Security Directory

P

Provincie Drenthe

nationaalpark-drents-friese-wold.nl

72

Nationaal Park Drents-Friese Wold is a government-managed nature park located in the Netherlands, offering extensive natural landscapes including forests, heathlands, and sand drifts. The website serves as an informational and visitor engagement platform, providing details on activities, events, and park history. It is well-positioned as a key national park with a strong ecological and recreational role. Technically, the site uses the iprox CMS platform, integrates Google Analytics 4 for visitor tracking, and implements cookie consent mechanisms, reflecting a moderate to good digital maturity. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though formal security policies and incident response contacts are absent. Overall, the site is trustworthy, professional, and compliant with privacy regulations, serving a general audience interested in nature and outdoor activities.

Leado.pl operates as a small-scale technology service providing a URL shortening platform primarily targeting general internet users. The website offers a straightforward interface for shortening long URLs, with minimal additional content or features. The business appears to be locally operated in Poland, founded in 2018, and registered under PERSKIMEDIA Szymon Perski. The market position is likely niche with limited competitive differentiation based on available data. From a technical perspective, the website employs basic web technologies including HTML5, CSS, and JavaScript, with external font resources loaded from Google Fonts. The site includes a CSRF token in its form, indicating some security consideration. However, the absence of security headers, DNSSEC, and advanced security configurations suggests room for improvement in technical maturity. Performance and mobile optimization are basic but functional. Security posture is moderate with HTTPS enabled but lacking in security headers and DNSSEC. No privacy or cookie policies are present, and no contact or incident response information is provided, which limits compliance with GDPR and general best practices. The WHOIS data is transparent and consistent with the business, supporting legitimacy. No adult or questionable content is present, making the site safe for general audiences. Overall, the site scores moderately on AI evaluation, with strengths in business legitimacy and basic security practices but weaknesses in privacy compliance and comprehensive security measures. Strategic improvements in policy transparency, security headers, and contact information would enhance trust and compliance.

A

Aftermarket.pl Limited

cashalot.pl

51

The website cashalot.pl is currently a parked domain hosted by Aftermarket.pl Limited, a major Polish domain registrar and marketplace. The site content is minimal, serving primarily as a landing page to indicate the domain is registered and available for contact via Aftermarket.pl's messaging system. The business behind the domain is Aftermarket.pl, which offers domain registration, renewals, security, marketplace services, and hosting. The domain itself is newly registered and not actively used for business purposes. Technically, the site uses basic HTML, CSS, and JavaScript with no detected CMS or advanced frameworks. The site is mobile responsive and includes tracking pixels from aftermarket.pl for analytics. However, there is no visible HTTPS enforcement or security headers in the provided content, which limits the security posture. DNSSEC is enabled on the domain, indicating some DNS-level security. From a security perspective, the site lacks privacy and cookie policies, incident response contacts, and vulnerability disclosure mechanisms. The tracking pixel indicates minimal user tracking. No adult or explicit content is present, and no WAF or blocking mechanisms are detected. The domain WHOIS data is consistent with the website content, showing legitimate registration with a known registrar. Overall, the site is a basic parked domain page with limited content and security features. Strategic recommendations include implementing HTTPS with security headers, publishing privacy and cookie policies, and enhancing transparency and security practices to improve trust and compliance.

L

Loando Loans SRL

loando.ro

59

Loando.ro operates as a specialized online loan comparison platform primarily targeting Romanian consumers seeking quick and flexible loan options. The platform aggregates offers from multiple verified lending companies, enabling users to compare terms such as interest rates, fees, and repayment periods without navigating multiple sites. Loando.ro does not provide loans directly but serves as an intermediary to facilitate informed financial decisions. The company behind the site, Loando Loans SRL, has been established since 2015 and maintains a clear digital presence with comprehensive user-facing policies and transparent business information. Technically, the website is built using modern web technologies including React and Gatsby, hosted on DigitalOcean, ensuring fast performance and excellent mobile responsiveness. The site implements HTTPS and a cookie consent mechanism aligned with GDPR requirements, reflecting a mature approach to privacy and user data protection. SEO and accessibility considerations are well addressed, contributing to a professional user experience. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, explicit security headers like Content-Security-Policy and incident response policies are not evident, suggesting areas for improvement. No vulnerabilities or suspicious activities were detected in the content or WHOIS data. The domain registration is consistent with the business claims, enhancing trustworthiness. Overall, Loando.ro presents a secure, compliant, and user-friendly platform with a strong business model focused on loan comparison services. Strategic enhancements in security policy transparency and incident response readiness would further strengthen its security posture and user trust.

W

Wir Westerwälder gemeinsame Anstalt des öffentlichen Rechts (gAöR)

wir-westerwaelder.de

50

Wir Westerwälder is a regional government-backed digital portal serving the Westerwald region in Germany, encompassing the counties of Altenkirchen, Neuwied, and Westerwaldkreis. The platform focuses on regional marketing, networking of projects, businesses, and cultural and nature events to promote the region as an attractive economic and living space. It offers free registration for businesses and event organizers, fostering community engagement and regional development. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including JavaScript and CSS, and incorporates a consent management system to comply with GDPR requirements. The site is well-optimized for mobile devices, fast loading, and accessible, with clear navigation and professional design. From a security perspective, the site enforces HTTPS and uses a consent mechanism for cookies, but lacks explicit security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. The domain registration data aligns well with the website's regional government affiliation, indicating high legitimacy. Overall, Wir Westerwälder presents a trustworthy, professional, and well-maintained regional portal with strong content quality and compliance, suitable for its target audience of residents, businesses, and tourists in the Westerwald region.

ASD Web – Alfons Weber is a small local IT service and web design provider based in Koblenz, Germany. The company offers IT services, telephone services, internet solutions, and web design primarily targeting local businesses and individuals. The website is built on WordPress using the Brooklyn theme by United Themes, indicating a moderate level of digital maturity with standard CMS usage and common web technologies such as jQuery and JavaScript. The site is mobile optimized and uses HTTPS, but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but missing important security headers and no visible incident response or security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website presents a basic professional presence but requires improvements in security, privacy, and contact transparency to enhance trust and compliance.

T

Third Iron, Inc.

browzine.com

61

BrowZine is a digital platform operated by Third Iron, Inc., focused on providing academic journal aggregation and reading services primarily targeting researchers, students, and librarians. The platform offers web and mobile access to scholarly journals, integrating with library systems to facilitate content discovery and monitoring. The business model is subscription-based, catering to academic institutions and libraries, positioning BrowZine as a niche player in the education technology sector. Technically, the website employs modern JavaScript frameworks, specifically Ember.js, and loads resources from multiple thirdiron.com subdomains. The infrastructure is hosted with reputable providers, and the domain is mature and well-registered. However, the website content is minimal in the provided snapshot, showing mostly loading placeholders and lacking visible privacy, cookie, or terms of service pages. Mobile optimization and accessibility are basic, and SEO features are minimal. From a security perspective, the site enforces HTTPS and has domain status flags to prevent unauthorized changes, but lacks DNSSEC and visible security headers in the HTML content. No vulnerability disclosure or incident response information is published. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. No contact information or social media links are present in the analyzed content, limiting user trust and engagement. Overall, BrowZine's website shows a moderate technical foundation but lacks comprehensive content and security best practices in the analyzed snapshot. Strategic improvements in privacy compliance, security headers, and user engagement features are recommended to enhance trust and regulatory adherence.

The website medikoo.com is a personal portfolio site for Mariusz Nowak, a JavaScript programmer. It primarily serves as a simple online presence linking to social media profiles such as GitHub and Twitter, with minimal content and no commercial or business services offered. The domain is long-standing, created in 2004, which aligns with the presence of an old homepage link, indicating a consistent personal use over time. The site targets developers or recruiters interested in the individual's programming skills. Technically, the site uses basic HTML, CSS, and JavaScript with Typekit fonts, hosted via GoDaddy's infrastructure. The site is minimalistic with basic mobile optimization and accessibility but lacks advanced SEO or modern frameworks. Security posture is weak, with no detected security headers or privacy policies, and DNSSEC is not enabled. No forms or data collection mechanisms are present, reducing privacy risks but also limiting user engagement. Overall, the site is safe, with no adult or questionable content, but lacks professional security and privacy compliance features.

G

Geldersch Landschap en Kasteelen

glk.nl

72

Geldersch Landschap en Kasteelen (GLK) is a well-established Dutch non-profit organization founded in 1929, dedicated to the conservation and management of nature areas, castles, and estates in the Gelderland region. The organization offers public engagement through excursions, activities, and donor programs, positioning itself as a trusted steward of cultural and natural heritage. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to nature enthusiasts and local communities. Technically, the site leverages modern web technologies including WordPress CMS, imgix for image delivery, and Google Tag Manager for analytics, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement and standard security headers, though there is room for improvement in publishing explicit security policies and incident response information. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, GLK's website demonstrates high trustworthiness, professionalism, and alignment with its mission and audience.

The website mvmm.nl serves as a minimalistic login portal for a file manager system, likely intended for internal or restricted user access. It lacks any public-facing business information, privacy policies, or contact details, indicating it is not designed for general public interaction. The domain is registered since 2010 with a reputable registrar, suggesting a stable presence but limited public engagement. Technically, the site is very basic, using only HTML and CSS with no modern frameworks or CMS detected. There is no evidence of HTTPS enforcement or security headers, which poses security risks especially given the presence of a login form. The absence of privacy and cookie policies also indicates non-compliance with GDPR and related regulations. Overall, the site appears to be a simple internal tool with minimal digital maturity and security posture.

E

Energie aanbiedingen + Cadeau of cashback tot € 545,00

energie-aanbiedingen.com

69

The website energie-aanbiedingen.com operates as a Dutch energy offer comparison and cashback platform targeting consumers interested in energy deals and promotional gifts such as Nintendo Switch or Apple iPad. The site is positioned as a consumer-focused affiliate or comparison service within the energy sector in the Netherlands. Technically, the site uses modern web technologies including JavaScript, CSS, and integrates Google Analytics 4 and Google Tag Manager for analytics and marketing. The site is well-structured with good SEO meta tags and mobile optimization, though accessibility features are basic. Security posture is solid with HTTPS enforced and multiple security headers present, but lacks explicit privacy and cookie policies, which impacts compliance. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. Social media presence is established on YouTube, Facebook, and Twitter, enhancing brand visibility. Overall, the site is professional and trustworthy but would benefit from improved privacy compliance and clearer contact information.

JAM Web Designs, Inc. operates the website jamwd.com as a parent company for several niche web design brands specializing in cheerleading, dance, gymnastics, and church websites. The business model focuses on providing tailored website design and class management software solutions to these specific communities. The website itself serves primarily as a landing page linking to its subsidiaries, with minimal direct content or interactive features. Technically, the site is built with basic HTML and CSS, lacking modern frameworks or CMS platforms. There is no evidence of advanced analytics, tracking, or advertising technologies. Security posture is weak due to absence of HTTPS information, DNSSEC, and security headers, and no privacy or cookie policies are published. The domain is well-established since 2006, indicating business longevity and legitimacy. Overall, the site is functional but basic, with significant room for improvement in security, privacy compliance, and content richness.

D

Duurzaamnieuws

duurzaamnieuws.nl

59

Duurzaamnieuws is a Dutch independent media outlet focused on sustainability, climate, energy, and related topics. The website provides current news, opinion pieces, and insights aimed at a general audience interested in a sustainable future. It operates on a membership and donation-supported business model, positioning itself as a trusted source for sustainability news in the Netherlands. The site uses WordPress CMS with a professional theme and SEO optimization, supported by social media channels on Facebook, Twitter, Mastodon, and LinkedIn. Technical infrastructure includes modern plugins and Google Analytics for tracking, with a cookie consent mechanism in place. From a security perspective, the website enforces HTTPS and uses basic security best practices but lacks some recommended security headers such as Content-Security-Policy and X-Frame-Options. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a cookie consent mechanism but no explicit privacy policy or terms of service found in the analyzed content. Incident response and vulnerability disclosure information are also absent. Overall, the website is well-structured, mobile-optimized, and provides relevant content with moderate user tracking. The domain registration details are consistent with the business claims, indicating legitimacy. Strategic recommendations include publishing comprehensive privacy and terms policies, enhancing security headers, and adding vulnerability disclosure information to improve trust and compliance.

P

Pure Benefit

purebenefit.eu

56

Pure Benefit is a small environmental consultancy specializing in the hospitality sector, offering services such as energy audits, CO2 footprint analysis, and compliance with European energy directives. The website is professionally designed using the Squarespace platform, with good mobile optimization and moderate performance. Security posture is strong with HTTPS and HSTS enabled, but lacks some security headers and privacy compliance features. The absence of privacy and cookie policies, as well as contact information, limits trust and compliance. WHOIS data is privacy protected, typical for small businesses using third-party registrars. Overall, the website presents a legitimate business with room for improvement in privacy and security transparency.

C

Civic Science Fellows

civicsciencefellows.org

47

Civic Science Fellows is a US-based non-profit organization focused on fostering leadership and collaboration between science and society through its fellowship program. The website presents a professional and well-structured platform built on WordPress, hosted on DigitalOcean, with a clear focus on community engagement and educational content. The technical infrastructure is modern and mobile-optimized, though performance is moderate. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies, and no GDPR indicators are present. Contact information is limited to a contact form and newsletter signup, with no direct emails or phone numbers provided. Overall, the site is trustworthy and safe for general audiences but would benefit from improved privacy and security practices.

S

SITPI

colter.social

65

colter.social is a specialized Mastodon instance serving agents, services, and elected officials of French local authorities. Administered by SITPI, the platform provides a decentralized social networking service tailored to this professional community. The website is primarily in French and leverages the Mastodon open source platform version 4.2.15, hosted by Gandi SAS. The domain registration details align well with the stated purpose and geographic focus, indicating legitimacy and consistency. Technically, the site demonstrates moderate performance and basic mobile optimization, with HTTPS enabled and a clientTransferProhibited domain status enhancing security. However, DNSSEC is not enabled, and no advanced security headers are detected, representing areas for improvement. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism and terms of service. Contact information and incident response details are not publicly available, limiting transparency. Overall, the site is functional and trustworthy for its niche audience but could benefit from enhanced security and compliance features.

A

allotropia software GmbH

zetaoffice.net

44

ZetaOffice is a technology-focused company offering a LibreOffice-based office suite accessible via web browsers, desktop, and soon mobile platforms. The company operates under allotropia software GmbH, based in Hamburg, Germany, and positions itself as a niche provider enabling businesses to leverage LibreOffice with options for self-hosting or CDN deployment. Their business model combines open source software with paid professional support and CDN services. Technically, the website employs modern web technologies and integrates privacy-friendly analytics, but lacks some advanced security headers and cookie consent mechanisms. The security posture is moderate with room for improvement in DNS security and explicit security policies. Overall, the website is professional, trustworthy, and well-aligned with the company's business goals.

Anchorage Daily News Store operates as a niche e-commerce retailer specializing in Alaska-themed apparel, merchandise, and local artist collaborations. The website is built on the Shopify platform using the Symmetry theme, leveraging a mature e-commerce infrastructure with integrations for marketing, analytics, and fulfillment. The store targets consumers interested in uniquely Alaskan products, positioning itself as a regional specialty retailer with a focused product catalog. Technically, the site demonstrates good performance, mobile optimization, and accessibility, with a comprehensive privacy policy and cookie consent mechanisms in place. Security posture is solid with HTTPS enforced and use of CAPTCHA for forms, though explicit security headers and incident response information are lacking. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

swissbib.ch was an academic library search portal affiliated with Universität Basel, Switzerland, providing access to Swiss university library collections. The service was discontinued in April 2021, with users directed to successor platforms such as swisscovery. The website serves primarily as an archival and informational resource, reflecting the transition of swissbib's knowledge and data into new projects managed by the University of Basel's Digital Services division. The site is built on VuFind 7.0.1 and Bootstrap 3, indicating a moderately modern technical infrastructure but with basic mobile and accessibility features. Security posture is limited, with no visible security headers or explicit policies, and privacy compliance is minimal due to the absence of privacy and cookie policies. Contact information is limited but includes a university domain email and social media links to Twitter and a blog. Overall, the site is trustworthy and legitimate but lacks modern security and privacy best practices.

M

MiXiT

mixitconf.org

57

MiXiT is a specialized technology conference based in Lyon, France, focusing on ethics, diversity, and social responsibility within the tech industry. Founded in 2017, it hosts annual events featuring speakers, workshops, and sessions that engage developers, designers, and product managers. The conference emphasizes accessibility, safe environments, and eco-friendly practices, supported by a community-driven approach and sponsorships from notable companies. The website serves as an information hub for event details, ticketing, and multimedia content including podcasts and videos. Technically, the site uses modern web standards with Bootstrap and JavaScript, hosted by OVH sas, a reputable French provider. While the site is well-designed and mobile-optimized, it lacks explicit privacy and cookie policies, security headers, and incident response information, which are areas for improvement. Overall, the site is professional and trustworthy but could enhance its security posture and compliance transparency.

A

April

candidats.fr

51

Candidats.fr is a French non-profit advocacy platform operated by the April association, focused on promoting free software and digital freedoms within the political landscape. The website provides resources, campaigns, and information encouraging political candidates to commit to free software principles through the Pacte du Logiciel Libre. The platform targets political candidates, free software advocates, and citizens interested in digital rights, positioning itself as a niche but trusted voice in the French technology and government sectors. Technically, the website is built on the Dotclear CMS and uses legacy JavaScript libraries such as jQuery 1.6.2 and jQuery UI 1.8.16. The site demonstrates moderate performance and basic mobile optimization, with good SEO practices and clear navigation. However, it lacks modern security headers and explicit privacy or cookie policies, which are areas for improvement. From a security perspective, the site uses HTTPS and does not expose sensitive data in its HTML content. The absence of security headers and formal privacy compliance documentation reduces its security posture score. WHOIS data is unavailable, limiting domain legitimacy verification, but the association with April provides moderate trustworthiness. Overall, Candidats.fr is a credible and focused advocacy site with good content quality and user experience but would benefit from enhanced security practices and privacy compliance to strengthen trust and protect user data.

N

NyaCasinonUtanSvenskLicens.com

nyacasinonutansvensklicens.com

52

NyaCasinonUtanSvenskLicens.com operates as a Swedish language affiliate and informational website specializing in guiding players to online casinos without a Swedish license. The site provides comprehensive content on casino bonuses, payment methods, legal considerations, and the differences between licensed and unlicensed casinos, targeting Swedish players seeking alternatives outside the regulated Swedish market. The business model is primarily affiliate-based, offering curated lists and recommendations to its audience. Technically, the site is built on WordPress with modern plugins and themes, delivering a good user experience with mobile optimization and SEO best practices. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks explicit privacy policies, terms of service, and security headers, which are recommended for improvement. The domain is relatively new, registered in 2021, with privacy protection typical for this industry. Overall, the website is professional, content-rich, and serves a niche market effectively, though it would benefit from enhanced compliance and security disclosures.

L

Les métiers en Église

metiers-eglise.ch

9

Les métiers en Église is a small-scale informational website focused on presenting various vocations and professions within the Catholic Church, primarily targeting a general audience interested in religious careers. The website is built on the Wix platform, leveraging Wix's hosting and content management capabilities, with a moderate level of technical maturity. It uses HTTPS and standard Wix scripts but lacks advanced security headers and privacy compliance mechanisms. The site includes Google Tag Manager for analytics but does not provide visible privacy or cookie policies, nor contact information for users or security incidents. Overall, the website is professionally designed with good content relevance but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

Tolerant Networks Ltd is a small Irish technology reseller specializing in open source networking hardware, specifically the Turris Omnia router. The company targets advanced home and personal networking users in Ireland and the UK, offering hardware sales and related networking solutions. Their market position is niche, focusing on open source and Delay Tolerant Networking technologies. The website provides product details, pricing, and PayPal-based purchasing options, with clear company contact information and registration details. Technically, the website is basic with static HTML and CSS, lacking modern frameworks or CMS. It shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. No analytics or tracking scripts were detected, indicating minimal user tracking. Security posture is weak with no visible HTTPS enforcement data or security headers, and no privacy or cookie policies are published, which is a compliance risk given GDPR applicability. The domain WHOIS data is consistent with the business claims, showing a legitimate company with a domain age appropriate for its founding date. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website is functional but requires improvements in security, privacy compliance, and technical modernization to enhance trust and user experience.

Léa-Linux is a French community-driven website dedicated to Linux and free software, providing news, documentation, forums, and mailing lists to support and promote open source software and digital freedom. The site targets French-speaking Linux users and free software enthusiasts, operating as a small, non-profit community platform with a long history dating back to 2000. The website is hosted by OVH sas, a reputable French hosting provider, and uses WordPress as its content management system. The technical infrastructure is basic but functional, with moderate performance and limited mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is limited, with no cookie policy or consent mechanism detected, representing a compliance gap. The site does not display commercial advertising or tracking technologies, focusing instead on community content and resources. Overall, the website is legitimate, stable, and trustworthy but would benefit from enhanced security and privacy practices.

L

Lockdown Systems

lockdown.systems

62

Lockdown Systems is a worker-owned collective focused on developing privacy and freedom-enhancing technologies. Their key offerings include open-source tools such as Cyd, OnionShare, and ICE Detention Map, alongside privacy and security consulting services. The organization targets individuals and organizations committed to protecting data privacy, including activists, journalists, and non-profits. Their business model balances commercial sustainability with mission-driven impact, emphasizing transparency and community empowerment. Technically, the website is built with modern web standards, hosted on DigitalOcean, and employs minimal tracking scripts focused on privacy. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a good level of digital maturity. However, some security best practices such as DNSSEC and security headers are not implemented, and no cookie consent mechanism is present despite privacy claims. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. The lack of published security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in security transparency and readiness. The domain registration uses privacy protection services, which aligns with the organization's privacy focus and does not raise legitimacy concerns. Overall, Lockdown Systems presents a trustworthy and professional online presence with a strong mission and solid technical foundation. Strategic enhancements in security policies, compliance mechanisms, and DNS security would further strengthen their posture and trustworthiness.

Ariadne Identity is a small technology-focused project providing open specifications for secure and decentralized online identity verification. The website serves as a repository for technical documents including core specifications, related specifications, and extensions (ARCs). It targets developers and organizations interested in decentralized identity standards. The site is hosted on Hetzner infrastructure and uses basic HTML and CSS technologies, delivering a fast and mobile-optimized experience with clear navigation and consistent branding. However, it lacks advanced SEO and accessibility features. From a security perspective, the website uses HTTPS but does not implement DNSSEC or security headers, which are recommended to enhance domain and web security. There are no published privacy, cookie, or terms of service policies, nor contact or incident response information, which limits transparency and compliance posture. No forms or data collection mechanisms are present, reducing risk but also limiting user engagement. Overall, the domain registration is consistent with the website's Indonesian origin and technical focus, with a domain age appropriate for the project's founding in 2021. No suspicious patterns or privacy protection are used, supporting legitimacy. The website is safe for general audiences with no adult or questionable content. Strategic improvements in security headers, policy publication, and contact transparency would enhance trust and compliance.

The website js.doip.rocks serves as the documentation portal for doip.js, an open source JavaScript library designed to verify decentralized online identities. The project is community-driven and funded by foundations such as NLnet and NGI0, with active presence on platforms like Codeberg and Mastodon. The site targets developers and contributors interested in decentralized identity verification technologies. The business model revolves around open source collaboration and community support rather than commercial sales. Technically, the website uses standard web technologies including JavaScript, HTML5, CSS, and integrates openpgp.js for cryptographic functions. The documentation is generated using JSDoc and styled with docdash. The site supports both Node.js and browser environments. Performance and mobile optimization are basic but functional, with no detected CMS or advanced frameworks. External links connect to reputable open source and community platforms. From a security perspective, the site lacks visible security headers and explicit SSL/TLS configuration details in the provided data. No forms or user input fields are present, reducing attack surface. However, absence of privacy and cookie policies, as well as contact information for security incidents, indicates gaps in compliance and incident response readiness. The WHOIS data is malformed and unavailable, which reduces domain trustworthiness despite the professional and transparent nature of the project. Overall, the website is a safe, niche technical resource with moderate trustworthiness. Strategic improvements in privacy compliance, security headers, and domain registration transparency would enhance its security posture and business credibility.

F

framasoft.org

mobilizon.org

58

Mobilizon is an open-source, community-driven platform designed to facilitate event creation, sharing, and group organization within federated networks. It targets community organizers, activists, associations, and public institutions, offering a collaborative agenda solution that emphasizes privacy and decentralization. The platform is supported by framasoft.org, a French non-profit organization, and benefits from partnerships with hosting and development entities such as Kaihuri and IndieHosters, with financial backing from NLNet. The website is professionally designed using the Hugo static site generator, ensuring fast performance and good mobile optimization. However, it lacks some privacy compliance features such as cookie consent mechanisms and detailed privacy policies.

V

Vidmob

vidmob.com

67

Vidmob is a technology-driven creative data company founded in 2006, specializing in AI-powered tools that enable brand, creative, and media teams to optimize marketing and media decisions. The company positions itself as a leader in creative data analytics, trusted by major global brands. The website is built on HubSpot CMS, leveraging modern web technologies and marketing tools, with a professional design and good mobile optimization. Security posture is solid with HTTPS and reCAPTCHA integration, though some security headers and explicit policies are missing. Privacy compliance is basic, with a cookie consent banner but no visible privacy policy or terms of service in the provided content. Overall, the domain registration and website content align well, indicating a legitimate and credible business presence.

A

Association Linuxfr

linuxfr.org

53

LinuxFr.org is a well-established French-language community platform dedicated to free software news, discussions, and collaborative content. Operated by the Association Linuxfr since 1998, it serves a niche audience of francophone free software enthusiasts and contributors. The site offers a variety of services including news articles, user journals, forums, and wiki pages, all managed by a volunteer editorial team. The content is predominantly licensed under Creative Commons, emphasizing openness and community sharing. Technically, the website uses standard web technologies (HTML5, CSS, JavaScript) with a custom or unknown CMS. It is hosted by joker.com, a reputable registrar and hosting provider. The site demonstrates good mobile optimization, accessibility, and SEO practices, though some modern security enhancements like DNSSEC and security headers are missing. The domain is secured with HTTPS and has domain transfer protections in place. From a security perspective, the site shows moderate maturity with secure forms including CSRF tokens and active moderation. However, it lacks explicit privacy and cookie policies, security.txt files, and vulnerability disclosure mechanisms. No signs of WAF or content blocking were detected, and the WHOIS data is consistent and trustworthy, reinforcing the site's legitimacy. Overall, LinuxFr.org is a credible, community-driven platform with excellent content quality and good technical implementation. To enhance trust and security posture, it should implement explicit privacy and cookie policies, enable DNSSEC, add security headers, and publish vulnerability disclosure information.

The Northern Institute of Technology Management (NIT) is a private business school affiliated with the Hamburg University of Technology (TUHH) in Germany. It specializes in offering MBA and Master's degree programs in Technology Management and Business Analytics & AI, targeting engineers and technology professionals globally. The institution emphasizes practice-oriented education with international faculty and a strong focus on leadership and innovation. The website reflects a mature digital presence built on the HubSpot CMS platform, featuring modern design, mobile responsiveness, and comprehensive content. Security posture is solid with HTTPS and Content-Security-Policy headers, though additional security headers could enhance protection. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. The absence of WHOIS data limits domain trust assessment, but the website's professional branding, accreditation, and academic partnerships strongly indicate legitimacy.

S

Studierendenwerk Hamburg

stwhh.de

47

Studierendenwerk Hamburg is a non-profit public institution supported by the city of Hamburg, providing comprehensive services to over 73,000 students and higher education institutions. Their offerings include student housing, financial aid, counseling, gastronomy, family services, and international student support. The website is built on TYPO3 CMS and employs Matomo analytics for privacy-conscious user tracking. The site demonstrates good technical maturity with fast performance, mobile optimization, and clear navigation. However, explicit privacy policies, terms of service, and contact information are not clearly presented in the accessible content, which could be improved for better compliance and user trust. Security posture is solid with HTTPS and cookie consent mechanisms, but lacks some security headers and vulnerability disclosure mechanisms.

C

Home : CppCast

cppcast.com

53

CppCast is a specialized podcast platform dedicated to C++ developers, providing biweekly episodes featuring discussions with prominent guests from the C++ community. The website serves as a hub for accessing podcast episodes, show notes, and links to major podcast distribution platforms. The business operates in the technology sector with a small-scale, niche focus, having been established in 2015. The content is well organized and professionally presented, targeting developers interested in C++ programming and related topics. Technically, the website uses a simple tech stack including HTML5, CSS, JavaScript, and Google Fonts, with the CMS identified as Podera 0.2. Podcast media is hosted on Libsyn, a reputable podcast hosting provider. The site is moderately optimized for mobile devices and offers a good user experience with clear navigation. However, there is room for improvement in SEO and accessibility features. From a security perspective, the domain is registered with Tucows Domains Inc. and benefits from domain status protections such as clientTransferProhibited and clientUpdateProhibited. DNSSEC is not enabled, and no security headers were detected in the HTML content, indicating potential areas for enhancement. The site lacks published privacy, cookie, or security policies, and no contact information for incident response or data protection officers is provided, which may impact compliance and trust. Overall, the website is safe and trustworthy with no adult or questionable content. The absence of privacy and cookie policies and limited security measures reduce its compliance posture. Strategic improvements in security headers, privacy disclosures, and contact information would enhance the site's security and compliance standing, supporting its credibility and user trust.

E

Enfamil

enfamil.com

60

Enfamil is a leading infant nutrition brand offering a wide range of tailored formulas and nutritional products for newborns, infants, toddlers, and expecting mothers. The website positions Enfamil as the #1 pediatrician-recommended brand, providing expert support, savings programs, and a dedicated mobile app to enhance customer engagement and support parenting journeys. The digital infrastructure is modern, leveraging Next.js and React frameworks, with a CMS powered by Contentstack, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and secure forms, although explicit security policies and incident response details are not publicly disclosed. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR indicators. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall trustworthiness given the brand's market presence and website professionalism.

R

Rita Allen Foundation

ritaallen.org

52

The Rita Allen Foundation is a well-established non-profit organization founded in 2009, focused on funding early-stage biomedical research and civic science initiatives. Their mission centers on investing in transformative ideas to improve human health and civil society. The website reflects a professional and consistent brand image, targeting researchers, philanthropic partners, and the broader community interested in science and societal impact. Technically, the site is built on WordPress with modern tracking tools like Google Analytics and Tag Manager, and it demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS and domain transfer protections, though it lacks DNSSEC and visible security headers. Privacy compliance is a notable gap, with no privacy or cookie policies found, and no consent mechanisms implemented. Overall, the site is trustworthy and credible, with clear contact information and a strong market position in the philanthropic sector.

K

Keyoxide project contributors

keyoxide.org

10

Keyoxide is a small, community-driven open source project focused on providing decentralized online identity verification tools. The platform enables users to create and verify multiple online personas to enhance privacy and security. The project is funded primarily through donations and grants, including support from the NLnet Foundation. Technically, the website is well implemented with modern JavaScript libraries such as OpenPGP.js, hosted on Hetzner infrastructure with HTTPS enabled, and demonstrates good performance and mobile optimization. Security posture is solid with HTTPS and domain transfer protections, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is partial with a privacy policy present but lacking cookie consent mechanisms and terms of service. Overall, the website is trustworthy, professional, and safe for general audiences.

Technische Universität Hamburg (TUHH) is a recognized technical university in Hamburg, Germany, offering education and research services primarily in engineering and technology fields. The website is professionally designed using TYPO3 CMS, featuring comprehensive content targeting students, researchers, and staff. It provides detailed navigation for study programs, research, international affairs, and university administration. The technical infrastructure is modern with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced, though some improvements in security headers and incident response transparency are recommended. Privacy compliance is good with a comprehensive data protection page, but cookie consent mechanisms are absent. Overall, the site reflects a trustworthy and credible educational institution with a strong digital presence.

M

micahflee

micahflee.com

10

Micahflee.com is a personal blog and media site operated by Micah, focusing on privacy, security, and journalism. The site provides content aimed at privacy-conscious individuals, activists, and technology enthusiasts. It operates on a subscription model for content delivery and positions itself as a niche independent voice in the privacy and security domain. The website uses modern technologies including the Ghost CMS platform, PrismJS for code highlighting, and privacy-respecting analytics via Plausible. DNS is managed through Cloudflare, and the domain is registered with NameCheap, indicating a stable and legitimate technical infrastructure. Security posture is solid with HTTPS enforced and no exposed sensitive data, but lacks advanced security headers and formal policies such as privacy and cookie policies. The site does not display contact emails or phone numbers, which limits direct communication channels. Overall, the website is professional, trustworthy, and well-branded, but could improve compliance and security transparency.

The Cambridge Cybercrime Centre is an academic research initiative hosted by the University of Cambridge's Department of Computer Science and Technology. It focuses on collecting and analyzing large datasets related to cybercrime to enhance understanding and develop detection systems. The Centre also organizes annual conferences and publishes briefing papers, targeting academics, policymakers, and law enforcement. The website content is professional and informative, reflecting a credible academic entity. However, the primary domain www.cambridgecybercrime.uk is not registered or is invalid according to WHOIS data, suggesting the site operates primarily under official university domains such as cam.ac.uk and cl.cam.ac.uk. Technically, the website is built with basic HTML and CSS, with no advanced frameworks or CMS detected. It includes a Google search form scoped to university domains. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. No analytics, tracking, or advertising technologies are present, indicating a privacy-conscious approach. From a security perspective, the site lacks visible security headers, published security policies, or incident response contacts. HTTPS status and SSL configuration could not be verified from the data provided. The absence of privacy and cookie policies reduces privacy compliance. The WHOIS data inconsistency lowers domain trustworthiness, although the content and affiliations strongly support legitimacy. Overall, the site is a credible academic resource with good content quality but requires improvements in security posture, privacy compliance, and domain registration clarity to enhance trust and resilience.

The website hellocubee.com presents itself as ina777, an Indonesian online gaming platform specializing in slot games, fish hunter, domino QQ, and live casino games. It offers an Android APK download and embeds game content via an iframe from an external source. The site targets Indonesian users interested in online gambling and gaming. The technical infrastructure is basic, relying on standard web technologies including jQuery and Cloudflare DNS services. Mobile optimization is adequate, and the site includes some user experience enhancements such as fullscreen mode for games. However, the site lacks critical compliance elements such as privacy and cookie policies, terms of service, and contact information, which reduces its trustworthiness and compliance posture. Security measures are minimal, with no DNSSEC, no visible security headers, and suspicious WHOIS data that undermines domain legitimacy. The domain registration date is set in the future, which is a strong indicator of potential fraud or misconfiguration. Overall, the site is functional but exhibits significant risks in terms of security, compliance, and business credibility.

I

Intego

intego.com

70

Intego is a well-established company specializing in Mac security and antivirus software, with over 25 years of experience and a strong market position as a leading provider in this niche. Their product portfolio includes comprehensive Mac protection bundles, antivirus, VPN, parental controls, and backup solutions, alongside Windows antivirus offerings. The website demonstrates a mature digital presence with modern technologies such as Next.js and React, delivering a professional and user-friendly experience optimized for desktop and mobile users. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although privacy compliance could be improved by implementing a cookie consent mechanism and publishing vulnerability disclosure information. The absence of WHOIS data reduces transparency and trust slightly, but the website's branding, customer reviews, and social media presence support its legitimacy. Overall, Intego presents a credible and professional business with a solid technical foundation and good security practices.

A

AZ

az.nl

69

AZ is a well-established Dutch professional football club with a strong digital presence focused on delivering news, match information, ticket sales, fan merchandise, and youth academy details. The website targets football fans and stakeholders, providing comprehensive content and engagement opportunities. Technically, the site uses modern web technologies including HubSpot marketing tools, Cookiebot for consent management, and a CMS likely based on Umbraco. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and DNSSEC are missing. Privacy compliance is strong with clear policies and GDPR adherence. Business credibility is high, supported by partner logos and social media presence. Overall, the website is professional, trustworthy, and well-maintained.

D

Dell

alienware.com

74

Dell's Alienware website presents a comprehensive and professional platform dedicated to gaming hardware and accessories. The site targets gamers and technology enthusiasts, offering prebuilt gaming PCs, laptops, and peripherals. Dell's strong market position as a leading technology enterprise is reflected in the site's polished design, rich content, and seamless user experience. The technical infrastructure leverages modern web technologies, including advanced JavaScript frameworks, video streaming via Brightcove, and robust content delivery networks, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, although explicit security policies and incident response contacts are not evident in the provided content. The absence of WHOIS data is likely due to registry restrictions rather than privacy protection, but it reduces transparency. Overall, the site is trustworthy, well-maintained, and aligned with Dell's enterprise stature.

F

FITKO (Föderale IT-Kooperation)

fitko.de

65

FITKO (Föderale IT-Kooperation) is a central coordinating and networking organization for digitalization initiatives within the German public administration. Based in Frankfurt am Main, it supports the IT-Planungsrat by implementing its decisions and fostering cooperation among federal, state, and municipal levels. The website reflects a professional government entity with clear communication, transparency, and a focus on digital transformation in public services. Technically, the site is built on TYPO3 CMS, uses Matomo for privacy-conscious analytics, and implements a comprehensive cookie consent mechanism. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. Overall, the site demonstrates a mature digital presence aligned with its governmental mission.

G

Galaxy Gauge ... Tools for Graphic Designers & Scientists

galaxygauge.com

40

Galaxy Gauge is a niche provider of professional-grade graphic design tools and scientific instruments, including translucent rulers, CMYK color charts, font references, and promotional products. The website targets graphic designers and scientists seeking specialized physical tools to enhance their design and production workflows. The business appears to operate primarily through product sales via its website, which has been active since 2001, indicating a long-standing presence in its market niche. Technically, the website is built on basic web technologies including an outdated version of jQuery and standard CSS. It is hosted on Bluehost and uses name servers associated with this provider. The site lacks modern web development practices such as mobile optimization, accessibility features, and SEO best practices. The absence of HTTPS in the provided content is a significant technical and security shortfall. From a security perspective, the website shows minimal security posture. There are no security headers, no DNSSEC, and the use of an outdated JavaScript library introduces potential vulnerabilities. The lack of privacy and cookie policies, as well as absence of contact information, further weakens the site's compliance and trustworthiness. However, no malicious or adult content is present, and the domain registration data supports legitimacy. Overall, the website is functional but basic, with critical improvements needed in security, privacy compliance, and technical modernization to enhance trust and user experience.

W

Witter.cz

witter.cz

57

Witter.cz operates as a Mastodon social networking server, providing an open platform for users to share, inform, and discuss with respect and privacy. The platform emphasizes no advertising, no personal data collection, and no user tracking, positioning itself as a privacy-conscious alternative within the fediverse. The website is relatively new, established in 2022, and targets a general audience interested in decentralized social media. Technically, it runs Mastodon version 4.3.5 with a React-based frontend, delivering a moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and no trackers or ads, but lacks some security headers and cookie consent mechanisms. Overall, the site is trustworthy and legitimate, with consistent WHOIS data and no blocking mechanisms detected.

N

Netto

netto.co.uk

60

Netto is a specialized affiliate and review website focusing on UK online casinos and betting sites that operate outside the UK Gambling Commission's GamStop self-exclusion scheme. The platform provides detailed reviews, bonus offers, and guides tailored for UK players seeking non-GamStop gambling options. The website is relatively new, launched in 2024, and targets a niche market with a clear business model based on affiliate marketing. Technically, the site is built on WordPress with modern SEO and tracking tools, including Yoast SEO, Google Tag Manager, and Cookiebot for cookie consent. The site is mobile-friendly and well-structured, offering a good user experience. Security-wise, the site uses HTTPS and basic security best practices but lacks some advanced security headers and explicit privacy and security policies. No WAF or blocking mechanisms were detected, and the WHOIS data is consistent with the business claims, indicating legitimacy. Overall, the site scores well on content quality and business credibility but could improve privacy compliance and security posture.

R

RTBF

rtbf.be

60

RTBF is a leading Belgian public broadcasting organization providing comprehensive news coverage, including national and international news, sports, culture, and entertainment. The website serves as a primary digital platform for RTBF's news and media content, targeting a broad general audience interested in Belgian and global current events. The business model centers on public media broadcasting with multiple channels and digital content offerings. Technically, the website employs modern web technologies such as Next.js and React, ensuring fast performance, mobile optimization, and good SEO practices. Security posture is strong with HTTPS enforcement and standard security headers, though explicit privacy and cookie policies are not clearly linked in the provided content. The WHOIS data is restricted due to DNS Belgium policies, which is typical but limits domain ownership transparency. Overall, RTBF's website is professional, trustworthy, and content-rich, reflecting its status as a major public media entity.

The website madebyoll.in is a personal technical blog operated by Ollin Boer Bohan, focusing on AI, neural networks, and machine learning projects. It serves as a platform to share detailed project posts and technical insights, targeting technology enthusiasts and developers interested in advanced AI topics. The site positions itself as a niche personal blog rather than a commercial enterprise, with content primarily consisting of project summaries and posts. From a technical perspective, the website uses standard HTML5, CSS, and JavaScript with asynchronous scripts to enhance typography and layout. There is no indication of a CMS or advanced frameworks, suggesting a lightweight and manually maintained site. Mobile optimization is good, and the site structure is clear, though SEO and accessibility features are basic. Performance is moderate, with no evident use of analytics or tracking technologies. Security posture is minimal; no HTTPS status or security headers were detected in the provided data, and no privacy or cookie policies are present. Contact information is limited to a single email address in the footer, with no dedicated security or incident response contacts. The absence of security best practices and compliance documentation indicates a low security maturity level, appropriate for a personal blog but not for commercial or sensitive data handling. Overall, the site is safe and suitable for general audiences, with no adult or questionable content. The domain registration data aligns with the website's personal nature, supporting legitimacy. However, the lack of HTTPS and privacy policies are notable gaps. Strategic improvements in security and compliance would enhance trust and professionalism.