Security Directory

D

Data Archiving and Networked Services (DANS)

narcis.nl

66

Data Archiving and Networked Services (DANS) operates the NARCIS portal, a national Dutch platform providing access to scientific information, research data, software, and project descriptions. The website targets researchers and academics, positioning itself as a key national resource for scientific data dissemination. The business operates under the Royal Netherlands Academy of Arts and Sciences (KNAW), reflecting a non-profit, government-affiliated entity focused on education and research support. Technically, the website is built on WordPress with the Divi theme, leveraging modern web technologies including jQuery, Font Awesome, and Matomo analytics for privacy-conscious user tracking. The site is well-structured with SEO optimizations and mobile responsiveness, though some accessibility features could be enhanced. Security posture is solid with HTTPS enforced and use of reCAPTCHA, but security headers could be improved for better protection. No privacy or cookie policies were explicitly found on the analyzed page, indicating room for compliance improvements. Overall, the domain registration aligns well with the organization's identity, supporting high legitimacy and trustworthiness.

D

Designboom

designboom.com

68

Designboom is a well-established digital magazine founded in 1999, specializing in architecture, design, and art news. It targets a professional and creative audience, offering daily news, interviews, event coverage, and a design shop. The website demonstrates a strong market position as a leading media outlet in its niche, supported by consistent branding and high-quality content. Technically, the site is built on WordPress with a modern tech stack including Google Tag Manager, Matomo Analytics, and a consent management platform, ensuring GDPR compliance and user privacy. Performance and mobile optimization are good, though accessibility could be improved. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, but lacks published security policies or incident response information. The absence of WHOIS data is a concern for transparency but does not detract from the site's apparent legitimacy based on content and social media presence. Overall, Designboom is a professional, trustworthy media platform with room for improvement in security transparency and contact information availability.

I

iMAL

imal.org

61

iMAL is a Brussels-based art center specializing in digital cultures and technology, offering exhibitions, workshops, residencies, and events that support and showcase artistic practices in new media. The organization targets artists, researchers, and the general public interested in digital arts. The website reflects a well-established cultural institution with a clear mission and professional presentation. Technically, the site uses modern web technologies including Matomo analytics configured for privacy, SVG icons, and responsive design, ensuring good performance and accessibility. Security posture is solid with HTTPS enforced and no exposed sensitive data, though it lacks some standard security headers and explicit incident response information. Privacy compliance is good with a clear privacy policy and GDPR adherence, but no cookie consent mechanism is present. Overall, the site is trustworthy, professional, and safe for general audiences.

Library Stack is a specialized digital library platform focusing on digital media and e-books in art, architecture, media studies, design, philosophy, sound, and film studies. It emphasizes unconventional publication formats and operates consortium partnerships, particularly with German institutions. The website is built on WordPress with WooCommerce and uses modern technologies such as Matomo analytics and hCaptcha for security. The content is rich and professionally presented, targeting academic and public library audiences. Security posture is good with HTTPS and form protection, but lacks explicit security headers and published privacy or cookie policies. WHOIS data is unavailable, likely due to privacy protection, which limits domain trust verification. Overall, the website is credible and functional but would benefit from enhanced privacy compliance and security transparency.

S

Summer of Protocols

summerofprotocols.com

58

Summer of Protocols is an educational and community-driven program focused on research and ongoing conversations around protocols. It offers a summer research program, online events, newsletters, and community engagement through Discord and other channels. The website serves as a hub for resources, events, and community interaction, targeting researchers, students, and enthusiasts in the technology and protocols space. Technically, the site is built on WordPress using the Avada theme, with SEO optimizations and Matomo analytics for tracking. The hosting is managed via Cloudflare, ensuring good performance and security at the infrastructure level. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

L

Library Stack

librarystack.org

10

Library Stack is a specialized digital library and archival platform focusing on digital media and e-books in the arts, architecture, media studies, design, philosophy, sound, and film studies. It emphasizes unconventional publication formats and operates a consortium model with German institutions. The website is built on WordPress with WooCommerce and uses modern technologies including Matomo analytics and hCaptcha for security. The content is rich and professionally presented, targeting academic and institutional audiences. Security posture is good with HTTPS and bot mitigation, but lacks visible privacy and cookie policies. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for such organizations.

A

AirtimeUX GmbH

airtimeux.com

60

AirtimeUX GmbH operates a specialized SaaS platform focused on AI-powered user interview research and survey analysis. Their service enables users to transcribe interviews in over 100 languages, detect speakers automatically, and extract instant insights, targeting product teams and user researchers. The company is positioned as a niche player supported by notable partners such as Techstars and TechCrunch, indicating credible market presence. Technically, the website is built on Webflow with modern technologies including Matomo analytics for privacy-conscious tracking, Google Fonts, and embedded YouTube videos. The site is performant, mobile-optimized, and professionally designed, though it lacks some advanced accessibility features and cookie consent mechanisms. Security posture is solid with HTTPS enforced, but missing security headers and absence of a vulnerability disclosure policy are areas for improvement. WHOIS data is missing or unavailable, which raises some concerns about domain legitimacy and age, though the website content and business information are consistent and professional. Overall, the site scores well on content quality and technical implementation but should address privacy compliance and security best practices to enhance trust and compliance.

C

Chromia

chromia.com

61

Chromia is a technology company specializing in a unique Layer-1 relational blockchain platform that integrates relational databases with blockchain technology to enable complex, fully on-chain decentralized applications. The company positions itself as an innovator in blockchain technology, targeting developers and enterprises seeking advanced dapp capabilities. The platform is supported by a native token ($CHR) and offers developer tools, explorer, vault, and documentation to foster ecosystem growth. Technically, the website is built on modern frameworks such as Next.js and React, hosted likely via Cloudflare, and employs analytics and marketing tools like Matomo, Hotjar, and Twitter Ads. The site is well-designed, mobile-optimized, and provides a comprehensive roadmap showcasing ongoing development and future plans. Security posture is strong with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy or terms of service pages. Overall, the website reflects a mature and professional digital presence with room for improvement in privacy and security transparency.

T

Thinkst Applied Research

thinkst.com

71

Thinkst Applied Research is a specialized cybersecurity company focused on breach detection and security research. Their flagship product, Thinkst Canary, along with Canarytokens, OpenCanary, and ThinkstScapes, serve a global audience of security professionals and enterprises. The company has a strong market position as a niche leader with over a decade of presence and deployment on all continents. The website reflects a professional and consistent brand with clear product messaging and a focus on solving difficult security problems. Technically, the website is built as a modern single-page application likely using Vue.js, hosted on AWS infrastructure with DNS managed by AWS DNS servers. It uses Matomo analytics for user tracking, indicating some privacy awareness. The site is mobile optimized with good SEO and accessibility basics, though some improvements could be made in accessibility and performance tuning. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and published security policies such as privacy, cookie, or incident response information. No vulnerability disclosure or security.txt files were found. The WHOIS data is consistent and trustworthy, with a domain age supporting the company's claimed history. Overall, the security posture is moderate but could be enhanced with better policy transparency and technical security controls. The overall risk is low given the professional nature and absence of critical vulnerabilities, but improvements in privacy compliance and security best practices are recommended to strengthen trust and regulatory alignment.

T

Thinkst Canary

canary.tools

74

Thinkst Canary is a cybersecurity company specializing in breach detection through honeypot and deception technologies. Their product suite includes hardware, virtual machine, and cloud-based Canaries designed to detect attackers early with minimal setup and low false positives. The company targets enterprises and organizations seeking advanced network security solutions. The website is professionally designed, consistent in branding, and provides comprehensive information about their offerings and customer testimonials. Technically, the site uses modern JavaScript frameworks such as Vue.js and integrates Matomo analytics for user tracking. The site is mobile-optimized and performs moderately well. Security posture is strong with HTTPS enforced and no exposed sensitive data, though security headers could be improved. Privacy compliance is good with a clear privacy and security policy, but lacks a cookie consent mechanism. WHOIS data is unavailable due to TLD restrictions and privacy protection, which is common and justified for cybersecurity firms. Overall, the website is trustworthy and professional, with no signs of malicious activity or suspicious content.

T

The DFINITY Foundation

dfinity.org

76

The DFINITY Foundation is a Swiss-based non-profit organization that plays a major role in the development of the Internet Computer blockchain. It operates with a large R&D team and focuses on blockchain research, grants, hackathons, and scientific publications. The website reflects a professional and well-established entity with a clear focus on technology and community engagement. Technically, the site uses modern frameworks like Svelte, is hosted on Cloudflare, and employs Matomo for privacy-conscious analytics. Security posture is strong with HTTPS, client transfer protection on the domain, and a public bug bounty program, although DNSSEC is not enabled and some security policies are not explicitly published. Privacy compliance is good with clear privacy and cookie policies, but lacks a cookie consent mechanism. Overall, the site is trustworthy, well-maintained, and targeted at developers, researchers, and blockchain enthusiasts.

S

Scuola universitaria professionale della Svizzera italiana (SUPSI)

supsi.ch

69

The Scuola universitaria professionale della Svizzera italiana (SUPSI) is a recognized Swiss professional university offering Bachelor, Master, and continuing education programs. The website reflects a well-established educational institution with a strong market position in Switzerland's higher education sector. It targets students, professionals, and regional stakeholders with a comprehensive range of academic and research services. Technically, the site is built on the Liferay CMS platform, utilizing modern web technologies such as React and Bootstrap, and integrates Matomo for analytics. The site demonstrates good performance, mobile optimization, and accessibility standards. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is evident with cookie consent mechanisms and privacy policies, although explicit security and incident response policies are not prominently published. Overall, the site is professional, trustworthy, and well-maintained, with a high legitimacy score based on WHOIS data and content alignment.

S

Startnext

startnext.com

70

Startnext is a well-established German crowdfunding platform focused on supporting creative, sustainable, and community-oriented projects. The platform offers a comprehensive suite of services including project hosting, community engagement, and a marketplace, positioning itself as a key player in the non-profit crowdfunding sector since 2010. The website demonstrates a good level of digital maturity with modern JavaScript technologies, analytics integration via Matomo, and a responsive design optimized for mobile devices. Privacy and cookie policies are clearly presented with active consent mechanisms, reflecting compliance with GDPR requirements. Security posture is solid with HTTPS enforced and error monitoring via New Relic, although explicit security headers and incident response contacts could be improved. The absence of public WHOIS data suggests privacy protection for the domain registration, which is common for platforms of this nature. Overall, Startnext presents a professional, trustworthy, and user-friendly online presence with moderate technical performance and good privacy practices.

Morpho Labs operates a sophisticated decentralized finance (DeFi) lending network that connects lenders and borrowers globally, offering peer-to-peer lending and borrowing solutions. The company positions itself as a trusted and secure platform with enterprise-grade infrastructure, targeting both individual DeFi users and enterprises seeking scalable lending solutions. Their business model revolves around open infrastructure, enabling embedded earn products, crypto-backed loans, and vault curation, supported by a strong ecosystem of partners and community engagement. Technically, Morpho employs a modern web stack including React and Next.js for their website, hosted on Amazon AWS infrastructure. Their smart contracts are written in Solidity and are open source, with multiple security audits and formal verification enhancing trust and security. The website demonstrates good performance, mobile optimization, and SEO practices, although some improvements in accessibility and security headers are recommended. From a security perspective, Morpho shows a mature posture with HTTPS enforcement, domain registration protections, and extensive third-party audits. However, the absence of DNSSEC, cookie consent mechanisms, and explicit security headers present areas for enhancement. The presence of a dedicated security contact email and formal verification further strengthen their security credibility. Overall, Morpho presents a low-risk profile with a professional online presence, strong business credibility, and a commitment to security and transparency. Strategic improvements in privacy compliance and DNS security would further solidify their position in the competitive DeFi landscape.

C

Carbon Browser – Your Very Fast Private Web3 Browser

carbon.website

61

The website 'carbon.website' is a relatively new online presence, established in December 2022, utilizing WordPress CMS with Elementor and Bootstrap frameworks. It employs Cloudflare DNS services and Matomo analytics for visitor tracking. The site is accessible without any WAF or security challenge, indicating no blocking mechanisms in place. However, it lacks critical compliance documents such as privacy policy, cookie policy, and terms of service, and does not provide any contact information or security policies. The technical infrastructure is modern but could benefit from enabling DNSSEC and implementing security headers. Overall, the security posture is moderate but with room for improvement, especially in privacy compliance and vulnerability disclosure. The content quality is basic with limited business information, and no explicit or adult content is present, making it safe for general audiences.

N

Nethermind

nethermind.io

67

Nethermind is a blockchain technology company specializing in providing enterprise-grade blockchain infrastructure, research, and security services. Founded in 2017, it has established itself as a trusted partner in the Ethereum and Starknet ecosystems, offering solutions such as blockchain-as-a-service, core engineering, cryptography research, smart contract audits, and AI infrastructure. The company targets enterprises, developers, financial institutions, and governments seeking to build and scale decentralized systems with security and compliance in mind. Technically, the website is built on Webflow CMS with modern web technologies and integrates Matomo analytics for privacy-conscious tracking. The site is well-optimized for mobile and desktop, with clear navigation and professional design. Security posture is strong with HTTPS, security headers, and secure form handling, though explicit privacy and cookie policies are not found in the provided content. WHOIS data is unavailable or protected, which is common in this sector but slightly reduces transparency. Overall, Nethermind demonstrates a mature digital presence aligned with its business focus and market position.

T

Tenderly

tenderly.co

68

Tenderly is a technology company specializing in full-stack Web3 infrastructure solutions designed to support the entire decentralized application lifecycle, from development to on-chain scaling. The platform offers a suite of developer tools including Virtual TestNets, customizable Node RPCs, transaction simulation, debugging, and monitoring services. Positioned as an industry-recognized provider, Tenderly partners with major blockchain projects such as Arbitrum, Optimism, and Chainlink, reinforcing its market presence in the Web3 ecosystem. The target audience primarily consists of Web3 professionals and developers seeking scalable and collaborative infrastructure solutions. Technically, the website leverages modern frameworks like Next.js and React, hosted on Google Cloud infrastructure, and integrates analytics and customer engagement tools such as Matomo, Google Tag Manager, and Intercom. The site demonstrates good performance, mobile optimization, and SEO practices. Security posture is solid with HTTPS enforcement, security headers, and domain transfer protections, though DNSSEC is not enabled. Privacy compliance is partial, with a cookie consent mechanism present but lacking explicit privacy policy and terms of service pages. Overall, Tenderly presents a professional and trustworthy digital presence aligned with its business objectives.

S

SmartRecruiters

smartrecruiterscareers.com

71

SmartRecruiters operates a professional career website focused on recruitment technology and connecting candidates to jobs they love. The site highlights company culture, values, and employee stories, positioning SmartRecruiters as a people-first technology company with a strong market presence. The technical infrastructure is modern, leveraging RequireJS, jQuery, Google Tag Manager, Matomo, Hotjar, and other advanced tools, hosted on Azure CDN with good performance and mobile optimization. Security posture is strong with HTTPS, reCAPTCHA, and cookie consent mechanisms, though explicit security headers and incident response contacts are not clearly published. The absence of WHOIS data for the domain is a concern but the website content and branding strongly indicate legitimacy. Overall, the site is professional, secure, and privacy-conscious, serving as an effective recruitment platform.

I

Remove your on-chain trace | illumineX Wallet

illuminex.xyz

63

illumineX Wallet is a newly launched, privacy-focused non-custodial cryptocurrency wallet service that enables users to transact across multiple blockchains with enhanced privacy and gasless transactions. The platform targets crypto users who prioritize anonymity and compliance, positioning itself as a privacy-first multi-chain wallet solution. The website is professionally designed with good content quality and clear navigation, supporting a positive user experience. Technically, the site leverages modern frameworks such as Astro and uses Cloudflare DNS services, with Matomo analytics for user tracking. Security posture is adequate with HTTPS and domain transfer protections, but lacks DNSSEC and security headers, and does not provide explicit privacy or cookie policies. No contact emails or phone numbers are provided, which limits direct communication channels. Overall, the site is functional and trustworthy but would benefit from enhanced compliance documentation and security hardening.

O

Oasis

oasisprotocol.org

66

Oasis is a technology company specializing in privacy-enhanced blockchain infrastructure for Web3 and AI applications. They offer the only confidential Ethereum Virtual Machine (EVM) in production, enabling developers to build scalable, secure, and interoperable decentralized applications with customizable privacy. Their key products include Oasis Sapphire (confidential EVM), Oasis ROFL (offchain computation framework), and Oasis Privacy Layer (privacy add-on for existing EVM chains). The company targets developers and enterprises seeking advanced privacy solutions in blockchain and AI domains. The website reflects a mature digital presence with professional design and clear messaging, supported by a medium-sized ecosystem of partners and community engagement.

A

Avasant

avasant.com

73

Avasant is a well-established management consulting firm specializing in strategic sourcing, digital and IT transformation, global development, and governance services. The company targets global enterprises, government, and non-profit sectors, offering a broad range of consulting and research services. Their market position is strong, supported by a mature domain and consistent branding. Technically, the website is built on WordPress with WooCommerce and integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, HubSpot, and Matomo, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and published security policies. Overall, the website is professional, well-structured, and trustworthy, with extensive user tracking balanced by a comprehensive cookie consent system.

I

Ignite

ignite.com

60

Ignite.com is a specialized technology platform focused on providing tools and resources for blockchain development, primarily through its Ignite CLI tool. The website positions itself as an innovation platform aimed at making blockchain development more accessible and efficient. The target audience includes blockchain developers and technology professionals seeking streamlined development solutions. The business model revolves around offering open-source tools, documentation, tutorials, and a marketplace for blockchain applications. The company appears to be established with a domain age dating back to 1998, indicating maturity in the technology sector. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, styled with Tailwind CSS, and utilizes Cloudflare for DNS and likely CDN services. The site demonstrates good performance, mobile optimization, and accessibility. Analytics are handled via Matomo, reflecting a privacy-conscious approach. The website design is professional, with clear navigation and relevant content tailored to its audience. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. However, it lacks explicit security policies, incident response contacts, and DNSSEC, which are areas for improvement. No vulnerabilities or suspicious content were detected. Privacy compliance is well addressed with clear privacy and cookie policies including consent mechanisms. Overall, ignite.com presents a trustworthy and professional blockchain development platform with strong technical foundations and good privacy practices. Strategic enhancements in security transparency and DNS security would further strengthen its posture.

P

PERBILITY GmbH

mein-helix.de

40

PERBILITY GmbH operates the HELIX platform, a comprehensive HR management software suite designed for German-speaking enterprises. The platform offers modular solutions covering recruiting, employee development, digitalization of HR processes, e-learning, and AI-assisted HR functionalities. Positioned as a modern B2B SaaS provider, HELIX targets HR professionals and organizations seeking flexible and efficient digital HR management tools. The website reflects a mature digital presence with professional design and clear business focus. Technically, the site is built using the Hugo static site generator, integrates Matomo analytics for privacy-conscious tracking, and employs Cloudflare Turnstile captcha for form security. Security posture is strong with HTTPS enforcement and standard security headers, though some compliance gaps exist such as missing cookie consent mechanisms and terms of service. Overall, the domain registration and DNS setup align with the German business identity, supporting legitimacy and trustworthiness.

P

PERBILITY GmbH

perbility.de

49

PERBILITY GmbH is a German technology company specializing in innovative personnel management software, notably their HELIX platform. The company positions itself as a hub for coders and problem solvers, targeting HR professionals and organizations seeking to unlock hidden potential within their workforce. Their market position is that of an innovative HR solution provider with a medium-sized operation based in Germany. The website is professionally designed, mobile-optimized, and provides clear contact information, enhancing trust and credibility. Technically, the website is built using the Hugo static site generator, leveraging modern CSS and JavaScript assets, and integrates Matomo analytics for user tracking. Hosting is managed via reputable German nameservers (noris.ch, noris.de, noris.net), indicating a stable infrastructure. Performance is moderate with good mobile optimization, though accessibility features are basic. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and does not provide explicit security or incident response policies. Privacy compliance is limited due to the absence of privacy and cookie policies, which is a notable gap given GDPR requirements. No vulnerability disclosure or security.txt files were found. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security transparency to improve its risk posture and regulatory adherence.

D

Deutsche Forschungsgemeinschaft e.V.

wissenschaftliche-integritaet.de

64

The website wissenschaftliche-integritaet.de is a professionally maintained portal operated by the Deutsche Forschungsgemeinschaft e.V. (DFG), Germany's central research funding organization. It serves as a reference and resource hub for scientific integrity, providing the official code of conduct and related commentary to promote good scientific practice within the German research community. The portal targets researchers, scientific institutions, and administrative leadership, supporting compliance with DFG funding requirements. Technically, the site is built on WordPress with a modern plugin ecosystem including Yoast SEO, Matomo analytics, and GDPR-compliant cookie management. The site is well-structured, mobile-optimized, and provides multilingual support. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though some security headers and explicit policies could be improved. Overall, the site reflects a high level of professionalism and trustworthiness consistent with a government/non-profit entity.

O

Oxfam Belgique

oxfambelgique.be

59

Oxfam Belgique is a well-established non-profit organization dedicated to fighting inequality and promoting economic justice through advocacy, humanitarian aid, and fair trade initiatives. The website reflects a mature digital presence with comprehensive content targeting citizens, donors, volunteers, and businesses. It is part of the global Oxfam International confederation, reinforcing its market position and credibility. Technically, the site is built on Drupal 10, leveraging modern analytics and marketing tools such as Matomo, Google Analytics, and Adobe Analytics, with a strong focus on privacy compliance and user consent. Security posture is good with HTTPS enforced and cookie consent mechanisms, though some security headers could be more explicitly implemented. Overall, the site is professional, trustworthy, and well-optimized for mobile and accessibility standards.

O

Oxfam België

oxfambelgie.be

59

Oxfam België is a well-established non-profit organization dedicated to fighting inequality and promoting a just economy in Belgium. The website reflects a mature digital presence with comprehensive content about their mission, activities, and impact. Their market position is strong within the non-profit sector, supported by multiple subsidiaries and partnerships under the Oxfam International umbrella. The site is professionally designed, mobile-optimized, and provides clear navigation and trust signals such as transparency and contact information. Technically, the site uses Drupal 10 CMS with modern analytics and marketing tools, maintaining good performance and accessibility standards. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms, although there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is safe, trustworthy, and compliant with GDPR requirements, making it a credible platform for donors, volunteers, and the general public interested in humanitarian and social justice causes.

K

Kungliga Tekniska högskolan (KTH)

kth.se

62

KTH Royal Institute of Technology is a leading European technical university based in Sweden, offering a broad range of educational programs, research initiatives, and collaborative projects. The website reflects a mature digital presence with comprehensive content targeting students, researchers, and partners. Technically, the site employs modern JavaScript technologies, asynchronous script loading, and a consent management platform to comply with privacy regulations. Security posture is strong with HTTPS enforced and privacy-conscious analytics, though some security headers and explicit policies could be improved. The WHOIS data is unavailable due to querying a subdomain, but the domain and content strongly indicate legitimacy. Overall, the site is professional, trustworthy, and well-optimized for users.

Umeå universitet is a large, well-established public university in Sweden, providing education, research, and student services. The website serves a broad audience including prospective and current students, researchers, and staff. It features comprehensive information about programs, research, events, and campus life. The site is professionally designed with consistent branding and clear navigation, supporting a positive user experience. Technically, the site uses modern tools such as Matomo for analytics and Klaro for cookie consent management, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit security policies. WHOIS data was not retrievable for the subdomain queried, but this is due to querying 'www.umu.se' instead of the registered domain 'umu.se'. Overall, the domain and website are trustworthy and professionally managed.

O

Oxfam Deutschland

oxfam.de

63

Oxfam Deutschland operates as a large, established non-profit organization dedicated to combating social inequality, poverty, and exploitation globally. The website reflects a strong commitment to transparency, humanitarian aid, and advocacy, targeting a broad audience interested in social justice and sustainable development. The organization leverages modern web technologies including Drupal 10, Matomo analytics, and Usercentrics for consent management, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforcement and privacy-conscious tracking, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, supporting Oxfam's mission effectively online.

O

Oxfam Belgique

oxfamsol.be

57

Oxfam Belgique is a well-established non-profit organization dedicated to fighting inequality and promoting economic justice in Belgium and globally. The website reflects a mature digital presence with comprehensive content about their mission, campaigns, and ways to engage, targeting citizens, donors, volunteers, and businesses. The organization is part of the global Oxfam confederation, reinforcing its credibility and market position. Technically, the site is built on Drupal 10, uses modern analytics and marketing tools, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though explicit security policies and incident response information are not found. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations.

O

Oxfam France

oxfamfrance.org

65

Oxfam France is a well-established non-profit organization dedicated to combating poverty and social inequalities through citizen empowerment, advocacy campaigns, humanitarian aid, and sustainable development initiatives. The website reflects a mature digital presence with clear branding, comprehensive content, and multiple engagement channels including donation forms and volunteer programs. Technically, the site is built on WordPress with modern plugins and analytics tools such as Matomo and Google Tag Manager, ensuring good performance and user experience. Security posture is solid with HTTPS enforced and secure form handling, though some security headers could be improved. Privacy and cookie policies are present and indicate GDPR compliance. The WHOIS data is unavailable due to a malformed query, but the website's content and external references strongly support its legitimacy. Overall, the site is professional, trustworthy, and well-positioned in the non-profit sector.

G

Gulf Times

gulf-times.com

56

Gulf Times is a leading English daily newspaper based in Qatar, providing comprehensive local and international news coverage. It holds a strong market position as Qatar's top-selling English newspaper, targeting English-speaking residents and readers interested in regional and global affairs. The business model revolves around digital news publishing, subscription services, and advertising revenue. The website demonstrates a professional design with consistent branding and high-quality content, supported by active social media channels and advertising partnerships.

H

Hochschulrektorenkonferenz

hrk-modus.de

46

The website hrk-modus.de is an educational project portal operated by the Hochschulrektorenkonferenz and funded by the German Federal Ministry of Education and Research. It provides comprehensive information and resources related to recognition and accreditation processes at universities, targeting higher education institutions and stakeholders. The site is well-structured, professionally designed, and offers multilingual support (German and English). Technically, it is built on TYPO3 CMS with responsive design and uses Matomo for privacy-conscious analytics. Security posture is good with HTTPS enforced, but lacks some advanced security headers and cookie consent mechanisms. No contact or incident response information is publicly available, which could be improved to enhance trust and compliance. Overall, the site is trustworthy, content-rich, and serves a niche educational purpose effectively.

The Forschungslandkarte website is an official platform provided by the Stiftung zur Förderung der Hochschulrektorenkonferenz (HRK) to present and promote the research focuses of German higher education institutions. It serves as a bilingual informational and marketing tool that supports universities and applied sciences institutions in showcasing their research profiles. The site targets academic institutions, researchers, students, and policy makers, providing structured search capabilities and contact points for collaboration. Technically, the site is built on TYPO3 CMS with Bootstrap for responsive design and uses Matomo analytics configured with privacy considerations. The website demonstrates good performance, accessibility, and SEO practices. Security posture is solid with HTTPS enforced and a comprehensive cookie consent mechanism, though it lacks some advanced security headers and a public security policy. Overall, the domain registration and WHOIS data align well with the institutional nature of the site, indicating legitimacy and trustworthiness.

A

Actionbound

actionbound.com

63

Actionbound is a Germany-based company founded in 2012 that provides an innovative platform for creating and playing interactive scavenger hunts and guided tours on mobile devices. Their core offering includes a browser-based Bound Creator and mobile apps for Android and iOS, targeting educators, corporate trainers, museums, and event organizers. The business model is freemium with tiered licenses for professional, educational, and personal use. The website demonstrates strong branding, professional design, and extensive customer testimonials from reputable organizations, indicating a solid market position in the educational gamification niche. Technically, the website uses modern JavaScript frameworks, Semantic UI for styling, and integrates Matomo analytics with cookies disabled for privacy. The platform is well optimized for mobile devices and accessibility. Security posture is good with HTTPS enforced and secure login forms, though some security headers and explicit policies are missing. Privacy compliance is adequate with a comprehensive privacy policy and GDPR references, but lacks a cookie consent mechanism. Overall, the website is trustworthy, professional, and content-rich with no signs of malicious activity or adult content. The WHOIS data for the subdomain is unavailable, which is normal and not suspicious. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing security policies to improve compliance and trust.

N

NOAO/AURA, Inc.

globeatnight.org

59

Globe at Night is a well-established international citizen science campaign managed by NOAO/AURA, Inc., affiliated with NSF’s NOIRLab. The website serves as an educational platform to raise awareness about light pollution by engaging the public in measuring night sky brightness. It offers resources, reporting tools, and interactive maps to support its mission. The target audience includes general public, educators, and astronomy enthusiasts worldwide. Technically, the site uses a modern JavaScript stack with privacy-conscious Matomo analytics and is hosted on Amazon AWS infrastructure. The website is mobile optimized with good design and navigation, though some SEO and accessibility features could be improved. Security posture is solid with HTTPS and no exposed sensitive data, but lacks some security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration and WHOIS data strongly support the legitimacy and trustworthiness of the site.

N

NSF NOIRLab (U.S. National Science Foundation National Optical-Infrared Astronomy Research Laboratory)

noirlab.edu

66

NSF NOIRLab is a U.S. government-funded national center dedicated to ground-based nighttime optical and infrared astronomy. Operated by AURA under a cooperative agreement with the NSF, it provides world-class astronomical research facilities, public education, and scientific data services. The website reflects a mature, well-established organization with a strong focus on scientific outreach and community engagement. Technically, the site uses modern web technologies including Bootstrap and Matomo analytics, and is well-structured for accessibility and SEO. Security posture is good with HTTPS enforced and no exposed sensitive data, though improvements can be made by adding security headers and formal security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite analytics usage. Overall, the domain registration and website content are consistent and legitimate, supporting a high trust level.

K

Koordinationsstelle des Netzwerks Studienorientierung Brandenburg

studieren-in-brandenburg.de

67

The website 'Netzwerk Studienorientierung Brandenburg' serves as an educational and informational platform aimed at students interested in studying in Brandenburg, Germany. It provides comprehensive resources including study program searches, orientation offers, workshops, events, and personalized study advice. The platform is positioned as a regional coordination office supporting study orientation in Brandenburg, targeting prospective and current students. The business model is non-commercial and focused on educational support. Technically, the website is built on WordPress with modern web technologies such as jQuery, Matomo analytics for privacy-conscious tracking, and Mapbox for interactive maps. The site is mobile-optimized with good design quality and clear navigation, though some accessibility features are basic. Performance is moderate with room for improvement. From a security perspective, the site uses HTTPS and employs nonce tokens for AJAX requests, but lacks visible security headers and explicit privacy or cookie policies, which are compliance gaps. No vulnerabilities or exposed sensitive data were detected. The WHOIS data shows consistent domain registration aligned with the educational purpose, enhancing trustworthiness. Overall, the website is professional, trustworthy, and content-rich but should improve privacy compliance and security headers to enhance user trust and regulatory adherence.

W

Wissenschaftszentrum Berlin für Sozialforschung

wzb.eu

60

Wissenschaftszentrum Berlin für Sozialforschung (WZB) is a prominent German research institution specializing in social sciences. The website serves as a comprehensive portal for their research activities, publications, events, and organizational information. It targets academics, researchers, policy makers, and students interested in social research topics. The institution operates as a non-profit entity with a strong presence in the European academic landscape. Technically, the website is built on Drupal 8 CMS, leveraging Matomo analytics configured to respect user privacy via Do Not Track settings. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some modern security headers are missing. The cookie consent mechanism is implemented in compliance with EU regulations. From a security perspective, the site uses HTTPS and has implemented privacy-conscious analytics. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No WAF or blocking mechanisms were detected, and the domain WHOIS data aligns well with the institution's identity, indicating high legitimacy. Overall, the website is professional, trustworthy, and well-suited for its academic audience, but could improve in transparency regarding privacy policies and security disclosures.

D

Deutsche Bundesbank

bundesbank.de

66

The Deutsche Bundesbank website serves as the official online presence of Germany's central bank, focusing on monetary policy, banking supervision, cash management, and research. It targets a broad audience including financial professionals, researchers, government entities, and the general public. The site is well-structured with comprehensive navigation covering key services and organizational information. Technically, the site employs modern web technologies and privacy-conscious analytics (Matomo) with good mobile optimization and accessibility. Security posture is solid with HTTPS and privacy-respecting analytics, though it lacks explicit security headers and published security policies. The absence of visible privacy and cookie policies suggests room for improvement in compliance. Overall, the site reflects a high level of professionalism and trustworthiness consistent with a national central bank.

U

Universität Osnabrück

uos.de

63

Universität Osnabrück is a well-established public university in Germany offering a broad range of academic programs including economics, law, humanities, social sciences, natural sciences, artificial intelligence, and teacher education. The website targets prospective and current students, researchers, and international visitors, providing comprehensive information about study programs, application processes, and campus life. The university maintains a strong market position as a regional educational institution with a diverse academic portfolio. Technically, the website is built on TYPO3 CMS, a reputable open-source content management system, and employs Matomo analytics configured with privacy by design principles. Cookie consent is managed through tarteaucitron.js, ensuring compliance with GDPR and user privacy preferences. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms effectively. However, explicit security headers are not evident in the provided data, and no formal security policy or incident response contacts are published, representing areas for improvement. No vulnerabilities or suspicious activities were detected, and the domain registration is consistent with a legitimate educational institution, though registrant details are privacy protected as per DENIC policy. Overall, the website presents a professional, trustworthy, and privacy-conscious digital presence for Universität Osnabrück, with recommendations to enhance security transparency and header configurations to further strengthen its security posture.

W

Weizenbaum-Institut

weizenbaum-institut.de

58

The Weizenbaum-Institut is a leading German research institute specializing in interdisciplinary digitalization research focused on societal impacts, policy advice, and sustainable digital transformation. The website reflects a strong academic and governmental orientation, targeting policymakers, researchers, and civil society. It offers extensive content on research projects, events, publications, and collaborations with reputable partners. Technically, the site is built on TYPO3 CMS, uses privacy-conscious Matomo analytics, and features a modern, responsive design with good SEO and accessibility basics. Security posture is solid with HTTPS and cookie-less analytics, though it lacks some security headers and explicit cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-aligned with its mission and audience.

E

Eurofiber

eurofiber.com

57

Eurofiber is a leading European fiber-optic network provider specializing in delivering high-quality, reliable, and secure connectivity solutions across the Netherlands, Belgium, France, and Germany. The company supports digital transformation initiatives by offering extensive fiber-optic infrastructure, cloud connectivity, and security services tailored for business customers. Eurofiber is recognized as a vital infrastructure provider by the Dutch government, underscoring its importance in the digital economy. Technically, the website demonstrates a mature digital presence built on modern frameworks such as React and Next.js, with strong mobile optimization and performance. The use of advanced analytics and consent management tools reflects a commitment to privacy and data protection compliance. However, the absence of explicit security headers and a public security policy indicates areas for improvement in security transparency. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks visible incident response or vulnerability disclosure information. The WHOIS data is unavailable, which reduces transparency but does not detract significantly from the site's legitimacy given the professional presentation and trust signals. Overall, Eurofiber presents a trustworthy and professional digital footprint with robust business offerings and a solid technical foundation. Strategic enhancements in security policy disclosure and WHOIS transparency would further strengthen its security posture and stakeholder confidence.

S

Stadt Linz

linztermine.at

65

Linz-Termine is the official online event calendar for the city of Linz, Austria, providing residents and visitors with comprehensive information about local events across various categories such as music, culture, sports, and family activities. The platform allows event organizers to register and manage their events free of charge, positioning itself as a trusted and authoritative source for city events. The website demonstrates a high level of professionalism with excellent content quality, clear navigation, and consistent branding aligned with the city government. Technically, the site leverages modern web technologies including JavaServer Faces with PrimeFaces, jQuery, Bootstrap, and Matomo for analytics, ensuring a responsive and accessible user experience. Security measures include HTTPS usage and a robust cookie consent mechanism, although there is room for improvement in implementing HTTP security headers and publishing explicit security policies. The absence of WHOIS data limits domain trust assessment, but the official nature of the site and its alignment with the city of Linz mitigate concerns. Overall, Linz-Termine presents a secure, user-friendly, and privacy-conscious platform serving the local community effectively.

T

Tourismusverband Linz

linztourismus.at

63

Linz Tourismus operates as the official tourism organization for the city of Linz, Austria, providing comprehensive information and services related to sightseeing, accommodations, events, gastronomy, and group travel. The website is well-structured, professionally designed, and targets tourists, business event organizers, and local partners. It offers multilingual support and integrates booking services through trusted partners. Technically, the site is built on Silverstripe CMS with modern JavaScript libraries and includes accessibility features, cookie consent management, and GDPR-compliant privacy policies. Security posture is strong with HTTPS enforcement and anonymized analytics, though explicit security headers could be enhanced. Overall, the site demonstrates a mature digital presence with a focus on user privacy and data protection.

C

Ceph

ceph.com

54

Ceph.io represents a mature and well-established open-source distributed storage system project, providing unified storage solutions including object, block, and file storage. The website targets organizations and developers seeking scalable and reliable storage infrastructure. The business model revolves around open-source community engagement and foundation support, positioning Ceph as a leading technology in distributed storage. Technically, the website is built on a custom platform with modern web technologies including JavaScript modules, SVG graphics, and uses Matomo for analytics, alongside LinkedIn and Twitter marketing tags. The site is performant, mobile-optimized, and accessible, with good SEO practices. Hosting and DNS are managed professionally, though DNSSEC is not enabled. From a security perspective, the site enforces HTTPS and maintains a dedicated security page, but lacks some advanced security headers and DNSSEC. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with a comprehensive privacy policy and terms of service, but the absence of a cookie consent mechanism is a minor gap. Overall, the website is professional, trustworthy, and secure with a strong technical foundation. Strategic improvements in security headers, DNSSEC, and cookie consent would enhance compliance and security posture further.

Stadt Linz operates as the official municipal government website for the city of Linz, Austria, providing a broad range of public services, cultural information, and digital tools for citizens and visitors. The website serves as a comprehensive portal for city life, politics, administration, and tourism, positioning itself as a trusted and authoritative source for local information. The site targets residents, tourists, and stakeholders interested in city services and events. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and popular libraries such as Owl Carousel and Matomo Analytics for user tracking with privacy compliance. The site is mobile-optimized, accessible, and SEO-friendly, with a clear navigation structure and professional design. Cookie consent is managed via Klaro, ensuring GDPR compliance. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms to protect user privacy. However, explicit security headers are not detected in the HTML content, and no published security or incident response policies are found. No vulnerabilities or exposed sensitive data were identified, indicating a solid security posture for a government website. Overall, Stadt Linz's website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. The lack of WHOIS data is likely due to privacy protection, which is justified for government domains. Strategic improvements could include adding security headers and publishing a vulnerability disclosure policy to enhance transparency and security readiness.

C

CIVIC

civiccomputing.com

61

CIVIC is a UK-based digital agency specializing in digital innovation and collaborative problem-solving to enhance everyday interactions. Their services span strategy, design, development, hosting, and support, targeting primarily government and public sector clients. The company positions itself as a trusted partner with a strong focus on accessibility, GDPR compliance, and user-centered design. The website reflects a professional and consistent brand image with clear navigation and comprehensive service descriptions. Technically, the website is built on Drupal 10 and integrates Matomo analytics for privacy-conscious user tracking. The presence of a GDPR-compliant cookie control mechanism demonstrates a mature approach to privacy and compliance. The site is mobile-optimized and accessible, though some security headers are not detected, indicating room for improvement in security hardening. From a security perspective, the site uses HTTPS and enforces cookie consent, but lacks visible security headers and published security policies or incident response contacts. The WHOIS data is missing or unavailable, which raises concerns about domain registration transparency, although the website content and professional presentation support legitimacy. Overall, CIVIC's website is well-designed and functional, with strong privacy compliance and a clear business focus. However, the absence of WHOIS data and some security best practices suggest areas for enhancement to improve trust and security posture.

N

NINT (SHANGHAI) CO. LTD.

nint.com

56

Nint (Shanghai) Co. Ltd. operates a professional Chinese website focused on providing AI-driven big data analytics and consulting services for the digital retail and e-commerce sectors. The company positions itself as a leading expert in full-domain digital retail data, serving over 3000 brand clients including a majority of Fortune 500 consumer brands. Their offerings include e-commerce data tracking, content analytics, benchmarking, cross-border e-commerce data, and market research. The website is well-designed, content-rich, and targets enterprise clients seeking data-driven growth insights. Technically, the site employs modern web technologies including Bootstrap, jQuery, and Swiper.js, and integrates multiple analytics and tracking services such as Matomo, Bing UET, Baidu Analytics, Microsoft Clarity, Google Tag Manager, and JingSocial. The site is mobile-optimized and demonstrates good SEO practices. However, no explicit cookie consent mechanism was detected, and security headers appear to be missing, which are areas for improvement. From a security perspective, the site uses HTTPS with good SSL configuration and secure form handling. No critical vulnerabilities or exposed sensitive data were found. The absence of WHOIS data for the domain www.nint.com is a concern for transparency and trust, though the website content and branding strongly indicate a legitimate business. No explicit security or incident response policies are published. Overall, the website presents a professional and trustworthy front for a large Chinese e-commerce data analytics company. Strategic recommendations include implementing cookie consent for GDPR compliance, adding security headers, publishing security policies, and verifying domain registration details to enhance trust and compliance.