Security Directory

L

L'Ouvre-Boîtes, Coopérative activité emploi

ouvre-boites.coop

66

L'Ouvre-Boîtes is a French cooperative focused on supporting the creation and development of business activities within a secure and cooperative framework, primarily serving the Loire-Atlantique and Vendée regions. The website reflects a regional cooperative model with a clear mission to assist entrepreneurs and small business owners through cooperative employment structures. The site is built on Drupal 10 and uses Matomo analytics to respect user privacy. The design is professional and content is relevant to its target audience, with good navigation and mobile optimization. Security measures such as HTTPS and security headers are properly implemented, though explicit privacy and cookie policies are missing, representing a compliance gap. Overall, the website presents a trustworthy and professional image consistent with its cooperative business model.

Flos Carmeli is a Swiss-based educational and therapeutic organization specializing in language classes and speech therapy services. The website presents a professional and consistent brand image targeting parents, educators, and healthcare professionals in the Fribourg region. The business model appears to be non-profit or public service oriented, focusing on specialized educational and healthcare services. Technically, the website is built on WordPress with a modern theme and plugins, including Contact Form 7 and Cookie Notice, and uses Matomo for analytics, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and published security policies. Overall, the site is trustworthy and well-maintained but could improve privacy compliance and security transparency.

F

framasoft.org

yakforms.org

58

Yakforms is an open-source software project developed and maintained by the French non-profit organization Framasoft. It provides users with a privacy-respecting alternative to proprietary online form builders, enabling easy creation, customization, sharing, and analysis of forms. The platform targets individuals, organizations, and administrations seeking control over their data and form management. The website is professionally designed, mobile-optimized, and uses modern web technologies including Bootstrap and jQuery, with Pelican as the static site generator. Hosting is provided by Gandi SAS, a reputable registrar and hosting provider. Security posture is solid with HTTPS enforced and domain transfer protections in place, though DNSSEC is not enabled and security headers are missing. Privacy compliance is moderate, with a privacy policy present but no cookie consent mechanism detected. No direct contact information or incident response details are provided on the site, which could be improved to enhance trust. Overall, the site is trustworthy, well-maintained, and serves a niche market in the open-source software domain.

Platform Power is a non-profit coalition advocating for a fair digital society by challenging the power of Big Tech platforms. The website serves as an informational and campaign hub, featuring testimonials from activists and whistleblowers, and highlighting partner organizations. The technical infrastructure is based on WordPress with common plugins and libraries, including Yoast SEO and Matomo analytics, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and published incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite tracking usage. Overall, the site is trustworthy and professional, targeting a general audience interested in digital rights advocacy.

M

Murena

murena.com

70

Murena is a privacy-focused technology company specializing in deGoogled smartphones and privacy-by-design cloud services. Their market position is niche, targeting privacy-conscious consumers and businesses seeking alternatives to mainstream mobile ecosystems. The company offers ethical smartphones and an online workspace that emphasizes data privacy and open-source principles. The website reflects a mature business with a domain registered since 2003 and consistent branding and messaging. Technically, the site is built on WordPress with WooCommerce for e-commerce functionality, enhanced by modern plugins and analytics tools like Matomo. The site is mobile-optimized and SEO-friendly, with good accessibility features. Security posture is solid with HTTPS and domain transfer protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is partially met with a clear privacy policy but lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and well-positioned in its market niche.

C

Cycle d'orientation du Belluard

co-belluard.ch

54

The CO du Belluard website represents a public secondary education institution located in Fribourg, Switzerland. It provides comprehensive information about the school’s vision, administration, student activities, and official educational resources. The site targets students, parents, teachers, and the local community, serving as an informational and communication platform for the school. The business model is that of a government-funded public educational institution with a medium-sized operational scale. Technically, the website is built on WordPress 6.8.1 with a child theme and several plugins including Contact Form 7, Cookie Notice, and Matomo analytics for privacy-conscious tracking. The site is mobile-optimized with good navigation and moderate performance. The use of HTTPS and a cookie consent banner indicates a baseline of security and privacy awareness, though some improvements are needed in security headers and formal privacy documentation. From a security perspective, the site employs HTTPS and uses Cloudflare Turnstile captcha for form protection, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial due to the absence of a privacy policy and terms of service. Contact information is clearly provided, enhancing trustworthiness. Overall, the website is trustworthy and professionally maintained, with a strong business credibility score. The main risks relate to compliance gaps in privacy and security policy publication. Strategic recommendations include publishing privacy and terms policies, enhancing security headers, and formalizing incident response and vulnerability disclosure mechanisms to improve compliance and security posture.

V

Villars-Animation

vsg-animation.ch

49

Villars-Animation is a local socio-cultural animation service operating under the commune of Villars-sur-Glâne, Switzerland. It focuses on providing activities and community support primarily for youth aged 6 to 25, as well as families, elderly, and migrants. The organization offers a variety of creative, cultural, and sports activities across multiple centers and locations. The website serves as an informational portal for these services and upcoming events. Technically, the website is built on Drupal 7 with a moderate technology stack including jQuery 1.12 and Matomo analytics. While the site is functional and provides good content quality and navigation, it lacks modern security headers and uses outdated JavaScript libraries, which could pose security risks. The site is accessible via HTTPS, but no explicit security policies or privacy notices are present. From a security perspective, the site shows moderate maturity with no visible critical vulnerabilities but lacks important compliance elements such as privacy and cookie policies, GDPR indicators, and incident response contacts. The use of Matomo analytics without a visible cookie consent mechanism suggests potential privacy compliance gaps. No WAF or blocking mechanisms were detected, and the content is safe for general audiences. Overall, the website is a trustworthy local community service platform but would benefit from enhanced security practices, privacy compliance improvements, and clearer contact information to improve user trust and regulatory adherence.

L

Leaders League

decideurs-rh.com

60

Décideurs RH is a French media platform specializing in human resources and business news, operated by Leaders League under Groupe Ficade. The website offers news articles, rankings, events, and subscription services targeting HR professionals and business decision-makers. The platform uses Joomla CMS with modern front-end technologies and integrates multiple advertising and analytics services. Security posture is solid with HTTPS and domain locking, though DNSSEC is not enabled and cookie consent mechanisms are absent. The site maintains a professional design and consistent branding, with active social media presence and event partnerships.

L

Leaders League

decideurs-patrimoine.com

60

Décideurs Patrimoine is a French business media platform specializing in wealth management, patrimony, and financial news. Operated by Leaders League, it offers news articles, dossiers, rankings, and event information targeting financial professionals and investors. The website uses Joomla CMS with a modern responsive design and integrates multiple analytics and advertising technologies. Security posture is adequate with HTTPS and domain protections, but lacks DNSSEC and security headers. Privacy compliance is basic with no visible cookie consent or detailed GDPR policy. Overall, the site is professional and trustworthy but could improve privacy and security practices.

L

Leaders League

decideurs-juridiques.com

63

Décideurs Juridiques is a French media platform specializing in legal news, rankings, and expert content for legal professionals. Owned by Leaders League under Groupe Ficade, it serves a niche audience of lawyers, law firms, and corporate legal departments. The website uses Joomla CMS with a modern tech stack including Bootstrap and jQuery, and integrates multiple analytics and advertising services. The content is professionally curated and updated regularly, reflecting a mature media operation. Security posture is adequate with HTTPS and domain protections, but lacks advanced security headers and explicit privacy compliance mechanisms. No direct contact information or security policies are published, which could be improved to enhance trust. Overall, the site is legitimate, well-branded, and serves its target audience effectively.

Libre à lire ! is a French non-profit initiative affiliated with April, focused on transcribing audio and video recordings related to free software and digital freedoms. The website serves a niche audience interested in open source, digital rights, and related topics, providing accessible textual content from various conferences and talks. The business model is centered on content transcription and dissemination without commercial intent, positioning itself as a trusted resource within the free software community. Technically, the website is built on the SPIP CMS platform, uses JavaScript and Matomo analytics for privacy-conscious user tracking, and is served over HTTPS ensuring secure communications. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS but lacks several recommended security headers and does not provide explicit security policies or incident response information. The absence of a cookie consent mechanism is a notable gap in GDPR compliance. WHOIS data is unavailable due to privacy protection or malformed queries, which is common for non-profit organizations prioritizing privacy. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic recommendations include implementing security headers, adding cookie consent for compliance, and publishing security and incident response policies to enhance trust and security posture.

Libre à vous ! is a French non-profit radio show and podcast produced by the April association, focusing on free software and digital freedoms. It broadcasts weekly on Radio Cause Commune and provides podcasts and transcripts to its audience. The website is well-structured, content-rich, and targets French-speaking individuals interested in open source and digital rights. Technically, the site uses the SPIP CMS, integrates Matomo analytics for privacy-conscious tracking, and employs modern web technologies ensuring good performance and accessibility. Security posture is solid with HTTPS and no exposed sensitive data, though it lacks published privacy and cookie policies, which are important for GDPR compliance. Overall, the site demonstrates a trustworthy and professional presence aligned with its non-profit mission.

S

Studierendenwerk Hamburg

stwhh.de

47

Studierendenwerk Hamburg is a non-profit public institution supported by the city of Hamburg, providing comprehensive services to over 73,000 students and higher education institutions. Their offerings include student housing, financial aid, counseling, gastronomy, family services, and international student support. The website is built on TYPO3 CMS and employs Matomo analytics for privacy-conscious user tracking. The site demonstrates good technical maturity with fast performance, mobile optimization, and clear navigation. However, explicit privacy policies, terms of service, and contact information are not clearly presented in the accessible content, which could be improved for better compliance and user trust. Security posture is solid with HTTPS and cookie consent mechanisms, but lacks some security headers and vulnerability disclosure mechanisms.

R

Registry Services, LLC

garr.tv

56

GARR.tv is a specialized video streaming platform built on the PeerTube open-source software, dedicated to serving the education and research community primarily in Italy and internationally. It offers live streaming and video on-demand services, enabling users to broadcast, record, and share educational and research-related events and content. The platform leverages modern web technologies including Angular and integrates OpenID Connect for authentication, enhancing user access control. Matomo analytics is used for tracking user interactions with privacy-conscious configurations. The website is professionally designed with good navigation and mobile optimization, reflecting a mature digital presence. However, explicit privacy and cookie policies are absent, which is a compliance gap.

L

Les Jardins de Gally

lesjardinsdegally.com

48

Les Jardins de Gally is a well-established French company specializing in landscaping, plant rental, maintenance, and event decoration services for professional clients. With a heritage dating back to 1746 and over 50 years of professional service, the company operates through a network of local agencies across France, positioning itself as a trusted partner for organizations seeking to integrate nature into their environments. The website reflects this maturity with professional content, clear navigation, and a focus on business clients. Technically, the site is built on Drupal 9 with modern JavaScript libraries and integrates marketing and analytics tools such as HubSpot, Google Analytics, and Matomo. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is strong, featuring a GDPR-compliant cookie consent mechanism and a comprehensive privacy policy. Overall, the website demonstrates a good balance of business credibility, technical implementation, and privacy awareness.

C

Consortium GARR

garr.it

78

Consortium GARR operates as Italy's national high-capacity network dedicated to the education, research, and cultural communities. It provides ultrafast connectivity and innovative services tailored for educators, researchers, and students. The organization holds a strong market position as a key infrastructure provider in the Italian research and education sector, offering services such as cloud infrastructure, IP and DNS management, digital identity, and web conferencing. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content relevant to its audience. Technically, the site leverages Joomla CMS, UIkit framework, and Matomo analytics with privacy-conscious configurations, ensuring good performance and accessibility. Security posture is robust with HTTPS enforcement, security headers, and GDPR-compliant cookie consent mechanisms, although explicit security policies and incident response details are not publicly disclosed. Overall, the domain registration and website content are consistent and trustworthy, supporting the legitimacy of the consortium.

IX.br is a key Brazilian Internet Exchange Point operator managed by NIC.br, providing critical infrastructure that enables direct interconnection between Autonomous Systems to optimize Internet traffic flow within Brazil. The website reflects a mature organization with a clear focus on technology and telecommunications sectors, offering services such as traffic aggregation, educational events, and security best practices. The site is well-structured, professionally designed, and targets network operators and Internet service providers in Brazil. Technically, the site uses modern frontend technologies including Bootstrap, jQuery, and SweetAlert2, and employs Matomo for analytics, indicating a moderate level of digital maturity and privacy awareness. Security posture is good with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and implementing cookie consent mechanisms. Overall, the domain registration and WHOIS data align well with the organization's identity, supporting high legitimacy and trustworthiness.

F

FITKO (Föderale IT-Kooperation)

fitko.de

65

FITKO (Föderale IT-Kooperation) is a central coordinating and networking organization for digitalization initiatives within the German public administration. Based in Frankfurt am Main, it supports the IT-Planungsrat by implementing its decisions and fostering cooperation among federal, state, and municipal levels. The website reflects a professional government entity with clear communication, transparency, and a focus on digital transformation in public services. Technically, the site is built on TYPO3 CMS, uses Matomo for privacy-conscious analytics, and implements a comprehensive cookie consent mechanism. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. Overall, the site demonstrates a mature digital presence aligned with its governmental mission.

A

Aspiration

civicsciencestories.org

43

Civic Science Stories is a small, US-based educational publication project operated under the organization Aspiration. The website focuses on sharing personal and societal narratives about the role and impact of science in civic life, aiming to foster a more just and inclusive approach to science. Supported by foundations such as the Rita Allen Foundation and the Packard Foundation, the platform distributes downloadable publications and engages its audience through newsletters and social media. Technically, the site is built on WordPress with a child theme of Twenty Seventeen, uses Matomo for analytics, and is hosted on Aspiration's own hosting infrastructure. The site is moderately optimized for performance and accessibility, with good mobile responsiveness and SEO practices. Security posture is adequate with HTTPS and domain transfer protections, but lacks DNSSEC and security headers, and no explicit privacy or cookie policies are present, indicating compliance gaps. Overall, the site is trustworthy and professional but would benefit from enhanced security and privacy compliance measures.

A

Abilian SAS

abilian.com

49

Abilian SAS is a French-based small technology company specializing in open source software solutions focused on collaboration, business process management, and information management. Established in 2004, the company targets public sector organizations, higher education institutions, associations, and enterprises. Their business model centers on publishing innovative open source software to accelerate development and improve competitiveness for their clients. The website reflects a niche market position with a professional and consistent brand presence, supported by active social media channels and a GitHub repository indicating ongoing development activity. Technically, the website employs modern JavaScript libraries such as htmx and hyperscript, uses FontAwesome for icons, and integrates analytics tools like Matomo and Umami. The site is custom-built without a common CMS, hosted likely under the domain registrar Gandi SAS. Performance and mobile optimization are moderate to good, with basic accessibility and SEO features. However, some security best practices such as DNSSEC and security headers are missing, and no explicit cookie consent or privacy policy pages are present, indicating room for improvement in compliance. From a security perspective, the site uses HTTPS and has domain transfer protections, but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious content were detected. The overall security posture is moderate but could be enhanced by implementing recommended security headers, cookie consent, and transparency around data protection. Overall, Abilian.com presents as a trustworthy, professional business website with solid technical foundations but with some gaps in privacy compliance and security transparency. Strategic improvements in these areas would strengthen their risk profile and user trust.

LinuxSi is a niche community website operated under the auspices of the Italian Linux Society, providing an updated directory and map of Linux-friendly stores across Italy. The platform targets Linux users seeking to purchase hardware with Linux preinstalled or without an OS, as well as those looking for Linux support services. The website is well-branded and consistent with the Italian Linux Society's mission, offering valuable community resources and social media engagement. From a technical perspective, the website employs standard web technologies including Bootstrap CSS, jQuery 1.9.1, Raphael.js for SVG graphics, and Matomo for privacy-conscious analytics. Hosting and domain registration are stable and consistent with the website's history dating back to 2005. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. Security posture is moderate but could be improved. HTTPS is enabled, and Matomo analytics respects Do Not Track and disables cookies, enhancing user privacy. However, the absence of DNSSEC, security headers, privacy and cookie policies, and vulnerability disclosure mechanisms represent compliance and security gaps. The use of an outdated jQuery version may expose the site to known vulnerabilities. Overall, LinuxSi is a trustworthy and valuable resource for the Italian Linux community but should prioritize implementing privacy policies, cookie consent, security headers, and updating libraries to strengthen its security and compliance stance.

Linux Day 2025 is a well-established annual event organized by the Italian Linux Society, focusing on free software, open source, and Linux community engagement across Italy. The website serves as an information hub for the event, promoting decentralized volunteer-driven activities and providing resources for organizers and participants. The site is professionally designed with consistent branding and clear navigation, targeting technology enthusiasts and the broader free software community in Italy. Technically, the website employs modern web technologies including Bootstrap, jQuery, Leaflet.js for mapping, and Matomo for privacy-conscious analytics. The site is mobile responsive and performs moderately well, though there is room for improvement in accessibility and SEO. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks some advanced security headers and formal incident response disclosures. From a security and compliance perspective, the site does not display explicit privacy or cookie policies on the analyzed page, which is a gap in GDPR compliance. Contact information is limited to an email address in metadata, with no phone or physical address provided. No vulnerability disclosure or security.txt files were found, indicating an opportunity to enhance transparency and incident handling readiness. Overall, Linux Day 2025's website is trustworthy and credible, reflecting a mature community-driven initiative with strong technical foundations but with some compliance and security best practice improvements recommended to further strengthen user trust and legal adherence.

The website linux.it is operated by the Italian Linux Society, a well-established non-profit organization founded in 1994 that promotes Linux and free software in Italy. The site serves as an educational and community resource, offering information about Linux, installation guides, community events, and free software advocacy. It targets Italian-speaking users interested in Linux and open source technologies. The organization maintains a consistent brand presence and leverages official social media channels and partner sites to extend its reach. Technically, the site is built using modern web technologies including Bootstrap, jQuery, and Nikola static site generator, with privacy-respecting Matomo analytics. The website is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. HTTPS is enforced, ensuring secure communications, though some security headers are missing. Privacy compliance is partially addressed with a privacy policy linked to the partner domain, but no cookie consent mechanism is present. From a security perspective, the site shows good practices such as HTTPS usage and no visible vulnerabilities or sensitive data exposure. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The WHOIS data is consistent with the organization's identity and domain age, supporting legitimacy. No adult or questionable content is present, making the site safe for general audiences. Overall, linux.it is a credible, well-maintained community resource with solid technical foundations and a trustworthy business profile. Improvements in privacy compliance and security headers would enhance its posture further.

C

Cyber Innovation Hub der Bundeswehr

cyberinnovationhub.de

62

The Cyber Innovation Hub der Bundeswehr is a government-affiliated innovation unit focused on driving digital transformation and innovation within the German Bundeswehr. It acts as a bridge between the military and the startup ecosystem, fostering collaboration to solve military challenges and accelerate modernization. The website reflects a professional and consistent brand presence, targeting Bundeswehr personnel, startups, reservists, and civilian applicants. The business model centers on innovation facilitation, intrapreneurship, and reservist engagement, positioning itself as a pioneering digital innovation unit in Europe.

D

Deutscher Steuerberaterverband e.V.

dstv.de

63

The Deutscher Steuerberaterverband e.V. (DStV) is a well-established professional association representing tax advisors in Germany. The website serves as an information hub for members and interested parties, offering updates on tax law, professional standards, and association activities. The organization is positioned as a key player in the German tax advisory sector with a focus on member services, education, and advocacy. The site targets tax professionals and related stakeholders, providing relevant content and resources in German. Technically, the website employs a modern but straightforward technology stack centered around jQuery and related plugins for UI and interactivity. It uses Matomo for privacy-conscious analytics and implements a robust cookie consent mechanism aligned with GDPR requirements. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured navigation. From a security perspective, the site enforces HTTPS and respects user privacy by disabling cookies until consent is given. However, it lacks some advanced security headers and explicit security policies or incident response contacts. No vulnerabilities or sensitive data exposures were detected. Overall, the security posture is solid but could be improved with additional headers and transparency. The risk assessment is low given the professional nature of the site, absence of suspicious content, and compliance with privacy regulations. Strategic recommendations include enhancing security headers, publishing a security.txt file, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

D

Décideurs Magazine - Accédez à toute l’actualité de la vie des affaires : politique, stratégie, finance, RH, innovation - DECIDEURS MAGAZINE - Accédez à toute l’actualité de la vie des affaires : stratégie, finance, RH, innovation

decideurs-magazine.com

60

Décideurs Magazine is a French business media publication providing comprehensive news and analysis across multiple sectors including politics, strategy, finance, human resources, and innovation. The website serves a professional French-speaking audience with a broad range of content including articles, rankings, events, and e-commerce for magazine sales. Technically, the site is built on Joomla CMS with modern frameworks like Bootstrap and jQuery, and integrates multiple analytics and advertising platforms such as Matomo, Google Tag Manager, Quantcast, and Smart AdServer. Security posture is moderate with HTTPS enforced and CSRF protections in forms, but lacks visible security headers and explicit privacy or cookie policies. WHOIS data is unavailable, which slightly reduces trustworthiness but the site content and branding indicate a legitimate media entity. Overall, the site is professional and content-rich but would benefit from improved transparency and security practices.

1

1984 ehf.

1984.hosting

56

1984 ehf. is an Iceland-based green and ethical web hosting company founded in 2006, emphasizing freedom of speech and privacy. The company offers traditional web hosting, VPS with preconfigured VPN solutions, FreeDNS services, and domain registration. Their market position is niche, targeting privacy-conscious customers and those valuing green energy. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content. Technically, the site uses modern frameworks like Bootstrap and jQuery, with Matomo analytics for privacy-respecting tracking. Security posture is good with HTTPS and domain transfer protection, but could be improved by enabling DNSSEC and security headers. Privacy compliance is strong with GDPR and cookie policies present, though lacking explicit consent mechanisms. Overall, the domain registration aligns with business claims, using GDPR masking appropriately.

U

Université Libre de Bruxelles

ulb.be

60

Université Libre de Bruxelles (ULB) is a major Belgian public university offering a wide range of higher education programs and research activities. The website serves students, researchers, and prospective students with comprehensive information about academic offerings, admissions, and campus life. The site is professionally designed with consistent branding and clear navigation, supporting both French and English languages. Technically, the site uses a custom CMS (K-Sup), JavaScript, and Matomo analytics, indicating a mature digital infrastructure with privacy-conscious tracking. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and policies could be improved. WHOIS data is restricted due to DNS Belgium policies but the domain aligns with the university's identity, supporting legitimacy. Overall, the site is a trustworthy and well-maintained digital presence for ULB.

C

Commune de Villars-sur-Glâne

villars-sur-glane.ch

55

The website www.villars-sur-glane.ch serves as the official digital presence of the Commune de Villars-sur-Glâne, a local government entity in Switzerland. It provides residents and visitors with access to municipal services, news, event information, and administrative resources. The site targets local community members, including families, seniors, and general residents, offering a comprehensive portal for civic engagement and information dissemination. The business model is public service-oriented, focusing on transparency and community support. Technically, the website is built on a modern WordPress CMS platform using Elementor for page building, integrating privacy-conscious analytics via Matomo and leveraging open-source mapping tools like Leaflet. The site demonstrates good mobile optimization and SEO practices, with structured data enhancing search visibility. Performance is moderate, with room for improvement in security headers and accessibility features. From a security standpoint, the site enforces HTTPS and includes a GDPR-compliant cookie consent mechanism. However, it lacks explicit privacy and security policies, and no advanced security headers were detected in the provided data. There is no visible vulnerability disclosure or incident response information, which are recommended for enhancing trust and compliance. Overall, the website is a trustworthy and professional government portal with solid business credibility and technical implementation. Strategic improvements in security policies, header configurations, and privacy documentation would further strengthen its posture and user trust.

I

Italian Linux Society

ils.org

57

Italian Linux Society is a well-established non-profit organization dedicated to promoting Linux and Free/Open Source Software in Italy since 1994. The website serves as a community hub offering information about the association, projects, news, and ways to contribute or join. It targets Linux users, open source enthusiasts, educational institutions, and the broader Italian tech community. The organization maintains a consistent brand presence and active social media engagement, reinforcing its position as a trusted community leader. Technically, the website is built using the Nikola static site generator with Bootstrap and jQuery for frontend styling and interactivity. It employs Matomo analytics, reflecting a privacy-conscious approach to user tracking. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. No CMS or hosting provider details are explicitly identified. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and formal security policies or incident response information. Privacy compliance is partially addressed with a privacy policy but lacks cookie consent mechanisms. WHOIS data is unavailable due to privacy protection, which is justified for this type of non-profit entity. Overall, the security posture is adequate but could be improved with additional headers and transparency. The overall risk assessment is low, with no critical vulnerabilities or suspicious indicators detected. Strategic recommendations include enhancing security headers, implementing cookie consent, publishing security policies, and adding vulnerability disclosure mechanisms to strengthen trust and compliance.

e Foundation is a non-profit organization based in France focused on developing privacy-enabled, open source smartphone operating systems and cloud services. Their flagship product, /e/OS, is a deGoogled Android-based OS designed to protect user data and privacy. The organization also offers Murena workspace cloud accounts and sells smartphones preloaded with /e/OS through partner Murena. The website positions e Foundation as a niche leader in privacy-conscious mobile technology with a growing international community of developers and users. Technically, the website is built on WordPress with Elementor and uses Matomo analytics configured for privacy. The site is well-structured, mobile-optimized, and professionally designed, though it lacks some advanced privacy compliance features such as cookie consent banners and explicit security policies. Security posture is strong with HTTPS and no visible vulnerabilities, but could be improved with additional security headers and published incident response information. Overall, the domain registration data aligns well with the organization's identity, supporting legitimacy and trustworthiness.

C

Computertruhe e. V.

computertruhe.de

43

Computertruhe e. V. is a German non-profit association dedicated to refurbishing donated computers and hardware to provide free devices to financially disadvantaged individuals and other non-profit organizations. Founded as a project in 2015 and established as a registered non-profit in 2016, it operates across multiple German regions with a volunteer membership base. The website reflects a clear mission focused on social inclusion, environmental sustainability, and community support. Technically, the site is built on WordPress with modern plugins and uses privacy-conscious analytics (Matomo). It is hosted by a green energy provider, indicating environmental awareness. Security posture is good with HTTPS enforced and no visible vulnerabilities, though improvements can be made by adding security headers and cookie consent mechanisms. Contact is primarily via web forms, with no direct emails or phone numbers published. Overall, the site is professional, trustworthy, and well-aligned with its non-profit mission.

C

CNLL

cnll.fr

45

CNLL is a French association representing and federating companies in the open source software sector. Established since 2009, it serves as a key organization for over 200 companies and 8 regional clusters, promoting open source innovation and competitiveness in France. The website provides comprehensive information about the association's mission, positions on industry topics, news, and events. Technically, the site uses modern frameworks like Bootstrap and jQuery, with analytics tools such as Matomo and Ackee, hosted by Abilian SAS. Security posture is solid with HTTPS and no visible vulnerabilities, though it lacks published privacy and cookie policies, which impacts compliance. Overall, the site is professional, trustworthy, and well-maintained, serving its target audience effectively.

A

Aspiration

aspirationtech.org

59

Aspiration is a well-established nonprofit technology organization founded in 2001, focused on empowering nonprofits, open source projects, and social justice initiatives through technology capacity building, strategic advising, and community events. The website reflects a mature digital presence with a professional design, clear navigation, and rich content tailored to its target audience. Technically, the site runs on Backdrop CMS with modern libraries and includes Matomo analytics for privacy-conscious tracking. Security posture is good with HTTPS and domain transfer protections, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the domain registration data aligns well with the organization's claims, supporting high legitimacy and trustworthiness.

U

Université catholique de Louvain

uclouvain.be

66

Université catholique de Louvain is a prominent Belgian higher education institution offering a broad range of academic programs and research activities. The website serves multiple audiences including prospective and current students, researchers, staff, alumni, and external partners. It is built on Drupal 10 and employs privacy-conscious technologies such as Matomo analytics and a cookie consent mechanism to comply with GDPR requirements. The site is well-structured with clear navigation and multilingual support, primarily in French with English alternatives. Security posture is moderate with room for improvement in publishing explicit security policies and headers. WHOIS data is unavailable due to registry restrictions, but the domain and content strongly indicate legitimacy. Overall, the site demonstrates good digital maturity and business credibility appropriate for a large educational institution.

T

The Document Foundation

documentfoundation.org

59

The Document Foundation is a German charitable foundation dedicated to the development and promotion of free office software, primarily LibreOffice, and the Document Liberation Project. It operates as a community-driven, meritocratic entity with a strong emphasis on open source values and corporate sponsorship. The foundation provides certification, professional support, and fosters a global volunteer community. The website reflects a mature digital presence with clear governance and community engagement information. Technically, the site is built using the Hugo static site generator, employs privacy-conscious analytics (Matomo), and demonstrates good mobile optimization and accessibility. However, some security best practices such as security headers and cookie consent mechanisms are missing, which could be improved to enhance user trust and compliance. WHOIS data is unavailable, likely due to privacy protection, but the overall legitimacy is supported by consistent branding and community trust. Strategic recommendations include enhancing security headers, publishing security policies, and improving privacy compliance mechanisms.

R

Roam

ro.am

70

Roam is a technology company offering an AI-powered virtual headquarters platform designed to enhance remote team collaboration and productivity. Their platform integrates features such as a live office map, drop-in audio meetings, video conferencing, AI meeting summaries, and an AI assistant named On-It. The company targets remote teams and enterprises seeking innovative virtual office solutions, positioning itself as a leader in the virtual collaboration space with a subscription-based SaaS business model. The website is professionally designed with rich multimedia content and strong social proof from industry leaders and customers.

E

Embryo

embryo.com

58

Embryo is a well-established full-service digital marketing agency based in Manchester, United Kingdom, with a domain history dating back to 1996. The company specializes in SEO, PPC, affiliate marketing, paid social, content marketing, digital PR, UX/UI design, and conversion rate optimization. Their market position is strengthened by multiple industry awards, a strong client portfolio, and positive testimonials. The website reflects a professional and modern digital presence, optimized for SEO and user experience, targeting businesses seeking to grow their brand through digital campaigns. Technically, the website is built on WordPress with a robust tech stack including jQuery, Vimeo Player, Google reCAPTCHA, Matomo, Ahrefs, and Facebook Pixel for analytics and marketing. Hosting and DNS services are provided by GoDaddy and Cloudflare respectively, ensuring good performance and security. The site is mobile-optimized, fast-loading, and accessible, with comprehensive SEO metadata and structured data enhancing search visibility. From a security perspective, the site enforces HTTPS, uses invisible reCAPTCHA on forms, and integrates multiple analytics and tracking tools responsibly. However, DNSSEC is not enabled and some recommended security headers are missing, which could be improved. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms, aligning with GDPR requirements. Overall, Embryo demonstrates a high level of professionalism, technical maturity, and security awareness. The domain registration data supports the legitimacy and trustworthiness of the business. Strategic recommendations include enabling DNSSEC, implementing additional security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further enhance security posture and trust.

C

CYBIAH

cybiah.eu

53

CYBIAH is a cybersecurity support program coordinated by Campus Cyber, targeting SMEs, social economy actors, and local governments in the Île-de-France region. It offers comprehensive cybersecurity services including awareness, maturity evaluation, personalized diagnostics, and tailored solutions, fully funded by the European Union and regional partners. The website is professionally designed, multilingual (French and English), and provides clear information about the program, partners, and contact options. Technically, the site is built on WordPress with modern libraries and privacy-conscious analytics (Matomo, Hubspot). Security measures include HTTPS, reCAPTCHA on forms, and cookie consent mechanisms. No critical vulnerabilities or suspicious patterns were detected. Overall, the site reflects a mature digital presence aligned with its mission and audience.

V

vpsFree.cz z.s.

vpsfree.org

48

vpsFree.cz is a Czech Republic based non-profit association providing virtual private server (VPS) hosting services to its members. Established in 2010, it offers VPS with competitive specifications such as 4 GB RAM, 120 GB disk space, and 8 CPU cores for a membership fee of 12 euros per month. The organization targets individuals and entities seeking affordable, community-driven VPS hosting without commercial overhead. The website is professionally designed with clear navigation and mobile responsiveness, supporting a positive user experience. Technically, the site uses Bootstrap and jQuery frameworks and is hosted by MasterDC, a known hosting provider. Analytics are handled via Matomo, indicating some privacy awareness. However, the site lacks explicit privacy and cookie policies, which is a compliance gap. Security posture is moderate with domain transfer protections but lacks DNSSEC and HTTP security headers. Overall, the domain registration data aligns well with the business claims, supporting legitimacy.

C

COSS ry

coss.fi

65

COSS ry is a Finnish non-profit organization dedicated to promoting the use of open source software and open technologies across both private and public sectors. Established in 2004, it has a long-standing presence and is recognized as a key player in Finland's open source ecosystem. The organization offers services including information resources, training, consultancy, expert networking, and project participation to support its members and the broader community. The website reflects a professional and consistent brand image, targeting stakeholders interested in open source advocacy and technology adoption. Technically, the website is built on WordPress using the Astra theme and Elementor page builder, incorporating modern web technologies such as Google Fonts, reCAPTCHA v3 for form security, and Matomo for analytics. The site is mobile-optimized and follows good SEO practices, although some accessibility features could be enhanced. Hosting appears to be managed through Gandi SAS, consistent with the domain registrar and nameservers. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, but lacks explicit security headers like Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is limited due to the absence of clear privacy and cookie policies, which is a notable gap given GDPR requirements. Contact information is primarily available via a contact form, with no direct phone numbers or emails prominently displayed except for a technical contact email. Overall, COSS ry's website demonstrates a solid technical foundation and trustworthy business presence, but would benefit from enhanced privacy disclosures and security header implementations to improve compliance and security posture. The risk level is low, with recommendations focusing on policy publication, security header deployment, and accessibility improvements.

H

Heinlein Support GmbH

heinlein-support.de

60

Heinlein Support GmbH is a German-based IT consulting company specializing in Linux expertise, secure communication, and data center solutions. The company offers a range of services including IT administration, consulting, training (Akademie), hosting, and SLA contracts. Their market position is that of a trusted Linux and open source specialist with a strong presence in the German IT sector, supported by multiple customer testimonials and references. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content targeting IT professionals and enterprises. Technically, the site is built on Drupal 10 with modern JavaScript libraries and is hosted by JPBerlin, a reputable German hosting provider. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit security policies are missing. Privacy compliance is adequate with a privacy policy and cookie policy present, but lacks a consent mechanism. Overall, the site demonstrates a mature digital presence with moderate tracking via Matomo analytics and a strong focus on trust and professionalism.

N

Netfarm S.r.l.

netfarm.it

50

Netfarm S.r.l. is an established Italian technology company specializing in open source software solutions, including mobile applications, scientific software, business integration, and Odoo ERP services. Founded in 2000, it serves primarily Italian SMEs and enterprises seeking reliable and innovative open source technology. The company maintains a strong market position supported by partnerships such as Bloomup and Ethos S.p.a, and holds ISO 9001 certification, underscoring its commitment to quality. The website reflects a professional and consistent brand image with clear service offerings and contact information.

K

KDE e.V.

kdenlive.org

59

Kdenlive.org is the official website for Kdenlive, a free and open source non-linear video editor developed under the KDE community umbrella. The project targets a broad audience including Linux, Windows, macOS, and BSD users seeking a professional video editing solution. The website reflects a mature open source project with a consistent brand identity and comprehensive user resources such as manuals, community forums, and development support. Technically, the site is built using the Hugo static site generator with Bootstrap for responsive design, ensuring fast performance and good accessibility. The use of Matomo analytics indicates a privacy-conscious approach to user tracking. Security posture is solid with HTTPS enforced and no exposed sensitive data, though improvements could be made by adding security headers and explicit security policies. The domain is long-established since 2007 and uses privacy protection services appropriately, consistent with the open source community nature. Overall, the site is professional, trustworthy, and well-positioned within the technology and open source software industry.

T

Timothée Giet and others

gcompris.net

66

GCompris is a well-established educational software suite targeting children aged 2 to 10, offering over 100 activities across various learning domains such as arithmetic, reading, science, and games. The project is community-driven and hosted by the KDE community, distributed under the GNU AGPL license, and supported by donations and patronage. The website reflects a mature and consistent brand with professional content and clear navigation. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Matomo analytics, hosted on OVH infrastructure. While performance and mobile optimization are good, there is room for improvement in accessibility and security headers. Security posture is solid with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and cookie consent mechanisms. The WHOIS data confirms domain legitimacy with consistent registration details and appropriate domain age. Overall, the website is trustworthy, safe for general audiences, and well-positioned within the educational software niche.

O

OW2 Consortium

ow2.org

64

OW2 Consortium operates as a non-profit open source community organization dedicated to promoting professional-grade open source software for corporate information systems. The website reflects a mature and well-structured community platform offering project hosting, governance, and ecosystem development services. It targets open source developers, corporate IT professionals, SMEs, academics, and individuals interested in open source software. The organization maintains a strong market position with a broad portfolio of projects and active community engagement through events and webinars. Technically, the website is built on the XWiki platform with modern JavaScript libraries and frameworks, hosted by Ikoula, and employs Matomo for privacy-conscious analytics. The site demonstrates good performance, mobile optimization, and accessibility standards. Security posture is solid with HTTPS enforced, though it lacks some advanced security headers and explicit security policies. Privacy compliance is evident with accessible privacy and cookie policies, and GDPR considerations are addressed. Overall, the website is professional, trustworthy, and aligned with the organization's mission, though improvements in security transparency and contact information could enhance trust further.

W

WMH Project

wmhproject.com

47

WMH Project is a mission-driven European communication group specializing in non-media communication services including event management, incentive travel, influence, spatial design, and brand image creation. Established in 2019, it positions itself as a leader in sustainable and socially responsible communication, targeting corporate clients, brands, and institutions. The website reflects a professional and modern digital presence with strong branding consistency and clear service offerings. Technically, the site is built on WordPress with modern technologies such as Tailwind CSS and Swiper.js, hosted by PlanetHoster Inc., and includes GDPR-compliant cookie consent mechanisms and Matomo analytics for privacy-conscious tracking. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site demonstrates a mature digital infrastructure and compliance with privacy regulations, supporting the credibility and trustworthiness of the business.

K

KDE e.V.

kde.org

66

KDE e.V. operates the kde.org website as the central hub for the KDE community, a globally recognized open source software organization focused on developing the KDE Plasma desktop environment and a wide range of applications. The organization is a non-profit entity with a long history dating back to 1996, serving a diverse audience of Linux users, developers, and digital privacy advocates. The website effectively communicates the community's mission, products, and opportunities for involvement and donations. Technically, the site is built using the Hugo static site generator, leveraging modern web technologies such as Bootstrap for responsive design and Matomo for privacy-conscious analytics. The site is well-optimized for performance, mobile devices, and accessibility, with comprehensive multilingual support. Security is robust with HTTPS enforced, secure donation forms, and no visible vulnerabilities, although some HTTP security headers could be enhanced. From a security and compliance perspective, the site includes clear privacy and cookie policies aligned with GDPR, but lacks a dedicated security policy or incident response information. The domain registration is privacy-protected but consistent with the organization's non-profit nature and long-standing presence. No suspicious or malicious indicators were found. Overall, kde.org is a professional, trustworthy, and well-maintained website that effectively supports the KDE community's goals. Strategic improvements could include publishing explicit security policies, incident response contacts, and implementing a cookie consent mechanism to further enhance compliance and user trust.

W

WMH Project

wmhproject.fr

45

WMH Project is a French-based communication group specializing in non-media communication services, positioning itself as one of the European leaders in this sector. Their core offerings include event management, incentive travel, influence marketing, spatial design, and brand image production. The company emphasizes sustainable and eco-conscious practices, reflected in their website's eco-design and corporate mission. The website is professionally designed, multilingual, and optimized for performance and accessibility, indicating a mature digital infrastructure. Technically, the site leverages WordPress CMS with modern frameworks and tools such as Tailwind CSS, Swiper.js, and HubSpot integrations, supported by PLANETHOSTER hosting. Security posture is solid with HTTPS and GDPR-compliant cookie consent, though there is room for improvement in publishing explicit security policies and headers. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance, suitable for corporate clients and partners.