Security Directory

T

Tomáš Halo

tomashalo.com

0

The website tomashalo.com represents a small-scale creative professional portfolio operated by Tomáš Halo, offering services in web design, graphic design, and photography. The site is well-structured, primarily in Slovak, and targets clients seeking creative digital and print media services. The business model is that of a freelancer or small agency with a focus on showcasing past projects. Technically, the site is built on WordPress, utilizing common libraries such as jQuery and Google Analytics for tracking, and implements GDPR-compliant cookie consent mechanisms. The site is mobile-optimized and presents a professional design with clear navigation. Security posture is moderate with HTTPS enabled and cookie consent in place, but lacks advanced security headers and uses an outdated jQuery version, which could pose vulnerabilities. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration status, which should be verified. Overall, the site is functional and professional but could improve in security and business transparency.

M

Manifattura Falomo

manifatturafalomo.com

0

Manifattura Falomo is an established Italian manufacturer specializing in mattresses, pillows, and bed frames with over 60 years of experience. The company emphasizes quality and the culture of healthy sleep, targeting consumers seeking premium sleep products. The website is multilingual, supporting English, Italian, and German, reflecting an international market presence. Technically, the site is built on WordPress with modern plugins and integrations such as WPML for multilingual support, Google Analytics for tracking, and Iubenda for privacy compliance. Security measures include HTTPS enforcement, reCAPTCHA on forms, and a cookie consent mechanism, indicating a mature security posture. However, the absence of WHOIS data for the domain raises concerns about domain registration transparency, which slightly impacts the overall trust score. The site lacks explicit contact emails and phone numbers but provides a contact form for inquiries. Overall, the website is professional, secure, and compliant with privacy regulations, serving as a credible digital presence for the business.

P

Premium Independent Wineries of South Africa (PIWOSA)

piwosa.com

0

Premium Independent Wineries of South Africa (PIWOSA) is a collective of premium independent wine producers from South Africa’s Western Cape, established in 2013 to promote premium South African wines internationally. The website serves as a marketing and informational platform showcasing member wineries and their offerings, targeting international wine consumers, trade, and press. Technically, the site is built on WordPress using the Divi theme, with standard web technologies including jQuery. The site is moderately optimized for performance and mobile devices, with good SEO practices but basic accessibility features. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers, and no visible privacy or cookie consent mechanisms, which are areas for improvement. Overall, the site is professional and trustworthy but could enhance privacy compliance and security best practices.

The website tenacityworks.com is currently inaccessible, returning a 403 Forbidden error page that blocks access to any meaningful content. As a result, no business information, contact details, or policy documents are available for analysis. The domain is registered since 2006 with GoDaddy and uses SiteGround hosting, indicating a legitimate registration history but the site itself is not publicly accessible. The lack of accessible content and security headers severely limits the ability to assess the company's digital maturity or security posture. No privacy or cookie policies are present, and no contact or incident response information is available. Overall, the site appears to be either restricted intentionally or misconfigured, resulting in a very low trust and usability score.

D

Dineplan

dineplan.com

0

Dineplan is a South African-focused online restaurant reservation platform offering consumers the ability to book tables, browse menus, and read reviews for over 2,000 restaurants. It also provides reservation software solutions for restaurateurs, positioning itself as a key player in the hospitality sector within South Africa. The website promotes mobile app usage for enhanced user experience and convenience. Technically, the site employs a modern technology stack including Google Maps API, reCAPTCHA, and multiple analytics and marketing tools such as Google Analytics, HubSpot, Hotjar, and TikTok Pixel. Security measures include HTTPS enforcement and CAPTCHA protections on user authentication forms, though explicit security policies and incident response information are not publicly available. The absence of WHOIS data for the domain is a notable gap, reducing trustworthiness from a domain registration perspective. Overall, the site is professionally designed, mobile-optimized, and provides comprehensive privacy and terms documentation, supporting a good security and privacy posture.

Fedron BVBA is a Belgian IT services company founded in 2008, specializing in software solutions, custom software development, website creation, and consultancy services in technologies such as PROGRESS, .NET, PHP, and QlikView. The company targets startups, self-employed professionals, small retail businesses, SMEs, and other companies, positioning itself as a flexible and knowledgeable partner in IT. The website reflects a professional and consistent brand image with clear navigation and relevant content for its audience. Technically, the site uses standard JavaScript libraries including Google Analytics and Facebook SDK, hosted under a Belgian registrar consistent with the company's location. Performance and mobile optimization are moderate, with room for improvement in accessibility and SEO. Security posture is basic with HTTPS enabled but lacking advanced security headers and published security policies. Privacy compliance is limited, with no cookie consent mechanism or explicit GDPR compliance statements. Overall, the site is trustworthy but could benefit from enhanced security and privacy practices.

S

Smaily - intentionally simple email marketing and automation

smaily.com

0

Smaily is a small Estonian technology company specializing in providing an intentionally simple email marketing and automation platform. Founded in 2014, it offers a SaaS model with key services including email marketing, template editing, landing pages, automation, transactional emails, and app integrations. The company emphasizes GDPR compliance, ISO/IEC certification, and excellent human customer support, positioning itself as a trustworthy and user-friendly alternative in the email marketing space. Technically, the website is built on WordPress with modern tools such as Yoast SEO, WPBakery, and Google Tag Manager, ensuring good performance, SEO, and mobile optimization. Security posture is strong with HTTPS, cookie consent mechanisms, and CAPTCHA protections, although DNSSEC is not enabled and some security headers could be improved. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

The website dualsidedapp.com is currently inaccessible due to an SSL handshake failure between Cloudflare and the origin server, resulting in a Cloudflare error 525 page being served. This prevents any meaningful content from being accessed or analyzed. The domain is registered with GoDaddy.com, LLC since 2021 and uses Cloudflare nameservers, but DNSSEC is not enabled. No privacy, cookie, or terms of service policies are present, nor is any contact or business information visible on the error page. The technical infrastructure relies on Cloudflare as a proxy, but the origin server SSL configuration is broken, severely impacting security posture and user trust. Overall, the site appears to be a small or startup business with minimal online presence at this time.

PozzWare.com is a personal website operated by Stefano Pozzati, offering free software, card games, video games, and art. The site targets a general audience interested in technology and creative digital content. It operates as a small-scale personal project supported by donations and monetized through Google Adsense. The website is hosted by SmarterASP.NET and uses modern web technologies including Bootstrap, jQuery, Angular, and Unity for game development. The domain is well-established, registered since 2007, indicating a stable online presence. From a technical perspective, the site employs standard web technologies and frameworks, with moderate performance and good mobile optimization. However, it lacks advanced security headers and DNSSEC, and does not provide privacy or cookie policies, which are important for compliance and user trust. Google Analytics and Adsense are used for tracking and advertising, but no explicit cookie consent mechanism is present. Security posture is basic with HTTPS enabled but missing several best practices such as security headers and incident response information. No critical vulnerabilities or malware indicators were found, but improvements are recommended to enhance security and privacy compliance. Overall, the site is functional and trustworthy as a personal project but would benefit from enhanced security and compliance measures. Strategic recommendations include implementing DNSSEC, adding privacy and cookie policies with consent mechanisms, deploying security headers, and publishing vulnerability disclosure and incident response contacts to improve trust and compliance.

E

eDIY Software

ediy.co.nz

0

eDIY Software is a New Zealand-based small business specializing in web design, ecommerce software, and web hosting services primarily targeting small to medium businesses and organizations within New Zealand. The company offers a proprietary CMS and ecommerce platform with features such as Bitcoin payment integration, bulk email marketing, and custom web development. Their market position is that of a local, established provider with over two decades of domain presence and a focus on affordable, DIY website solutions. Technically, the website uses Bootstrap and custom JavaScript, with a proprietary CMS platform. Hosting is provided by Dreamscape Networks International Pte Ltd (Crazy Domains), a known NZ registrar and hosting provider. The site performance is moderate with basic mobile optimization and accessibility. Analytics are handled via a self-hosted Matomo instance, indicating some privacy consideration, though no cookie consent or privacy policies are present. From a security perspective, the site uses HTTPS but lacks DNSSEC and important security headers such as Content-Security-Policy and HSTS. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of privacy and cookie policies is a compliance gap, especially for GDPR. The domain WHOIS data is consistent with a legitimate business, with a long registration history and no privacy protection. Overall, the website is professional and trustworthy but would benefit from improved security headers, privacy compliance, and enhanced mobile and accessibility features. Strategic improvements in these areas would strengthen the company's digital maturity and customer trust.

The Tcl Developer Xchange website serves as the primary hub for the Tcl programming language and Tk GUI toolkit community. It provides software downloads, documentation, community resources, and core development information. The site targets software developers interested in Tcl/Tk technologies and is hosted by ActiveState, a reputable company known for commercial support of Tcl. The website content is technical, mature, and well-structured, though the design is basic and mobile optimization is limited. From a technical perspective, the site uses standard HTML and CSS with Google Site Search integration and Cloudflare Insights for analytics. Hosting by ActiveState suggests reliable infrastructure, but the site lacks visible modern security headers and explicit HTTPS confirmation in the provided data. Privacy and cookie policies are absent, which impacts compliance and user trust. Security posture is moderate but could be improved by implementing HTTPS, security headers, and publishing privacy-related policies. The WHOIS data is incomplete and malformed, which reduces domain registration trustworthiness, though the website content and hosting provider indicate legitimacy. No adult or questionable content is present, making the site safe for general audiences. Overall, the site is functional and credible within its niche but would benefit from enhanced security practices, privacy compliance, and improved technical modernization to strengthen trust and user experience.

S

squeak-smalltalk

squeakfoundation.org

0

The website is a GitHub-hosted open source repository named 'squeak-object-memory' under the organization 'squeak-smalltalk'. It focuses on issues and assets related to the Squeak object memory, targeting developers and users interested in Smalltalk technology. The project has been active since 2007, indicating a mature and stable presence in its niche. The platform leverages GitHub's infrastructure, providing source code hosting, issue tracking, and collaboration features. The website design is professional and optimized for both desktop and mobile users, with good accessibility and SEO practices. Security is robust with HTTPS enforced and domain protections in place, although DNSSEC is not enabled. Privacy and cookie policies are absent, which is a compliance gap. No direct contact or incident response information is provided, limiting transparency in these areas. Overall, the website is trustworthy and technically sound but could improve privacy compliance and security transparency.

F

Fantaisie Software

purebasic.com

0

PureBasic.com is the official website for PureBasic, a modern BASIC programming language developed by Fantaisie Software since 1998. The site provides comprehensive information about the language's features, supported platforms, and related products such as SpiderBasic. The business targets both beginner and expert programmers seeking a fast, portable, and easy-to-use BASIC compiler and IDE. The website is professionally designed with clear navigation and relevant content, supporting multiple languages and offering user login functionality. Technically, the site uses a modern tech stack including HTML5, CSS3, JavaScript libraries like jQuery, Modernizr, and Google Analytics for tracking. The site is mobile optimized and SEO friendly but lacks some advanced accessibility features. No CMS or hosting provider details are evident. Performance is moderate with no blocking or WAF detected. Security posture is moderate; the site uses HTTPS but lacks visible security headers and published security policies. Forms use POST methods but no explicit cookie consent or GDPR compliance mechanisms are present. WHOIS data is missing, which reduces trustworthiness but the site content and business information appear legitimate. No vulnerabilities or exposed sensitive data were detected. Overall, PureBasic.com is a trustworthy and professional site for a niche programming language product. Strategic improvements in security headers, privacy compliance, and WHOIS transparency would enhance trust and compliance.

The website www.gotpike.org serves as a community hub for the Pike programming language, providing resources such as an introduction book, module repository, mailing list archives, and a wiki. It targets developers and enthusiasts interested in Pike, a dynamic programming language with C-like syntax. The site positions itself as a niche community resource rather than a commercial business, with a small-scale presence and basic content offerings. Technically, the website is simple, built with basic HTML and CSS without modern frameworks or CMS detected. There is no evidence of advanced hosting or performance optimization. The site lacks HTTPS information and security headers, indicating potential security weaknesses. Accessibility and SEO optimizations are minimal, and no analytics or tracking technologies are present. From a security perspective, the absence of HTTPS and security policies is a concern. No privacy, cookie, or terms of service policies are found, and no contact or incident response information is provided. The WHOIS data is incomplete and malformed, limiting domain trust verification. However, the site content is safe, non-commercial, and focused on community resources, reducing risk exposure. Overall, the website has a low to moderate risk profile due to missing security best practices and incomplete domain registration data. Strategic improvements in security posture, privacy compliance, and technical modernization are recommended to enhance trust and resilience.

D

Daniel Bünzli

erratique.ch

0

The website erratique.ch represents Daniel Bünzli, an independent software engineer specializing in OCaml programming and software project implementation. The site provides contact information, a profile, software projects, and writings, targeting software developers and clients interested in OCaml solutions. The business operates as a small independent consultancy based in Switzerland, with a niche market position focused on OCaml technology. Technically, the website is built with standard HTML5 and CSS, featuring basic mobile optimization and SEO. No advanced frameworks or CMS are detected. The site performance is moderate with a clean, professional design and clear navigation. There are no forms or interactive elements, reducing attack surface but also limiting user engagement features. From a security perspective, the site lacks explicit security headers and documented security policies. SSL status is unknown from the provided data but should be verified. No privacy or cookie policies are present, indicating limited compliance with GDPR or similar regulations. Contact information is clearly provided, but no incident response or vulnerability disclosure mechanisms are found. Overall, the website is trustworthy and professional but could improve in privacy compliance and security posture. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and publishing incident response contacts to enhance trust and compliance.

N

Nim Programming Language

nim-lang.org

0

The Nim Programming Language website serves as the official portal for the Nim open source project, a statically typed compiled systems programming language. The site provides comprehensive information about Nim's features, installation, documentation, community engagement, and recent updates. It targets developers and programmers interested in efficient and expressive programming languages, offering resources such as an online playground, blog, and community forums. The project is volunteer-driven and supported by donations, reflecting a small but active open source community. Technically, the website employs modern web technologies including Pure.css for styling, FontAwesome for icons, and integrates analytics tools like Google Analytics and Plausible. Hosting and DNS services are managed via Cloudflare, ensuring fast and reliable delivery. Security posture is generally good with HTTPS enforced and domain transfer protections in place; however, the absence of DNSSEC and security headers represents areas for improvement. Privacy compliance is limited due to the lack of explicit privacy and cookie policies, which should be addressed to meet regulatory standards. Overall, the site is professional, well-structured, and trustworthy, with a high level of content quality and user experience.

MathWorks is a leading enterprise software company specializing in mathematical computing software for engineers and scientists, primarily known for MATLAB and Simulink products. The company targets a broad audience including engineers, researchers, educators, and students across multiple industries such as technology, manufacturing, transportation, and energy. Their business model revolves around software development, licensing, training, and consulting services, positioning them as a market leader with a strong brand presence and comprehensive product offerings. Technically, MathWorks employs a modern and robust digital infrastructure leveraging Adobe Experience Manager as their CMS, Bootstrap 5 for responsive design, and integrates advanced analytics and consent management tools such as Adobe Analytics, Treasure Data, and InMobi Consent Manager. The website demonstrates excellent performance, mobile optimization, and accessibility, reflecting a mature and well-maintained technical environment. From a security perspective, the site enforces HTTPS with strong SSL configurations and implements multiple security headers. It uses Google reCAPTCHA Enterprise for bot mitigation and has a comprehensive consent management system addressing GDPR and CCPA compliance. No critical vulnerabilities or exposed sensitive data were detected, indicating a strong security posture. However, explicit incident response contacts and a vulnerability disclosure policy are not publicly evident. Overall, MathWorks presents a highly professional, trustworthy, and secure online presence consistent with its enterprise stature. The lack of WHOIS data is likely due to registry privacy policies and does not detract from the legitimacy of the domain or company. Strategic recommendations include publishing clear incident response contacts and adopting a security.txt file to enhance transparency and security readiness.

lua-users.org is a niche community-driven website dedicated to users and developers of the Lua programming language. It provides collaborative resources such as a wiki, mailing list archives, and informational pages to support the Lua user community. The site is small in scale and primarily serves as an informational hub rather than a commercial entity. Technically, the website is basic, using simple HTML and CSS without modern frameworks or CMS. It is hosted by pair Networks, a reputable hosting provider, and the domain has been active since 2001, indicating a stable presence in the Lua community. However, the site lacks modern security features such as HTTPS and security headers, and no privacy or cookie policies are present, which limits its compliance with current web standards and regulations. There are no forms or contact details available, which reduces user engagement and support capabilities. Overall, the website is functional but could benefit from modernization and improved security and privacy practices.

RPG Next Gen is a niche technical resource website managed by Mihael Schmidt, focusing on programming tools and projects related to the RPG language on IBM i platforms, as well as Node.js and Java. The site hosts multiple open source projects and provides documentation, package management, and code viewing tools primarily targeting developers in the IBM i ecosystem. The business model is based on open source software distribution with optional donations, serving a specialized developer audience. Technically, the website uses a traditional HTML/CSS structure with references to Node.js and TypeScript for some projects. Hosting is managed via Manitu GmbH DNS servers, and the site links extensively to Bitbucket and GitHub repositories. The site design is basic but functional, with moderate performance and basic mobile optimization. SEO and accessibility are present but minimal. From a security perspective, the site lacks HTTPS enforcement information and security headers, which lowers its security posture. No privacy or cookie policies are present, indicating compliance gaps with GDPR and other privacy regulations. No incident response or vulnerability disclosure policies are published. The domain is long-standing and consistent with the website content, supporting legitimacy. Overall, the website is a moderately credible technical resource with good content quality but requires improvements in security, privacy compliance, and contact transparency to enhance trust and protect users.

N

Neil Van Dyke

neilvandyke.org

0

Neil Van Dyke's website is a personal technical site dedicated to sharing open source software contributions and notes on various technology topics including Scheme, Racket, Linux, Emacs, and Bitcoin. It serves a niche audience of developers and technology enthusiasts and does not represent a commercial business. The site content is basic but relevant and accessible, with minimal design and navigation features. There is no evidence of commercial activity or professional business infrastructure. From a technical perspective, the site uses simple HTML and CSS without advanced frameworks or CMS. Performance and mobile optimization are basic but functional. No analytics, advertising, or tracking technologies are detected, indicating a privacy-conscious approach but also a lack of modern digital marketing or user engagement tools. Security posture is weak due to lack of visible HTTPS confirmation, absence of security headers, and no privacy or cookie policies. The WHOIS data is malformed and missing critical registration details, which reduces domain trustworthiness. No incident response or security contact information is provided. Overall, the site is low risk but also low trust from a security and compliance standpoint. Recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and improving WHOIS registration transparency to enhance trust and compliance.

T

The R Foundation

r-project.org

0

The R Project for Statistical Computing is an established open source initiative providing a free software environment for statistical computing and graphics. Supported by The R Foundation, it serves a global audience of statisticians, data scientists, and researchers. The website reflects a mature project with comprehensive documentation, community engagement, and regular updates. Technically, the site uses standard web technologies such as Bootstrap and jQuery, delivering a responsive and navigable user experience. However, some modern security practices like security headers and privacy policies are missing, which could be improved to enhance compliance and trust. The WHOIS data is unavailable due to privacy restrictions, which is common for open source foundations and does not detract from the site's legitimacy. Overall, the site is professional, trustworthy, and well-positioned in the technology sector.

R

RAJALANGIT77

modularfilemaker.org

0

RAJALANGIT77 operates as an online gaming agent specializing in slot games hosted on Thailand servers, targeting Indonesian players. The website positions itself as a trusted and popular platform for online slot gaming in Indonesia for the year 2025. However, the domain registration data is suspicious, with a future creation date and registrar known for drop-catching domains, which raises concerns about legitimacy. Technically, the website uses common analytics and tracking tools such as Google Tag Manager, Datadog, and Rollbar, and is hosted with DNS services via Cloudflare. The site lacks comprehensive privacy, security, and compliance policies, which impacts its trustworthiness and regulatory adherence. Security posture is basic with no detected security headers or DNSSEC enabled. Overall, the site presents moderate technical implementation but poor privacy compliance and questionable business credibility.

Fantom.org is the official website for the Fantom programming language, a portable language designed to run on the JVM and modern web browsers. The site provides resources such as documentation, downloads, community forums, and a library repository called Eggbox. The target audience is developers interested in JVM and web programming. The business operates as an open source project with community contributions and maintains a niche position in the programming language market. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and integrates Google Custom Search and Cloudflare DNS services. The site is moderately optimized for performance and mobile devices, with basic accessibility and good SEO practices. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks DNSSEC and security headers. Privacy and cookie policies are absent, indicating compliance gaps. No contact information or incident response details are provided, limiting user trust and support avenues. Overall, the domain registration is consistent and legitimate, supporting the website's credibility.

S

Sönke Ludwig

vibed.org

0

vibed.org is the official website for vibe.d, an open source asynchronous I/O and web toolkit framework written in the D programming language. The project targets developers seeking efficient, fiber-based blocking programming models and high-performance web frameworks. The site provides detailed feature descriptions, code examples, documentation, and community resources, positioning itself as a niche but mature technology framework with a consistent update cadence since its founding in 2012. Technically, the website employs standard web technologies including Bootstrap CSS and Normalize.css for styling, and Prettify.js for code syntax highlighting. Hosting is managed through German-based hosting providers, with stable DNS configurations. The site is mobile optimized and well structured, offering a good user experience and clear navigation. However, it lacks advanced accessibility features and modern security headers. From a security perspective, the site uses a domain status that prevents unauthorized transfers but does not enable DNSSEC. No HTTPS or SSL configuration details were provided, and no security headers were detected in the HTML content. Privacy compliance is minimal, with no cookie consent mechanisms or GDPR-specific disclosures. Contact information is limited to a contact page form, with no direct emails or phone numbers published. No vulnerability disclosure or incident response policies are present. Overall, vibed.org is a credible and professional technical project website with good content quality and business credibility. Security posture and privacy compliance require improvement to meet modern standards. The site is safe for general audiences and free from suspicious or malicious content.

D

D Language Foundation

dlang.org

0

The D Language Foundation operates the official website for the D programming language, a general-purpose, statically typed language with systems-level access and C-like syntax. The foundation supports the language's development, community engagement, and ecosystem growth. The website serves as a comprehensive resource hub offering documentation, tutorials, community forums, package management, and downloadable compiler binaries. It targets software developers and technology enthusiasts interested in efficient and modern programming languages. The foundation is a non-profit entity coordinating volunteer efforts and sponsorships to sustain the language's evolution. Technically, the website is well-structured, leveraging modern web technologies such as HTML5, CSS3, JavaScript, jQuery, and CodeMirror for interactive code examples. It uses Cloudflare for DNS and likely CDN services, ensuring fast performance and good mobile optimization. The site is accessible, SEO-friendly, and provides a rich user experience with clear navigation and relevant content. However, it lacks some modern security headers and DNSSEC is not enabled. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data or vulnerable libraries. There are no forms collecting sensitive personal data, reducing attack surface. However, the absence of a privacy policy, cookie consent mechanism, security policy, and incident response contact information represents compliance and transparency gaps. No vulnerability disclosure or security.txt files were found, which could hinder responsible vulnerability reporting. Overall, the website is professional, trustworthy, and technically sound but could improve privacy compliance and security transparency. Strategic recommendations include publishing privacy and cookie policies, enabling DNSSEC, adding security headers, and providing clear security and incident response information to enhance user trust and regulatory compliance.

Redvers Consulting Ltd is a specialized technology company focused on providing COBOL software solutions including AES encryption, SHA hashing, XML and JSON generation and parsing, digital signatures, and source code obfuscation. The company targets COBOL developers and enterprises requiring secure and efficient COBOL data processing tools. Their market position is niche, serving a specialized segment with a small company size and a long operational history since 2001. The website content is professional and well-structured, emphasizing product capabilities and technical solutions. Technically, the website is built with standard HTML and CSS, hosted on HostPapa servers, and uses HTTPS for secure communication. The site shows moderate performance and basic mobile optimization. SEO is adequately addressed with meta tags and canonical links. However, no CMS or advanced frameworks are detected, indicating a simple but effective technical infrastructure. From a security perspective, the website benefits from domain transfer protections and HTTPS but lacks DNSSEC and security headers, which are recommended for enhanced security. No privacy or cookie policies are published, and no contact or incident response information is provided, representing compliance and trust gaps. No forms or user data collection mechanisms are present, reducing exposure to input-based vulnerabilities. Overall, the website is safe, professional, and trustworthy but would benefit from improved privacy compliance, security header implementation, and clearer contact information to enhance user trust and regulatory adherence.

C

C4Media

infoq.com

0

InfoQ is a well-established technology news and knowledge platform focused on software development, architecture, and emerging technologies such as AI and DevOps. Owned by C4Media, InfoQ serves a global audience of over 1.5 million developers and IT professionals, providing high-quality articles, presentations, podcasts, and events. The website demonstrates a mature digital presence with professional design, clear navigation, and rich content authored by industry experts. Technically, the site employs modern web technologies including Google Tag Manager, Facebook Pixel, and Plausible Analytics, with a fast loading performance and good mobile optimization. Security best practices are observed with HTTPS enforcement and cookie consent mechanisms, although some advanced security headers and explicit security policies are not publicly disclosed. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, supported by comprehensive privacy and cookie policies aligned with GDPR requirements. However, the absence of WHOIS data and registrant information introduces some uncertainty regarding domain registration transparency. Overall, InfoQ presents a trustworthy and professional platform with a strong focus on delivering valuable content to the software development community. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and providing clearer contact information for incident response.

E

Eclipse Foundation AISBL

eclipse.org

0

The Eclipse Foundation is a globally recognized non-profit organization that fosters open source software collaboration and innovation. It hosts a large portfolio of projects including the Eclipse IDE and Jakarta EE, serving a diverse audience of developers, enterprises, and industry collaborators. The foundation operates a mature, scalable, and vendor-neutral environment that supports open source development and community engagement. Their business model revolves around memberships, sponsorships, and industry collaborations, positioning them as a leader in the open source ecosystem. Technically, the website is built using the Hugo static site generator, enhanced with modern web technologies such as Google Tag Manager and FontAwesome. The site demonstrates excellent performance, mobile optimization, and accessibility. SEO practices are well implemented with comprehensive metadata and structured navigation. The presence of cookie consent and privacy policies reflects a strong commitment to privacy compliance. From a security perspective, the site enforces HTTPS and provides clear security policies and vulnerability reporting channels. While explicit security headers are not detected in the provided data, the overall security posture is strong with no visible vulnerabilities or exposed sensitive data. The foundation maintains an active incident response mechanism and encourages responsible disclosure. Overall, the Eclipse Foundation website is professional, trustworthy, and well-maintained, reflecting the organization's stature in the technology and open source communities. The main limitation is the lack of accessible WHOIS data, which slightly impacts domain registration trust analysis but does not detract from the evident legitimacy and operational maturity of the foundation.

I

Inductive AS

progsbase.com

0

progsbase.com is a technology-focused website operated by Inductive AS, offering future-proof software development tools and services aimed at business automation. The platform provides a library of programs, command line clients, and private repository management under a subscription business model. The website targets software developers and businesses seeking stable automation solutions. Technically, the site uses Bootstrap for responsive design and integrates Google Analytics and Tag Manager for user tracking. The site is moderately optimized for performance and mobile use but lacks advanced accessibility features and SEO enhancements. Security posture is moderate with HTTPS implied but no visible security headers or explicit security policies published. The absence of WHOIS registration data for the domain raises concerns about domain legitimacy, although the website content and business information appear professional and consistent with a small technology company based in Norway. Overall, the site is functional and trustworthy but would benefit from improved security practices and clearer domain registration transparency.

Vodovod Povljana d.o.o. is a small Croatian utility company specializing in public water supply, sewage management, and water infrastructure operations primarily serving the Povljana region. The company operates under the parent entity VODOVOD HRVATSKO PRIMORJE d.o.o. and maintains a local market presence with key partnerships including local government and national water authorities. The website reflects a focused business model targeting local residents and businesses requiring essential water services. Technically, the website is built on an older WordPress platform (version 3.5.2) with legacy jQuery libraries, hosted by InMotion Hosting. While the site is mobile responsive and has a clear navigation structure, it lacks modern security headers and uses outdated software components, which may expose it to vulnerabilities. The site uses HTTPS but does not implement advanced security or privacy compliance features such as cookie consent or privacy policies. From a security perspective, the site shows basic HTTPS usage but lacks critical security headers and uses outdated software versions, increasing risk exposure. No privacy or cookie policies are present, and no incident response or vulnerability disclosure information is provided. Contact information is available but limited to phone and physical address, with no email or social media presence detected. Overall, the website is functional and professionally presented but requires urgent updates to its CMS and security posture to mitigate risks. The absence of privacy and cookie policies also indicates compliance gaps with GDPR and related regulations. Strategic improvements in security, privacy compliance, and technical modernization are recommended to enhance trust and operational resilience.

VRELO d.o.o. is a public utility company providing water supply and sewage services on the island of Rab, Croatia. The company operates under the ownership of the City of Rab and has a long-standing history dating back to 1961. Their website serves as an informational portal for residents and businesses, offering updates on water supply interruptions, infrastructure projects, and service information. The business model is focused on municipal service provision with a clear local market position and essential public service role. Technically, the website uses legacy JavaScript libraries such as jQuery 1.10.1 and plugins like Fancybox and bxSlider. The site is moderately optimized for performance and mobile use but lacks modern frameworks or CMS identification. SEO and accessibility are basic but functional. Hosting details are not explicit but the domain is registered with CARNET, a Croatian academic network registrar, consistent with the local business. From a security perspective, the site lacks visible security headers and uses outdated JavaScript libraries that may expose it to vulnerabilities. However, it implements a cookie consent mechanism compliant with GDPR and does not expose sensitive data in the HTML. No incident response or security policy information is provided. The WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, the website is trustworthy and professional but would benefit from technical modernization and enhanced security practices. The risk level is moderate due to outdated libraries and missing security headers, but no critical vulnerabilities or malicious indicators were found.

The website www.isn.cz is a small-scale, niche project site operated by Jiří Blažek, focusing on two main projects: an electronic timing system for fire sport and an e-learning platform for volunteer firefighters in the Czech Republic. The business model appears to be community and project-driven, targeting volunteer fire brigades and fire sport enthusiasts with affordable and modular technical solutions and accessible online education. The site content is well-structured, informative, and uses modern web technologies such as Bootstrap and jQuery, with backend technologies including Java EE and Spring frameworks for the e-learning platform. However, the site lacks visible privacy, cookie, or terms of service policies and does not provide explicit contact information, which limits its compliance and business credibility. Security posture is moderate, with some use of Spring Security but no visible HTTPS or security headers information. WHOIS data is unavailable, likely due to privacy protection, which reduces trust verification. Overall, the site is functional and relevant for its audience but would benefit from improved security, compliance, and contact transparency.

S

SUPACAZ

supacaz.com

0

SUPACAZ is a niche cycling accessories brand emphasizing California style, offering premium products primarily through an e-commerce platform. The website is built on WordPress with WooCommerce and Elementor, indicating a modern and flexible technical infrastructure. The site integrates common marketing and analytics tools such as Google Tag Manager and Facebook Pixel, supporting moderate user tracking and marketing efforts. Security posture is generally good with HTTPS enabled and domain protections in place, though improvements are needed in security headers and privacy compliance. No blocking or WAF mechanisms interfere with content access, allowing full analysis. Overall, the site presents a professional and trustworthy front for its target cycling enthusiast audience.

S

Specialized Bicycle Components

rovalcomponents.com

0

Specialized Bicycle Components operates a comprehensive e-commerce platform focused on bicycles, bike wheels, components, and cycling gear. The company targets a broad audience ranging from professional cyclists to casual riders and commuters. Their market position is strong, supported by a professional website that showcases a wide product range and emphasizes quality and innovation. The website is well-designed, mobile-optimized, and provides clear navigation and rich content, enhancing user experience. Technically, the website leverages modern web technologies including React and Next.js, and integrates third-party marketing and analytics tools such as Klaviyo, Monetate, Affirm, and Klarna. The site employs HTTPS with strong security headers, indicating a good security posture. However, the absence of WHOIS data limits the ability to fully verify domain registration legitimacy. Privacy and cookie policies are present and indicate GDPR compliance, though explicit contact details and security policies are limited. Overall, the website demonstrates a mature digital infrastructure and a solid security foundation, with room for improvement in transparency of domain registration and explicit security incident response information. The risk profile is low given the professional nature of the business and the absence of vulnerabilities or suspicious content.

R

Rocket Espresso

rocket-espresso.com

0

Rocket Espresso is a premium Italian manufacturer specializing in handcrafted espresso machines and coffee grinders, targeting both domestic and commercial markets. The company emphasizes Italian craftsmanship and high performance, positioning itself as a leader in the specialty coffee equipment industry. Their business model includes direct online sales, dealer distribution, and a strong brand presence supported by social media channels. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, with a responsive design and good SEO practices. The site integrates cookie consent management via Iubenda and uses Google Tag Manager for analytics, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms, but lacks some advanced security headers and explicit security policies. The domain is well-established since 2007, with consistent WHOIS data supporting legitimacy. Overall, the website is professional, secure, and privacy-conscious, with room for improvement in security policy transparency and contact information availability.

K

K-Edge USA

k-edge.com

0

K-Edge USA operates a specialized e-commerce website focused on high-quality bicycle computer mounts and accessories. The company targets professional cyclists and enthusiasts, offering durable and precision-engineered products. The website is built on the Shopify platform, leveraging modern web technologies and marketing tools such as Klaviyo and Judge.me for customer engagement and reviews. The domain is well-established since 2011, reflecting a stable business presence. Privacy and cookie policies are implemented with GDPR compliance, and the site uses HTTPS with good SSL configuration. However, explicit security policies and incident response contacts are not published, which could be improved to enhance trust and compliance. Overall, the website presents a professional and trustworthy online storefront with good technical infrastructure and marketing integration.

D

DANIELO Sportswear

danielo.pl

0

DANIELO Sportswear is a Polish small business specializing in the manufacturing and retail of custom cycling and sportswear. The company targets sports teams, groups, and individual customers seeking professional and custom-designed sports apparel. Their business model combines B2B custom orders with B2C retail through an online shop. The website reflects a niche market position with a focus on quality and customer collaboration. Technically, the website employs modern frontend technologies such as Bootstrap, jQuery, and slick carousel, ensuring a responsive and user-friendly experience. The presence of Google Analytics indicates moderate user tracking. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks advanced security headers and explicit security policies. WHOIS data is not publicly available, likely due to privacy protection, which slightly reduces transparency but is common for small businesses. Overall, the website is professional, trustworthy, and compliant with basic privacy regulations.

Q

QM Sports Care

qmsportscare.eu

0

QM Sports Care is a small retail business specializing in premium, natural-based massage and sports care products targeted at professional and recreational athletes. The company positions itself as a trusted supplier in the sports care market, emphasizing natural ingredients and quality. The website reflects a professional brand image with consistent branding and a clear focus on its target audience. Technically, the website uses a modern front-end stack including Bootstrap, jQuery, and various UI libraries, providing a good user experience with mobile optimization and clear navigation. However, the site lacks visible privacy and cookie policies, which impacts compliance and trust. Security posture is moderate with HTTPS implied but no visible security headers or vulnerability disclosures. Overall, the site is safe and trustworthy but would benefit from enhanced privacy compliance and security best practices.

K

Klein Constantia

kleinconstantia.com

0

Klein Constantia is a historic and prestigious South African wine estate known for producing premium wines, including the acclaimed Vin de Constance. The website reflects a mature business with a focus on wine production, tastings, and hospitality services. It targets wine enthusiasts and tourists seeking quality South African wines. The digital infrastructure is built on WordPress with modern plugins and integrations, supporting e-commerce and multimedia content. The site is well-branded, mobile-optimized, and SEO-friendly, indicating a solid digital maturity. Security posture is good with HTTPS and no visible vulnerabilities, though improvements in security headers and privacy compliance mechanisms are recommended. The absence of WHOIS data is a notable anomaly but does not detract significantly from the site's legitimacy given its professional presentation and consistent business information. Overall, the website presents a trustworthy and professional front for the Klein Constantia brand.

M

Manifattura Falomo

manifatturafalomo.it

0

Manifattura Falomo is a well-established Italian manufacturer specializing in mattresses, pillows, and bed bases with over 60 years of experience. The company emphasizes quality and the 'Made in Italy' brand, targeting consumers seeking premium sleep products. Their website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive product information. Technically, the site uses WordPress CMS with modern JavaScript frameworks and integrates Google Analytics and Iubenda for privacy compliance. Security posture is strong with HTTPS, security headers, and reCAPTCHA protections, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the domain registration and WHOIS data align well with the business claims, supporting legitimacy and trustworthiness.

Morgan Blue is a Belgian quality brand specializing in lubricants, oils, and cleaners, primarily targeting consumers and professionals in the sports care and cycling sectors. The company maintains a professional online presence with a well-structured website, active social media channels, and partnerships with recognized cycling teams and brands. Their business model includes product manufacturing and retail, supported by an official online shop. The website demonstrates compliance with GDPR through a comprehensive cookie consent mechanism and uses modern web technologies such as WordPress, Google Analytics, and Google reCAPTCHA for security and analytics. From a technical perspective, the website is built on WordPress with a moderate performance profile and good mobile optimization. Security measures include HTTPS enforcement and CAPTCHA integration, though additional security headers could enhance protection. The absence of explicit security policies, incident response information, and terms of service pages represents an area for improvement. Notably, WHOIS data for the domain is missing, which raises concerns about domain registration legitimacy despite the professional appearance and active digital footprint. Overall, the security posture is solid but could benefit from enhanced transparency and additional security controls. The risk assessment highlights the need to verify domain registration and improve contact and policy disclosures to strengthen trust and compliance. Strategic recommendations include implementing security headers, publishing clear security and incident response policies, and ensuring domain registration transparency to support business credibility and customer confidence.

P

Park Tool

parktool.com

0

Park Tool is a well-established manufacturer and retailer of bicycle-specific tools, operating since 1963 and headquartered in St. Paul, Minnesota, USA. The company holds a strong market position as the world's largest bicycle tool manufacturer, targeting both professional and home bicycle mechanics. Their website reflects a professional brand image with clear regional targeting and social media presence. Technically, the website employs modern JavaScript libraries and tracking tools such as Google Tag Manager and Cookie Script, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and cookie consent implemented, though the absence of security headers and visible contact information slightly reduces trust. The missing WHOIS data for the domain www.parktool.com is a notable concern, impacting domain legitimacy assessment. Overall, the website is professional, safe, and compliant with privacy regulations, but could improve transparency and security practices.

B

Buzzatti

buzzatti.it

0

Buzzatti is a well-established Italian logistics company specializing in dry bulk logistics, particularly for food, feed, and technical products. The company positions itself as an international leader with a strong focus on quality and sustainability, boasting 50 years of experience and a large fleet of vehicles. Their services include road transport, intermodal transport, warehousing, bonded warehouses, and rebulking. The website is built on a modern WordPress platform using Elementor, providing a professional and user-friendly experience with good mobile optimization and clear navigation. Security posture is adequate with HTTPS and cookie consent mechanisms in place, though there is room for improvement in security headers and formal security policies. Overall, the domain registration and business information are consistent and trustworthy, supporting the legitimacy of the company.

BMW Belgium operates a comprehensive and professionally designed website serving as the official regional portal for BMW automotive products and services. The site targets Belgian consumers interested in new and used BMW vehicles, electric mobility, financial services, and after-sales support. The digital infrastructure leverages Adobe Experience Manager CMS, advanced analytics, and performance optimization tools, reflecting a mature and modern technical environment. Security posture is strong with HTTPS enforcement and standard security headers, though explicit public security policies and incident response contacts are not prominently disclosed. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, supporting BMW's premium brand image in the Belgian market.

T

The Coca-Cola Company

cocacola.be

0

The Coca-Cola Belgium Luxembourg website serves as a regional portal for The Coca-Cola Company, a global leader in the beverage industry. The site provides product information, promotions, and brand engagement content tailored for the Dutch-speaking Belgian market. The company operates at an enterprise scale with a strong market position in retail beverages. Technically, the website is built on Adobe Experience Manager, leveraging modern web technologies including Google Tag Manager and OneTrust for privacy compliance. The site demonstrates excellent mobile optimization, fast performance, and good SEO practices. Security posture is strong with HTTPS enforcement, comprehensive security headers, and active monitoring via AWS RUM. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. However, WHOIS data for the domain is unavailable, which is unusual but does not detract significantly from the site's legitimacy given the strong branding and professional presentation. Overall, the website is a secure, compliant, and professionally managed digital asset supporting Coca-Cola's business in Belgium.

Z

Zwift, Inc.

zwift.com

0

Zwift, Inc. operates a leading virtual cycling and fitness platform that revolutionizes indoor cycling through its app and hardware integrations. The company targets cycling enthusiasts and fitness users globally, offering subscription-based services alongside smart trainers and smart bikes. The website reflects a mature digital presence with excellent content quality, clear navigation, and strong branding consistency. Technically, the site leverages modern frameworks like Next.js and integrates advanced analytics and marketing tools, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement and consent-based tracking, though explicit security headers should be verified. Privacy compliance is robust, featuring comprehensive policies and TrustArc consent management. The WHOIS data is unavailable, likely due to privacy protection, but the website's legitimacy is supported by consistent branding and external references. Overall, Zwift presents a professional, secure, and user-friendly platform with a high trustworthiness rating.

6d Sports Nutrition operates a multilingual website focused on sports nutrition products, targeting consumers interested in health and fitness. The business model is primarily e-commerce retail, with a niche market position in sports nutrition. The website serves as a landing page directing users to language-specific subdomains for detailed content. Technically, the site uses basic HTML, CSS, and JavaScript with Google Fonts integration, hosted under a domain registered via Dynadot, LLC. The site shows moderate performance and basic mobile optimization but lacks advanced technical frameworks or CMS platforms. Security posture is minimal with no visible security headers or policies, and privacy compliance is lacking due to absence of privacy or cookie policies. No contact or incident response information is provided, limiting trust and transparency. Overall, the site is safe with no adult or explicit content detected, but improvements in security, privacy, and business information disclosure are recommended.