Security Directory

M

MiXiT

mixitconf.org

0

MiXiT is a specialized technology conference based in Lyon, France, focusing on ethics, diversity, and social responsibility within the tech industry. Founded in 2017, it hosts annual events featuring speakers, workshops, and sessions that engage developers, designers, and product managers. The conference emphasizes accessibility, safe environments, and eco-friendly practices, supported by a community-driven approach and sponsorships from notable companies. The website serves as an information hub for event details, ticketing, and multimedia content including podcasts and videos. Technically, the site uses modern web standards with Bootstrap and JavaScript, hosted by OVH sas, a reputable French provider. While the site is well-designed and mobile-optimized, it lacks explicit privacy and cookie policies, security headers, and incident response information, which are areas for improvement. Overall, the site is professional and trustworthy but could enhance its security posture and compliance transparency.

A

April

candidats.fr

0

Candidats.fr is a French non-profit advocacy platform operated by the April association, focused on promoting free software and digital freedoms within the political landscape. The website provides resources, campaigns, and information encouraging political candidates to commit to free software principles through the Pacte du Logiciel Libre. The platform targets political candidates, free software advocates, and citizens interested in digital rights, positioning itself as a niche but trusted voice in the French technology and government sectors. Technically, the website is built on the Dotclear CMS and uses legacy JavaScript libraries such as jQuery 1.6.2 and jQuery UI 1.8.16. The site demonstrates moderate performance and basic mobile optimization, with good SEO practices and clear navigation. However, it lacks modern security headers and explicit privacy or cookie policies, which are areas for improvement. From a security perspective, the site uses HTTPS and does not expose sensitive data in its HTML content. The absence of security headers and formal privacy compliance documentation reduces its security posture score. WHOIS data is unavailable, limiting domain legitimacy verification, but the association with April provides moderate trustworthiness. Overall, Candidats.fr is a credible and focused advocacy site with good content quality and user experience but would benefit from enhanced security practices and privacy compliance to strengthen trust and protect user data.

Expolibre.org is a website operated by APRIL, a French non-profit organization dedicated to promoting free and open-source software. The site hosts LibreExpo, a travelling exhibit designed to educate the general public about free software philosophy and its social implications. The business model is educational and non-commercial, focusing on awareness and advocacy through downloadable and rentable exhibit panels. The website targets a general audience interested in technology and free software, positioning itself as a niche educational resource within the free software community. Technically, the website uses a modern but simple tech stack including jQuery, Foundation CSS framework, and Modernizr, likely running on the SPIP CMS platform. The site is mobile-optimized with good navigation and content structure, though performance is moderate and accessibility is basic. No advanced analytics or tracking scripts are present, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS (inferred from domain and common practice though not explicitly stated), but lacks security headers and DNSSEC is not enabled. No privacy or cookie policies are present, which is a compliance gap especially under GDPR. The WHOIS data is consistent and trustworthy, with the domain registered to APRIL since 2006, supporting legitimacy. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is a trustworthy, well-maintained educational resource with room for improvement in privacy compliance and security hardening. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and considering a vulnerability disclosure policy to enhance trust and compliance.

R

Rollingbox

rollingbox.com

0

Rollingbox is a well-established French digital agency specializing in web marketing, website creation, inbound marketing, and e-marketing services. Founded in 2006 and based in Versailles and Lyon, the company has completed over 700 projects, serving local and international clients. The website reflects a professional and modern digital presence, leveraging WordPress CMS with Elementor and various optimization and marketing plugins. The technical infrastructure is robust, hosted by OVH sas, and optimized for performance and mobile responsiveness. Security posture is good with HTTPS enabled and domain security statuses set, though there is room for improvement in security headers and incident response transparency. Privacy compliance is strong with GDPR-aligned cookie consent and privacy policies. Overall, Rollingbox presents a credible and trustworthy digital agency profile with a solid market position in the French digital services sector.

MaxMind, Inc. is a well-established technology company specializing in IP geolocation, fraud prevention, and proxy detection services for online businesses. The company is recognized as the creator of GeoIP technology and serves over 100,000 businesses worldwide, offering scalable and customizable solutions powered by machine learning. Their business model focuses on B2B SaaS and data services with flexible pricing and free trials, targeting enterprises, SMBs, developers, and partners. Technically, the website demonstrates a mature digital infrastructure using modern technologies such as Google Tag Manager, HubSpot CMS and forms, Bootstrap framework, and Google Fonts. The site is mobile-optimized, fast-loading, and accessible, with good SEO practices and structured navigation. Security measures include HTTPS enforcement, use of reCAPTCHA, and script nonce attributes, although explicit security headers and vulnerability disclosure mechanisms could be improved. The security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies, GDPR compliance indicators, and user consent mechanisms. Contact information is primarily via contact forms, with no direct emails or phone numbers publicly listed. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but does not detract from the company's legitimacy given its market presence. Overall, MaxMind presents a professional, trustworthy, and technically sound online presence with strong business credibility and compliance. Strategic improvements could focus on enhancing security headers, publishing a security.txt file, and providing clearer incident response contacts to further strengthen trust and security culture.

AFAS is a well-established technology company providing business software solutions, primarily in the Netherlands. The analyzed website is a dedicated status page for AFAS services, offering real-time updates on system status, incidents, and scheduled maintenance. The page is designed to inform customers and users about the operational status of various AFAS products and integrations. The business model is SaaS-focused, targeting business customers who rely on AFAS software for their operations. Technically, the status page is hosted on the Statuspal platform, utilizing modern web technologies including HTML5, CSS3, JavaScript, Google Tag Manager, and hCaptcha for bot protection. The site is mobile-optimized and performs well with fast loading times. However, it lacks some advanced accessibility and SEO features. The use of HTTPS is enforced, ensuring secure communication. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and bot protection. However, it lacks explicit security headers and does not provide visible privacy or cookie policies, which are important for GDPR compliance. There is no published incident response or vulnerability disclosure information, which could be improved to enhance trust and transparency. Overall, the website is professional, trustworthy, and serves its purpose effectively. The main risks relate to privacy compliance and security transparency. Strategic recommendations include publishing privacy and cookie policies, adding security headers, and providing clear security contact information to improve compliance and user trust.

A

Axios HQ

axioshq.com

0

Axios HQ is a technology company specializing in internal communications software and training based on their proprietary Smart Brevity methodology. Their platform offers AI-assisted writing tools, collaborative editing, analytics, and integrations to help organizations improve clarity and engagement in workplace communications. The company targets medium to large organizations seeking to modernize and streamline internal messaging. Technically, the website is built on HubSpot CMS and leverages multiple marketing and analytics technologies, indicating a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and privacy compliance mechanisms in place, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is professional, well-branded, and trustworthy, but the lack of WHOIS transparency slightly reduces domain trustworthiness.

Spojené nástroje elektronické s.r.o. is a small Czech technology company specializing in electronic public procurement solutions. The company operates a platform aggregating public tenders in the Czech Republic, notably through the portal FEN.cz, and collaborates with government ministries on digitalization projects. Their market position is important within the Czech public procurement sector, serving businesses and public entities involved in tenders. The website reflects a professional business presence with clear contact information and a focused description of their services. Technically, the website uses a modern but basic technology stack including Bootstrap, jQuery, and various JavaScript libraries for UI enhancements. The site is moderately performant and mobile-optimized but lacks advanced SEO and accessibility features. No CMS or hosting provider details are evident. The absence of analytics and tracking scripts suggests minimal user tracking. From a security perspective, the site lacks visible security headers, privacy and cookie policies, and incident response information. HTTPS status is unknown from the data but should be verified. No forms or data collection mechanisms are present, reducing attack surface but also limiting user interaction. The WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the security posture is basic and could be improved with standard best practices. The overall risk is moderate with no critical vulnerabilities detected but notable gaps in privacy compliance and security best practices. Strategic recommendations include implementing privacy and cookie policies, adding security headers, enforcing HTTPS, and publishing incident response contacts to enhance trust and compliance.

T

Travis CI

travis-ci.com

0

Travis CI is a well-established continuous integration and continuous delivery platform targeting developers and software teams. The website presents a professional, content-rich experience with extensive documentation, code samples, and clear calls to action for sign-up and sales engagement. The technical infrastructure is based on WordPress CMS with modern plugins and analytics tools, providing good performance and mobile optimization. Security posture is solid with HTTPS enforced and no exposed sensitive data, though explicit security headers and a dedicated security policy page are absent. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanisms. However, the absence of WHOIS registration data raises questions about domain legitimacy, which should be further investigated. Overall, the website demonstrates a mature digital presence with strong business credibility and user trust.

T

Travis CI

travis-ci.community

0

Travis CI Community is an official community forum platform for users of Travis CI, a continuous integration service. The site provides categorized discussion areas for announcements, environment-specific questions, integrations, deployment, language support, enterprise discussions, and product feedback. The platform is built on Discourse, a modern forum software, and is hosted with CDN support for performance. The domain is registered to Travis CI in Germany, consistent with the business identity. The website is well-structured, mobile-optimized, and provides a good user experience for its target audience of developers and CI users. However, it lacks visible privacy, cookie, and terms of service policies, which are important for compliance and user trust. Security posture is generally good with HTTPS and domain transfer protection, but DNSSEC is not enabled and no explicit security or incident response policies are published.

Tolerant Networks Ltd is a small Irish technology reseller specializing in open source networking hardware, specifically the Turris Omnia router. The company targets advanced home and personal networking users in Ireland and the UK, offering hardware sales and related networking solutions. Their market position is niche, focusing on open source and Delay Tolerant Networking technologies. The website provides product details, pricing, and PayPal-based purchasing options, with clear company contact information and registration details. Technically, the website is basic with static HTML and CSS, lacking modern frameworks or CMS. It shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. No analytics or tracking scripts were detected, indicating minimal user tracking. Security posture is weak with no visible HTTPS enforcement data or security headers, and no privacy or cookie policies are published, which is a compliance risk given GDPR applicability. The domain WHOIS data is consistent with the business claims, showing a legitimate company with a domain age appropriate for its founding date. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website is functional but requires improvements in security, privacy compliance, and technical modernization to enhance trust and user experience.

S

Stichting NixOS Foundation

nixos.org

0

NixOS.org represents the Stichting NixOS Foundation, an established open-source organization founded in 2007 and based in the Netherlands. The website promotes the Nix package manager and NixOS Linux distribution, emphasizing declarative, reproducible, and reliable system builds. The target audience includes developers and system administrators seeking advanced package management solutions. The site is well-designed, mobile-optimized, and uses modern web technologies such as Astro and SVG graphics, providing a fast and accessible user experience. Security posture is solid with HTTPS enabled and domain registration consistent with the organization's identity, though improvements are needed in privacy and cookie policy disclosures. No critical vulnerabilities or WAF blocks were detected, and the site maintains a high level of trustworthiness and professionalism.

I

Internet Society Switzerland Chapter

isoc.ch

0

The Internet Society Switzerland Chapter (ISOC-CH) is a small, non-profit organization founded in 2012 and based in Zurich, Switzerland. It operates as a recognized chapter of the global Internet Society, focusing on advocacy, education, and multi-stakeholder participation in Internet development within the Swiss context. The organization targets academic, professional, business, and private Internet users, providing services related to privacy, network trust, Internet standards, digital sovereignty, and policy regulation. The website reflects a professional and consistent brand image with good content quality and clear navigation.

The Free Silicon Foundation is a nonprofit organization dedicated to promoting Free and Open Source CAD tools for integrated circuit design, sharing hardware designs and libraries, and advocating for user freedom in silicon integrated circuits. The website serves as a wiki platform to disseminate information about the foundation's mission, events such as the Free Silicon Conference, and community channels. The organization targets experts and enthusiasts in the open source hardware and silicon design community, positioning itself as a niche but important player in the technology sector focused on open silicon design. Technically, the website is built on MediaWiki 1.43.1 with jQuery, providing a fast-loading and functional platform. However, mobile optimization and accessibility are basic, and SEO features are minimal. The site lacks advanced technical frameworks or hosting provider details. No analytics or advertising technologies are detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS (implied by the URL scheme), but no security headers were detected in the provided data. There is no visible cookie consent mechanism or detailed privacy compliance features beyond a basic privacy policy. The WHOIS data is unavailable due to a malformed response, but the domain appears actively maintained with a recent update date. No contact information or incident response policies are published, limiting transparency. Overall, the website is functional and content-rich for its niche audience but could improve in security best practices, privacy compliance, and contact transparency. The risk level is moderate with no critical vulnerabilities detected, but enhancements in security headers, cookie consent, and incident response disclosures are recommended.

Commons Caretakers BV operates as an intermediary service provider supporting the creation and maintenance of digital commons, focusing on free and open source software and hardware projects. It serves grantees of the NGI Zero programs and the broader NGI ecosystem, collaborating closely with partners such as the NLnet foundation and The Commons Conservancy. The website presents a professional and clear description of its mission and services, targeting creators and maintainers of digital commons and FOSS communities. Technically, the website is built with basic HTML and CSS, featuring responsive design elements for mobile optimization. However, no advanced frameworks, CMS, or analytics tools are detected. The site lacks security headers and HTTPS information in the provided data, indicating potential gaps in security implementation. No forms or tracking scripts are present, suggesting minimal data collection. From a security perspective, the absence of HTTPS and security headers reduces the security posture score. No privacy, cookie, or terms of service policies are published, and no contact or incident response information is available, which impacts compliance and trust. The WHOIS data is missing or inaccessible, which is inconsistent with the active website presence and lowers domain legitimacy confidence. Overall, Commons Caretakers presents a focused and professional digital presence with clear business objectives but requires improvements in security, privacy compliance, and transparency to enhance trust and reduce risk.

L

Hireful Candidate Portal

livevacancies.co.uk

0

The website livevacancies.co.uk serves as a minimal landing page for the Hireful Candidate Portal, a recruitment product likely targeting job seekers and recruiters. The site primarily functions as a redirect or informational page linking to the main product site at hireful.co.uk. The business appears to be a small technology company founded around 2015, consistent with the domain registration date. The content is minimal and basic, with no detailed business or contact information provided on this page. Technically, the site uses basic HTML and CSS with Google Fonts and a custom font. There is no evidence of a CMS or advanced frameworks. Performance is likely fast due to minimal content, but SEO and accessibility features are minimal. No analytics or tracking scripts are detected, indicating low digital maturity. From a security perspective, the site lacks visible HTTPS confirmation, security headers, privacy policies, or contact information for incident response. No forms or data collection mechanisms are present, reducing immediate risk but also limiting user engagement and trust. The WHOIS data is consistent and indicates a legitimate domain with a reputable registrar and appropriate domain age. Overall, the website scores low on content richness, privacy compliance, and security posture but is safe and free from suspicious content. Strategic improvements should focus on adding privacy and cookie policies, security headers, HTTPS enforcement, and clear contact information to enhance trust and compliance.

M

Mediamatis

mediamatis.com

0

Mediamatis is a French technology company specializing in information technologies and services, operating as the technological structure of Groupe Ficade. Their offerings include software development, mobile and web applications, audiovisual services, graphic design, and event management. The website is built on Joomla CMS with a responsive design using Bootstrap and T3 framework, indicating a moderate level of digital maturity. Tracking tools such as Google Analytics and Tag Manager are implemented, but no visible privacy or cookie policies are present, which is a compliance gap. Security posture is basic with HTTPS implied but lacking DNSSEC and security headers. The domain is well-established since 2009 and registered via Cloudflare, showing legitimacy and stability.

Léa-Linux is a French community-driven website dedicated to Linux and free software, providing news, documentation, forums, and mailing lists to support and promote open source software and digital freedom. The site targets French-speaking Linux users and free software enthusiasts, operating as a small, non-profit community platform with a long history dating back to 2000. The website is hosted by OVH sas, a reputable French hosting provider, and uses WordPress as its content management system. The technical infrastructure is basic but functional, with moderate performance and limited mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is limited, with no cookie policy or consent mechanism detected, representing a compliance gap. The site does not display commercial advertising or tracking technologies, focusing instead on community content and resources. Overall, the website is legitimate, stable, and trustworthy but would benefit from enhanced security and privacy practices.

É

Éditions D-BookeR

d-booker.fr

0

Éditions D-BookeR is a small independent French publishing house specializing in IT and open-source related books, offering both digital and printed formats. The website is professionally designed using PrestaShop CMS, featuring a well-structured e-librairie with thematic content and a clear focus on educational materials for French-speaking IT professionals and enthusiasts. The technical infrastructure includes modern JavaScript libraries, Google Analytics, and reCAPTCHA for security on forms. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. WHOIS data is missing, which slightly impacts trust but the website content and contact information support legitimacy. Overall, the site is well-positioned in its niche with good user experience and compliance with GDPR.

A

Accelint

accelint.com

0

Accelint is a technology company specializing in AI-enabled software, engineering, and sensor solutions primarily serving the United States Department of Defense and allied government agencies. Founded in 2022, the company positions itself as a key player in accelerating intelligence through advanced mission, tactical, logistics, AI/ML, sensor, and cyber software solutions. Their market focus is on federal aerospace, defense, and critical infrastructure sectors, leveraging cloud and edge computing technologies. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to a government and defense audience. Technically, the site is built on WordPress with modern plugins and frameworks such as Yoast SEO, Google Tag Manager, and Complianz GDPR cookie consent. Hosting appears to be via Azure Government DNS, aligning with the company's government-focused clientele. The site is mobile-optimized and performs moderately well, with good SEO and accessibility features. Analytics and tracking are implemented responsibly with user consent mechanisms. From a security perspective, the site enforces HTTPS and employs cookie consent but lacks explicit published security policies, incident response contacts, or vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the company's founding date and business claims, enhancing trustworthiness. Overall, Accelint's website demonstrates a strong business and technical foundation with room for improvement in security transparency and incident response readiness. The site is safe, professional, and compliant with privacy regulations, making it a credible digital asset for the company.

L

Lockdown Systems

lockdown.systems

0

Lockdown Systems is a worker-owned collective focused on developing privacy and freedom-enhancing technologies. Their key offerings include open-source tools such as Cyd, OnionShare, and ICE Detention Map, alongside privacy and security consulting services. The organization targets individuals and organizations committed to protecting data privacy, including activists, journalists, and non-profits. Their business model balances commercial sustainability with mission-driven impact, emphasizing transparency and community empowerment. Technically, the website is built with modern web standards, hosted on DigitalOcean, and employs minimal tracking scripts focused on privacy. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a good level of digital maturity. However, some security best practices such as DNSSEC and security headers are not implemented, and no cookie consent mechanism is present despite privacy claims. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. The lack of published security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in security transparency and readiness. The domain registration uses privacy protection services, which aligns with the organization's privacy focus and does not raise legitimacy concerns. Overall, Lockdown Systems presents a trustworthy and professional online presence with a strong mission and solid technical foundation. Strategic enhancements in security policies, compliance mechanisms, and DNS security would further strengthen their posture and trustworthiness.

W

Wagtail CMS

wagtail.io

0

Wagtail CMS is an open-source content management system built on the Django framework and powered by Python. It targets developers, businesses, nonprofits, government, cultural, and educational institutions seeking a versatile and modern CMS solution. The website demonstrates a strong market position with active community engagement, professional services, and a clear roadmap for future development. Technically, the site uses modern web technologies including Google Analytics and Tag Manager for tracking, and Cloudflare for DNS services. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Security posture is generally good with HTTPS enabled and domain transfer protections, though DNSSEC is not enabled and security headers are not evident in the HTML source. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the site is professional and trustworthy but could improve transparency and security practices.

Ariadne Identity is a small technology-focused project providing open specifications for secure and decentralized online identity verification. The website serves as a repository for technical documents including core specifications, related specifications, and extensions (ARCs). It targets developers and organizations interested in decentralized identity standards. The site is hosted on Hetzner infrastructure and uses basic HTML and CSS technologies, delivering a fast and mobile-optimized experience with clear navigation and consistent branding. However, it lacks advanced SEO and accessibility features. From a security perspective, the website uses HTTPS but does not implement DNSSEC or security headers, which are recommended to enhance domain and web security. There are no published privacy, cookie, or terms of service policies, nor contact or incident response information, which limits transparency and compliance posture. No forms or data collection mechanisms are present, reducing risk but also limiting user engagement. Overall, the domain registration is consistent with the website's Indonesian origin and technical focus, with a domain age appropriate for the project's founding in 2021. No suspicious patterns or privacy protection are used, supporting legitimacy. The website is safe for general audiences with no adult or questionable content. Strategic improvements in security headers, policy publication, and contact transparency would enhance trust and compliance.

The website js.doip.rocks serves as the documentation portal for doip.js, an open source JavaScript library designed to verify decentralized online identities. The project is community-driven and funded by foundations such as NLnet and NGI0, with active presence on platforms like Codeberg and Mastodon. The site targets developers and contributors interested in decentralized identity verification technologies. The business model revolves around open source collaboration and community support rather than commercial sales. Technically, the website uses standard web technologies including JavaScript, HTML5, CSS, and integrates openpgp.js for cryptographic functions. The documentation is generated using JSDoc and styled with docdash. The site supports both Node.js and browser environments. Performance and mobile optimization are basic but functional, with no detected CMS or advanced frameworks. External links connect to reputable open source and community platforms. From a security perspective, the site lacks visible security headers and explicit SSL/TLS configuration details in the provided data. No forms or user input fields are present, reducing attack surface. However, absence of privacy and cookie policies, as well as contact information for security incidents, indicates gaps in compliance and incident response readiness. The WHOIS data is malformed and unavailable, which reduces domain trustworthiness despite the professional and transparent nature of the project. Overall, the website is a safe, niche technical resource with moderate trustworthiness. Strategic improvements in privacy compliance, security headers, and domain registration transparency would enhance its security posture and business credibility.

C

CanSpace Solutions Inc.

canspace.ca

0

CanSpace Solutions Inc. is a Canadian-based domain registrar and web hosting provider, positioning itself as a leading industry player trusted by Canada's largest corporations and government entities. The company offers a comprehensive suite of services including domain registration, web hosting, WordPress hosting, VPS, reseller hosting, dedicated servers, and SSL certificates. Their business model focuses on providing reliable, secure, and affordable hosting solutions with a strong emphasis on Canadian data sovereignty and green energy usage. Technically, the website employs modern web technologies such as Bootstrap, jQuery, OwlCarousel, and integrates Google Tag Manager and Tawk.to for analytics and live chat support. The site is mobile-optimized, well-structured, and provides a professional user experience. Hosting appears to be managed internally or through Canadian data centers, emphasizing local presence and compliance. From a security perspective, the site uses HTTPS with included SSL certificates and secure forms. However, it lacks explicit security headers and a cookie consent mechanism, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data suggests privacy protection, which is justified for this business type. Overall, the security posture is strong but could be enhanced with additional headers and transparency. The overall risk assessment is low, with the website demonstrating high professionalism, trustworthiness, and compliance with privacy policies. Strategic recommendations include implementing security headers, adding cookie consent, publishing security policies, and maintaining regular audits of third-party scripts to sustain and improve security and compliance posture.

F

framasoft.org

mobilizon.org

0

Mobilizon is an open-source, community-driven platform designed to facilitate event creation, sharing, and group organization within federated networks. It targets community organizers, activists, associations, and public institutions, offering a collaborative agenda solution that emphasizes privacy and decentralization. The platform is supported by framasoft.org, a French non-profit organization, and benefits from partnerships with hosting and development entities such as Kaihuri and IndieHosters, with financial backing from NLNet. The website is professionally designed using the Hugo static site generator, ensuring fast performance and good mobile optimization. However, it lacks some privacy compliance features such as cookie consent mechanisms and detailed privacy policies.

F

framasoft.org

yakforms.org

0

Yakforms is an open-source software project developed and maintained by the French non-profit organization Framasoft. It provides users with a privacy-respecting alternative to proprietary online form builders, enabling easy creation, customization, sharing, and analysis of forms. The platform targets individuals, organizations, and administrations seeking control over their data and form management. The website is professionally designed, mobile-optimized, and uses modern web technologies including Bootstrap and jQuery, with Pelican as the static site generator. Hosting is provided by Gandi SAS, a reputable registrar and hosting provider. Security posture is solid with HTTPS enforced and domain transfer protections in place, though DNSSEC is not enabled and security headers are missing. Privacy compliance is moderate, with a privacy policy present but no cookie consent mechanism detected. No direct contact information or incident response details are provided on the site, which could be improved to enhance trust. Overall, the site is trustworthy, well-maintained, and serves a niche market in the open-source software domain.

T

Virtual tour tips and tools from the pros | TourDash – A one stop shop dedicated to all things virtual tours including software and equipment guides

tourdash.com

0

TourDash is a small technology company focused on providing virtual tour software and educational resources for creating and monetizing 360-degree virtual tours. The website serves as a one-stop shop for virtual tour creators and businesses interested in enhancing their virtual tour offerings with software features such as advanced navigation, hotspots, and analytics. The company has been established since 2011, indicating a mature presence in the niche virtual tour market. Technically, the website is built on WordPress with Elementor and hosted on Amazon AWS infrastructure, employing modern web technologies and Google reCAPTCHA for spam protection. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and uses reCAPTCHA but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. No contact emails or phone numbers are provided, which may impact user trust and business credibility. Overall, the website is professional and functional but could enhance privacy compliance and security posture to improve trust and regulatory adherence.

A

AFAS SB

afas-sb.nl

0

AFAS SB is a Dutch online bookkeeping software provider targeting entrepreneurs and small to medium businesses. The website presents a professional and consistent brand image, highlighting key services such as VAT filing automation, bank integration, and invoice management. The company claims a strong market presence with over 14,000 organizations using their software. Technically, the website uses modern JavaScript libraries, Google Tag Manager, and Cookiebot for consent management, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers and published security policies are absent. Privacy compliance is partial due to missing explicit privacy and terms of service pages. Overall, the website is trustworthy, well-designed, and provides a good user experience, but could improve transparency on privacy and security policies.

A

AFAS Software

werkenbijafas.nl

0

AFAS Software operates the website werkenbijafas.nl as a recruitment portal targeting IT professionals and job seekers interested in joining their technology company. The site presents a professional design with clear branding and consistent content focused on employment opportunities. Technically, the website employs modern web technologies including Google Tag Manager, Cookiebot for cookie consent, and Watermelon Widget for user engagement. The site is mobile optimized and uses HTTPS with good SSL configuration, although some security headers are not explicitly detected. Privacy compliance is partially addressed through a comprehensive cookie consent mechanism, but no explicit privacy policy or terms of service were found in the provided content. No contact emails or phone numbers were identified, which could be improved for better user support and trust. The domain registration data aligns well with the business identity, indicating a legitimate and established presence. Overall, the website is professional and secure but could enhance transparency and compliance by publishing privacy and security policies explicitly.

AFAS Online operates as a business software platform providing secure user authentication services through its login portal. The website targets business users and clients of AFAS software solutions, offering modern authentication options including passkey (FIDO2) technology. The platform appears professionally designed with consistent branding and a focus on usability for enterprise customers. Technically, the site uses standard web technologies and ASP.NET MVC framework patterns, with moderate performance and good mobile optimization. Security measures include CSRF tokens and advanced login methods, though the absence of visible security headers and privacy policies suggests room for improvement. Overall, the domain and website content align with a legitimate business software provider, though WHOIS data is unavailable for the subdomain, which is typical and not concerning. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving security header implementation to strengthen trust and compliance.

V

Vidmob

vidmob.com

0

Vidmob is a technology-driven creative data company founded in 2006, specializing in AI-powered tools that enable brand, creative, and media teams to optimize marketing and media decisions. The company positions itself as a leader in creative data analytics, trusted by major global brands. The website is built on HubSpot CMS, leveraging modern web technologies and marketing tools, with a professional design and good mobile optimization. Security posture is solid with HTTPS and reCAPTCHA integration, though some security headers and explicit policies are missing. Privacy compliance is basic, with a cookie consent banner but no visible privacy policy or terms of service in the provided content. Overall, the domain registration and website content align well, indicating a legitimate and credible business presence.

P

Private by Design, LLC

kkx.one

0

The website kkx.one is a personal landing page created in 2021, serving as a simple link aggregator for the individual or entity known as '33KK'. It primarily links to social media platforms, code repositories, and streaming services, targeting a general audience interested in the owner's online presence. The business model is minimal and personal, with no commercial or transactional features. The domain is privacy protected by 'Private by Design, LLC', a US-based privacy service, which aligns with the personal and privacy-conscious nature of the site. Technically, the website is built with basic HTML and CSS, hosted behind Cloudflare DNS services, and shows good performance and mobile optimization. However, it lacks advanced frameworks, CMS, or analytics tools. The site does not implement DNSSEC, security headers, or privacy and cookie policies, which limits its compliance and security posture. No forms or data collection mechanisms are present, reducing attack surface but also limiting user engagement. From a security perspective, the domain is protected against unauthorized transfer and deletion, and uses Cloudflare nameservers, which is positive. However, the absence of DNSSEC, security headers, and privacy policies indicates room for improvement. No vulnerabilities or malicious content were detected. The site does not collect user data or track visitors, which reduces privacy risks but also limits marketing insights. Overall, the website is low risk, with a basic security posture suitable for a personal site. Strategic recommendations include enabling DNSSEC, adding security headers, publishing privacy and cookie policies, and considering a vulnerability disclosure policy to enhance trust and compliance.

Platform Power is a non-profit coalition advocating for a fair digital society by challenging the power of Big Tech platforms. The website serves as an informational and campaign hub, featuring testimonials from activists and whistleblowers, and highlighting partner organizations. The technical infrastructure is based on WordPress with common plugins and libraries, including Yoast SEO and Matomo analytics, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and published incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite tracking usage. Overall, the site is trustworthy and professional, targeting a general audience interested in digital rights advocacy.

M

Murena

murena.com

0

Murena is a privacy-focused technology company specializing in deGoogled smartphones and privacy-by-design cloud services. Their market position is niche, targeting privacy-conscious consumers and businesses seeking alternatives to mainstream mobile ecosystems. The company offers ethical smartphones and an online workspace that emphasizes data privacy and open-source principles. The website reflects a mature business with a domain registered since 2003 and consistent branding and messaging. Technically, the site is built on WordPress with WooCommerce for e-commerce functionality, enhanced by modern plugins and analytics tools like Matomo. The site is mobile-optimized and SEO-friendly, with good accessibility features. Security posture is solid with HTTPS and domain transfer protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is partially met with a clear privacy policy but lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and well-positioned in its market niche.

I

Infoteam Group

infoteam.ch

0

Infoteam Group is a Swiss-based incubator and group of innovative companies specializing in technology, digitalization, energy, and Industry 4.0 solutions. Established in 1990, it comprises several subsidiaries including Infoteam Digital, Infoteam Automation, and MC-monitoring, serving SMEs and industrial clients in Switzerland and internationally. The website presents a professional and consistent digital presence with clear descriptions of services and expertise areas. Technically, the site is built on WordPress with modern plugins and analytics integrations, offering good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking explicit security policies and incident response details. The absence of WHOIS registration data for the domain raises concerns about domain transparency and legitimacy, warranting further verification. Overall, the site is credible and professional but could improve privacy and security disclosures to enhance trust.

A

Prise de rendez-vous en ligne avec une application professionnelle

agenda.ch

0

Agenda.ch is a professional online appointment scheduling and billing platform primarily targeting French-speaking professionals, likely in Switzerland. The service offers a professional calendar with online booking capabilities, SMS and email reminders, and integrated billing including specific tariffs such as Tarif 590 and Tarmed. The website presents a consistent and professional brand image with good content quality and user experience. Technically, the site uses modern web technologies including Ruby on Rails, Google Fonts, FontAwesome, and Intercom for customer engagement. Security posture is strong with HTTPS, CSRF protection, and security headers, though explicit privacy and cookie policies are missing. Overall, the site is legitimate and well-positioned in its niche but would benefit from enhanced privacy compliance and clearer contact information.

Hypergiant Industries, Inc. is a technology company specializing in AI-enabled decision-making software primarily serving the space, defense, and critical infrastructure sectors. The company offers advanced data visualization and command and control platforms designed to accelerate the journey from data to actionable decisions. Recently acquired by Accelint, Hypergiant maintains partnerships with major government agencies and Fortune 500 companies, positioning itself as a significant player in its niche market. The website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and Google Analytics. It features a professional design with good mobile optimization and accessibility basics. Security measures include HTTPS enforcement and Google reCAPTCHA on contact forms, though some security headers are missing. Privacy and cookie policies are not present, indicating a compliance gap. The security posture is solid but could be improved with additional headers and published incident response policies. The absence of WHOIS data for the domain is a concern for domain legitimacy, though the company's branding and external references support its authenticity. Overall, the website is professional and trustworthy but should address privacy compliance and domain registration transparency to enhance credibility.

OnlineDPIA.nl is a Netherlands-based small technology company founded in 2022, offering an online tool to help organizations comply with GDPR by performing Data Protection Impact Assessments (DPIAs). The website provides a subscription-based SaaS model with a free DPIA scan and paid plans, targeting businesses needing to assess privacy risks. The site is professionally designed, mobile-optimized, and uses modern web technologies including Alpine.js and Statamic CMS. Security posture is strong with HTTPS, DNSSEC, and cookie consent mechanisms, though privacy policy and terms of service pages are missing. Contact is available via a web form only, with no direct emails or phone numbers published. The domain registration data is consistent with the business profile, indicating legitimacy. Overall, the site is trustworthy and well-positioned in its niche.

B

Blue Field Agency B.V.

katoo.io

0

Katoo is a Dutch-based technology company specializing in AI-powered customer satisfaction measurement tools. Their platform enables businesses to import customer data, deploy personalized surveys, and analyze feedback using advanced AI text analysis and chat features. The company positions itself as an innovative partner for improving customer experience with a user-friendly interface and actionable insights. The website is professionally designed, mobile-optimized, and hosted on modern infrastructure with Cloudflare DNS and CDN services. Security posture is strong with HTTPS and ISO 27001 certification, though some improvements like DNSSEC and cookie consent mechanisms are recommended. Overall, Katoo demonstrates a mature digital presence with clear business credibility and compliance documentation.

B

Blue Field Agency

aibuddys.nl

0

AI Buddy's is a Dutch technology company offering customized AI assistants designed to enhance marketing and sales productivity for small to medium-sized businesses. Their SaaS platform provides tiered subscription plans including AI-BasisBuddy, BrandBuddy, and AI-Totaalbuddy, focusing on content creation and brand consistency without requiring technical expertise. The company is positioned as an innovative player with a clear market focus on SMBs and a professional digital presence supported by ISO 27001 certification. Technically, the website is built on Webflow with modern web technologies such as Google Fonts and jQuery. It is well-optimized for performance and mobile devices, with good SEO practices and a clean, professional design. The hosting and content delivery are managed via Webflow's CDN, ensuring fast load times and reliability. From a security perspective, the site enforces HTTPS and demonstrates strong security posture through ISO 27001 certification. However, it lacks visible security headers and a cookie consent mechanism, which are recommended for enhanced security and GDPR compliance. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements in privacy compliance and security headers would further strengthen its security posture and regulatory adherence.

A

Association Linuxfr

linuxfr.org

0

LinuxFr.org is a well-established French-language community platform dedicated to free software news, discussions, and collaborative content. Operated by the Association Linuxfr since 1998, it serves a niche audience of francophone free software enthusiasts and contributors. The site offers a variety of services including news articles, user journals, forums, and wiki pages, all managed by a volunteer editorial team. The content is predominantly licensed under Creative Commons, emphasizing openness and community sharing. Technically, the website uses standard web technologies (HTML5, CSS, JavaScript) with a custom or unknown CMS. It is hosted by joker.com, a reputable registrar and hosting provider. The site demonstrates good mobile optimization, accessibility, and SEO practices, though some modern security enhancements like DNSSEC and security headers are missing. The domain is secured with HTTPS and has domain transfer protections in place. From a security perspective, the site shows moderate maturity with secure forms including CSRF tokens and active moderation. However, it lacks explicit privacy and cookie policies, security.txt files, and vulnerability disclosure mechanisms. No signs of WAF or content blocking were detected, and the WHOIS data is consistent and trustworthy, reinforcing the site's legitimacy. Overall, LinuxFr.org is a credible, community-driven platform with excellent content quality and good technical implementation. To enhance trust and security posture, it should implement explicit privacy and cookie policies, enable DNSSEC, add security headers, and publish vulnerability disclosure information.

S

Software Freedom Conservancy

fossy.us

0

The website 2025.fossy.us represents the FOSSY 2025 conference, a community-oriented event focused on free and open source software, hosted by the Software Freedom Conservancy. The event is scheduled for July 31st to August 3rd, 2025, at Portland State University. The site provides information about the conference, registration, sponsorship, and related logistics, targeting open source contributors and enthusiasts. The business model is non-profit and community-driven, with a clear focus on fostering open source software development and collaboration. Technically, the website uses a modern but straightforward tech stack including Bootstrap, jQuery, FontAwesome, and Tachyons CSS. The site is mobile-optimized with good navigation and professional design. External resources are loaded from reputable CDNs, and no major performance or accessibility issues are evident. However, some improvements could be made in accessibility and SEO optimization. From a security perspective, the site uses HTTPS (implied by the URL), but no explicit security headers were detected in the provided data. There is no visible security.txt or incident response contact information. The WHOIS data is unavailable, likely due to privacy protection, which is reasonable for this type of non-profit event. No vulnerabilities or exposed sensitive data were found in the HTML content. Privacy compliance is partial, with a privacy policy linked externally but no cookie consent mechanism on the site. Overall, the website is trustworthy and professionally presented, with a moderate to good security posture and privacy compliance. Recommendations include adding security headers, implementing cookie consent, and publishing vulnerability disclosure information to enhance trust and compliance.

Outreachy is a non-profit internship program focused on increasing diversity in the technology sector by providing paid, remote internships in free and open source software to individuals from underrepresented groups worldwide. The program is supported by sponsorships and donations and is affiliated with the Software Freedom Conservancy. The website clearly communicates its mission, internship details, and community engagement opportunities, targeting diverse applicants and mentors globally. Technically, the website is built on a modern stack including Django, Wagtail CMS, and Bootstrap, with client-side libraries such as jQuery and Popper.js. The site is mobile-optimized and presents good SEO and accessibility basics, although some improvements could be made in accessibility and performance tuning. Hosting appears to be managed via Dokku, indicating a self-hosted or PaaS environment. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries in the HTML content. However, security headers are not detected, and there is no visible security policy or incident response contact information. Privacy compliance is partially addressed with a privacy policy but lacks a cookie consent mechanism. WHOIS data is incomplete, which slightly reduces domain trustworthiness, but the website's professional presentation and association with a reputable parent organization mitigate concerns. Overall, Outreachy presents a trustworthy, professional, and mission-driven online presence with moderate technical maturity and a solid security baseline. Strategic improvements in security headers, privacy consent, and WHOIS transparency would enhance trust and compliance.

EVENIUM is a French company specializing in event management solutions, targeting event organizers and corporate clients. The company has been established since 2014 and operates primarily in the technology sector focused on event software and services. The website content is minimal and primarily JavaScript-driven, with no visible textual content or metadata to provide detailed information about the business or its offerings. The technical infrastructure appears modern with usage of ES modules and hosting on AWS, but lacks visible SEO, accessibility, and performance indicators. Security posture is weak due to absence of security headers, DNSSEC, and visible privacy or cookie policies. No contact or incident response information is provided, limiting transparency and user trust. The domain registration data is consistent and legitimate, supporting the business credibility despite the minimal web presence. Overall, the website requires significant improvements in content, security, and compliance to better serve its audience and enhance trust.

A

AlpOSS

alposs.fr

0

AlpOSS is a regional open source software event based in the Isère region of France, targeting software editors, service providers, local authorities, and open source users. The event focuses on fostering collaboration, knowledge sharing, and networking within the local open source ecosystem. The website is built on WordPress with Elementor, featuring modern web technologies and good mobile optimization. Security posture is strong with HTTPS and security headers, but lacks published privacy and cookie policies, as well as incident response information. Overall, the site is professional and trustworthy, supported by local government and recognized partners.

Libre à lire ! is a French non-profit initiative affiliated with April, focused on transcribing audio and video recordings related to free software and digital freedoms. The website serves a niche audience interested in open source, digital rights, and related topics, providing accessible textual content from various conferences and talks. The business model is centered on content transcription and dissemination without commercial intent, positioning itself as a trusted resource within the free software community. Technically, the website is built on the SPIP CMS platform, uses JavaScript and Matomo analytics for privacy-conscious user tracking, and is served over HTTPS ensuring secure communications. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS but lacks several recommended security headers and does not provide explicit security policies or incident response information. The absence of a cookie consent mechanism is a notable gap in GDPR compliance. WHOIS data is unavailable due to privacy protection or malformed queries, which is common for non-profit organizations prioritizing privacy. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic recommendations include implementing security headers, adding cookie consent for compliance, and publishing security and incident response policies to enhance trust and security posture.

A

April

chapril.org

0

Chapril.org is a French non-profit initiative by the April association, dedicated to providing free, ethical, and privacy-respecting online services as alternatives to major commercial platforms. The website offers a variety of open-source services including instant messaging (XMPP), microblogging (Mastodon), QR code generation, collaborative editing, and more, all aimed at promoting digital freedom and user privacy. The target audience is general internet users interested in free software and ethical internet usage. The business model is donation-supported and non-commercial, emphasizing transparency and community involvement. Technically, the website is built on the SPIP CMS platform and integrates various open-source technologies such as ejabberd for XMPP and Dokuwiki for documentation. The site is mobile-optimized with good navigation and SEO practices, though accessibility could be improved. No major performance issues are evident, and the site maintains a moderate loading speed. The infrastructure appears actively maintained with recent updates. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a published security policy or incident response contacts. Privacy compliance is partial, with terms of use present but no clear privacy or cookie policies or consent mechanisms. The WHOIS data is malformed and incomplete, which slightly reduces trustworthiness but does not contradict the site's legitimacy given its affiliation with April and transparent operations. Overall, Chapril.org presents a trustworthy, well-maintained platform with a strong ethical focus. Strategic improvements in privacy policy publication, cookie consent, security headers, and WHOIS transparency would enhance its security posture and compliance standing.

N

NoLog.cz

nolog.cz

0

NoLog.cz is a Czech-based non-profit organization providing free, privacy-respecting internet services as alternatives to commercial platforms that monetize personal data. Founded in 2018, it offers a suite of encrypted collaboration tools, file sharing, chat, video conferencing, scheduling, search, password management, and social networking services. The organization targets privacy-conscious individuals and groups seeking secure and open internet tools. The website is professionally designed, mobile-optimized, and uses modern technologies including Hugo, Alpine.js, and privacy-focused analytics. Security is a core focus, with multiple services employing end-to-end encryption and Tor .onion access for anonymity. However, the site lacks explicit privacy and cookie policies, terms of service, and a vulnerability disclosure policy, which are recommended for compliance and transparency. Overall, NoLog.cz demonstrates a strong commitment to privacy and security, with a trustworthy domain registration and consistent branding.

C

Home : CppCast

cppcast.com

0

CppCast is a specialized podcast platform dedicated to C++ developers, providing biweekly episodes featuring discussions with prominent guests from the C++ community. The website serves as a hub for accessing podcast episodes, show notes, and links to major podcast distribution platforms. The business operates in the technology sector with a small-scale, niche focus, having been established in 2015. The content is well organized and professionally presented, targeting developers interested in C++ programming and related topics. Technically, the website uses a simple tech stack including HTML5, CSS, JavaScript, and Google Fonts, with the CMS identified as Podera 0.2. Podcast media is hosted on Libsyn, a reputable podcast hosting provider. The site is moderately optimized for mobile devices and offers a good user experience with clear navigation. However, there is room for improvement in SEO and accessibility features. From a security perspective, the domain is registered with Tucows Domains Inc. and benefits from domain status protections such as clientTransferProhibited and clientUpdateProhibited. DNSSEC is not enabled, and no security headers were detected in the HTML content, indicating potential areas for enhancement. The site lacks published privacy, cookie, or security policies, and no contact information for incident response or data protection officers is provided, which may impact compliance and trust. Overall, the website is safe and trustworthy with no adult or questionable content. The absence of privacy and cookie policies and limited security measures reduce its compliance posture. Strategic improvements in security headers, privacy disclosures, and contact information would enhance the site's security and compliance standing, supporting its credibility and user trust.