Security Directory

A

ANWB

werkenbijanwb.nl

74

The website 'werkenbijanwb.nl' serves as a career portal for ANWB, a well-established Dutch organization in the transportation and mobility sector. It provides job seekers with access to various vacancies and promotes employment opportunities within ANWB. The site is professionally designed with consistent branding and targets individuals interested in mobility and adventure careers. The technical infrastructure includes modern web technologies such as Bootstrap, Google Tag Manager, and reCAPTCHA, supporting a good user experience and moderate performance. Security measures like HTTPS and security headers are properly implemented, although explicit security policies and incident response contacts are absent. The site employs multiple analytics and advertising tools, indicating a focus on marketing and user engagement. Overall, the domain registration data aligns well with the website's business claims, supporting its legitimacy.

C

CasinoDoc

casinodoc.org

59

CasinoDoc is a French-language online platform specializing in comparing online casinos and providing guides and bonus offers for 2024. Positioned as a leading casino comparison site in the French market, it targets adult online gamblers seeking trustworthy casino reviews and payment method information. The business model appears to be affiliate marketing combined with informational content. Technically, the site is built on WordPress with modern performance optimizations including WP Rocket, uses Cloudflare DNS, and integrates analytics tools such as Google Tag Manager and Microsoft Clarity. The site demonstrates good design quality, mobile optimization, and SEO practices, but lacks visible privacy and cookie policies, which impacts privacy compliance. Security posture is solid with HTTPS and domain protection but could be improved by enabling DNSSEC and adding security headers and policies. Overall, the site is moderately trustworthy but would benefit from enhanced transparency and compliance documentation.

I

Infinity Stars Partners

infinitystarspartners.com

55

Infinity Stars Partners operates a multi-platform affiliate program focused on casino gaming brands. The company targets affiliate marketers and casino promoters, offering revenue share commissions up to 50%. The website is professionally designed using WordPress and Elementor, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS and domain transfer protections, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is available via company emails and social media, but no phone or physical address is provided. Overall, the site is safe for adult audiences interested in gambling affiliate marketing.

A

Algoo

tracim.fr

60

Tracim is a French-based collaborative software platform developed and maintained by Algoo since 2014. It offers a comprehensive team communication and collaboration solution designed for asynchronous work, targeting organizations such as enterprises, associations, and educational institutions. The platform emphasizes open source principles, ethical data handling, and user sovereignty. Technically, the website employs modern front-end technologies including Bootstrap, FontAwesome, Swiper.js, and Matomo analytics, hosted on ScaleWay infrastructure. The site is mobile-optimized and provides a professional user experience with clear navigation and rich content. Security posture is strong with HTTPS enforced, CSRF protection on forms, and domain registration consistent with business claims. However, explicit cookie consent mechanisms and published security policies are lacking, representing areas for improvement. Overall, Tracim presents a trustworthy and mature digital presence with a solid foundation for growth and compliance.

U

Uitjes.nl

uitjes.nl

52

Uitjes.nl is a well-established Dutch online platform founded in 1999, specializing in providing inspiration and listings for leisure activities and day trips across the Netherlands and Belgium. The platform caters to a broad audience including families, friends, and corporate groups, offering a wide range of activities such as sports, cultural events, and special outings. It features user reviews, promotional offers, and a reservation/payment system to facilitate bookings. Technically, the website employs modern web technologies including Bootstrap, Google Analytics, Google Tag Manager, and Google reCAPTCHA, ensuring a functional and moderately optimized user experience with good mobile responsiveness. Security-wise, the site benefits from HTTPS, DNSSEC, and reCAPTCHA integration, but lacks visible security headers and published security policies, indicating room for improvement in security transparency and defense-in-depth. Overall, the domain's WHOIS data confirms a long-standing and legitimate presence, supporting the platform's credibility and trustworthiness.

Meeting Magazine is a well-established Dutch media platform specializing in information and inspiration for business meetings and event professionals. The website offers news, articles, business profiles, event location listings, and advertising opportunities, targeting a professional audience within the meetings and events industry. The platform is operated by van munster media groep and has been active for over 15 years, indicating a stable market presence in the Netherlands. The content is primarily in Dutch and is professionally presented with consistent branding and good user experience.

A

Algoo

algoo.fr

10

Algoo is a French technology company specializing in open source software deployment, integration, and IT infrastructure management, particularly focused on Linux environments and collaboration tools. The company offers key services including the Tracim collaboration platform, Galae interoperable email service, IT infrastructure management, custom software development, and hardware sales. Positioned as a niche specialist in the French market, Algoo targets organizations seeking sustainable and sovereign open source solutions. The website reflects a professional and consistent brand image with clear service offerings and client references. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Matomo analytics, ensuring good mobile optimization and user experience. The site uses HTTPS with secure form submission practices, though lacks some advanced security headers. Analytics usage is privacy-conscious with Matomo, but cookie consent mechanisms are not evident, which may affect GDPR compliance. The WHOIS data is unavailable, limiting domain trust verification, but the website content and contact information support legitimacy. Security posture is solid with encrypted communications and secure forms, but could be improved by adding security headers and publishing explicit security policies. No vulnerabilities or exposed sensitive data were detected. Overall, the website is safe, professional, and trustworthy, with minor areas for compliance and security enhancement.

I

Irish Council for Civil Liberties

iccl.ie

10

The Irish Council for Civil Liberties (ICCL) is Ireland's oldest human rights organization, established in 1976. It operates as a non-profit advocacy group focused on promoting and protecting human rights across various sectors including justice, equality, digital rights, and democratic freedoms. The organization is independent and non-partisan, funded primarily through members and donors. The website serves as a platform for news, campaigns, petitions, and educational resources aimed at the general public interested in human rights issues in Ireland. Technically, the website is built on WordPress with modern SEO and analytics tools such as Yoast SEO and Matomo Analytics. It uses HTTPS and includes responsive design elements for mobile optimization. The site demonstrates good performance and accessibility basics, though there is room for improvement in security headers and cookie consent mechanisms. From a security perspective, the site employs HTTPS and disables cookies in analytics to enhance privacy. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data limits domain trust verification, but the website content and contact information align with a legitimate non-profit entity. Overall, the website presents a professional and trustworthy front for ICCL, with strong content quality and business credibility. Strategic recommendations include enhancing security headers, implementing cookie consent, publishing security and incident response policies, and establishing a vulnerability disclosure process to further strengthen trust and compliance.

Z

Zaklady Bukmacherskie

zakladybukmacherskie.nl

41

Zaklady Bukmacherskie is a Polish-language online platform focused on providing comprehensive information, reviews, and rankings of sports betting operators available in the Netherlands. The site targets Polish-speaking bettors residing in the Netherlands, offering detailed guides on bookmakers, betting strategies, bonus offers, and live streaming options. The business operates primarily as an affiliate marketing site, linking users to recommended bookmakers with bonus incentives. Technically, the website is built on WordPress, utilizing popular plugins such as Yoast SEO and jQuery, and incorporates modern web technologies including responsive design and structured data for SEO enhancement. Security posture is solid with HTTPS enforced and standard security headers present, though improvements like Content-Security-Policy and security.txt are recommended. Privacy compliance is weak due to the absence of explicit privacy and cookie policies, and no direct contact information is provided, which could impact user trust and regulatory compliance. Overall, the site is professionally designed, content-rich, and well-positioned within its niche, but should enhance privacy transparency and security disclosures to improve credibility and compliance.

K

Kongebonus

kongebonus.com

53

Kongebonus is a Norwegian-focused online platform specializing in providing comprehensive information, reviews, and bonus offers related to online casinos and sports betting. Established around 2022, it positions itself as Norway's largest community for iGaming enthusiasts, offering detailed guides, betting tips, and payment method advice. The website is well-structured, professionally designed, and optimized for SEO, targeting adult Norwegian users interested in gambling and betting. Technically, the site is built on WordPress with modern performance optimizations including lazy loading and deferred scripts, and integrates Google Tag Manager for analytics. Security posture is generally good with HTTPS enforced and no obvious vulnerabilities, though some security headers and explicit policies are missing. The absence of WHOIS domain registration data raises concerns about domain legitimacy and transparency, which impacts business credibility. Overall, the site is a professional and trusted resource within its niche but would benefit from enhanced transparency and security disclosures.

D

Domains By Proxy, LLC

babeldoor.com

59

CasinoDoc is a French-language online casino comparison website launched in 2023, offering users information on casino bonuses, reviews, and game guides to enhance their gambling experience. The site targets French-speaking online casino players and operates primarily as an affiliate marketing platform. Technically, the website is built on WordPress with modern performance optimizations including WP Rocket, Google Tag Manager, and Microsoft Clarity for analytics. The site uses Cloudflare DNS but does not have DNSSEC enabled. Security posture is moderate with HTTPS enabled and domain registration protections in place, but lacks visible security policies or headers. Privacy compliance is weak due to absence of privacy and cookie policies. Business credibility is moderate with consistent branding and social media presence but no direct contact information. Overall, the site is professionally designed and functional but would benefit from enhanced privacy and security disclosures.

B

Bookkerit & vedonlyöntisivut.

bookkerit.com

56

Bookkerit.com is a Finnish-language affiliate website specializing in listing and reviewing sports betting and casino sites targeted at Finnish customers. The site provides detailed information on betting bonuses, tips, and guides, positioning itself as a trusted resource in the Finnish gambling affiliate niche. The business appears small but focused, founded in 2022, and maintains consistent branding and good content quality. Technically, the site is built on WordPress, uses popular plugins like Yoast SEO, and is hosted on SiteGround, indicating a modern and maintainable infrastructure. The site is mobile-optimized and SEO-friendly, with structured data enhancing search visibility. Security-wise, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and security headers, which are recommended for improved security posture. Privacy compliance is weak, with no visible privacy or cookie policies, which is a significant gap given the site's data collection and affiliate marketing activities. Overall, the site is functional and professional but should improve privacy and security practices to enhance trust and compliance.

T

Take Back The Tech!

takebackthetech.net

38

Take Back The Tech! is a well-established non-profit campaign founded in 2006, dedicated to empowering women and girls to take control of technology to end gender-based violence. The website serves as an educational and advocacy platform offering resources, campaigns, and community engagement tools. It targets activists, women, and communities concerned with technology-facilitated violence. Technically, the site is built on Drupal 9 with modern web technologies, providing a responsive and accessible user experience. However, some technical aspects such as DNSSEC and security headers could be improved to enhance security. The security posture is moderate with domain management practices that prevent unauthorized changes but lacks published security policies or incident response information. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is credible and trustworthy, with a clear mission and consistent branding, but could benefit from enhanced security and privacy practices.

S

Software Freedom Conservancy

fossy.us

53

The website 2025.fossy.us represents the FOSSY 2025 conference, a community-oriented event focused on free and open source software, hosted by the Software Freedom Conservancy. The event is scheduled for July 31st to August 3rd, 2025, at Portland State University. The site provides information about the conference, registration, sponsorship, and related logistics, targeting open source contributors and enthusiasts. The business model is non-profit and community-driven, with a clear focus on fostering open source software development and collaboration. Technically, the website uses a modern but straightforward tech stack including Bootstrap, jQuery, FontAwesome, and Tachyons CSS. The site is mobile-optimized with good navigation and professional design. External resources are loaded from reputable CDNs, and no major performance or accessibility issues are evident. However, some improvements could be made in accessibility and SEO optimization. From a security perspective, the site uses HTTPS (implied by the URL), but no explicit security headers were detected in the provided data. There is no visible security.txt or incident response contact information. The WHOIS data is unavailable, likely due to privacy protection, which is reasonable for this type of non-profit event. No vulnerabilities or exposed sensitive data were found in the HTML content. Privacy compliance is partial, with a privacy policy linked externally but no cookie consent mechanism on the site. Overall, the website is trustworthy and professionally presented, with a moderate to good security posture and privacy compliance. Recommendations include adding security headers, implementing cookie consent, and publishing vulnerability disclosure information to enhance trust and compliance.

R

Revue Charles

revuecharles.fr

35

Revue Charles is a French political media publication established in 2014, offering political articles, podcasts, and subscription services. The website targets French-speaking audiences interested in political analysis and commentary. The business operates a subscription-based model supported by WooCommerce on a WordPress platform, hosted by OVH, a reputable French hosting provider. The site demonstrates good content quality, consistent branding, and a professional design tailored for political media consumption. Technically, the site leverages modern web technologies including WordPress CMS, WooCommerce for e-commerce, Yoast SEO for search optimization, and integrates analytics tools such as Google Analytics and StatCounter. The site is mobile-optimized and uses HTTPS with a valid SSL certificate, ensuring secure communications. However, some security best practices like security headers and cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. From a security perspective, the site shows no signs of WAF blocking or malicious content. The domain registration is transparent and consistent with the business profile, registered with OVH since 2014. No direct company contact emails or phone numbers are publicly listed, with contact primarily via forms and social media channels. Privacy compliance is basic, with a privacy policy present but lacking explicit cookie consent and GDPR compliance indicators. Overall, Revue Charles presents a trustworthy and professional online presence for a niche political media outlet, with room for improvement in privacy compliance and security hardening to meet modern standards.

A

April

chapril.org

47

Chapril.org is a French non-profit initiative by the April association, dedicated to providing free, ethical, and privacy-respecting online services as alternatives to major commercial platforms. The website offers a variety of open-source services including instant messaging (XMPP), microblogging (Mastodon), QR code generation, collaborative editing, and more, all aimed at promoting digital freedom and user privacy. The target audience is general internet users interested in free software and ethical internet usage. The business model is donation-supported and non-commercial, emphasizing transparency and community involvement. Technically, the website is built on the SPIP CMS platform and integrates various open-source technologies such as ejabberd for XMPP and Dokuwiki for documentation. The site is mobile-optimized with good navigation and SEO practices, though accessibility could be improved. No major performance issues are evident, and the site maintains a moderate loading speed. The infrastructure appears actively maintained with recent updates. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a published security policy or incident response contacts. Privacy compliance is partial, with terms of use present but no clear privacy or cookie policies or consent mechanisms. The WHOIS data is malformed and incomplete, which slightly reduces trustworthiness but does not contradict the site's legitimacy given its affiliation with April and transparent operations. Overall, Chapril.org presents a trustworthy, well-maintained platform with a strong ethical focus. Strategic improvements in privacy policy publication, cookie consent, security headers, and WHOIS transparency would enhance its security posture and compliance standing.

W

WM Partners, LP

wmplp.com

72

WM Partners, LP is a private equity firm specializing in investments within the Health and Wellness sector. Established in 2015, the company has invested over $1.1 billion and leverages more than 340 years of combined investment and operational experience. Their business model focuses on partnering with entrepreneurs and operators to transform natural consumer brands through strategic and operational expertise. The website reflects a mature, professional organization with clear market positioning as a trusted partner in their industry. The target audience includes entrepreneurs, investors, and companies within the health and wellness space. Technically, the website employs modern frontend technologies including Bootstrap 5, jQuery, FontAwesome, and Google Fonts, with additional accessibility support via the ACSB plugin. Hosting and domain registration are managed through GoDaddy, with stable DNS configurations. The site is mobile optimized, accessible, and SEO-friendly, though performance is moderate rather than fast. Cookie consent is managed comprehensively through Termly, indicating good privacy compliance. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the business claims, showing a mature domain registration without privacy protection, enhancing trustworthiness. Overall, WM Partners' website demonstrates a solid business presence with good technical and privacy practices. Security posture is adequate but could be improved by adding security headers and incident response information. The site is safe for general audiences and does not contain any adult or questionable content.

B

Balance Point Capital Advisors, LLC

balancepointcapital.com

50

Balance Point Capital Advisors, LLC is a registered investment advisory firm specializing in providing flexible capital solutions including debt and equity financing to portfolio companies and investment partners. The firm emphasizes customized financing structures tailored to company needs, focusing on flexibility, partnership, and patience. With over $2.1 billion in capital commitments and more than 100 investments, Balance Point Capital holds a solid position in the mid-market investment space. The website reflects a professional and consistent brand image, targeting businesses seeking capital investment solutions. Technically, the website employs modern front-end technologies such as Bootstrap, jQuery, FontAwesome, and Slick Carousel, delivering a responsive and user-friendly experience. Hosting and domain registration are stable and consistent with the business profile. However, there is room for improvement in accessibility and SEO optimization. The site lacks advanced CMS or platform indicators, suggesting a custom or lightweight implementation. From a security perspective, the site uses HTTPS and has no visible exposed sensitive data, but lacks explicit security headers and publicly disclosed security policies. There is no cookie consent mechanism, which may impact privacy compliance. WHOIS data indicates a legitimate and well-maintained domain with no privacy protection, consistent with the business claims. Overall, the security posture is moderate but could be enhanced with better header implementation and privacy controls. The overall risk assessment is low, with no critical vulnerabilities detected. Strategic recommendations include implementing security headers, adding cookie consent for compliance, publishing security and incident response policies, and improving accessibility and SEO. These steps will enhance trust, compliance, and security culture, supporting the firm's professional image and operational resilience.

Z

ZMC

zmclp.com

67

ZMC is a specialized investment and operational firm focused on media, entertainment, communications, and technology sectors. The company emphasizes thought leadership, operational excellence, and disciplined investment to create value. Their website reflects a professional and consistent brand image with clear messaging targeting industry partners and investors. The technical infrastructure is modern, leveraging popular frontend libraries and hosted on AWS infrastructure, ensuring reliable performance and availability. Security posture is adequate with HTTPS and domain protections, but lacks advanced security headers and DNSSEC. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism or terms of service. Overall, the website is professional and trustworthy but could improve in privacy and security transparency.

P

Prisme

multiservices-entreprise.fr

66

The website 'Prisme' serves as an informational blog affiliated with GSF, a leading company in cleaning and hygiene services in France. It provides news and insights related to the hygiene and cleanliness of workspaces, healthcare, and leisure environments. The site targets a general audience interested in these sectors and positions itself as a reputable source of industry information. Technically, the site is built on WordPress using the Divi theme, incorporating modern web technologies such as jQuery, Google Analytics, and various marketing and tracking tools. The site demonstrates good SEO practices and mobile optimization, though accessibility features are basic. Security-wise, the site uses HTTPS and includes cookie consent mechanisms, but lacks advanced security headers and explicit security policies. No critical vulnerabilities or blocking mechanisms were detected. Overall, the domain registration aligns well with the business identity, supporting the site's legitimacy. Strategic improvements include enhancing security headers, publishing privacy and terms policies, and adding incident response contacts to strengthen compliance and trust.

IX.br is a key Brazilian Internet Exchange Point operator managed by NIC.br, providing critical infrastructure that enables direct interconnection between Autonomous Systems to optimize Internet traffic flow within Brazil. The website reflects a mature organization with a clear focus on technology and telecommunications sectors, offering services such as traffic aggregation, educational events, and security best practices. The site is well-structured, professionally designed, and targets network operators and Internet service providers in Brazil. Technically, the site uses modern frontend technologies including Bootstrap, jQuery, and SweetAlert2, and employs Matomo for analytics, indicating a moderate level of digital maturity and privacy awareness. Security posture is good with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and implementing cookie consent mechanisms. Overall, the domain registration and WHOIS data align well with the organization's identity, supporting high legitimacy and trustworthiness.

A

AO Swag

goviksshop.com

61

The website goviksshop.merchorders.com serves as an official e-commerce platform for Portland State University branded merchandise, operated by AO Swag. It offers a variety of apparel, drinkware, and accessories targeting students, staff, and fans of the university. The site is professionally designed with consistent branding and clear navigation, supporting a medium-sized business model focused on licensed university retail. Technically, the site leverages modern frameworks such as Bootstrap and jQuery, integrates Google Analytics for user tracking, and employs Google reCAPTCHA to protect forms from abuse. Mobile optimization and accessibility features are well implemented, enhancing user experience across devices. Security posture is moderate; while HTTPS is implied and reCAPTCHA is used, the absence of key security headers and explicit cookie consent mechanisms suggests room for improvement. The WHOIS data for the subdomain is unavailable, which is typical for subdomains but slightly reduces trustworthiness. Overall, the site is safe, trustworthy, and compliant with basic privacy policies, serving its niche audience effectively.

A

Afriregister Ltd

afriregister.rw

50

Afriregister Rwanda is a specialized domain registrar and web hosting service provider focused on African ccTLDs and generic TLDs. Established in 2013 and ICANN accredited, the company offers domain registration, various hosting plans, SSL certificates, and customer support primarily targeting businesses and individuals in Rwanda and the broader African region. The website demonstrates a consistent brand presence with clear service offerings and regional targeting through multiple country-specific portals. Technically, the website employs modern web technologies including jQuery, Bootstrap, and Google reCAPTCHA to secure forms. The site is mobile responsive and provides a good user experience with clear navigation and professional design. However, there is room for improvement in accessibility and SEO optimization. The hosting provider is not explicitly stated, but the infrastructure appears stable with moderate performance. From a security perspective, the site enforces HTTPS and integrates reCAPTCHA to mitigate automated abuse. Nonetheless, it lacks important security headers such as Content-Security-Policy and Strict-Transport-Security, which are recommended to enhance protection against common web attacks. The absence of a cookie consent mechanism also indicates partial privacy compliance, potentially impacting GDPR adherence. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the company's history and no suspicious registration patterns. Overall, Afriregister Rwanda presents a trustworthy and professional online presence with a solid business model in the domain registration and hosting sector. Strategic improvements in security headers, privacy compliance, and accessibility would further strengthen its digital maturity and customer trust.

H

High Value Biorenewables Network

highvaluebiorenewables.net

62

The High Value Biorenewables Network (HVB) is a UK-based academic and industry collaboration network focused on industrial biotechnology and bioenergy, supported by the BBSRC. The website serves as a hub for promoting bio-based chemical development, facilitating partnerships, and providing leadership within the UK biotechnology community. The site is professionally designed, mobile-optimized, and uses modern web technologies including SeeCMS, jQuery, and Google Analytics for user tracking. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the website's affiliations with reputable institutions like the University of York and BBSRC lend credibility. Privacy and cookie policies are present but basic, and no direct contact emails or phone numbers are provided on the site, limiting direct communication channels. Security posture is moderate with no visible security headers or incident response information, suggesting room for improvement in security transparency and best practices.

O

OHSU-PSU School of Public Health

ohsu-psu-sph.org

65

The OHSU-PSU School of Public Health is a collaborative academic institution formed by two leading Oregon universities, focusing on educating future public health leaders through community-engaged learning and research. The website serves prospective and current students, faculty, researchers, and public health professionals, offering comprehensive information on degree programs, research initiatives, and community resources. The institution holds a solid regional market position in public health education and research. Technically, the website is built on WordPress with a modern tech stack including analytics and tracking tools, hosted via Akamai, and optimized for mobile devices. Security posture is good with HTTPS and domain protections, but lacks some advanced security headers and DNSSEC. Privacy compliance is weak due to missing explicit privacy and cookie policies. Overall, the site is professional, trustworthy, and content-rich, but could improve compliance and security transparency.

D

Dux Group N.V.

bruno-casino.net

46

Bruno Casino is an online gambling platform launched in 2021, operated by Dux Group N.V. It offers a wide range of casino games including slots, live casino, and table games, targeting primarily German-speaking players and Finnish market. The site promotes bonuses, cryptocurrency payments, and 24/7 multilingual support. Technically, the website is built on Angular 13, hosted on DigitalOcean, and uses Google Tag Manager for analytics. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and SSL encryption, offers two-factor authentication, and claims RNG fairness, but lacks visible security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration is consistent with the business claims and the site appears legitimate but could improve transparency and security practices.

N

NIC.br - Núcleo de Informação e Coordenação do PONTO BR

ipv6.br

61

IPv6.br is an authoritative Brazilian website dedicated to promoting IPv6 adoption and education. Operated by NIC.br under the oversight of CGI.br, it serves as a comprehensive resource for internet service providers, network professionals, government entities, and the general public interested in IPv6 technology. The site offers educational content, news, events, tools, and connectivity testing services, positioning itself as a key player in Brazil's internet infrastructure development. Technically, the website employs a modern tech stack including jQuery, Bootstrap, FontAwesome, and Piwik analytics. It is mobile-optimized with good navigation and content quality. While the site uses HTTPS and secure external resources, it lacks some advanced security headers and explicit cookie consent mechanisms, which are recommended for enhanced privacy compliance. From a security perspective, the site demonstrates a solid posture with no visible vulnerabilities or exposed sensitive data. However, it would benefit from publishing formal security policies, incident response contacts, and a vulnerability disclosure framework to strengthen trust and compliance. The domain WHOIS data aligns well with the website's organizational claims, confirming legitimacy and consistent registration. Overall, IPv6.br is a trustworthy, well-maintained resource with strong business credibility and technical maturity. Strategic improvements in privacy compliance and security transparency would further enhance its standing and user trust.

F

Floatleft

floatleft.org

64

Floatleft is a specialized nonprofit website development company focusing on Drupal and WordPress platforms. Established in 2004, it serves nonprofit organizations primarily in the United States, offering tailored web development services to meet the unique needs of the nonprofit sector. The company positions itself as a niche provider with expertise in nonprofit digital presence and SEO optimization, leveraging tools like Yoast SEO and Google Analytics to enhance client websites. Technically, the website is built on WordPress, hosted on Pantheon, and uses Cloudflare DNS services. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. Security-wise, the site uses HTTPS with domain status protections but lacks DNSSEC and security headers, indicating room for improvement in domain and web security practices. Privacy compliance is weak, with no visible privacy or cookie policies and no GDPR compliance indicators. Contact information is not explicitly provided, which may affect user trust and compliance. Overall, the website is professional and safe, but enhancements in privacy, security policies, and contact transparency are recommended.

A

Abilian SAS

abilian.com

49

Abilian SAS is a French-based small technology company specializing in open source software solutions focused on collaboration, business process management, and information management. Established in 2004, the company targets public sector organizations, higher education institutions, associations, and enterprises. Their business model centers on publishing innovative open source software to accelerate development and improve competitiveness for their clients. The website reflects a niche market position with a professional and consistent brand presence, supported by active social media channels and a GitHub repository indicating ongoing development activity. Technically, the website employs modern JavaScript libraries such as htmx and hyperscript, uses FontAwesome for icons, and integrates analytics tools like Matomo and Umami. The site is custom-built without a common CMS, hosted likely under the domain registrar Gandi SAS. Performance and mobile optimization are moderate to good, with basic accessibility and SEO features. However, some security best practices such as DNSSEC and security headers are missing, and no explicit cookie consent or privacy policy pages are present, indicating room for improvement in compliance. From a security perspective, the site uses HTTPS and has domain transfer protections, but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious content were detected. The overall security posture is moderate but could be enhanced by implementing recommended security headers, cookie consent, and transparency around data protection. Overall, Abilian.com presents as a trustworthy, professional business website with solid technical foundations but with some gaps in privacy compliance and security transparency. Strategic improvements in these areas would strengthen their risk profile and user trust.

D

Digitální svobody

digitalnisvobody.cz

44

Digitální svobody is a Czech non-profit organization dedicated to advocating for digital rights, privacy, and freedoms. The website serves as a platform for news, campaigns, educational seminars, and community engagement focused on digital privacy and data protection. The organization targets Czech-speaking individuals interested in digital rights and operates primarily through donations and support. The website is well-branded and consistent with its mission, featuring recent content and active social media channels. Technically, the website is built on WordPress with common plugins such as Yoast SEO and Ultimate Blocks. It uses modern frontend technologies including jQuery, Bootstrap grid, and FontAwesome icons. The site is mobile-optimized and performs moderately well, with good SEO practices and basic accessibility features. Hosting and domain registration are consistent with the organization's founding date and location. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not implement a cookie consent mechanism, which is a compliance gap given EU regulations. Analytics usage is minimal and privacy-conscious, using Koko Analytics without extensive user tracking. No vulnerabilities or suspicious patterns were detected. Overall, the website is trustworthy and professional, with a strong focus on digital rights advocacy. Strategic improvements include adding cookie consent, enhancing security headers, and providing more explicit contact information to improve compliance and user trust.

S

Shells

shells.com

62

Shells is a technology company offering personal cloud workspaces and virtual desktops accessible from various devices. Their service targets individuals and businesses seeking flexible cloud computing solutions. The website demonstrates a modern technical infrastructure using React, Material-UI, and integrates payment processing via Stripe. Security measures include HTTPS and Content Security Policy with nonce, indicating a good security posture. However, the absence of WHOIS data and lack of direct contact information slightly reduce trust and transparency. Overall, the site is professional and functional, with room for improvement in privacy compliance and contact accessibility.

S

See Green Media Ltd

seegreen.uk

67

See Green Media Ltd is a small, Yorkshire-based digital agency specializing in web design, development, hosting, communications, and custom online systems such as CRMs. Established since 2008, the company serves a UK-wide client base with a strong regional identity. Their website reflects a professional and comprehensive digital presence, showcasing a portfolio of diverse clients and a broad range of services. Technically, the site uses a modern tech stack including jQuery, Slick Carousel, FontAwesome, and Google Tag Manager, with a proprietary CMS (SeeCMS). The site is mobile-optimized, accessible, and SEO-friendly, with good performance metrics. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business demonstrates high credibility with certifications, client testimonials, and transparent contact information. WHOIS data is unavailable due to a query on the subdomain rather than the domain, but the website's legitimacy is supported by consistent branding and active content.

J

Jim Warren Studios

jimwarren.com

44

Jim Warren Studios is a professional website representing Grammy Award-winning fine artist and official Disney illustrator Jim Warren. The site serves as a portfolio and e-commerce platform for art sales, targeting art collectors and fans worldwide. The business is positioned as a world-renowned artist with a strong brand presence in the fine art and illustration market. Technically, the website is built on WordPress with WooCommerce and optimized using NitroPack, indicating a modern and performance-conscious infrastructure. The site is mobile-optimized and uses standard web fonts and iconography for a professional user experience. Security posture is adequate with HTTPS enabled and domain registration protections in place, but lacks explicit security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Overall, the website is credible and trustworthy but would benefit from enhanced privacy and security disclosures.

M

Media Mister

mediamister.com

67

Media Mister is a well-established social media marketing service provider operating since 2012, offering a broad range of engagement products such as followers, likes, views, and comments across major social platforms including Instagram, TikTok, YouTube, Facebook, and Spotify. The company targets social media users and marketers seeking to enhance their online presence and social proof through authentic and manual engagement services. Their market position is strong, supported by over 280,000 satisfied customers worldwide and a presence in nearly 200 countries. Technically, the website employs modern web technologies including jQuery, Bootstrap, and various analytics and marketing tools such as Google Analytics, Facebook Pixel, and Klaviyo, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and secure payment processing via Stripe and CoinPayments, although explicit security headers and policies are not publicly detailed. Privacy compliance is partial, with a comprehensive privacy policy present but lacking a visible cookie consent mechanism. Overall, the website is professional, trustworthy, and well-optimized for SEO and user experience.

1

1984 ehf.

1984.hosting

56

1984 ehf. is an Iceland-based green and ethical web hosting company founded in 2006, emphasizing freedom of speech and privacy. The company offers traditional web hosting, VPS with preconfigured VPN solutions, FreeDNS services, and domain registration. Their market position is niche, targeting privacy-conscious customers and those valuing green energy. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content. Technically, the site uses modern frameworks like Bootstrap and jQuery, with Matomo analytics for privacy-respecting tracking. Security posture is good with HTTPS and domain transfer protection, but could be improved by enabling DNSSEC and security headers. Privacy compliance is strong with GDPR and cookie policies present, though lacking explicit consent mechanisms. Overall, the domain registration aligns with business claims, using GDPR masking appropriately.

The CCC Video Operation Center (C3VOC) is a niche community-driven working group affiliated with the Chaos Computer Club, focused on providing lecture recording and streaming infrastructure for chaos events and conferences. The website presents a professional and consistent brand image, with clear descriptions of their activities and links to relevant community resources such as GitHub and Mastodon. The technical infrastructure is based on a static site generated by Hugo, with modern web technologies and a strong Content-Security-Policy to ensure security. The site is fully accessible without any WAF or blocking mechanisms, indicating open and transparent operations. Security posture is strong with HTTPS enforced and strict CSP headers, although additional security headers could improve defense in depth. Privacy compliance is partially addressed with a privacy policy present, but cookie and terms of service policies are missing, which could be improved. No contact emails or phone numbers are explicitly provided, which may limit direct communication but aligns with the community nature of the project. WHOIS data is limited due to DENIC privacy restrictions, but no suspicious patterns are detected, and the domain appears legitimate and appropriate for the business. Overall, the website demonstrates good technical maturity and security hygiene for a small community project. Recommendations include enhancing privacy and security policies, adding explicit contact and incident response information, and improving accessibility features to further strengthen trust and compliance.

C

Commune de Matran

matran.ch

56

Commune de Matran operates as the official local government website for the municipality of Matran in the canton of Fribourg, Switzerland. It provides a broad range of municipal services including administration, resident control, taxation, education, social and health services, cultural and sports activities, and technical infrastructure management. The website targets residents and visitors, offering relevant community information and service access. The business model is typical of a public sector entity focused on local governance and community support. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies such as Bootstrap, FontAwesome, jQuery, and OwlCarousel for a responsive and user-friendly experience. The site is mobile-optimized with good SEO practices and structured metadata including JSON-LD for organization details. Performance is moderate with no major technical issues detected. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism with granular user controls, reflecting good privacy compliance. However, it lacks explicit security policy documentation and incident response contacts. No critical vulnerabilities or exposed sensitive data were found. The use of Google Tag Manager is present but configured to deny tracking by default, supporting privacy compliance. Overall, the website is trustworthy, professional, and well-maintained, serving its purpose effectively. Strategic improvements include publishing a security policy, incident response information, and enhancing security headers to further strengthen the security posture.

C

Commune de Givisiez

givisiez.ch

55

The Commune de Givisiez website serves as the official digital presence for the local government of Givisiez, Switzerland. It provides residents and visitors with comprehensive information about municipal services, local administration, events, and community news. The site is well-positioned as a trusted source for local governance and community engagement, targeting primarily French-speaking users in the region. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies including Google Tag Manager and reCAPTCHA for security and analytics. The site demonstrates good mobile optimization and SEO practices, with structured data enhancing search engine understanding. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and implements GDPR-compliant cookie consent mechanisms with granular user controls. However, it lacks explicit security headers and published security policies or incident response contacts, which are recommended best practices for government websites. No vulnerabilities or suspicious activities were detected. Overall, the website is professional, trustworthy, and compliant with privacy regulations, making it a reliable resource for its community. Strategic improvements in security headers and transparency policies would further enhance its security posture and user trust.

R

Runder Tisch Reparatur e.V.

runder-tisch-reparatur.de

40

Runder Tisch Reparatur e.V. is a German non-profit organization dedicated to promoting the right to repair and fostering a culture of repair in Germany. The website serves as a hub for advocacy, networking, event information, and educational resources related to repair initiatives. It targets consumers, repair professionals, and policy makers interested in sustainability and repair rights. The organization positions itself as a key player in the repair advocacy space within Germany, leveraging partnerships and community engagement to advance its mission. Technically, the website is built on WordPress with common plugins for forms, events, and forums, indicating a moderate level of digital maturity. The site is well-structured, mobile-optimized, and includes cookie consent mechanisms, reflecting good privacy compliance. Security posture is adequate with HTTPS enforced, though some security headers and explicit policies could be improved. Overall, the site is professional, trustworthy, and aligned with its non-profit mission, with no signs of malicious activity or content blocking.

R

Repaircafe

repaircafe.org

63

Repair Café is a global community-driven initiative focused on promoting the culture of repair to foster sustainability and reduce waste. The website serves as a platform to connect volunteers and participants worldwide to organize and attend repair events. The organization positions itself as a non-profit with a medium-sized global reach, emphasizing community engagement and environmental responsibility. Technically, the website is built on WordPress using modern plugins such as BuddyPress and Events Manager, with additional technologies like Vue.js and Algolia for enhanced user experience. The site is well-optimized for SEO and mobile devices, though some accessibility features could be improved. Security-wise, the site enforces HTTPS and uses a cookie consent mechanism but lacks some security headers and explicit privacy and terms of service documentation. Overall, the site is trustworthy and professional, though it would benefit from enhanced privacy compliance and security best practices.

e Foundation is a non-profit organization based in France focused on developing privacy-enabled, open source smartphone operating systems and cloud services. Their flagship product, /e/OS, is a deGoogled Android-based OS designed to protect user data and privacy. The organization also offers Murena workspace cloud accounts and sells smartphones preloaded with /e/OS through partner Murena. The website positions e Foundation as a niche leader in privacy-conscious mobile technology with a growing international community of developers and users. Technically, the website is built on WordPress with Elementor and uses Matomo analytics configured for privacy. The site is well-structured, mobile-optimized, and professionally designed, though it lacks some advanced privacy compliance features such as cookie consent banners and explicit security policies. Security posture is strong with HTTPS and no visible vulnerabilities, but could be improved with additional security headers and published incident response information. Overall, the domain registration data aligns well with the organization's identity, supporting legitimacy and trustworthiness.

LibreItalia is a small Italian non-profit volunteer association dedicated to supporting and promoting free software. The website serves as a community hub offering news, event information, documentation, and resources for members and supporters of open source software in Italy. The organization positions itself as a niche player within the Italian free software ecosystem, focusing on advocacy and community engagement. Technically, the site is built on WordPress with common plugins such as Jetpack, Contact Form 7, and Cookie Notice, indicating a moderate level of digital maturity. The site is mobile-optimized and uses HTTPS, but lacks some advanced security headers and formal security policies. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. The WHOIS data is unavailable due to a malformed query, which limits domain trust verification, but the website content and contact information support its legitimacy. Overall, the site is professional, trustworthy, and safe for general audiences.

A

Aspiration

aspirationtech.org

59

Aspiration is a well-established nonprofit technology organization founded in 2001, focused on empowering nonprofits, open source projects, and social justice initiatives through technology capacity building, strategic advising, and community events. The website reflects a mature digital presence with a professional design, clear navigation, and rich content tailored to its target audience. Technically, the site runs on Backdrop CMS with modern libraries and includes Matomo analytics for privacy-conscious tracking. Security posture is good with HTTPS and domain transfer protections, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the domain registration data aligns well with the organization's claims, supporting high legitimacy and trustworthiness.

T

Transmission

transmissionbt.com

64

Transmission is an established open source BitTorrent client project founded in 2007, offering fast, lightweight, and native applications for macOS, Windows, Linux, and Unix platforms. The website serves as a distribution and community hub, providing downloads, add-ons, and links to GitHub and forums. The business model is volunteer-based and focused on privacy, with no advertising or tracking. Technically, the site uses modern front-end frameworks like Bootstrap and FontAwesome, is mobile optimized, and hosted with Cloudflare DNS services. Security posture is moderate; domain registration is well maintained with transfer protections, but the site lacks published privacy and cookie policies, security headers, and vulnerability disclosure mechanisms. Overall, the site is professional, trustworthy, and content-rich but could improve compliance and security transparency.

P

Phosh

phosh.mobi

47

Phosh.mobi is a website dedicated to an open source user interface project for mobile phones, primarily targeting Linux mobile users and developers. The project is relatively new, founded in 2022, and operates within the technology sector focusing on mobile UI development. The website serves as an informational and community hub linking to code repositories, social platforms, and documentation. Technically, the site is a static website built with Hugo and uses modern web technologies including CSS and JavaScript with FontAwesome icons. It is well-structured, mobile-optimized, and fast loading, though accessibility features are basic. Security posture is moderate; the domain is protected with clientTransferProhibited status but lacks DNSSEC and security headers. No privacy or cookie policies are present, and no contact information is provided, which impacts compliance and trust. Overall, the site is professional and trustworthy within its niche but could improve in security and compliance documentation.

I

IASME

iasme.co.uk

85

IASME is a UK-based cyber security certification and consultancy organization established in 2009. The company operates a professional website that serves as a platform to promote its services and engage with organizations seeking to improve their cyber security posture. The website demonstrates a moderate level of digital maturity, leveraging WordPress with the Divi theme, WooCommerce for e-commerce capabilities, and integrates Google Analytics and Tag Manager for tracking and analytics. The presence of structured data and social media links enhances its online visibility and trustworthiness. Security-wise, the website enforces HTTPS and uses a reputable hosting provider, but could improve by implementing additional security headers and publishing explicit security and privacy policies. Overall, IASME presents a credible and professional digital presence aligned with its business objectives.

Bloomup, a business unit of Ethosfarm S.r.l., specializes in delivering tailored Odoo ERP solutions to modern businesses, leveraging over a decade of experience and more than 200 successful projects. Their market position is strengthened by certifications on the latest Odoo versions (17 and 18), offering services including analysis, configuration, development, training, and support. The website reflects a professional and consistent brand image targeting companies seeking efficient ERP implementations. Technically, the site is built on the Odoo CMS platform, integrates modern web technologies such as Bootstrap and FontAwesome, and is hosted on Odoo.com infrastructure. Performance and mobile optimization are good, with proper SEO and accessibility considerations. Security posture is solid with HTTPS enforced, CSRF protection, and recaptcha integration, though explicit security headers and incident response policies are not evident. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a named Data Protection Officer. Overall, the site is trustworthy, professional, and safe for general audiences.

I

IPVanish

ipvanish.com

77

IPVanish is a prominent VPN service provider offering fast, secure, and privacy-focused internet access solutions. The company targets internet users seeking to enhance their online privacy by changing IP addresses and encrypting traffic. Their market position is strong, emphasizing a no-traffic-logs policy and multi-device support, appealing to privacy-conscious consumers globally. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content about their services. Technically, IPVanish's website is built on WordPress using the Astra theme, integrating modern marketing and analytics tools such as Google Tag Manager and Visual Website Optimizer. The site is mobile-optimized, accessible, and SEO-friendly, ensuring a good user experience across devices. Security best practices are observed with HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly detailed. From a security perspective, the site demonstrates a solid posture with no evident vulnerabilities or exposed sensitive data. However, the absence of a public vulnerability disclosure program and security contact information suggests room for improvement in transparency and incident readiness. The WHOIS data is unavailable, which slightly reduces trust but does not detract significantly given the professional site presentation and branding consistency. Overall, IPVanish's website is a well-maintained, trustworthy platform for VPN services with strong privacy and security emphasis. Strategic recommendations include publishing detailed security policies, establishing a vulnerability disclosure program, and enhancing transparency around compliance and certifications to further strengthen user trust and security posture.

C

Codeberg

codeberg.page

53

Codeberg Pages is a niche service offering free static website hosting tailored for open source projects hosted on Codeberg. The platform targets developers and open source communities, providing an easy way to publish project homepages, blogs, or experiments directly from Git repositories. The website is well-branded and consistent, with clear instructions and links to documentation, but lacks formal privacy, cookie, or terms of service policies and does not provide direct contact information. Technically, the site uses modern web standards including HTML5, CSS3, JavaScript, and popular font/icon libraries. It employs the Halfmoon CSS framework for responsive design and is hosted on Codeberg infrastructure with HTTPS enforced, ensuring secure connections. The site performs moderately well with good mobile optimization and basic accessibility features, though SEO and advanced accessibility could be improved. From a security perspective, the site benefits from HTTPS and absence of user input forms, reducing attack surface. However, it lacks security headers and published security policies or incident response contacts, which are recommended for improved security posture. No vulnerabilities or sensitive data exposures were detected. Overall, the website is safe, professional, and trustworthy for its intended audience but would benefit from enhanced privacy compliance, security policies, and contact transparency to improve user trust and regulatory adherence.

V

Vismo

vismo.com

73

Vismo is a technology company specializing in employee safety and risk management solutions, offering services such as GPS location tracking, mass notification, and threat intelligence. Their platform supports over 450,000 individuals globally and integrates with partners like Microsoft Teams and RapidSOS. The website demonstrates a professional digital presence with modern technologies and good content quality. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the active business operations and partner ecosystem mitigate some risk. Security posture is strong with HTTPS and no visible vulnerabilities, but security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, Vismo presents as a credible business with room for improvement in transparency and security best practices.