Security Directory

G

GetExperience Inc.

getexperience.com

56

GetExperience Inc. operates a global online platform specializing in booking tours, attractions, and activities for travelers worldwide. Established in 2004, the company has positioned itself as a niche player in the hospitality sector, offering a wide range of experiences across multiple countries. The website is designed to facilitate easy search and booking of experiences, targeting tourists and travelers seeking curated activities. Technically, the site leverages modern JavaScript frameworks such as Quasar, utilizes Cloudflare for CDN and security, and integrates multiple analytics and marketing tools including Google Tag Manager and Yandex Metrika. The platform demonstrates good mobile optimization and SEO practices, contributing to a positive user experience. Security-wise, the site enforces HTTPS and uses Cloudflare services but lacks DNSSEC and some security headers, which are recommended for enhanced protection. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected, indicating room for improvement in GDPR adherence. Overall, the domain registration is consistent with the business claims, reflecting a mature and legitimate online presence.

G

GETBOAT GLOBAL INC.

getboat.com

57

GetBoat.com is a well-established online marketplace specializing in yacht charters, boat rentals, and sales worldwide. Founded in 2011, the company operates globally with a strong presence in Europe, the US, and the Caribbean. The platform offers a tender-based system to provide competitive offers to customers, targeting both consumers and boat owners. The website features a professional design, clear navigation, and comprehensive content including customer reviews and detailed boat listings. Technically, the site leverages modern technologies such as React and Ant Design, supported by Cloudflare DNS and CDN services, and integrates analytics and marketing tools like Google Analytics, Yandex Metrika, and Sales Ninja. Security posture is solid with HTTPS enforced and domain registration protections, though DNSSEC is not enabled and no explicit security policy or incident response information is published. Privacy compliance is good with visible cookie consent and a comprehensive privacy policy. Overall, the site is trustworthy, professional, and serves its market effectively.

GetRentacar operates an international car rental marketplace that enables travelers to rent vehicles from local car owners across 100 countries. The platform offers a user-friendly interface with multi-language support and a wide vehicle selection. Technically, the website employs modern web technologies, integrates popular analytics and error tracking tools, and is hosted with Cloudflare DNS services. Security posture is adequate with HTTPS enforced and error monitoring in place, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

E

Erfurt Tourismus & Marketing GmbH

erfurt-tourismus.de

45

Erfurt Tourismus & Marketing GmbH operates the official tourism website for the city of Erfurt, Germany, providing comprehensive information on city tours, accommodation, events, and cultural highlights. The website serves as a central hub for tourists and event planners, offering online booking capabilities and detailed guides. The company holds a strong market position as the official tourism promoter for the region, targeting a broad audience including families, groups, and individual travelers. Technically, the website is built on TYPO3 CMS with Bootstrap for responsive design, hosted on AWS infrastructure. It employs modern web technologies and privacy-conscious analytics tools such as Matomo alongside Google and Facebook tracking pixels. The site is well-optimized for SEO, mobile use, and accessibility, with clear navigation and multilingual support. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. However, explicit security headers are not visibly implemented, and no dedicated security or incident response policies are published. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but could be enhanced with additional headers and transparency. The website content is safe for general audiences, focusing on tourism and cultural promotion without any adult or questionable content. Contact information is comprehensive and clearly presented, supporting business credibility and trust. The domain registration and DNS setup are consistent with a legitimate public entity, reinforcing the site's authenticity. Strategic recommendations include implementing explicit security headers, publishing a security policy or incident response contact, and continuing to maintain GDPR compliance and transparency to enhance user trust and security maturity.

O

Outroll

outroll.com

66

Outroll is a software holding company, venture builder, and managed services provider that manages, builds, and acquires software companies. The company positions itself as a permanent home for software, targeting software businesses and investors. The website reflects a professional and modern digital presence with a focus on technology and software industry services. The domain is mature, created in 2009, supporting the company's established presence. Technically, the website uses modern frameworks such as Nuxt.js and Tailwind CSS, hosted via Cloudflare, and integrates Google Tag Manager for analytics. The site is mobile optimized and has good SEO and accessibility basics. Security posture is solid with HTTPS enforced and domain transfer protections, but lacks published security policies and incident response information. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanisms. Contact information is limited to a contact form with no direct emails or phone numbers. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

A

ACTIVE Network

activenetwork.com

71

ACTIVE Network operates as a provider of comprehensive race, activity, and event management software solutions targeting organizations such as parks and recreation departments, YMCAs, swim and endurance event organizers, camps, and class providers. The company positions itself as an established player in the SaaS event management market, offering integrated tools to streamline event operations. The website reflects a mature digital presence with professional branding and a focus on user engagement through multiple marketing and analytics integrations. Technically, the site leverages modern web technologies including Webflow CMS, Google Fonts, and advanced analytics platforms such as Visual Website Optimizer and Microsoft Clarity, indicating a commitment to performance and user experience. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and detailed privacy documentation are not evident in the provided data. The absence of WHOIS registration details raises concerns about domain transparency, though the website content and branding suggest legitimacy. Overall, the site is functional and professional but would benefit from enhanced compliance documentation and clearer contact information.

G

GreenBizTracker

greenbiztracker.org

59

GreenBizTracker is a specialized web-based platform designed to support Green Business certification programs by providing tools for environmental metrics tracking and reporting. The platform targets states and organizations running green business initiatives, helping businesses adopt sustainable practices and measure their environmental impact. The website presents a professional and consistent brand image with clear navigation and relevant content focused on sustainability and green business facilitation. Technically, the website is built using modern React technology and hosted on Netlify, leveraging Google Tag Manager and Google Analytics for user tracking and marketing insights. The site demonstrates good mobile optimization and moderate performance, though accessibility and SEO could be further improved. Security-wise, HTTPS is enforced, but the absence of security headers and visible privacy or cookie policies indicates room for enhancement in compliance and protection. The WHOIS data is incomplete, with no registrar or registrant information available, which reduces domain trustworthiness despite the professional appearance of the site. No blocking or WAF mechanisms were detected, allowing full content access. Overall, the site is safe, with no adult or questionable content, and serves a niche market in environmental sustainability tracking. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, improving accessibility and SEO, and enhancing transparency around domain registration to boost trust and compliance.

M

mdf commerce

mdfcommerce.com

52

mdf commerce is a North American SaaS provider specializing in ecommerce and eprocurement solutions that facilitate commercial transactions between buyers and sellers. The company offers platforms that enable businesses to generate billions in annual transactions, targeting organizations seeking efficient, transparent procurement methods. The website reflects a professional digital presence with clear branding and content tailored to business clients. Technically, the site is built on WordPress using the Divi theme and integrates common web technologies such as jQuery, Google Analytics, and multilingual support. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit security policies are absent. The lack of WHOIS data reduces domain trustworthiness, but the overall site quality and business information support legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms.

G

Granicus

openforms.com

73

Granicus is an established enterprise technology company specializing in digital government solutions, particularly focused on transforming paper-based processes into digital workflows and online services for local and regional governments. Their market position is strong, supported by a broad portfolio of government experience cloud products and trusted by over 170 government agencies worldwide. The website content is professional, well-structured, and targeted at public sector organizations, reflecting a mature business model centered on B2G SaaS offerings. Technically, the website is built on WordPress with modern integrations such as Google Tag Manager, New Relic monitoring, and Typekit fonts. Hosting is managed via AWS DNS infrastructure. The site demonstrates good SEO practices, mobile optimization, and accessibility features, although performance is moderate and could be improved. Security posture is solid with HTTPS enforced and domain transfer protections, but there is room for enhancement by enabling DNSSEC and publishing more explicit security policies. From a security perspective, no critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is evident with accessible privacy and cookie policies and GDPR considerations. However, incident response and vulnerability disclosure information are not prominently available, suggesting an area for improvement. Overall, the site is trustworthy and professional, with a high legitimacy score based on domain age and WHOIS consistency. Strategic recommendations include enabling DNSSEC, publishing detailed security and incident response policies, adding security headers, and implementing a vulnerability disclosure program to further enhance trust and security posture.

G

Granicus

granicus.com

73

Granicus is an established enterprise technology company founded in 1999, specializing in digital government solutions and citizen experience platforms. Their offerings include cloud-based SaaS products such as Government Experience Cloud, Service Cloud, Engagement Cloud, and AI-powered digital agents, targeting government organizations and public sector entities. The company positions itself as a leader in transforming government service delivery and engagement through technology, connecting millions of citizens and thousands of government organizations worldwide. The website reflects a mature digital presence with professional design, comprehensive content, and strong branding consistency.

P

Your links and products in one place | Your links and products in one place

petshopprince.com

58

Linklist.bio is a technology SaaS platform specializing in providing users with a comprehensive digital presence solution that includes link in bio management, digital catalogs, link shortening, and QR code generation. The platform targets individuals and businesses seeking to consolidate their online links and products in one accessible place, enhancing brand visibility and e-commerce capabilities. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience and trustworthiness. Technically, the website leverages modern JavaScript frameworks such as Vue.js and Vuetify, along with Google Fonts and tracking technologies like Google Tag Manager and Facebook Pixel. The site is optimized for mobile devices and demonstrates good performance and SEO practices. Security is well implemented with HTTPS, multiple security headers, and no visible vulnerabilities or exposed sensitive data. However, the absence of a cookie consent mechanism and visible contact information slightly reduces privacy compliance and business credibility scores. The security posture is strong, with enforced HTTPS and security headers, but lacks explicit security policies and incident response contacts. The WHOIS data is limited due to TLD restrictions or privacy protection, which is common for SaaS platforms and does not raise immediate concerns. Overall, the website presents a low risk profile with good security and technical maturity. Strategic recommendations include implementing a cookie consent banner to enhance GDPR compliance, publishing clear security policies and incident response contacts, and providing visible company contact information to improve business credibility and user trust.

S

SEPOS, spol. s r. o.

sepos.cz

47

SEPOS, spol. s r. o. is a Czech family-owned company specializing in the manufacturing and retail of interior and entrance doors, door frames, and fittings. With over 30 years of experience, the company serves a diverse clientele including investors, architects, construction firms, and end customers. Their business model combines retail and wholesale sales with comprehensive services such as professional advice, certified installation, and delivery. The company maintains a strong market position in the Czech Republic with multiple design stores nationwide. Technically, the website is built on the INT - JET CMS platform and uses modern web technologies including Foundation CSS framework, jQuery, and integrates analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and Snowplow Analytics. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some accessibility features could be enhanced. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks a publicly available security policy, incident response contacts, and security.txt file. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and long-term registration consistent with the company's stated history. Overall, SEPOS.cz presents a professional and trustworthy online presence with solid business credibility and moderate technical maturity. Strategic improvements in security transparency and accessibility would further strengthen their posture.

S

Sociedade de Pediatria de São Paulo - SPSP

spsp.org.br

56

Sociedade de Pediatria de São Paulo (SPSP) is a well-established non-profit professional association serving pediatricians and healthcare professionals in São Paulo, Brazil. It operates as the pediatric department of the Associação Paulista de Medicina (APM) and is affiliated with the Sociedade Brasileira de Pediatria (SBP). The website provides educational resources, event information, publications, and membership services, targeting medical professionals and members of the pediatric community. The organization maintains a credible market position as a regional leader in pediatric healthcare education and advocacy. Technically, the website is built on WordPress with a modern tech stack including Bootstrap and jQuery, supported by Cloudflare for DNS and CDN services. The site is mobile-optimized, SEO-friendly, and integrates multiple Google tracking and analytics tools. Performance is moderate, with good design quality and user experience. Privacy and cookie policies are present, though GDPR compliance is basic. From a security perspective, the site uses HTTPS and Cloudflare DNS but lacks explicit advanced security headers and published incident response or vulnerability disclosure policies. No critical vulnerabilities or malicious content were detected. The presence of multiple tracking scripts suggests moderate user tracking, which could be improved for privacy compliance. Overall, SPSP's website is professional, trustworthy, and serves its audience well, with room for improvement in security policies and privacy transparency to enhance user trust and compliance.

C

Castorani

castorani.it

49

Castorani is a small Italian wine producer and retailer with a well-established online presence since 2002. The website offers e-commerce capabilities for purchasing wines, along with hospitality services such as tastings and vineyard tours. The company targets wine enthusiasts and tourists interested in authentic Italian wine experiences. Technically, the site is built on PrestaShop, uses modern web technologies, and integrates Cookiebot for GDPR-compliant cookie management. Security posture is solid with HTTPS, DNSSEC, and no visible vulnerabilities, though additional security headers could enhance protection. Privacy compliance is strong, with clear cookie consent and a comprehensive privacy policy. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

C

Camping de Rozenhof

campingrozenhof.com

49

Camping de Rozenhof is a family-oriented camping and rental business located in Zeeland, Netherlands, offering various camping pitches and rental accommodations such as chalets and houses. The website targets families and beach lovers seeking a tranquil vacation experience. The business operates a small-scale hospitality model with a regional market focus. Technically, the website is built on Joomla CMS with modern JavaScript libraries including jQuery, Bootstrap, and Swiper.js, and integrates Google Analytics and Tag Manager for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is moderate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are not found, indicating compliance gaps. Suspicious external links embedded in the HTML may pose reputational risks. Overall, the website is professional and trustworthy but would benefit from enhanced security and privacy compliance measures.

O

Outlet das Tintas

outletdastintas.com.br

59

Outlet das Tintas is a Brazilian retail network specializing in paint products, primarily offering Tintas Coral directly from the factory with special discounts. The company operates a multi-location franchise model with city-specific subdomains, facilitating easy ordering via Whatsapp and rapid delivery. The website is built on WordPress, leveraging popular plugins such as Yoast SEO and Cookie Law Info to enhance SEO and privacy compliance. Hosting is provided by DigitalOcean, indicating a reliable infrastructure. Security posture is adequate with HTTPS enforced and cookie consent implemented, though the absence of security headers and explicit privacy policies indicates room for improvement. Overall, the site presents a professional and trustworthy retail presence in the Brazilian paint market.

S

Simployer

infotjenester.no

65

Simployer is a Nordic HR software provider offering a comprehensive suite of HR management tools and services designed to streamline the entire employee lifecycle from recruitment to offboarding. With over 12,000 companies as customers, Simployer holds a strong market position in the Nordic region, supported by localized expertise and a broad product portfolio including HRM systems, employee surveys, legal expert support, salary mapping, learning solutions, and handbooks. The company operates under the Simployer Group umbrella with regional subsidiaries in Denmark, Poland, and Sweden. Technically, the website is built on the HubSpot CMS platform, leveraging modern frameworks like Bootstrap 5 and integrating multiple marketing and analytics tools such as Google Tag Manager, LinkedIn Insight, and Facebook Pixel. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some legacy technologies like an older jQuery version are still in use. Performance is moderate, with a well-structured and professional design enhancing user experience. From a security perspective, the site enforces HTTPS and includes standard security headers, alongside a consent management platform for GDPR compliance. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. The WHOIS data for the domain is notably absent, which raises some concerns about domain registration transparency, although the website content and external references strongly indicate a legitimate and established business. Overall, Simployer presents a professional and trustworthy digital presence with strong business credibility and compliance posture, but should address transparency in domain registration and enhance security policy disclosures to further strengthen trust and security assurance.

A

Agenda Logística

agendamaritima.cl

57

Agenda Logística is a specialized Chilean media outlet delivering news and analysis focused on logistics, maritime-port operations, international trade, and related sectors. The website serves industry professionals and stakeholders by providing timely articles, interviews, event calendars, and advertising opportunities. It is affiliated with Oceanspace Media, a parent company managing multiple maritime and logistics media brands, enhancing its market credibility and reach. Technically, the website employs modern JavaScript libraries, integrates third-party analytics and advertising networks, and uses HTTPS with a strict Content-Security-Policy header, reflecting a solid security foundation. However, the absence of visible privacy and cookie policies indicates gaps in privacy compliance. The WHOIS query for the domain failed due to an invalid query format, leaving domain registration details unknown, which slightly impacts trust assessment. Overall, the site is professional, content-rich, and well-branded, but could improve transparency and compliance aspects.

T

Tilt d.o.o.

irobot.si

45

iRobot Slovenija, operated by Tilt d.o.o., is a specialized retailer and distributor of smart robotic cleaning devices such as Roomba and Braava in Slovenia. The company offers a range of robotic vacuum cleaners, mops, and accessories, targeting Slovenian consumers seeking innovative home cleaning solutions. The website is professionally designed with multimedia content and clear navigation, supporting a positive user experience and brand consistency. Technically, the site employs modern JavaScript libraries, Google Tag Manager, and Facebook Pixel for analytics and marketing, hosted under a Slovenian registrar with secure HTTPS configuration. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Security posture is good with no critical vulnerabilities detected, though some security headers could be improved. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

L

Labcore

labcore.eu

53

Labcore is a pharmaceutical research company focused on innovation in anti-aging research, drug discovery, and a broad range of pharmaceutical services. Their website positions them as visionaries in the pharmaceutical realm, targeting industry professionals and research institutions. The company emphasizes innovation and comprehensive service offerings such as GMP analytics and organic synthesis. Technically, the website employs modern web technologies including Google Analytics and Typekit fonts, with a responsive design and good SEO practices. Security posture is solid with HTTPS enforced and secure forms, though some security headers are missing and could be improved. Privacy compliance is good, with a clear privacy policy and GDPR consent mechanisms in forms. Overall, the website is professional, trustworthy, and well-structured, supporting Labcore's business credibility in the healthcare sector.

L

Lassana

lassana.si

42

Lassana is a well-established beauty salon chain based in Ljubljana, Slovenia, offering a wide range of hairdressing, pedicure, cosmetic, and massage services. The company operates 14 salons and also retails professional cosmetics both in-store and online. The website reflects a mature digital presence with integrated online booking via Fresha and an e-commerce platform for product sales. Technically, the site is built on WordPress with modern frameworks and plugins, ensuring good performance, SEO, and mobile responsiveness. Security measures include HTTPS, reCAPTCHA, and cookie consent management, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

C

Creative Industry Košice

atdays.sk

43

Art & Tech Days is a Slovak-based cultural festival that uniquely combines art, technology, and digital culture, organized by Creative Industry Košice in partnership with EIT Culture & Creativity. The festival is positioned as a regional leader in media art and innovation, attracting international speakers and audiences. The website is professionally designed, multilingual, and optimized for SEO and mobile use, reflecting a mature digital presence. Technically, it leverages WordPress with modern plugins and Google Tag Manager for analytics, hosted on a reputable Slovak hosting provider with DNSSEC and HTTPS enabled, ensuring a secure user experience. Security posture is strong with standard best practices, though improvements in security headers and incident response disclosures are recommended. Privacy compliance is robust with clear cookie consent and GDPR-aligned policies. However, the absence of direct contact information and terms of service slightly reduces business credibility. Overall, the site is trustworthy, safe, and well-maintained, serving its audience effectively.

P

PROLIANCE GmbH

datenschutzexperte.de

72

PROLIANCE GmbH operates a professional German-language website focused on data protection, compliance, and information security services. The company offers a comprehensive suite of solutions including external data protection officer services, ISO 27001 ISMS implementation, compliance software, employee training, and advisory services for GDPR, NIS2, and emerging regulations. With over 2,500 customers and certifications from TÜV and DEKRA, PROLIANCE positions itself as a trusted mid-sized B2B service provider in the compliance and data security market. The website is well-designed, mobile-optimized, and uses modern web technologies such as Webflow CMS and HubSpot for marketing and form management. Security is robust with HTTPS, security headers, and consent management via Usercentrics CMP. The WHOIS data is privacy protected, which is typical for GDPR-focused businesses, and no suspicious domain registration patterns were detected. Overall, the site reflects a mature digital presence with strong business credibility and security posture.

N

Nova Scotia Legislature

nslegislature.ca

67

The Nova Scotia Legislature website serves as the official online presence for the legislative branch of the Government of Nova Scotia. It provides comprehensive access to legislative business including debates, bills, statutes, committee information, and live legislative TV. The site targets residents, government officials, researchers, and the general public interested in provincial governance. It holds a strong market position as an authoritative government resource with consistent branding and trust indicators such as official domain and social media presence. Technically, the website is built on Drupal 7 with a moderate technology stack including jQuery 1.10, Slick Carousel, and Colorbox. The site is moderately performant with good mobile optimization and basic accessibility features. SEO is basic but sufficient for the target audience. Hosting details are not explicit but domain registration is consistent with a Canadian government entity. From a security perspective, the site uses HTTPS and has domain transfer protections enabled. However, DNSSEC is not enabled, and security headers are not detected. The use of an outdated jQuery version poses potential vulnerabilities. There is no published security policy or incident response contact, and no cookie consent mechanism despite use of Google Tag Manager for analytics. These gaps reduce privacy compliance and security posture scores. Overall, the website is trustworthy and professional, with high business credibility. The main risks relate to technical security improvements and privacy compliance enhancements. Strategic recommendations include enabling DNSSEC, updating JavaScript libraries, implementing security headers, publishing security policies, and adding cookie consent mechanisms to improve compliance and user trust.

The City of Long Beach official website serves as a comprehensive portal for residents, businesses, visitors, and city employees. It provides detailed information about city officials, municipal services, business resources, visitor attractions, and employment opportunities. The site is well-structured with clear navigation and a professional design consistent with government standards. The target audience includes local residents, business owners, visitors, and municipal staff. The business model is that of a government service provider, focusing on transparency, accessibility, and community engagement.

G

Granicus

primegov.com

72

Granicus is an established enterprise-level technology company specializing in digital solutions for government organizations. Their product 'OneMeeting' offers cloud-based agenda and meeting management designed to streamline workflows, ensure compliance, and enhance public engagement for medium to large government entities. The website reflects a mature digital presence with professional design, structured data, and integration of modern web technologies such as WordPress CMS, Google Tag Manager, and New Relic monitoring. However, the site lacks visible privacy and cookie policies, security policies, and incident response information, which are critical for compliance and trust in the public sector domain. The domain is long-standing and registered consistently with the business identity, enhancing credibility.

V

Visit Long Beach

visitlongbeach.com

56

Visit Long Beach operates as the official tourism website for Long Beach, California, providing comprehensive travel and visitor information including accommodations, events, dining, shopping, and museums. The site targets tourists and visitors seeking to explore Long Beach and positions itself as a key resource for travel planning in the region. The business model focuses on tourism promotion and visitor engagement, leveraging digital content and social media to attract and inform potential visitors. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, and DoubleClick for advertising and tracking. It uses web font services and embeds social media content to enhance user experience. The site is mobile-optimized and demonstrates good accessibility and SEO practices, contributing to a positive digital maturity level. From a security perspective, the website uses HTTPS and integrates controlled script loading via Google Tag Manager. However, it lacks visible security headers and formal security policies such as a security.txt or vulnerability disclosure page. Privacy compliance is weak, with no detected privacy or cookie policies or consent mechanisms, which could expose the site to regulatory risks. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and branding strongly suggest it is an official entity. Overall, the site is professionally designed and content-rich, but improvements in privacy compliance, security policy transparency, and domain registration verification are recommended to enhance trust and reduce risk.

The Port of Long Beach is a major U.S. seaport operating as a government port authority, facilitating international trade and maritime logistics. The website reflects a well-established entity with a long history dating back to 1996, offering comprehensive port services, environmental stewardship, and community engagement. The site targets businesses, shipping companies, government agencies, and the local community, positioning itself as a key player in the transportation sector. Technically, the website is built on modern frameworks such as React and Gatsby, hosted via Akamai CDN, and employs advanced UI components including Mobiscroll and Gravity Forms. The site demonstrates excellent performance, mobile responsiveness, and accessibility, with strong SEO and metadata implementation. Security is robust with HTTPS, multiple security headers, and domain transfer protections, although DNSSEC is not enabled. From a security perspective, the site shows good maturity with no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms in place. However, the absence of a formal security policy, incident response contacts, or vulnerability disclosure mechanisms suggests room for improvement in transparency and incident readiness. Overall, the Port of Long Beach website is a professional, secure, and trustworthy digital presence for a large government transportation entity. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and adding vulnerability disclosure information to enhance security posture and stakeholder trust.

Periscope Holdings is a U.S.-based company specializing in procurement software solutions tailored for government buyers and suppliers. Their flagship product, Periscope ePro, automates the procure-to-pay process, enhancing compliance and cost savings. The company holds exclusive rights to market the National Institute of Governmental Purchasing (NIGP) Commodity/Services Code and maintains a strong presence in the public sector procurement market with a broad agency network. The website reflects a professional and consistent brand image, targeting government entities and suppliers with clear messaging and comprehensive service offerings. Technically, the website employs a modern technology stack including jQuery, Google Tag Manager, Facebook Pixel, LinkedIn Insight Tag, and conditional loading of Hotjar and Google Analytics based on user cookie consent. The site is mobile-optimized with good SEO practices and a responsive design. However, some security best practices such as explicit security headers are not evident, and WHOIS data for the domain is missing, which raises some concerns about domain registration transparency. The security posture is generally strong with HTTPS enforced and cookie consent mechanisms in place, but the absence of detailed security policies and incident response information suggests room for improvement. Privacy compliance is well addressed with comprehensive privacy and cookie policies linked to a partner domain. Overall, the site is trustworthy and professional, though the domain registration inconsistency slightly reduces the overall trust score. Strategically, Periscope Holdings should focus on enhancing domain registration transparency, implementing additional security headers, and publishing explicit security and incident response policies to strengthen trust and compliance posture.

C

California Green Business Network

greenbusinessca.org

47

The California Green Business Network is a well-established non-profit organization founded in 2008, dedicated to promoting sustainability and green business practices across California. It operates as a coalition of cities and counties, providing certification services, resource conservation guidance, and community support to small and medium-sized businesses. The website reflects a strong market position as a leader in the green business certification space, with a clear focus on environmental impact and community engagement. Technically, the website is built on WordPress with modern technologies such as jQuery, Google Tag Manager, and Mailchimp integration. It demonstrates good SEO practices, mobile optimization, and accessibility features, although performance is moderate. The site uses HTTPS with a solid SSL configuration but lacks some advanced security headers and DNSSEC, which could enhance its security posture. From a security perspective, the site follows basic best practices including secure forms and no exposed sensitive data. However, it lacks a formal security policy, incident response contact information, and a cookie consent mechanism, which are important for compliance and user trust. The WHOIS data is consistent and supports the legitimacy of the domain and organization. Overall, the website is professional, trustworthy, and content-rich, serving its target audience effectively. Strategic improvements in privacy compliance and security policies would further strengthen its position and reduce risk.

A

ACTIVE Network

activecommunities.com

72

ACTIVE Network operates ACTIVENet, a leading B2B SaaS platform specializing in facility, registration, and membership management software designed to build stronger communities. The company is positioned as a market leader with a comprehensive suite of services targeting community organizations and facility managers. The website reflects a mature digital presence with consistent branding and professional content tailored to its enterprise audience. Technically, the site leverages modern web technologies including Webflow CMS, advanced analytics tools such as Google Analytics, Microsoft Clarity, and Visual Website Optimizer, and integrates multiple marketing and tracking scripts to optimize user engagement and conversion. Security posture is strong with HTTPS enforcement and multiple security headers, although explicit security policies and incident response contacts are not publicly disclosed. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy practices. Overall, the site demonstrates a solid balance of business credibility, technical sophistication, and security awareness, suitable for an enterprise-level SaaS provider.

S

Scribble Software, Inc.

marinago.com

45

MARINAGO Office, operated by Scribble Software, Inc., offers a comprehensive cloud-based marina management software solution designed to streamline operations for marinas, ports, harbors, and boatyards. The platform integrates key functionalities such as slip reservations, fuel dock sales, ship store management, accounting integration, enterprise reporting, and automated customer communications. Positioned as a trusted and scalable solution, MARINAGO Office targets marina professionals seeking efficient and profitable management tools. The website reflects a professional and consistent brand image with strong customer testimonials and integration with reputable accounting software providers. Technically, the website employs a modern technology stack including Bootstrap, jQuery, and various UI libraries, with Google Tag Manager and Google Ads for analytics and marketing. The site is mobile-optimized with good SEO practices and clear navigation, although accessibility features are basic. Security posture is moderate with HTTPS usage implied but lacking visible security headers and explicit security policies. Privacy and cookie policies are not found, indicating room for compliance improvement. The WHOIS data is notably missing or unavailable, which raises some concerns about domain registration transparency and legitimacy. Despite this, the website content and external references strongly indicate a legitimate business operation. Overall, the site scores well on content quality and business credibility but needs enhancements in privacy compliance and security best practices to strengthen trust and regulatory adherence.

S

State of California

ca.gov

66

The website www.ca.gov serves as the official portal for the State of California, providing residents and visitors with access to a wide range of government services and information. It is positioned as an authoritative source for state government resources, featuring key services such as Real ID/license processing, birth certificates, tax refund checking, and business licensing. The site targets a broad audience including California residents, businesses, and visitors seeking official government information. From a technical perspective, the site employs modern web technologies including Google Tag Manager and Google Analytics for tracking, custom CSS and JavaScript for styling and interactivity, and is optimized for mobile devices with excellent accessibility features. The website demonstrates fast performance and strong SEO practices, contributing to a positive user experience. Security-wise, the site enforces HTTPS and uses secure forms for feedback submission. However, explicit security headers such as Content-Security-Policy and X-Frame-Options are not detected, and there is no visible cookie consent mechanism. The WHOIS data is incomplete, likely due to .gov domain registry policies, but the official domain and consistent branding strongly support legitimacy. No vulnerabilities or exposed sensitive data were found. Overall, the website presents a high level of professionalism, trustworthiness, and compliance with privacy standards, though improvements in security header implementation and cookie consent transparency are recommended to enhance the security posture and privacy compliance further.

G

Gladeo Inc.

gladeo.org

60

Gladeo Inc. operates an educational career navigation platform and offers career development tools and courses aimed at educators, workforce professionals, and learners. The company positions itself as an inclusive platform transforming how people discover and prepare for careers. The website is built on the Wix platform, leveraging standard Wix technologies and Google Tag Manager for analytics. The technical infrastructure is modern but basic, with room for improvement in security headers and privacy compliance. Security posture is moderate with HTTPS enforced but lacks explicit security policies and headers. Overall, the website is professional and trustworthy, though it lacks visible privacy and cookie policies, which impacts compliance scores. Strategic recommendations include enhancing privacy disclosures, adding security headers, and improving accessibility and SEO.

I

International Transport Workers’ Federation (ITF)

itfglobal.org

58

The International Transport Workers’ Federation (ITF) operates a professional and comprehensive website serving as the global voice for 16.5 million transport workers across 150 countries. The organization focuses on union representation, workers' rights, equality, and justice within the transport sector. The website is built on Drupal 10, leveraging modern web technologies and includes multilingual support and social media integration. Privacy and cookie policies are prominently implemented with consent mechanisms, reflecting good privacy compliance. Security posture is generally strong with HTTPS enforced, though security headers are not evident and no explicit security or incident response policies are published. WHOIS data is unavailable due to malformed responses, but the website's professional presentation and organizational scope indicate legitimacy. Overall, the site is well-designed, accessible, and trustworthy, serving a large international non-profit federation.

I

Impact Factory

impact-factory.de

65

Impact Factory is Germany's largest incubator and accelerator focused on startups addressing social and ecological challenges. The organization provides structured programs tailored to different startup development phases, fostering a community and network to support impact-driven entrepreneurs. The website reflects a professional and consistent brand presence, targeting impact startups and stakeholders in the social entrepreneurship ecosystem. Technically, the website is built on Webflow, leveraging modern web technologies including Google Tag Manager, Facebook Pixel, and Cookiebot for consent management. The site is mobile-optimized with good SEO practices and moderate performance. Security is well-handled with HTTPS and cookie consent mechanisms, though additional security headers and explicit security policies could enhance the posture. The security posture is solid with no detected vulnerabilities or exposed sensitive data. Privacy compliance is strong, with a comprehensive cookie consent banner and detailed cookie categorization. However, the absence of visible contact information and terms of service pages limits full business transparency. Overall, the website presents a low-risk profile with good digital maturity and compliance. Strategic improvements in security headers, incident response information, and contact transparency would further strengthen trust and resilience.

C

Cooltix

cooltix.hu

61

Cooltix is a Hungarian event ticketing platform established in 2017, providing online ticket sales and event management services primarily for concerts, festivals, and parties. The platform targets both event organizers and attendees within Hungary, positioning itself as a regional player in the entertainment sector. The website is professionally designed with good content quality and consistent branding, supporting a positive user experience and trustworthiness. Technically, the site leverages modern web technologies including React and Next.js, integrates Google Maps and Stripe for payments, and uses standard tracking tools such as Facebook Pixel and Google Tag Manager. The site is mobile optimized and performs moderately well. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies are absent. Privacy and cookie policies are present and GDPR compliant, enhancing user trust. Overall, the site demonstrates a mature digital presence with room for security policy improvements.

S

SiteOne, s.r.o.

siteone.io

11

SiteOne, s.r.o. is a Czech-based digital solutions provider specializing in design, development, and digital transformation services. The company targets businesses seeking to modernize and digitize their operations, offering a broad range of services including web and app development, UX/UI design, CMS and CRM integration, and technical consulting. The website reflects a professional and mature digital presence with strong branding and client testimonials, indicating a solid market position and trusted client relationships. Technically, the site employs modern tracking and analytics tools such as Google Analytics, Hotjar, Microsoft Clarity, and Facebook Pixel, alongside a responsive and accessible design. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers and published security policies are absent. WHOIS data is privacy protected, which is reasonable but limits domain age verification. Overall, the site is well-constructed, secure, and compliant with privacy regulations, supporting SiteOne's credibility as a digital transformation partner.

GetTransfer.com, operated by KG GLOBAL LIMITED, is an established international online marketplace specializing in booking transfers, rides, and chauffeured car rentals across 150 countries. The platform targets travelers, businesses, agents, and drivers, offering a broad range of transportation services including airport transfers, VIP rides, bus rentals, and parcel delivery. The company maintains a medium-sized business profile with subsidiaries in Hong Kong and the UAE, reflecting a global operational footprint. The website features a professional design with consistent branding and strong trust indicators such as verified carriers and customer reviews from multiple platforms.

H

HardyPress SRL

hardypress.com

54

HardyPress SRL operates a specialized WordPress hosting service that transforms WordPress sites into static websites to enhance performance, security, and reduce maintenance overhead. Their market position targets WordPress site owners and agencies seeking fast, secure, and zero-maintenance hosting solutions. The company offers tiered subscription plans including personal, professional, VPS, and enterprise levels, with features such as support for popular WordPress plugins, instant search, and REST API access. The website is professionally designed, mobile optimized, and includes GDPR-compliant privacy and cookie policies via Iubenda. Technically, the site runs on WordPress 4.8.22 with Visual Composer and integrates modern web technologies including jQuery, FontAwesome, Google Tag Manager, and Mailchimp for marketing. The hosting infrastructure is implied to be global with 30 locations using SSD technology for fast delivery. Security posture is strong due to static site generation reducing attack surface, enforced HTTPS, and privacy compliance. However, the absence of explicit security headers and incident response information are areas for improvement. The WHOIS data is incomplete, showing no registrar or registrant information, which raises some legitimacy concerns. Despite this, the website content, business information, and active client area suggest a legitimate and operational business. Overall, the site scores well on content quality, technical implementation, and privacy compliance, with moderate business credibility due to WHOIS data gaps. Strategic recommendations include enhancing security headers, publishing clear security and incident response policies, and resolving WHOIS data transparency to improve trust and compliance posture.

C

Compendia

compendiamedlem.no

68

Compendia is a Norwegian technology company specializing in membership systems primarily for trade unions and similar organizations. With over 20 years of experience, they offer user-friendly and automated membership communication solutions, including search and statistics functionalities. The website reflects a professional business model focused on SaaS solutions for membership management. Technically, the site is built on WordPress with Elementor and Yoast SEO, integrating modern analytics tools such as Google Analytics and Microsoft Clarity, alongside a comprehensive cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS and privacy-focused consent management, though explicit security headers and incident response policies are not publicly visible. The absence of WHOIS data limits domain trust assessment, but the website's professional presentation and privacy compliance indicate a legitimate business. Overall, the site is well-structured, optimized for SEO, and provides a good user experience.

T

Terra Incognita - Krajina nespoznaná

terraincognita.sk

43

Terra Incognita - Krajina nespoznaná is a Slovak website focused on exploration or travel related to unknown or less explored landscapes. The site uses WordPress with the Divi theme and integrates common analytics and marketing tools such as Google Analytics and Facebook Pixel. The website is moderately optimized for SEO and mobile devices, providing a generally good user experience with clear navigation and professional design elements. However, it lacks explicit privacy, cookie, and terms of service policies, which impacts its privacy compliance and trustworthiness. Security posture is basic with HTTPS enabled but missing important security headers and formal security policies. No contact information or incident response details are provided, limiting direct communication channels for users or security issues. Overall, the website is legitimate and consistent with its domain registration data but would benefit from enhanced privacy and security practices.

C

Creative Industry Košice n.o.

cike.sk

42

Creative Industry Košice n.o. is a non-profit organization dedicated to fostering cultural and creative industry development in Košice and the broader Eastern Slovakia region. The organization engages in international projects, educational workshops, research, and community challenges to promote innovation and cultural growth. Their website reflects a well-established regional presence with a focus on collaboration among artists, innovators, and policymakers. Technically, the website is built on WordPress with modern tools such as Google Analytics and Tag Manager, and it demonstrates good SEO and mobile optimization. Security posture is solid with HTTPS enforced, though improvements are needed in security headers and explicit incident response policies. Overall, the site is professional, trustworthy, and serves its target audience effectively.

K

Kinstellar

kinstellar.com

68

Kinstellar is a well-established European law firm founded in 2008, providing a broad range of legal services across Central Europe and Asia. The firm specializes in sectors such as M&A, banking and finance, real estate, energy, data privacy, and healthcare. Their market position is strong with multiple offices and a professional online presence. The website is professionally designed, content-rich, and optimized for user experience with clear navigation and mobile responsiveness. Technically, the site uses modern technologies including JavaScript, Google Tag Manager, and Cookiebot for privacy compliance. Security posture is good with HTTPS enabled and domain transfer protection, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is robust with a detailed cookie consent mechanism and linkage to a comprehensive privacy policy via Cookiebot. Overall, the site is trustworthy and credible, with no signs of malicious activity or adult content.

C

Creative Industry Košice, n. o.

cityofmediaarts.sk

41

City of Media Arts is a cultural initiative managed by Creative Industry Košice, a non-profit organization promoting Košice as a UNESCO Creative City of Media Arts. The website serves as a platform to showcase media arts events, exhibitions, and news, targeting cultural professionals and the general public interested in media arts. The organization holds a recognized position in the regional cultural landscape with a focus on media arts and creative industries. Technically, the website is built on WordPress 5.6.16, hosted by Websupport, and uses modern web technologies including Google Analytics and Tag Manager for analytics. The site is mobile optimized with good SEO practices and moderate performance. However, there is room for improvement in accessibility and security headers implementation. From a security perspective, the website benefits from HTTPS, DNSSEC, and secure cookie settings, but lacks important security headers and a formal security or incident response policy. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional, trustworthy, and well-aligned with its cultural mission. Strategic improvements in security headers, privacy compliance, and incident response transparency would enhance its security posture and user trust.

G

GRIP Digital, s.r.o.

grip-studios.com

48

Grip Studios, operated by GRIP Digital, s.r.o., is a reputable mid-sized game development company based in Central Europe with over 15 years of industry experience. They specialize in co-development, QA, and original IP creation, serving top global gaming companies. The website reflects a professional and consistent brand image with clear business focus and strong industry partnerships. Technically, the site uses modern JavaScript libraries and Google Analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements in security headers and incident response transparency are recommended. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

B

Bohemia Interactive Simulations

bisimulations.com

66

Bohemia Interactive Simulations (BISim), a subsidiary of BAE Systems Inc., is a global leader in defense and civilian training and simulation software. The company offers a diverse portfolio including simulation platforms, visualization tools, terrain generation software, and software development kits, serving over 60 countries and hundreds of thousands of military personnel annually. The website reflects a mature business with a clear market position and professional presentation. Technically, the site is built on WordPress with modern plugins and analytics integrations, hosted via Cloudflare, ensuring good performance and security. Security posture is solid with HTTPS enforcement and domain transfer protection, though DNSSEC is not enabled. Privacy compliance is well addressed with accessible policies and consent mechanisms. Overall, the site demonstrates high professionalism, trustworthiness, and business credibility.

Birell.sk is the official website for Birell, a brand specializing in non-alcoholic beer beverages brewed with Czech barley and Saaz hops. The company operates under Asahi CE & Europe Services s.r.o., targeting general consumers interested in quality non-alcoholic beer products. The website provides detailed product lines, promotional content, and contact information, positioning itself as a reputable player in the Slovak retail beverage market. Technically, the site is built on WordPress with standard plugins like Contact Form 7 and uses Google Tag Manager and Google Analytics for marketing and analytics. The site is mobile-optimized and presents a professional user experience with consistent branding. Security posture is good with HTTPS enforced and cookie consent implemented, though it lacks published security policies and incident response contacts. Overall, the domain registration aligns well with the business claims, indicating legitimacy and trustworthiness.

M

Mohawk College

resilientcolleges.ca

59

Canadian Colleges for a Resilient Recovery is a pan-Canadian coalition led by Mohawk College, focusing on supporting climate-focused economic recovery through collaboration among colleges, cégeps, institutes, and polytechnics. The coalition offers training, applied research, and partnership facilitation to address complex challenges across Canada. The website positions itself as a national platform connecting educational institutions and industry partners to foster innovation and resilience. Technically, the website is built on WordPress using Elementor, with integrations including Mailchimp for marketing and Google Analytics for tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. Hosting and DNS are managed via reputable providers, with HTTPS enforced and domain registration secured with prohibitive status flags, though DNSSEC is not enabled. Security posture is solid with HTTPS and domain protections, but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The site maintains a professional and trustworthy appearance with consistent branding and clear navigation. Overall, the website is a credible and professional platform supporting educational and climate resilience initiatives in Canada, with room for improvement in privacy compliance and security transparency.

T

The Signal

signalhfx.ca

55

The Signal is a student-run media website produced by senior journalism students at the University of King’s College in Halifax, Nova Scotia. It provides a variety of news content including local news, arts, science, sports, business, and investigative journalism. The site also offers podcasts and video content, targeting a general audience interested in regional news and culture. The business model is educational and media-focused, supported by the university. Technically, the website is built on WordPress, uses modern web technologies such as jQuery, Font Awesome, and Google Tag Manager, and is hosted on AWS infrastructure. The site is mobile optimized and accessible with good SEO practices. Security posture is adequate with HTTPS enabled and domain protections in place, but lacks DNSSEC and some security headers. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. No direct contact information or security policies are publicly available, which limits transparency. Overall, the website is professional, trustworthy, and serves its educational media purpose well.