble Brand

scramblestuff.com

68

Scramble Brand is a well-established e-commerce retailer specializing in Brazilian Jiu-Jitsu apparel and lifestyle products. Founded in 2009, the company offers a wide range of high-quality BJJ gis, no-gi gear, rashguards, and casual wear, targeting martial arts practitioners globally. Their market position is strong within the niche BJJ community, supported by active social media presence and community engagement through sponsorships and events. Technically, the website is built on WordPress with WooCommerce, leveraging modern web technologies and analytics tools such as Matomo, Google Tag Manager, and Facebook Pixel. The site demonstrates good mobile optimization, SEO practices, and user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. Privacy compliance is robust with clear policies and GDPR adherence. Overall, the site is professional, trustworthy, and well-maintained, with no critical security or compliance issues detected.

Des Livres en Communs is a French non-profit initiative operated by Framasoft that offers an innovative publishing model supporting authors with grants and editorial assistance to produce works published under free licenses. The website presents a clear mission focused on free culture and alternative publishing, targeting authors and readers interested in open access literature. Technically, the site is built using the Hugo static site generator with Bootstrap and Fork Awesome for styling, hosted by OVH, and uses Matomo for analytics, reflecting a modern and privacy-conscious infrastructure. Security posture is adequate with HTTPS enabled and domain protections in place, but lacks DNSSEC and security headers, and no privacy or cookie policies are present, indicating room for compliance improvements. Overall, the site is professional and trustworthy but could enhance transparency and security practices to better align with GDPR and best practices.

Red de Consultores is a Mexican consulting firm specializing in food safety and quality management services, with over 20 years of experience. The company offers professional consulting and training services including HACCP, SQF, ISO 22000, and other food safety standards, targeting food industry professionals and quality managers primarily in Mexico. The website reflects a solid market position with clear service offerings and a professional presentation. Technically, the website is built on Joomla CMS with Gantry5 framework, utilizing common libraries such as jQuery and Bootstrap. It integrates Matomo analytics and Olark live chat for user engagement and tracking. The site is moderately optimized for mobile and performance, with basic SEO and accessibility features. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and important security headers. There is no visible privacy or cookie policy, which is a compliance gap. No incident response or security contact information is provided. The domain WHOIS data is consistent with the business claims, indicating legitimacy. Overall, the website is functional and professional but would benefit from enhanced security practices and privacy compliance to improve trust and reduce risk.

G

Geiger Edelmetalle

geiger-edelmetalle.de

66

Geiger Edelmetalle operates a professional e-commerce platform specializing in the sale and purchase of precious metals including gold, silver, copper, palladium, and platinum. The company targets investors and collectors seeking high-quality bullion and coins, supported by services such as engraving, storage, and individual minting. The website is TÜV-certified, indicating a commitment to quality and trustworthiness in the precious metals retail market. Technically, the site is built on the Shopware CMS platform, leveraging modern web technologies and analytics tools like Matomo and TikTok Pixel, with a good level of mobile optimization and accessibility. Security posture is strong with HTTPS enforced and nonce usage in scripts, though explicit security headers and policies are absent. Privacy compliance is basic, with cookie consent mechanisms present but no clear privacy or terms of service pages detected. Overall, the site presents a credible and professional digital presence with room for improvement in transparency and security documentation.

R

Réseau National des Maisons des Associations

rnma.fr

49

The Réseau National des Maisons des Associations (RNMA) operates as a national non-profit network dedicated to supporting local associative life in France. The organization provides resources, events, and research to strengthen community engagement and associative activities. Their website reflects a professional and well-structured platform with clear navigation, event listings, and active social media channels. Technically, the site is built on WordPress using modern plugins and themes, with moderate performance and good mobile optimization. Security posture is solid with HTTPS and reCAPTCHA integration, though explicit security headers are lacking and no public security policy is found. Privacy compliance is strong, featuring a comprehensive privacy policy and cookie consent mechanism. However, the absence of WHOIS data for the domain raises concerns about domain legitimacy and trustworthiness, warranting further verification. Overall, the RNMA website is a credible and valuable resource for its target audience but could improve transparency and security practices.

P

Point S Italia Srl Unipersonale

point-s.it

66

Point S Italia Srl Unipersonale operates as part of the global Point S Group, providing automotive tire and maintenance services in Italy since 2015. The company holds a strong market position as the largest independent network of tire dealers worldwide, offering a wide range of vehicle maintenance services. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to vehicle owners in Italy. Technically, the site is built on Drupal 10, integrates multiple analytics and marketing tools, and employs a robust consent management system to ensure GDPR compliance. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although a dedicated security policy and incident response contacts are absent. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

R

RI-VIS

ri-vis.eu

57

RI-VIS is a European Union Horizon 2020 funded research infrastructure project aimed at fostering international cooperation, mapping partnerships, and ensuring the sustainability of research infrastructures across Europe. The website serves as a hub for information dissemination, event announcements, and collaboration resources targeted at European research institutions and stakeholders. The project is positioned as a niche, non-profit initiative with strong EU backing and partnerships such as Instruct-ERIC. Technically, the website employs a modern JavaScript stack including jQuery, Bootstrap, and Matomo analytics, with Keycloak for authentication, indicating a mature digital infrastructure. Security posture is solid with HTTPS and authentication mechanisms, though improvements are recommended in security headers and privacy compliance, particularly cookie consent. Overall, the site is professional, trustworthy, and well-aligned with its academic and governmental audience.

I

Instruct-ERIC

instruct-eric.org

60

Instruct-ERIC is a pan-European non-profit research infrastructure specializing in structural biology, providing access to advanced technologies, training, and collaborative services to researchers primarily in Europe but also worldwide. The organization is affiliated with the University of Oxford and operates a well-structured website that supports proposal submissions, training events, and scientific dissemination. The platform is positioned as a leading entity in its niche, supported by multiple EU-funded projects and partnerships. Technically, the website employs a modern JavaScript stack including jQuery, Bootstrap, RequireJS, and analytics via Matomo, with security features such as HTTPS and Google reCAPTCHA. The site is mobile-optimized and offers good user experience and navigation clarity. However, there are areas for improvement including enabling DNSSEC, implementing security headers, and adding cookie consent mechanisms to enhance privacy compliance. From a security perspective, the site demonstrates a moderate security posture with enforced HTTPS and domain transfer protections but lacks visible security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious content were detected. The WHOIS data aligns well with the website's claims, indicating a trustworthy domain registration and ownership. Overall, Instruct-ERIC presents a credible, professional, and secure online presence suitable for its research infrastructure role, with recommendations to strengthen privacy and security practices further.

E

EGI Federation

egi.eu

71

EGI Federation is an international federation providing advanced computing and data analytics services to support research and innovation. The organization targets researchers, businesses, and federations requiring scalable computing infrastructure and data services. Their website reflects a professional and modern digital presence built on Next.js with integrated analytics and marketing tools. Security posture is strong with HTTPS and security headers implemented, though explicit privacy and cookie policies are not clearly presented. WHOIS data is privacy protected by EURid, which is typical for European domains and justified for this type of organization. Overall, the website demonstrates good technical maturity and business credibility, supporting its role as a federation in the technology sector.

M

MIRRI-ERIC

mirri.org

63

MIRRI-ERIC is a pan-European research infrastructure dedicated to microbial resource preservation, investigation, and provision. It aggregates over 50 microbial Biological Resource Centres across ten European countries, serving bioscience and bioindustry sectors with access to microbial strains, data, and services. The organization focuses on domains such as Health & Food, Agro-Food, and Environment & Energy, contributing to life sciences research and sustainable bioeconomy development. Technically, the website is built on WordPress with modern plugins and frameworks, offering good mobile optimization and user experience. Security posture is solid with HTTPS and reCAPTCHA, though it lacks some security headers and explicit privacy/cookie policies. WHOIS data is unavailable, likely due to privacy protection, which is justified for this type of entity. Overall, the site is professional and trustworthy but could improve compliance transparency and security headers.

T

The University of Oxford

instruct-eric.eu

60

Instruct-ERIC is a pan-European research infrastructure hosted by The University of Oxford, specializing in structural biology. It provides high-end technologies, services, and training to researchers across Europe and globally. The organization holds a strong market position as a leading scientific infrastructure with a comprehensive catalogue of services, training programs, and collaborative projects. The website reflects a professional and well-maintained digital presence, supporting its mission to facilitate scientific research and collaboration. Technically, the website employs a modern technology stack including JavaScript frameworks, Bootstrap, and analytics tools like Matomo. It uses HTTPS with good SSL configuration and integrates security features such as Google reCAPTCHA. However, there is room for improvement in DNS security and security headers. The site is mobile-optimized and offers good accessibility and SEO practices. From a security perspective, the site demonstrates solid practices with encrypted connections and domain transfer protections. The absence of DNSSEC and explicit security policies are noted gaps. Privacy compliance is mostly addressed with a comprehensive privacy policy, though cookie consent mechanisms are lacking. Contact information is clearly provided, enhancing trust and credibility. Overall, Instruct-ERIC's website is a trustworthy, professional platform supporting a reputable research infrastructure. Strategic improvements in security policies and privacy mechanisms would further strengthen its posture and compliance.

C

Consiglio Nazionale delle Ricerche

cnr.it

66

The Consiglio Nazionale delle Ricerche (CNR) is Italy's national public research council, operating across multiple scientific and technological domains including biomedicine, chemistry, environment, ICT, physics, and humanities. The website serves as a comprehensive portal for research activities, organizational information, news, events, and services targeting researchers, businesses, citizens, schools, journalists, and administrative personnel. It holds a strong market position as a key national research institution with international relevance. Technically, the website is built on Drupal 7 CMS with jQuery 1.9 and Bootstrap frameworks, supplemented by Font Awesome icons and Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized, accessible, and well-structured, though the use of outdated CMS and libraries poses potential security risks. Performance is moderate, and SEO practices are adequately implemented. From a security perspective, HTTPS is enforced, and some security best practices are observed, including disabling cookies in analytics. However, the outdated Drupal version and jQuery library represent vulnerabilities. The site lacks advanced security headers and publicly available incident response or vulnerability disclosure policies. Privacy compliance is strong with comprehensive privacy and cookie policies, though no explicit cookie consent mechanism is detected. Overall, the website is professional, trustworthy, and content-rich, reflecting the stature of a national research institution. Strategic improvements in CMS modernization, security header implementation, and enhanced privacy consent mechanisms would further strengthen its security posture and compliance.

D

Deutsches Zentrum für Luft- und Raumfahrt (DLR)

dlr.de

68

The Deutsches Zentrum für Luft- und Raumfahrt (DLR) is Germany's national research center for aerospace, energy, transportation, and security. It operates as a large, government-affiliated research institution with a strong market position in engineering sciences. The website reflects a mature digital presence with comprehensive content, modern technology stack including React and Plone CMS, and good mobile and accessibility features. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response information are not publicly detailed. Privacy compliance is well addressed with clear privacy and cookie policies including consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness, serving a broad audience including researchers, industry partners, and the public.

N

National Institute of Industrial Property

inpi.fr

67

The National Institute of Industrial Property (INPI) is the official French government agency responsible for intellectual property and business formalities. The website serves as a comprehensive portal for entrepreneurs, IP professionals, and innovators to access services such as business registration, intellectual property rights management, financing solutions, and training programs. The site is well-branded, professionally designed, and provides clear navigation and relevant content tailored to its audience. Technically, the site is built on Drupal CMS, uses Matomo for analytics, and integrates cookie consent and translation tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response information are not published. Overall, the site is trustworthy and authoritative, with minor gaps in transparency around security and data protection officer contact details.

F

Home Page

fheritale.eu

49

The website represents the FHERITALE project or organization, likely focused on academic or scientific collaboration. It provides information about governance, partners, work packages, and resources such as publications and white papers. The target audience appears to be researchers and stakeholders in the relevant field. The site uses modern web technologies including React and Material-UI, with Matomo analytics for user tracking. However, it lacks critical privacy and cookie policies, contact information, and visible security headers, which impacts its compliance and trustworthiness. The domain is registered through a reputable registrar but lacks detailed WHOIS data to fully verify legitimacy. Overall, the site is functional but basic in content and security posture.

E

EOSC Beyond

eosc-beyond.eu

70

EOSC Beyond is a European Union funded research infrastructure project focused on advancing innovation and collaboration within the European Open Science Cloud (EOSC) ecosystem. The project enhances EOSC Core capabilities by delivering new services such as the Innovation Sandbox, Execution Framework, and Integration Suite, targeting researchers and EOSC Nodes to facilitate seamless access to open science resources. The website reflects a professional and well-structured digital presence, emphasizing transparency and community engagement through newsletters and pilot programs. Technically, the website leverages modern web technologies including Next.js and React, with integration of Matomo analytics and MailerLite for marketing and user engagement. The site is mobile optimized, fast loading, and SEO friendly, demonstrating a mature digital infrastructure suitable for its audience. However, some security best practices such as explicit security headers and cookie consent mechanisms could be improved. From a security perspective, the site enforces HTTPS and uses secure forms with CAPTCHA, minimizing exposure to common vulnerabilities. The lack of published security policies or incident response information suggests room for enhancement in transparency and preparedness. The domain WHOIS data is privacy protected by EURid, which is common and justified for EU-funded projects, supporting the legitimacy of the domain. Overall, EOSC Beyond presents a trustworthy and professional online presence aligned with its mission in the open science community. Strategic improvements in security transparency and privacy compliance would further strengthen its posture and stakeholder confidence.

E

empirica

eosc4cancer.eu

55

EOSC4Cancer is a European Union funded research project focused on creating an interoperable data infrastructure for cancer research. The project aims to make diverse cancer data types accessible across borders, supporting advanced analytics including AI and machine learning. The website reflects a well-structured, professional digital presence targeting researchers, healthcare professionals, and the EU research community. Technically, the site is built on WordPress with Elementor and uses modern plugins for SEO, privacy compliance, and analytics. Security posture is good with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers and policies could be improved. Overall, the domain registration and website content are consistent and trustworthy, with no blocking or WAF detected, and no adult or questionable content present.

F

Fragment-Screen

fragmentscreen.org

57

Fragment-Screen is a European research project focused on advancing fragment-based drug discovery by integrating structural biology, medicinal chemistry, and artificial intelligence. The project collaborates with major European research infrastructures and industry partners to develop innovative workflows and instrumentation, targeting early phase drug discovery for a broad range of biological targets. The website reflects a specialized scientific audience, primarily researchers in academia and industry. Technically, the site is built using modern web technologies including React and Material-UI, hosted on Hover with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks DNSSEC and explicit security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy but could improve in security and privacy transparency.

M

Musing Studio

musing.studio

53

Musing Studio is a small technology company focused on providing digital platforms for artists to share their work without relying on traditional social media channels. Their key offering includes the Write.as editor and several related subdomains for notes, mood, social, and task management. The website is professionally designed with clear navigation and good mobile optimization, reflecting a niche market position targeting creative individuals seeking privacy and simplicity in content sharing. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, and Matomo analytics for user tracking. The SSL configuration is excellent, ensuring secure HTTPS connections, though the site lacks several recommended security headers and formal privacy or cookie policies. Security posture is moderate with no visible vulnerabilities or exposed sensitive data, but improvements are needed in compliance and incident response transparency. Overall, the domain registration is privacy protected, which is typical for small tech startups, and no suspicious WHOIS patterns were detected. The site is safe for general audiences with no adult or questionable content.

Z

Zynex AG

zynex.ch

71

Zynex AG is a Swiss technology company specializing in modular internet solutions tailored for online shops, clubs, and newsletters. Their offerings include a CMS, Vereinsverwaltung (club management software), and integrated e-commerce solutions with ERP connectivity, all hosted securely on Swiss infrastructure. The company targets businesses and organizations in Switzerland seeking scalable, efficient digital solutions. Their market position is that of a niche provider emphasizing quality, data privacy, and local hosting. Technically, the website is built using modern frameworks such as Next.js and React, with a focus on performance, mobile optimization, and accessibility. The use of Matomo analytics reflects a privacy-conscious approach to user tracking. Hosting appears to be Swiss-based, aligning with their data sovereignty claims. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms. While explicit security policies and incident response contacts are not published, the overall posture is solid with no visible vulnerabilities or exposed sensitive data. The absence of a security.txt or vulnerability disclosure page is noted as an area for improvement. Overall, the website is professional, trustworthy, and well-aligned with Swiss data protection standards. The risk level is low, but strategic enhancements in transparency around security policies and incident response would further strengthen their security posture.

Winnie Lim's website is a personal blog established in 2012, featuring a variety of long-form posts, notes, curated playlists, and photography. The site targets a general audience interested in creative writing and personal reflections. The business model centers on content publishing and personal branding, with optional support via BuyMeACoffee. Technically, the site is built on WordPress 6.8.2, hosted on Opalstack servers, and uses Matomo for analytics, with caching enabled for performance. The website is well-structured, mobile-optimized, and fast-loading, providing a good user experience. Security posture is solid with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers, and does not provide privacy or cookie policies, which are compliance gaps. No contact information or incident response details are provided, and no vulnerability disclosure policy is found. Overall, the site is trustworthy and safe for general audiences, but could improve privacy compliance and security best practices.

Ausbildung-Weiterbildung.ch is a well-established Swiss educational portal operated by Modula AG, providing a comprehensive platform for vocational training and continuing education. The website offers extensive search capabilities for courses and providers, educational advice, user reviews, and a chat assistant to support users in finding suitable educational paths. It targets individuals seeking professional development within Switzerland and maintains a strong market position as one of the largest educational rating platforms in the country. The business model focuses on connecting learners with educational institutions and providing value-added services such as consulting and advertising opportunities for providers. Technically, the website employs a modern technology stack including Bootstrap 5, jQuery, Matomo analytics, Microsoft Clarity, Hotjar, and Facebook Pixel, ensuring good performance, mobile optimization, and accessibility. The site uses HTTPS with strong SSL configuration and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers and a formal security policy are not evident. From a security perspective, the site demonstrates good practices such as secure forms, no exposed sensitive data, and comprehensive privacy compliance. There is no evidence of vulnerabilities or malicious content. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims, enhancing trustworthiness. Overall, Ausbildung-Weiterbildung.ch presents a professional, secure, and user-friendly platform with strong privacy compliance and business credibility. Strategic improvements could include publishing a dedicated security policy, adding security headers, and providing incident response contact details to further strengthen security posture and user trust.

C

Conffab

conffab.com

58

Conffab is a specialized educational platform offering livestreamed and on-demand presentations from leading experts across numerous technology conferences. It targets professionals in product design, management, and front-end development, providing a subscription-based model with free and premium tiers. The platform emphasizes professional development through rich content including transcriptions, expert summaries, and self-assessment tools. Technically, the site is built on WordPress with modern web technologies and integrates analytics and marketing tools such as Matomo and ActiveCampaign. Security posture is solid with HTTPS and Cloudflare DNS, though improvements like DNSSEC and security headers are recommended. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-positioned in its niche.

R

Recovera Využití zdrojů a.s.

recovera.cz

59

Recovera Využití zdrojů a.s. is a Czech company specializing in waste management, resource recovery, and related technical and facility services primarily targeting businesses and municipalities. The company positions itself as part of the Veolia group, emphasizing sustainability and environmental responsibility. Their website reflects a professional and consistent brand image with clear navigation and relevant content for their target audience. The business model focuses on providing comprehensive waste and facility management solutions, supported by certifications such as ISO and compliance frameworks. Technically, the website uses modern web technologies, including Matomo and Google Analytics for tracking, and is built on the Vizus CMS platform. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Security posture is strong with HTTPS enforced and a cookie consent mechanism in place, although some security headers are missing and no explicit incident response or vulnerability disclosure information is provided. The absence of WHOIS data limits domain trust analysis, but the website content and external references strongly indicate legitimacy. Overall, the site is professional, secure, and compliant with privacy regulations, suitable for its business context.

T

The University of Oxford

structuralbiology.eu

60

Instruct-ERIC is a pan-European research infrastructure consortium focused on structural biology, providing access to advanced technologies, services, and training to researchers primarily in Europe but also globally. The organization is affiliated with The University of Oxford and operates a professional, content-rich website that supports proposal submissions, training events, and access to scientific facilities. The platform is well-positioned as a leading entity in its niche, supported by EU-funded projects and a network of partner organizations. Technically, the website employs a modern technology stack including Bootstrap, jQuery, Matomo analytics, and Google reCAPTCHA, hosted on a domain registered with Tucows and DNS managed by Hover. The site demonstrates good mobile optimization and SEO practices, though there is room for improvement in accessibility and security headers. Performance is moderate, with asynchronous loading of scripts and use of CDN-hosted libraries. From a security perspective, the site enforces HTTPS and uses domain status locks to prevent unauthorized transfers or updates. However, DNSSEC is not enabled, and security headers are not explicitly detected, which are areas for enhancement. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, but lacks a cookie consent mechanism. No incident response or vulnerability disclosure policies are found. Overall, the website is trustworthy, professionally maintained, and serves its research community effectively. Strategic improvements in security and privacy mechanisms would further strengthen its posture and user trust.

E

ELIXIR

elixir-europe.org

66

ELIXIR is a well-established European life sciences infrastructure that unites over 240 research institutes across multiple countries to facilitate access and analysis of life science data. The organization is funded partly by the European Commission and operates with a clear governance structure involving national Nodes and the EMBL-EBI. The website reflects a mature digital presence with comprehensive content targeting researchers, industry partners, and ELIXIR members. Technically, the site is built on Drupal 10 with modern frameworks like Bootstrap 5 and integrates Matomo for analytics, indicating a focus on privacy and performance. Security posture is solid with HTTPS enforced and domain registration well maintained, though improvements like DNSSEC and security headers could enhance protection. Privacy compliance is good with clear privacy and cookie policies, though a cookie consent mechanism is absent. Overall, ELIXIR's website demonstrates high professionalism, trustworthiness, and effective communication of its mission and services.

The website 'Réussir en .fr' is an official digital presence accelerator operated by AFNIC, the French registry for .fr domain names. It provides free advice, training, and partner offers to help French businesses and entrepreneurs establish and optimize their online presence. The site is well-positioned as a trusted governmental and non-profit resource with a strong focus on digital literacy and domain registration services. Technically, the site is built on WordPress with modern performance and SEO optimizations, including privacy-respecting analytics (Matomo) and a robust cookie consent mechanism. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR, serving a general audience of French businesses. Strategic recommendations include publishing security policies and enhancing direct contact information for incident response.

L

LISIO

lisio.fr

46

LISIO is a French technology company specializing in web solutions that promote digital inclusion, accessibility, and environmental responsibility. Their offerings include SaaS products and consulting services designed to make websites more accessible to diverse audiences, including people with disabilities, seniors, and users in low bandwidth areas. The company positions itself as a niche leader in responsible digital solutions within France, targeting website owners and organizations committed to sustainable digital practices. Technically, the website employs modern JavaScript frameworks, Bootstrap for responsive design, and privacy-focused analytics via Matomo with cookies disabled. The site is well-optimized for mobile and accessibility standards, reflecting the company's mission. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security policy pages and incident response contacts. The domain registration data is consistent and transparent, supporting the company's legitimacy. Overall, the website demonstrates a strong professional presence with good security and privacy practices, though it could improve by publishing dedicated security and incident response information.

C

chcidatovku.cz

chcidatovku.cz

49

The website chcidatovku.gov.cz is an official Czech government portal dedicated to the Data Box system, which facilitates secure electronic communication between citizens, businesses, and public authorities. The site is professionally designed using a government design system and modern frontend technologies such as Bootstrap and jQuery. It integrates analytics tools like Matomo and Google Tag Manager to monitor usage. Despite the lack of WHOIS data in the provided raw output, the domain's use of the gov.cz TLD and consistent government branding strongly support its legitimacy. However, the absence of explicit privacy and cookie policies and missing WHOIS registration details represent areas for improvement. Overall, the site demonstrates a solid technical infrastructure and a good security posture with HTTPS enabled and no obvious vulnerabilities.

W

Web Directions

webdirections.org

54

Web Directions is a well-established Australian company specializing in organizing conferences and providing streaming content for web and digital professionals, focusing on product, design, and engineering disciplines. Founded in 2006, it has built a strong market position as a leading event organizer in the technology sector, serving a niche audience of web professionals with both in-person and online offerings. The company leverages a WordPress-based platform with integrations such as Matomo analytics and ActiveCampaign for marketing and user engagement. Their technical infrastructure is modern and adequate for their business needs, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and no exposed sensitive data, though improvements can be made by enabling DNSSEC and adding security headers. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and provides clear contact information, supporting a high business credibility score.

T

The A11Y Collective

a11y-collective.com

75

The A11Y Collective is a specialized e-learning platform founded in 2020, focused on providing comprehensive web accessibility training and courses. It serves a diverse audience including designers, developers, content creators, and businesses aiming to comply with accessibility laws such as the European Accessibility Act and ADA. The company positions itself as a trusted partner to governments, NGOs, and Fortune 500 companies, offering a range of courses, masterclasses, and accessibility audit services. The platform is supported by a parent company, Level Level, and partners with Accredible for certification issuance. Technically, the website is built on WordPress with WooCommerce and Learndash LMS, integrating modern analytics and marketing tools such as Matomo, Google Tag Manager, and Omnisend. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, with a professional and consistent design. Security posture is strong with HTTPS enforced and responsible disclosure policies in place, although explicit security headers could be improved. Despite the strong web presence and business credibility, the WHOIS lookup for the domain www.a11y-collective.com returned no data, indicating either a privacy-protected registration or a potential inconsistency. This reduces trust from a domain registration perspective but does not detract from the overall professionalism and legitimacy of the business as evidenced by its content, client logos, and certifications. Overall, the website is a high-quality, trustworthy educational platform with solid technical and security foundations. It is recommended to verify domain registration details for completeness and to enhance security headers for improved protection.

M

MEZINÁRODNÍ CENTRUM KLINICKÉHO VÝZKUMU FNUSA A LF MU (ICRC)

fnusa-icrc.org

65

The International Clinical Research Center (ICRC) is a joint clinical research and education institution affiliated with the Faculty Hospital St. Anne's in Brno and the Medical Faculty of Masaryk University. It focuses on advancing medical research, education, and industrial cooperation, positioning itself as a key regional player in healthcare innovation. The website reflects a professional and well-structured digital presence, targeting medical researchers, healthcare professionals, students, and the general public interested in medical advancements. Technically, the website is built on WordPress using the Enfold theme, enhanced with Yoast SEO and Matomo analytics for privacy-conscious visitor tracking. It integrates Google Maps and cookie consent mechanisms, demonstrating a moderate to good level of digital maturity. Performance and mobile optimization are adequate, though accessibility could be improved. From a security perspective, the site enforces HTTPS and implements cookie consent but lacks some recommended security headers. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS registration details slightly impacts trustworthiness, but the site's affiliations and certifications, such as the HR Award, support its legitimacy. Overall, the ICRC website is a secure, privacy-compliant, and professionally maintained platform that effectively serves its audience. Strategic improvements in security headers, accessibility, and transparency of domain registration would further enhance its trust and resilience.

The European Space Agency (ESA) is a well-established intergovernmental organization dedicated to space exploration, science, and technology development in Europe. The website www.esa.int serves as the official portal providing comprehensive information about ESA's missions, news, educational resources, and multimedia content. It targets a broad audience including the general public, researchers, students, and media professionals. The site demonstrates a high level of professionalism, with consistent branding and rich, relevant content that is regularly updated. Technically, the website employs modern web technologies including jQuery, FontAwesome, and Matomo analytics for user tracking. It uses HTTPS with strong SSL configuration and includes cookie consent mechanisms, indicating good privacy practices. The site is mobile-optimized and performs well with fast loading times and clear navigation. From a security perspective, the site follows best practices such as HTTPS enforcement and cookie consent but lacks explicit published security policies, incident response information, or vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The domain WHOIS data confirms the legitimacy and long-standing presence of ESA, enhancing trustworthiness. Overall, the website is a reliable and authoritative source for space-related information from ESA, with strong business credibility and good technical and privacy compliance. Strategic improvements could include publishing detailed security policies and incident response contacts to further enhance transparency and trust.

The Centro de Investigación y de Estudios Avanzados del Instituto Politécnico Nacional (Cinvestav) is a prominent Mexican public research institution dedicated to advanced scientific research and postgraduate education. Established in 1961, it operates across 10 states in Mexico and offers a wide range of academic programs and research services. The website reflects its institutional stature with comprehensive academic content, news, and event information targeting students, researchers, and academic collaborators. The business model is focused on education and research, supported by government affiliation and public funding.