Security Directory

L

Louisiana Department of Transportation and Development

511la.org

58

The website 511la.org is the official Louisiana Department of Transportation and Development's traveler information portal, providing real-time traffic and transit data, trip planning tools, and traffic alerts. It serves as a critical resource for commuters and travelers within Louisiana, offering comprehensive services such as traffic cameras, travel times, and advisories. The site integrates modern technologies including Google Maps API, Bootstrap, and various JavaScript libraries to deliver a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and domain registration protections in place, though improvements can be made by enabling DNSSEC and publishing explicit security policies. Privacy compliance is basic, lacking cookie consent mechanisms and detailed GDPR statements. Overall, the site is professional, trustworthy, and well-aligned with its government service mission.

T

The Agile Brand Guide

agilebrandguide.com

62

The Agile Brand Guide is a specialized content platform focused on marketing technology and customer experience, targeting CMOs, marketing leaders, and aspiring MarTech professionals. Founded in 2022, it offers a variety of resources including podcasts, books, articles, and events, positioning itself as a niche expert resource in the marketing technology landscape. The website is built on WordPress using the Genesis Block Theme and integrates multiple marketing and analytics tools such as Google Analytics, HubSpot, and Segment, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enabled and domain locking status, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is basic with a cookie consent mechanism present but no explicit privacy or terms of service pages detected. Overall, the site is professional, well-branded, and trustworthy, with room for improvement in privacy transparency and DNS security.

S

Sinclair Pharma

sinclair-college.com

68

Sinclair College is a specialized online educational platform focused on aesthetic medicine, targeting healthcare practitioners seeking comprehensive training and professional development. The platform offers a variety of learning resources including treatment videos, webinars, interactive case studies, and a supplementary mobile app to enhance accessibility and learning convenience. The business operates under Sinclair Pharma, with a domain registered since 2016, indicating a mature and established presence in its niche market. Technically, the website is built on the Totara LMS platform, leveraging Moodle core components, and integrates modern web technologies and third-party marketing tools such as Google Analytics, Facebook Pixel, and HubSpot. The site is mobile-optimized and presents a professional design with clear navigation, supporting a positive user experience. Security-wise, the website enforces HTTPS and domain registration protections but lacks DNSSEC and advanced security headers. Privacy compliance is basic, with privacy and cookie policies present but no explicit consent mechanisms. Contact information is limited on the public site, and no incident response or security policies are disclosed. Overall, Sinclair College demonstrates a solid business and technical foundation with room for improvement in security and privacy transparency.

A

Association Valaisanne des Musées

musees-vs.ch

48

The Association Valaisanne des Musées (AVM) is a Swiss non-profit organization established in 1981, serving as the umbrella organization for museums in the Valais region. The website provides comprehensive information about the association's activities, events, and coordination efforts for the local museum network. The site targets cultural institutions and the general public interested in museum-related content in Valais. Technically, the website is built on WordPress using the Divi theme, enhanced with modern plugins for SEO, caching, and cookie compliance, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced, security headers present, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a clear cookie consent mechanism and a comprehensive privacy policy. However, the site lacks explicit security policies and incident response information, which could be improved to enhance trust and preparedness. Overall, the website is professional, trustworthy, and well-aligned with the organization's mission and audience.

S

Stadt Freiburg im Breisgau

freiburg.de

46

Stadt Freiburg im Breisgau operates an official municipal website serving as the primary digital portal for citizens, businesses, and visitors. The site provides comprehensive information on local government, politics, culture, environment, tourism, and public services. It holds a strong market position as the authoritative source for Freiburg city-related information and services. The business model is public sector focused, delivering transparent and accessible municipal content without commercial intent. Technically, the website employs a modern technology stack including jQuery, Bootstrap grid, FontAwesome, and specialized menu libraries, built on the dvv-Mastertemplates CMS platform. The site is mobile-optimized with good navigation clarity and SEO practices, although accessibility features could be enhanced. Performance is moderate, with deferred script loading and structured data for improved search engine understanding. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security headers and incident response information suggests room for improvement. Privacy compliance is limited due to missing privacy and cookie policies and lack of consent mechanisms, which is a notable gap given GDPR requirements. Overall, the website is trustworthy and professional, reflecting its official government status. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent management, enhancing security headers, and publishing vulnerability disclosure and incident response details to strengthen user trust and compliance.

W

Wicked6 2026 | Global Women's Cyber League | March 27-29, 2026

wicked6.com

67

Wicked6 is a website dedicated to organizing and promoting a global women's cybersecurity league event scheduled for March 27-29, 2026. The platform focuses on virtual cyber games, Capture The Flag (CTF) competitions, presentations, and an all-women's tournament, aiming to bring together the global women's cybersecurity community. The website is built on the HubSpot CMS platform and integrates modern marketing and analytics tools such as Google Analytics 4, Google Tag Manager, Facebook Pixel, and ShareThis for social sharing. The technical infrastructure reflects a moderate level of digital maturity with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and privacy consent mechanisms partially implemented via Google Consent Mode, but lacks explicit security headers and published privacy or cookie policies. The absence of WHOIS data raises concerns about domain registration legitimacy, impacting overall trust. No critical vulnerabilities or adult content were detected, and the site appears safe for general audiences.

L

Louisiana State Government

louisiana.gov

67

Louisiana.gov is the official state government website providing a comprehensive digital gateway to services and information from Louisiana's executive, legislative, and judicial branches. It serves residents, businesses, visitors, and state employees by offering access to drivers licenses, hunting and fishing permits, unclaimed property searches, tax refunds, and a detailed agency directory. The site is well-positioned as the authoritative source for state government information and services, reflecting a large government entity with consistent branding and professional content. Technically, the website employs a modern technology stack including Bootstrap, jQuery, Google Analytics, Google Tag Manager, and various UI libraries such as DataTables and Slick Slider. The site is mobile-optimized and accessible, with good SEO practices and responsive design. However, some improvements could be made in security headers and cookie consent mechanisms to enhance compliance and security posture. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. The absence of explicit security headers and incident response contacts are areas for improvement. The WHOIS data is incomplete, lacking registrar and registrant details, but the domain's .gov TLD and official content strongly indicate legitimacy. No adult or malicious content is present, and the site maintains a high trustworthiness rating. Overall, Louisiana.gov is a well-maintained government portal with solid technical infrastructure and good content quality. Strategic enhancements in security policies, privacy compliance, and WHOIS transparency would further strengthen its security posture and user trust.

I

IsItWP - Free WordPress Theme Detector

isitwp.com

63

IsItWP is a specialized online platform providing free WordPress-related tools, tutorials, and product reviews aimed at WordPress users, bloggers, and developers. It holds a strong market position as a trusted resource in the WordPress ecosystem, supported by its parent company Awesome Motive Inc and its subsidiaries. The website offers a variety of services including WordPress theme and plugin detection, hosting reviews, coupons, and multiple WordPress utility tools. Technically, the site is built on WordPress with modern technologies such as jQuery, Google Analytics via MonsterInsights, and security plugins. It demonstrates excellent design quality, mobile optimization, and SEO practices. Security posture is good with HTTPS enforced and use of reCAPTCHA, though it lacks some advanced security headers and explicit security policies. Privacy compliance is basic with a comprehensive privacy policy but no cookie consent mechanism. The absence of WHOIS data for the domain is a notable anomaly, reducing trust slightly, but the overall professionalism and transparency of the site mitigate this concern. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and implementing cookie consent to improve privacy compliance.

V

Verein Jobdach

jobdach.ch

50

Verein Jobdach is a Swiss non-profit organization established in 1996, providing survival aid and harm reduction services in the canton of Luzern. Their key offerings include emergency shelter (Notschlafstelle), long-term housing for individuals with addiction and mental health challenges (Obdach), and day structure programs (Wärchstatt). The website is built on Joomla CMS and incorporates modern web technologies such as Bootstrap and jQuery, with Google Analytics for visitor tracking. The site is well-structured, mobile-optimized, and presents a professional image consistent with its social mission. However, it lacks visible contact information on the homepage and does not implement cookie consent mechanisms, which may affect privacy compliance.

S

Sugar Calendar

sugarcalendar.com

58

Sugar Calendar is a specialized WordPress plugin provider focusing on delivering a simple, lightweight event calendar solution. The website positions itself clearly within the WordPress ecosystem, targeting users who require straightforward event management without the complexity or bloat of other plugins. The business appears to be small-sized, founded in 2016, and maintains a consistent brand presence with professional design and structured data for SEO. Technically, the site is built on WordPress with common technologies such as PHP, JavaScript, Bootstrap, and uses Cloudflare for DNS. Google Analytics and affiliate tracking are implemented for marketing and user insights. Security posture is adequate with HTTPS enabled and domain management protections in place, but lacks advanced DNS security like DNSSEC and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies and consent mechanisms. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

L

Louisiana State Government

la.gov

67

Louisiana.gov serves as the official digital gateway for the Louisiana state government, providing residents and visitors with access to a wide range of government services, information, and resources. The website consolidates services from executive, legislative, and judicial branches, offering key functionalities such as driver's license services, hunting and fishing permits, unclaimed property searches, tax refunds, and a comprehensive agency directory. It targets a broad audience including citizens, businesses, and government employees, positioning itself as a trusted and authoritative source for state-related information. Technically, the website employs a modern frontend stack including Bootstrap 4.3.1, jQuery, Google Analytics, Google Tag Manager, and various UI libraries such as Slick Carousel and DataTables. The site is mobile responsive and incorporates accessibility features, ensuring usability across devices and for users with disabilities. While HTTPS is enforced, the site lacks some recommended security headers and a cookie consent mechanism, which are areas for improvement. From a security perspective, the site demonstrates good practices with HTTPS and no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and a vulnerability disclosure policy indicates room for enhancement in security posture and transparency. The WHOIS data is incomplete, lacking registrar and creation date information, but the domain expiry date and content strongly support the legitimacy of the site as an official government portal. Overall, Louisiana.gov is a well-structured, content-rich government website with strong business credibility and good technical implementation. Strategic improvements in security headers, privacy compliance mechanisms, and WHOIS transparency would further strengthen its trustworthiness and security stance.

E

e-Durable SA

e-durable.ch

54

e-Durable SA is a Swiss-based IT service provider specializing in sustainable and responsible IT solutions since 2015. Their offerings include strategic consulting, ICT support, advanced technical expertise, green hosting, and greener hardware, targeting businesses in Suisse Romande. The company positions itself as a niche leader in green IT services with a strong ethical and ecological focus. Technically, the website is built on the Odoo CMS platform, hosted on the eco-friendly Recycled Cloud, and employs modern web technologies including Bootstrap and FontAwesome. Analytics are implemented via Google Tag Manager and Plausible Analytics, though privacy compliance could be improved with cookie consent mechanisms. Security posture is good with HTTPS and CSRF protections but lacks explicit security policies and headers. Overall, the website is professional, trustworthy, and well-structured, reflecting a credible business with a clear sustainability mission.

C

Caymland Technologies AG

caymland.app

61

Caymland Technologies AG operates a technology platform focused on digital marketing and communication solutions, including email marketing, SMS, and Viber messaging, as well as content management and user segmentation. The website analyzed is a login page for this platform, indicating a SaaS business model targeting marketing professionals and businesses. The platform integrates modern JavaScript libraries and editors to facilitate content creation and management. Technically, the website employs a modern tech stack with libraries such as Froala Editor, CKEditor, and Ace Editor, and appears to be built on the Symfony framework. Hosting is supported by Cloudflare, ensuring good SSL configuration and basic performance. However, SEO and accessibility features are minimal, and mobile optimization is basic. The site uses HTTPS and includes CSRF tokens for form security, reflecting a moderate security posture. Security-wise, while HTTPS and CSRF protections are in place, the site lacks explicit security headers and publicly available security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy and cookie policies are absent, indicating compliance gaps with GDPR and related regulations. The domain registration is privacy protected, which is common for tech companies but reduces transparency. Overall, the website is functional and moderately secure but lacks comprehensive privacy and security disclosures. Strategic improvements in privacy compliance, security headers, SEO, and accessibility would enhance trust and regulatory adherence.

Fonds du sport is a Geneva-based non-profit organization dedicated to supporting local sports clubs and athletes by providing news, event information, and resources. The website serves as a regional hub for sports-related activities and community engagement, targeting sports enthusiasts and organizations within the canton. Technically, the site is built on WordPress using the Avada theme, incorporating common web technologies such as jQuery and Google Tag Manager for analytics. The site demonstrates moderate performance and good mobile optimization, with a professional design and clear navigation. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies, which should be addressed to meet GDPR standards. Overall, the website is trustworthy and professionally maintained, but could improve in privacy and security transparency.

S

Software Guru

devday4w.com

53

Dev Day 4 Women is a well-established event organized by Software Guru, focused on empowering women in the software development and STEM fields. The event has a strong community presence in Mexico, celebrating a decade of activities with a mix of virtual and in-person engagements. The website effectively communicates the event's purpose, schedule, and sponsorships, targeting women professionals and students in technology. Technically, the site uses modern front-end frameworks and is hosted on Netlify, ensuring good performance and mobile responsiveness. However, it lacks formal privacy and cookie policies, which are critical for compliance and user trust. Security-wise, the site uses HTTPS and standard tracking tools but misses advanced security headers and incident response disclosures. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security transparency.

C

CartoJuraLéman

cjl.ch

51

CartoJuraLéman is a non-profit regional geoportal managed by the ARCAM association for the district of Morges in Switzerland. Founded in 2016, it provides cartographic data representation and integration services to 46 partners including 37 municipalities and 9 associations. The website serves as an information and access point for regional geographic data, targeting government entities and local associations. Technically, the site is built on WordPress using popular plugins such as Yoast SEO and Elementor, with Google Analytics integrated for traffic monitoring. The site is well designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS with a good SSL configuration but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is legitimate and trustworthy, with room for improvement in privacy and security documentation.

R

R Street Institute

rstreet.org

72

The R Street Institute is a well-established non-profit think tank founded in 2012, focused on classical liberalism and pragmatic policy solutions across sectors such as energy, government affairs, criminal justice, and technology. The organization operates nationally with multiple offices and a distributed staff. The website reflects a mature digital presence with comprehensive research, commentary, outreach, and event content targeting policymakers, academics, and the informed public. Technically, the site is built on WordPress with modern analytics and marketing integrations, including Google Analytics, HubSpot, and social media embeds. Security posture is good with HTTPS and reCAPTCHA protections, though explicit security headers could be improved. Privacy compliance is evident with privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness, with no signs of malicious activity or content safety concerns.

N

NPower

npower.org

63

NPower is a non-profit organization dedicated to creating pathways to economic prosperity by launching digital careers for military veterans and young adults from underserved communities. The website presents a professional and well-structured digital presence, leveraging WordPress with Elementor and JupiterX theme, and integrates multiple marketing and analytics tools such as Google Tag Manager, TikTok Pixel, Facebook Pixel, and Hotjar. The organization appears to have a strong market position in the non-profit sector focused on workforce development and digital skills training. Security posture is generally good with HTTPS enabled and secure external link handling, but lacks some security headers and publicly available security policies. Privacy compliance is limited due to absence of explicit privacy and cookie policies in the provided content. Overall, the website is trustworthy and professionally maintained, though improvements in transparency and security documentation are recommended.

N

National Governors Association

nga.org

70

The National Governors Association (NGA) is a well-established, bipartisan non-profit organization representing the governors of the 55 U.S. states, territories, and commonwealths. Founded in 1908, NGA serves as a leading forum for policy innovation, advocacy, and best practices sharing among state leaders. The website reflects a mature digital presence with comprehensive content, professional design, and clear navigation aimed at government officials and policy stakeholders. Technically, the site is built on WordPress with modern tools such as Google Tag Manager, Google Analytics, and Smart Slider 3, ensuring a responsive and accessible user experience. SEO and privacy compliance are well addressed, including a detailed privacy policy and cookie consent mechanisms. Security posture is strong with HTTPS enforced, though additional security headers and explicit vulnerability disclosure policies could enhance trust. Overall, the NGA website demonstrates high legitimacy and professionalism, with no signs of malicious activity or content safety concerns. The absence of WHOIS data limits domain registration insights, but the organization's long-standing reputation and consistent branding support its credibility. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure information, and maintaining regular audits of third-party scripts.

G

Gate 15

gate15.global

63

Gate 15 is a specialized service provider offering a threat-informed, risk-based approach to analysis, resilience, and operations. The company targets organizations seeking to enhance their security posture and operational resilience through expert analysis and consulting services. The website is built on WordPress using the Divi theme, indicating a standard CMS infrastructure with moderate digital maturity. The technical setup includes common libraries such as jQuery and FontAwesome, but lacks advanced security headers and comprehensive privacy policies. Security posture is basic with room for improvement in SSL configuration and security best practices. Overall, the site is accessible and professional but lacks depth in compliance and contact transparency, which impacts trust and credibility scores.

C

CyberPeace Institute

cyberpeaceinstitute.org

72

CyberPeace Institute is a specialized non-profit organization dedicated to protecting vulnerable entities in cyberspace by providing cybersecurity assistance, tracing cyberattacks and disinformation, and advocating for accountability and cyberpeace. The organization operates multiple projects and initiatives aimed at underserved organizations, humanitarian actors, and policymakers. Their market position is that of a trusted advocate and service provider in the cybersecurity non-profit sector. Technically, the website is built on a modern WordPress platform with popular plugins and frameworks, hosted behind Cloudflare for DNS and CDN services, and incorporates GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enabled and domain transfer protections, though improvements such as DNSSEC and security headers are recommended. The site lacks explicit privacy policy and terms of service pages, as well as direct contact information for security incidents, which are areas for enhancement. Overall, the website is professional, trustworthy, and well-branded, serving a general audience interested in cybersecurity and cyberpeace advocacy.

U

University of California, Berkeley

berkeley.edu

59

The University of California, Berkeley website serves as the official digital presence of a leading public research university in the United States. It provides comprehensive information about academic programs, research initiatives, campus life, admissions, and financial aid. The site targets prospective and current students, faculty, staff, alumni, and the general public interested in the university's offerings and achievements. UC Berkeley holds a top market position as the #1 public research university in the U.S., supported by numerous accolades and Nobel laureates on faculty. Technically, the website is built on a modern WordPress CMS platform with a robust tech stack including Yoast SEO, Google Tag Manager, and FontAwesome. The site demonstrates good performance, excellent mobile optimization, and strong SEO practices. Accessibility features are well implemented, enhancing usability for diverse users. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, explicit security headers are not visibly configured, and there is no public incident response or vulnerability disclosure information. Privacy compliance is partially addressed with a comprehensive privacy policy, but lacks a visible cookie consent mechanism. No WHOIS data was retrievable, which is typical for .edu domains but limits domain registration transparency. Overall, the website is professional, trustworthy, and content-rich, reflecting the institution's prestige. Strategic improvements in security headers, privacy mechanisms, and transparency around incident response would further enhance the site's security posture and compliance.

Z

Zerto

zerto.com

78

Zerto is an enterprise-level technology company specializing in ransomware resilience, disaster recovery, and data mobility solutions for on-premises and cloud environments. The company positions itself as a provider of continuous data protection with scalable solutions targeting IT professionals and enterprises. The website reflects a mature digital presence with professional branding, structured data, and integration of modern web technologies such as WordPress, Bootstrap, and various analytics and marketing tools. Security posture is generally good with HTTPS enabled and cookie consent implemented; however, explicit security headers and detailed security policies are not evident. The absence of WHOIS data reduces domain trust slightly but does not detract significantly from the professional appearance and content quality of the site. Overall, the website is well-designed, user-friendly, and targeted at a professional audience in the technology sector.

A

Association des Anciens Elèves de l'Institut Florimont

floanciens.ch

47

The website represents the Association des Anciens Elèves de l'Institut Florimont, a non-profit alumni association established in 1920, serving former students and professors of Institut Florimont in Switzerland. It provides community engagement through events, information sharing, and membership services. The site is built on Drupal 8 and integrates Google Tag Manager for analytics. The design is professional, mobile-optimized, and accessible, with clear navigation and relevant content for its target audience. Security posture is moderate with HTTPS enabled and secure login forms, but lacks advanced security headers and published security policies. Privacy compliance is limited due to absence of privacy and cookie policies. Overall, the site is trustworthy and well-positioned within its niche but could improve in security and privacy transparency.

R

REPUBLIC Marketing & Media Solutions

republic.de

59

REPUBLIC Marketing & Media Solutions is a German media marketing company specializing in content solutions, print and digital media advertising, and thematic marketing environments. The company represents major German newspapers and magazines such as Süddeutsche Zeitung and Frankfurter Allgemeine Zeitung, targeting advertisers and marketers seeking quality media placements. The website is built on TYPO3 CMS with modern frontend technologies, providing a professional and mobile-optimized user experience. Privacy compliance is strong with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Security posture is good with HTTPS and form protections, though some security headers and policies could be improved. Overall, the website is trustworthy and well-positioned in the German media marketing sector.

M

Meteor

insonorizzanti.it

63

Meteor is an established Italian company specializing in manufacturing and distributing acoustic insulation and sound absorption materials. Founded in 1988 and operating under the parent company VISA SpA, Meteor serves multiple sectors including industrial, nautical, public, and residential markets. The website presents a professional image with clear business information, product offerings, and sector-specific solutions. The technical infrastructure is based on Drupal 7 with common web libraries and frameworks, providing a functional and mobile-responsive experience. Security posture is adequate with HTTPS and DNSSEC enabled, though some modern security headers and updated libraries could improve resilience. Privacy compliance is well addressed with clear cookie and privacy policies including consent mechanisms. Overall, the website is trustworthy and suitable for its target audience.

V

Visa S.p.A. s.u.

nettuno-irrigazione.com

68

Nettuno Irrigazione, a division of Visa S.p.A. s.u., is a well-established Italian manufacturer specializing in irrigation motor pumps, hose reel irrigators, and water transfer pumps for agricultural, dewatering, and mining sectors. With over 40 years of experience, the company offers customizable, high-performance solutions emphasizing energy efficiency and reliability. The website reflects a mature digital presence with multilingual support and clear business communication. Technically, the site is built on Drupal 10, integrates Google Analytics and reCAPTCHA for security and tracking, and provides a user-friendly experience with good mobile optimization. Security posture is solid with HTTPS and consent mechanisms, though improvements like DNSSEC and enhanced security headers are recommended. Overall, Nettuno presents a credible and professional business front with transparent contact channels and compliance with privacy regulations.

Châteaux Rhénans is a European co-financed cultural and tourism project focused on promoting and preserving the heritage of medieval castles in the Upper Rhine region spanning France, Germany, and Switzerland. The project is supported by the Collectivité européenne d’Alsace and funded through the Interreg Rhin Supérieur program, highlighting its strong regional government backing. The website serves as an information hub for tourists, researchers, and cultural enthusiasts, offering details on castles, legends, events, and research activities. Technically, the site is built on modern frameworks including Alpine.js and Umbraco CMS, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks some advanced security headers and explicit incident response information. Overall, the site is professional, trustworthy, and compliant with GDPR, making it a reliable resource for its audience.

H

Hotel Calamus

hotel-calamus.de

57

Hotel Calamus is a 4-star superior hotel located in Kehl, Germany, offering a comprehensive range of hospitality services including accommodation, wellness, sauna, culinary experiences, and event hosting. The hotel targets families, business travelers, and tourists seeking comfort and wellness amenities. The website is professionally designed with multilingual support and detailed service offerings, reflecting a mature digital presence. Technically, the site uses modern JavaScript libraries, a specialized CMS (Condeon), and integrates Google Analytics with user consent mechanisms, indicating a good level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers and explicit security policies could be improved. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact and business information, supporting a positive user experience and business credibility.

O

Online | Offline

onlineoffline.org

56

Online | Offline is a niche informational platform focused on social activism and civic engagement experiments, primarily targeting Latin American audiences and social change actors. The website shares case studies, experiment replications, and inspirational content to support community organizing and social awareness. The platform operates on WordPress CMS with a custom theme and uses common web technologies such as jQuery and Modernizr. Hosting details are not explicit, but DNS is managed via Cloudflare and the domain is registered with GoDaddy since 2016, indicating a stable presence. From a security perspective, the site uses HTTPS with a valid SSL certificate, but lacks advanced security headers and DNSSEC, which could be improved. No privacy or cookie policies are present, indicating limited compliance with GDPR or similar regulations. Contact information is minimal, limited to an email address and social media links, with no phone or physical address provided. No vulnerability disclosure or incident response information is available. Overall, the website is accessible, safe, and professionally presented with good content relevance and user experience. However, it lacks formal privacy and security policies, which reduces its compliance posture. The site does not use analytics or advertising technologies, minimizing user tracking. The domain registration is consistent with the website's history and content, supporting legitimacy. Strategic recommendations include implementing privacy and cookie policies, adding security headers, enabling DNSSEC, and publishing a security.txt file to improve transparency and security posture.

C

Cadwork Australasia Pty Ltd

cadwork.com.au

60

Cadwork Australasia Pty Ltd operates a professional website offering CAD/CAM software solutions tailored for the timber construction industry. The company targets wood construction professionals and businesses, providing software modules, education, and support services. The website is well-structured, bilingual (English and French), and presents clear contact information for its North American and Australasian offices. The business appears to be a small-sized technology company focused on a niche market segment with a consistent brand presence. Technically, the website employs modern frontend technologies such as Alpine.js and FontAwesome, hosted on Amazon AWS infrastructure. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. No CMS or analytics tools were detected in the provided content, indicating a possibly custom or lightweight implementation. From a security perspective, the site uses HTTPS and shows no signs of exposed sensitive data or vulnerable libraries. However, it lacks DNSSEC, security headers, and a cookie consent mechanism, which are recommended for enhanced security and privacy compliance. No explicit security policies or incident response contacts are published, which could be improved to strengthen trust and compliance. Overall, the website is professional, trustworthy, and safe for general audiences. The domain registration details align well with the business claims, supporting legitimacy. Strategic improvements in security headers, privacy compliance, and incident response transparency would further enhance the site's security posture and user trust.

C

Cadwork Informatique Inc.

cadwork.ca

63

Cadwork Informatique Inc. is a specialized software company providing CAD/CAM solutions tailored for the timber construction industry. Established in 2003, the company operates primarily in North America and Australasia, offering software modules, education, and support services to wood construction professionals. Their market position is that of a niche provider with a focused product offering and a professional digital presence. The website reflects a well-structured and modern design, supporting multiple languages and providing clear navigation to key business areas. Technically, the site uses modern front-end technologies such as Alpine.js and FontAwesome, hosted on AWS infrastructure, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website and domain data indicate a legitimate and professional business with room for improvement in security and privacy transparency.

The Engine Room is a non-profit organization dedicated to supporting civil society in leveraging technology and data strategically, effectively, and responsibly. Their market position is that of an established entity providing consulting, research, and support services focused on social justice and digital resilience. The website reflects a medium-sized organization with a clear mission and active engagement through reports, events, and a resource library. Technically, the website is built on WordPress with modern frameworks such as Bootstrap 5 and uses popular libraries like jQuery and FontAwesome. SEO is well implemented with Yoast SEO plugin, and the site is mobile optimized with good performance. Analytics are conducted via Piwik (Matomo), indicating a moderate level of user tracking balanced with privacy considerations. From a security perspective, the site enforces HTTPS and shows no signs of exposed sensitive data or vulnerabilities. However, security headers are not explicitly detected, and there is no visible dedicated security policy or incident response contact, which could be improved. Privacy and cookie policies are present and include consent mechanisms, supporting GDPR compliance. Overall, the website is professional, trustworthy, and safe for general audiences. The lack of WHOIS data is likely due to privacy protection, which is reasonable for this type of organization. Strategic recommendations include enhancing security headers, publishing a formal security policy, and establishing clear incident response contacts to further strengthen trust and compliance.

T

The Citizen Lab

citizenlab.ca

66

The Citizen Lab is a well-established interdisciplinary research laboratory affiliated with the Munk School of Global Affairs & Public Policy at the University of Toronto. It specializes in research at the intersection of information and communication technologies, human rights, and global security. The lab produces influential research publications, engages in public policy advocacy, and offers educational programs targeting academics, policymakers, and human rights advocates globally. The website reflects a strong academic and professional presence with consistent branding and high-quality content. Technically, the website is built on WordPress with a modern tech stack including jQuery, FontAwesome, and plugins for YouTube embedding and Mailchimp integration. It is hosted behind Cloudflare DNS and CDN services, ensuring good performance and availability. The site is mobile-optimized, accessible, and SEO-friendly, with proper meta tags and structured data enhancing search engine visibility. From a security perspective, the site enforces HTTPS and uses domain status locks to prevent unauthorized transfers or updates. However, DNSSEC is not enabled, and security headers are not detected, representing areas for improvement. The site does not expose sensitive data and uses anti-spam measures on forms. Privacy compliance is good with a comprehensive privacy policy, but lacks a cookie consent mechanism. No formal security policy or incident response contacts are published. Overall, the website demonstrates a high level of professionalism, trustworthiness, and digital maturity. It serves its academic and advocacy mission effectively while maintaining a solid security posture. Strategic recommendations include enabling DNSSEC, adding security headers, implementing cookie consent, and publishing security policies to further enhance trust and compliance.

R

ReadMe

readme.io

62

ReadMe is a technology company specializing in API documentation and developer experience tools. Their platform enables teams to create, manage, and publish interactive API documentation with features such as Git-style workflows, branching, versioning, and integrated AI assistance. The company targets developers, technical writers, and engineering teams, positioning itself as a mature and established player in the API documentation market. The website reflects a high level of digital maturity, leveraging modern web technologies including React and Next.js, and integrates multiple marketing and analytics tools to optimize user engagement and business insights. Security posture is solid with HTTPS enforced and reputable DNS hosting via Cloudflare, though there is room for improvement in publishing explicit security policies and enabling DNSSEC. Overall, the site is professional, well-designed, and trustworthy, but lacks visible privacy and cookie policies which may impact compliance. Strategic recommendations include enhancing privacy compliance, publishing security and incident response policies, and enabling DNSSEC to strengthen DNS security.

B

Breitbandinitiative Landkreis Tuttlingen (BIT)

breitband-tuttlingen.de

43

The Breitbandinitiative Landkreis Tuttlingen (BIT) is a regional public initiative focused on expanding and improving fiber optic broadband infrastructure within the Landkreis Tuttlingen region in Germany. The initiative supports municipalities in planning, tendering, and constructing a county-wide fiber backbone network, targeting businesses, schools, administration, and underserved areas. The website reflects a professional and consistent presentation of this mission, with clear contact information and regularly updated news about project milestones and funding. Technically, the site uses a custom PHP-based CMS with standard web technologies and is mobile-optimized, though some modern security headers and cookie consent mechanisms are missing. Security posture is moderate with HTTPS implied but lacking explicit security policies or incident response information. Overall, the domain and website appear legitimate and trustworthy for a public sector broadband initiative, with no signs of malicious or adult content.

R

Research Organization Registry (ROR)

ror.org

57

The Research Organization Registry (ROR) operates as a global, community-led open registry providing persistent identifiers and metadata for research organizations. It is positioned uniquely in the scholarly infrastructure ecosystem, supported by key organizations such as California Digital Library, Crossref, and DataCite. The website offers comprehensive services including a searchable registry, REST API, and data dumps under a CC0 license, targeting research institutions and data managers worldwide. The business model emphasizes open infrastructure and community governance, fostering transparency and collaboration. Technically, the website is built using the Hugo static site generator and leverages modern web technologies such as jQuery, Plyr.js, FontAwesome, and Matomo analytics. Hosting and DNS are managed via AWS infrastructure, ensuring reliable performance and scalability. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, contributing to a fast and user-friendly experience. From a security perspective, the site enforces HTTPS and employs domain status protections to prevent unauthorized changes. However, it lacks DNSSEC and explicit security headers, and does not provide published security or incident response policies. Tracking is minimal and conducted via Matomo, but no cookie consent mechanism is present, which could be improved for GDPR compliance. Overall, the security posture is solid but could benefit from enhanced transparency and technical controls. The overall risk assessment is low, with no indications of malicious activity or content safety concerns. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing security policies, and adding cookie consent mechanisms to strengthen compliance and trust. The website is professional, trustworthy, and well-aligned with its mission to support open research infrastructure.

L

Linköpings universitet

liu.se

71

Linköpings universitet (LiU) is a well-established Swedish public university known for its innovative education programs, interdisciplinary research, and close collaboration with industry and society. The website reflects a strong institutional presence with comprehensive information targeting prospective students, researchers, and partners. The content is professionally curated, with clear navigation and multilingual support (Swedish and English). The university emphasizes societal impact and innovation, showcasing events, news, and alumni stories. Technically, the site uses modern web technologies including asynchronous JavaScript, CSS optimizations, and plausible analytics for privacy-conscious user tracking. The site is mobile-optimized and accessible, with SEO best practices evident in metadata and structured data.

H

Hunch Manifest Inc

schemaapp.com

72

Schema App, operated by Hunch Manifest Inc, is a specialized technology company providing an end-to-end Schema Markup and content knowledge graph solution aimed at enterprise SEO teams. The company positions itself as a leader in semantic SEO technology, offering a suite of tools including Schema App Highlighter, Editor, and Analytics, alongside consulting and integration services. Their platform enables enterprises to optimize their websites for AI and search engines by leveraging structured data and semantic technologies. The website demonstrates strong branding, professional design, and clear messaging targeted at enterprise clients and digital marketing professionals. Technically, the website is built on WordPress with modern SEO and analytics tools integrated, including Google Tag Manager, Facebook Pixel, HubSpot, and LinkedIn Insight Tag. The site uses structured data extensively, including JSON-LD, to enhance search visibility and knowledge graph development. Performance and mobile optimization are good, though some accessibility features could be improved. Security posture is solid with HTTPS enforced, but lacks visible security headers and explicit security policies. From a security and compliance perspective, the site includes a comprehensive privacy policy and cookie consent mechanism compliant with GDPR. However, no terms of service, security policy, or vulnerability disclosure pages were found. The WHOIS data for the domain is missing or unavailable, which slightly reduces trustworthiness but the professional presentation and client endorsements mitigate concerns. No adult or questionable content is present, making the site safe for general audiences. Overall, Schema App presents as a credible, professional enterprise SaaS provider with a mature digital presence. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and resolving WHOIS data visibility to improve trust and compliance posture.

O

Open Source Matters, Inc.

joomla.org

72

Joomla.org represents the official website for Joomla!, a widely recognized open source content management system (CMS) established in 2005 and maintained by Open Source Matters, Inc. The platform empowers website creators with a flexible, mobile-friendly, and extensible CMS solution supported by a large global community. Joomla offers downloads, free hosted sites, training, certification, and a rich ecosystem of extensions and templates. The website reflects a mature and professional presence with consistent branding and comprehensive content aimed at developers, site administrators, and community members. Technically, the site leverages modern web technologies including Joomla CMS, Bootstrap 5, FontAwesome, Google Fonts, and various JavaScript libraries. It is hosted by Rochen and integrates analytics tools such as Google Analytics and Pingdom RUM for performance monitoring. The site is mobile-optimized, accessible, and SEO-friendly, providing a fast and user-friendly experience. From a security perspective, Joomla.org enforces HTTPS and employs CSRF tokens in forms, with regular security announcements published. However, explicit HTTP security headers and a dedicated security policy or incident response contact are not evident, representing areas for improvement. The WHOIS data is unavailable or malformed, limiting domain registration trust verification, but the website's content and ecosystem strongly support its legitimacy. Overall, Joomla.org demonstrates a strong digital maturity and business credibility with minor gaps in security transparency and WHOIS data availability. Strategic enhancements in security policy publication and domain registration transparency would further strengthen trust and compliance.

A

Andreas Baur

andbaur.net

61

The website andbaur.net represents the personal academic site of researcher Andreas Baur, focusing on the intersection of IT infrastructures and politics with an emphasis on power, privacy, and technology ethics. The site serves primarily as a professional and academic portfolio, linking to university affiliations and scholarly profiles. The target audience is academic peers, students, and researchers interested in these topics. The business model is non-commercial, centered on research dissemination and academic networking. Technically, the site is built using the Hugo static site generator, ensuring a lightweight and performant infrastructure. The site is mobile-optimized and uses modern web fonts and icons (FontAwesome). Hosting details are limited but the domain is registered with a reputable registrar, INWX GmbH. SEO and accessibility are basic but adequate for the site's purpose. From a security perspective, the site uses HTTPS and has domain transfer protections enabled. However, DNSSEC is not enabled, and no advanced security headers are detected. There is no cookie consent mechanism or explicit privacy compliance statements, which could be improved to align with GDPR best practices. No forms collecting sensitive data are present except a contact page link, reducing risk exposure. Overall, the site is low risk, professionally presented, and trustworthy as an academic personal website. Strategic improvements in security headers, privacy compliance, and DNS security would enhance its posture and user trust.

Corinne Cath-Speth is an Oxford-trained cultural anthropologist specializing in research at the intersection of technology, policy, business, and human rights. The website serves as a professional platform showcasing academic publications, talks, and policy work primarily focused on AI, cloud computing, and Internet infrastructure. The target audience includes academics, policymakers, and technology researchers. The business model revolves around research dissemination, consultancy, and public engagement through talks and media. Technically, the website is built on WordPress with a modern stack including WooCommerce, LayerSlider, Slider Revolution, and WPBakery Page Builder. Hosting is provided by Greenhost, a reputable provider. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with no major technical issues detected. From a security perspective, HTTPS is properly implemented, but the site lacks DNSSEC and important security headers, which could be improved to enhance protection. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. Contact information is limited to email and social media, with no phone or physical address provided. No vulnerability disclosure or incident response policies are found. Overall, the website is professional and trustworthy with high business credibility but has room for improvement in privacy compliance and security hardening. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and establishing a vulnerability disclosure policy to strengthen security posture and regulatory compliance.

T

Transports de la région Morges Bière Cossonay SA

mbc.ch

53

Transports de la région Morges Bière Cossonay SA operates as a regional public transportation provider in Switzerland, serving the Morges, Bière, and Cossonay areas. The company offers train and bus services, ticketing options including online and SMS purchases, group and school transport, and tourism-related transport services. Their market position is that of a key regional transport operator with a focus on mobility and customer convenience. The website reflects a modern technical infrastructure built on React and Next.js frameworks, leveraging CDN hosting for performance and Bootstrap for responsive design. The site is well-structured, mobile-optimized, and provides clear navigation and relevant content for its audience. Security posture is strong with HTTPS enforcement and security headers, though some compliance aspects like cookie consent and incident response information are missing. Overall, the site is trustworthy and professional, with room for improvement in privacy compliance and direct contact information availability.

U

Uniphore

actioniq.com

68

Uniphore is an enterprise AI company that recently acquired ActionIQ to expand its AI-powered offerings, delivering the industry's first Zero Data AI Cloud. The company provides a comprehensive end-to-end Enterprise AI platform targeting large enterprises seeking to orchestrate AI-driven customer experiences. The website demonstrates strong market positioning with recognitions from IDC and Forrester, and offers a broad suite of AI products across customer service, marketing, sales, and people management. Technically, the site is built on WordPress with Elementor and integrates advanced marketing and analytics tools such as Marketo, Google Tag Manager, and Qualified. Security posture is good with HTTPS enforced and no exposed sensitive data, though explicit security headers could be improved. Privacy compliance is evident with clear privacy and cookie policies and consent mechanisms. WHOIS data is unavailable or privacy protected, which is unusual but the website content and branding strongly support legitimacy. Overall, the site is professional, well-structured, and trustworthy.

F

Federal Service Desk

fsd.gov

47

The Federal Service Desk website serves as an official support portal for federal government employees and contractors, providing assistance and knowledge base resources. It is built on the ServiceNow Service Portal platform, leveraging AngularJS and the U.S. Web Design System for a consistent and accessible user experience. The site demonstrates a good level of technical maturity with modern frameworks and responsive design, although some areas such as privacy and cookie policies are lacking. Security posture is moderate with HTTPS implied but no explicit security headers detected. The domain is a .gov TLD, indicating a high level of trust and legitimacy despite the absence of detailed WHOIS data. Overall, the site is professional, trustworthy, and safe for general audiences.

Medicaid.gov is the official U.S. government website dedicated to providing comprehensive information and resources about Medicaid and the Children's Health Insurance Program (CHIP). It serves a broad audience including U.S. residents seeking healthcare coverage information, state agencies, healthcare providers, and policymakers. The site is authoritative and well-positioned as the primary source for Medicaid and CHIP program details, federal policy guidance, and state resources. Technically, the website is built on Drupal 10, leveraging modern web technologies such as FontAwesome for icons and Tealium Tag Manager for analytics and tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to an excellent user experience. Security-wise, the site enforces HTTPS and uses official .gov branding, which are strong trust indicators. However, explicit security headers and privacy-related policies such as privacy and cookie policies with consent mechanisms are not evident in the provided content, representing areas for improvement. Overall, the domain appears legitimate and trustworthy, consistent with a U.S. government entity, despite limited WHOIS data availability. Strategic recommendations include enhancing security headers, publishing clear privacy and cookie policies, and providing vulnerability disclosure information to strengthen security posture and user trust.

N

National Institutes of Health (NIH)

recovercovid.org

66

The RECOVER COVID Initiative website is a professionally designed and maintained platform representing a major NIH research effort to understand and combat Long COVID. The site provides comprehensive information about the initiative's research components, news, and community engagement, targeting patients, clinicians, and researchers. Technically, the site uses Drupal 11 CMS, integrates modern tracking tools like Google Tag Manager and Crazy Egg, and follows good web development practices including mobile optimization and accessibility. Security posture is solid with HTTPS enabled and domain transfer protections, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy, authoritative, and safe for general audiences.

T

trbo GmbH

chatchamp.com

61

trbo GmbH operates a sophisticated B2B SaaS platform specializing in real-time website personalization and customer experience optimization. The company targets businesses seeking to enhance user engagement and conversion rates through AI-driven recommendations, dynamic segmentation, and personalized content delivery. Their market position is reinforced by a client base of over 300 companies worldwide, including notable brands, indicating strong industry trust and relevance. Technically, the website is built on WordPress with Elementor, leveraging modern web technologies and integrations such as Google Tag Manager and Usercentrics for privacy compliance. Security posture is robust with HTTPS enforcement, security headers, and CAPTCHA protections, although explicit security policies and incident response details are not publicly disclosed. The absence of WHOIS data introduces some uncertainty regarding domain legitimacy, but the professional presentation and consistent branding mitigate major concerns. Overall, the platform demonstrates a mature digital infrastructure with good privacy and security practices, suitable for its enterprise clientele.

T

trbo GmbH

trbo.com

59

trbo GmbH operates a sophisticated B2B SaaS platform specializing in real-time website personalization using AI and data-driven technologies. The company targets businesses seeking to enhance customer experience and conversion rates through personalized content and product recommendations. Their market position is supported by a suite of products including trbo Personalize, Advise, Chat, Bundle, and Search, catering to diverse industry needs. The website demonstrates a high level of digital maturity with modern technologies such as WordPress, Elementor, and integrated marketing and analytics tools. Security posture is strong with HTTPS, security headers, and reCAPTCHA, though explicit security policies and incident response contacts are absent. Overall, the site is professional, well-branded, and GDPR compliant, but the lack of WHOIS data introduces some uncertainty regarding domain legitimacy.

C

CleverReach

cleverreach.de

50

CleverReach is a German-based technology company specializing in email marketing software, offering an intuitive newsletter tool that is fully GDPR compliant. Their platform targets businesses and professionals seeking effective email marketing solutions, providing features such as drag-and-drop newsletter creation, automation, recipient management, and extensive integrations with e-commerce, CMS, and CRM systems. The company positions itself as a reliable and user-friendly provider with a strong emphasis on data protection and personal support. Technically, the website is built on WordPress with modern technologies including Google Tag Manager, Usercentrics for consent management, and FriendlyCaptcha for bot protection. The site is well-optimized for SEO, mobile-friendly, and demonstrates good performance and accessibility standards. Security-wise, HTTPS is enforced, and consent mechanisms are in place, though explicit security policies and incident response information are not publicly detailed. The absence of WHOIS data for the domain is a notable anomaly that slightly impacts trustworthiness from a domain registration perspective. Overall, CleverReach presents a professional and trustworthy digital presence with room for improvement in transparency around security policies and domain registration details.