This website displays how well security is applied by the government. The quality is displayed using a traffic light system: red means bad, green means great. Our goal is to improve security and privacy for everyone. Therefore this site only displays the simplest and cheapest tier of security issues. This should all be fine... right?
This website is run by Internet Cleanup Foundation. To submit new domains, or ask questions, contact us via: info@faalkaart.nl.
This is the top fail from {{ humanize(metadata.data_from_time) }}
Expand/shorten list| # | Organization | Urls | Services | High risk | Medium risk | Low risk | Relative |
|---|---|---|---|---|---|---|---|
| {{ rank['rank'] }} | 🔍 {{ rank['organization_name'] }} | {{ rank['total_urls'] }} | {{ rank['total_endpoints'] }} | {{ rank['high'] }} | {{ rank['medium'] }} | {{ rank['low'] }} | {{ rank['relative'] }} |
This is the top win from {{ humanize(metadata.data_from_time) }}
Expand/shorten list| # | Organization | Urls | Services | High risk | Medium risk | Low risk |
|---|---|---|---|---|---|---|
| {{ rank['rank'] }} | 🔍 {{ rank['organization_name'] }} | {{ rank['total_urls'] }} | {{ rank['total_endpoints'] }} | {{ rank['high'] }} | {{ rank['medium'] }} | {{ rank['low'] }} |
DNS Security (DNSSEC) |
Encryption quality (TLS) |
Trust in certifcate (TLS) |
Absense of encryption |
Strict-Transport-Security (HSTS) |
Clickjacking prevention (X-Frame-Options) |
X-Content-Type-Options |
X-XSS-Protection |
File transfer (FTP) |
|
|---|---|---|---|---|---|---|---|---|---|
Organizations often have an extensive online presence with several websites and other services. The sum of the security of all of these services defines if the organization is secure or not.
A security status has been determined for all below addresses.
| When | Number | Good | Average | Bad |
|---|---|---|---|---|
| {{ translate(key) }} | {{ x["included_organizations"] }} | {{ x["green"] }} ({{ x["green percentage"] }}%) | {{ x["orange"] }} ({{ x["orange percentage"] }}%) | {{ x["red"] }} ({{ x["red percentage"] }}%) |
| When | Number | Good | Average | Bad |
|---|---|---|---|---|
| {{ translate(key) }} | {{ x["total_urls"] }} | {{ x["green_urls"] }} ({{ x["green url percentage"] }}%) | {{ x["orange_urls"] }} ({{ x["orange url percentage"] }}%) | {{ x["red_urls"] }} ({{ x["red url percentage"] }}%) |
Good encryption guarantees that information cannot be read or altered by others.
Does the website prevent a series of attacks?
| Technology | Result | Total |
|---|---|---|
| DNS Security (DNSSEC) | ||
| Not or incorrectly configured: | {{ x['explained']['DNSSEC']['DNSSEC is incorrectly or not configured (errors found).'] }} | |
| Correctly applied: | {{ x['explained']['DNSSEC']['DNSSEC seems to be implemented sufficiently.'] }} | |
| File transfer (FTP) | ||
| Encryption not available: | {{ x['explained']['ftp']['FTP Server does not support encrypted transport or has protocol issues.'] }} | |
| Outdated security: | {{ x['explained']['ftp']['FTP Server only supports insecure SSL protocol.'] }} | |
| Encryption available: | {{ x['explained']['ftp']['FTP Server supports TLS encryption protocol.'] }} | |
| Application of encryption | ||
| Not at all: | {{ x['explained']['plain_https']['Site does not redirect to secure url, and has nosecure alternative on a standard port.'] }} | |
| Not at all: | {{ x['explained']['plain_https']['Site does not redirect to secure url, and has no secure alternative on a standard port.'] }} | |
| Redirect from unsafe address: | {{ x['explained']['plain_https']['Redirects to a secure site, while a secure counterpart on the standard port is missing.'] }} | |
| Encryption quality (TLS) | ||
| Broken: | {{ x['explained']['tls_qualys_encryption_quality']['Broken Transport Security, rated F'] }} | |
| TLS rated C: | {{ x['explained']['tls_qualys_encryption_quality']['Less than optimal Transport Security, rated C.'] }} | |
| TLS rated B: | {{ x['explained']['tls_qualys_encryption_quality']['Less than optimal Transport Security, rated B.'] }} | |
| TLS rated A-: | {{ x['explained']['tls_qualys_encryption_quality']['Good Transport Security, rated A-.'] }} | |
| TLS rated A: | {{ x['explained']['tls_qualys_encryption_quality']['Good Transport Security, rated A.'] }} | |
| TLS rated A+: | {{ x['explained']['tls_qualys_encryption_quality']['Perfect Transport Security, rated A+.'] }} | |
| Certificate trust | ||
| No trust: | {{ x['explained']['tls_qualys_certificate_trusted']['Certificate is not trusted.'] }} | |
| Trust: | {{ x['explained']['tls_qualys_certificate_trusted']['Certificate is trusted.'] }} | |
| Technology | Result | Total |
|---|---|---|
| Enforcing encryption | ||
| Not: | {{ x['explained']['http_security_header_strict_transport_security']['Missing Strict-Transport-Security header.'] }} | |
| Does: | {{ x['explained']['http_security_header_strict_transport_security']['Strict-Transport-Security header present.'] }} | |
| Clickjacking prevention (X-Frame-Options) | ||
| Not: | {{ x['explained']['http_security_header_x_frame_options']['Missing X-Frame-Options header.'] }} | |
| Does: | {{ x['explained']['http_security_header_x_frame_options']['X-Frame-Options header present.'] }} | |
| Stats X-XSS Protection | ||
| Not: | {{ x['explained']['http_security_header_x_xss_protection']['Missing X-XSS-Protection header.'] }} | |
| Does: | {{ x['explained']['http_security_header_x_xss_protection']['X-XSS-Protection header present.'] }} | |
| Stats X-Content Type Options | ||
| Not: | {{ x['explained']['http_security_header_x_content_type_options']['Missing X-Content-Type-Options header.'] }} | |
| Does: | {{ x['explained']['http_security_header_x_content_type_options']['X-Content-Type-Options header present.'] }} | |
One address can have a plethora of services.
A total of {{ x['endpoints'] }} services are checked.
| IP Version | Protocol | Port | Amount | Percentage |
|---|---|---|---|---|
| {{ service['ip_version'] }} | {{ service['protocol'] }} | {{ service['port'] }} | {{ service['amount'] }} | {{ ((service['amount']/endpoints_now) * 100).toFixed(2) }}% |
These are the improvements of the last 7 days. Positive numbers show progress, while negative numbers are a setback in security.
| Encryption Quality (TLS) | {{ tls_qualys_encryption_quality.high }} |
| Certificate Trust | {{ tls_qualys_certificate_trusted.high }} |
| Missing encryption | {{ plain_https.high }} |
| Missing FTP encryption | {{ ftp.high }} |
| Encryption | {{ tls_qualys_encryption_quality.medium }} |
| Missing encryption | {{ plain_https.medium }} |
| HSTS Header | {{ http_security_header_strict_transport_security.medium }} |
| XFO Header | {{ http_security_header_x_frame_options.medium }} |
| FTP connection issue (security unknown) | {{ ftp.medium }} |
| Encryption | {{ tls_qualys_encryption_quality.low }} |
| X-XSS Header | {{ http_security_header_x_xss_protection.low }} |
| X-Content header | {{ http_security_header_x_content_type_options.low }} |
This is an overview of the most recent changes. These are processed at the end of the day. Because only changes are shown, it can take a while to see new information. Scans are being performed daily.
Stay updated of the latest findings using this RSS feed.
Stay updated of the latest findings using this RSS feed.
Stay updated of the latest findings using this RSS feed.
Stay updated of the latest findings using this RSS feed.
Stay updated of the latest findings using this RSS feed.
Stay updated of the latest findings using this RSS feed.
Stay updated of the latest findings using this RSS feed.
Stay updated of the latest findings using this RSS feed.
Stay updated of the latest findings using this RSS feed.
Comply or explain allows organizations to explain certain results on this website. In some edge cases, our finding may be technically correct but does not represent any danger. Below is a list of the latest explained issues. Organizations can explain issues using the 'explain' link per finding. You can download the entire dataset for further analysis in the datasets section.
{{ explain.explanation }}