Security Directory

G

Gender Census

gendercensus.com

43

Gender Census is a niche annual survey project focused on collecting data about language used by people outside the traditional gender binary. The website serves as a platform for survey participation, results publication, and community engagement. The project is small-scale, non-profit oriented, and supported by donations and sponsorships. Technically, the site is built on WordPress with common web technologies and demonstrates moderate performance and good mobile optimization. Security posture is generally good with HTTPS enforced, but lacks advanced security headers and cookie consent mechanisms. The absence of WHOIS data is a notable anomaly that reduces trustworthiness. Overall, the site is professional and trustworthy but could improve in privacy compliance and security transparency.

Q

Quitter

quitter.se

41

Quitter.se is a Swedish blog focused on social media transparency and critique, advocating for more open and honest social media platforms. The website operates on a WordPress CMS with Yoast SEO plugin, indicating a moderate level of digital maturity and SEO awareness. The content is well-structured, relevant, and targeted at a general audience interested in social media issues. Technically, the site uses HTTPS with a valid SSL certificate but lacks advanced security headers and DNSSEC, which are recommended for improved security. No privacy or cookie policies are present, which is a compliance gap. Contact information and security policies are also absent, limiting trust signals. Overall, the domain registration is consistent and legitimate, supporting the website's credibility.

E

Emancipator

emancipatormusic.com

49

Emancipator is an independent electronic music artist based in Portland, Oregon, with a well-established online presence since 2009. The website serves as a hub for fans to access news, tour dates, discography, media, and merchandise links. The business model revolves around music production, live performances, and merchandise sales, targeting electronic music enthusiasts and concertgoers. The site is professionally designed with consistent branding and good content quality, reflecting a small but dedicated operation in the media industry. Technically, the website is built on WordPress using the Uncode theme and several plugins for event management, responsive tables, and tracking. Hosting is provided by iPower.com, and the site uses HTTPS with a valid SSL certificate. Performance and mobile optimization are good, though accessibility features are basic. SEO is adequately addressed with proper meta tags and structured data. From a security perspective, the site benefits from HTTPS and domain transfer protections but lacks DNSSEC and important security headers like CSP and HSTS. There are no visible privacy or cookie policies, which is a compliance gap, especially under GDPR. Tracking technologies include Google Analytics and Facebook Pixel, indicating moderate user tracking. No incident response or vulnerability disclosure information is provided. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced security practices and privacy compliance measures. The domain registration is consistent with the business history and shows no suspicious patterns. Strategic improvements in privacy policy publication, security headers, and DNSSEC would strengthen the site's security posture and compliance standing.

Q

Qumulo

qumulo.com

64

Qumulo is an established enterprise technology company specializing in scalable file and object data storage solutions that operate seamlessly across edge, data center, and cloud environments. Founded in 2006, the company positions itself as a leader in managing unstructured data at exabyte scale, targeting enterprise customers across multiple industries including energy, healthcare, financial services, and public sector. Their key offerings include Qumulo Run Anywhere, Cloud Data Fabric, and Qumulo Nexus, which provide unified data visibility and management capabilities. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content focused on business and technical audiences. Technically, the website is built on WordPress with Elementor and Yoast SEO, hosted on AWS infrastructure, and employs modern web technologies ensuring fast performance and mobile optimization. Analytics and marketing tools such as Google Tag Manager and HubSpot forms are integrated for user tracking and lead generation. Security posture is solid with HTTPS enforced and domain registration consistent with a legitimate enterprise, though some improvements like enabling DNSSEC and publishing explicit security policies are recommended. The security evaluation reveals a good baseline with no visible vulnerabilities or exposed sensitive data, but lacks published incident response or vulnerability disclosure policies, which could enhance trust and compliance. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy or terms of service pages detected in the scanned content. Overall, Qumulo's website demonstrates a high level of professionalism and technical maturity suitable for its enterprise audience, with recommendations to improve transparency around privacy and security policies to further strengthen trust and compliance.

3

3D Realms

3drealms.com

64

3D Realms is a well-established game development and publishing company with a legacy spanning nearly three decades. The company focuses on AAA gaming titles characterized by action, attitude, and adrenaline, targeting a broad gaming audience. Their business model includes game publishing, community engagement through their 3DRmy program, and merchandise sales. The website reflects a mature market position with professional branding and consistent messaging. Technically, the site is built on a modern WordPress stack with Elementor and WooCommerce, hosted behind Cloudflare DNS, and optimized for performance and mobile devices. Security posture is strong with HTTPS enforced, security headers present, and cookie consent mechanisms implemented, although DNSSEC is not enabled and no explicit security policy or incident response information is published. Overall, the site is trustworthy, professional, and compliant with GDPR requirements, though it could benefit from enhanced transparency on security policies and vulnerability disclosures.

D

Dani Donovan

adhddd.com

69

The website adhddd.com is a content-focused platform centered around ADHD-themed comics created by Dani Donovan. It serves a niche audience interested in ADHD awareness and related humor. The site is built on WordPress with WooCommerce and Elementor, indicating a moderate level of digital maturity and potential e-commerce capabilities. The technical infrastructure includes Cloudflare DNS and HubSpot marketing tools, reflecting a modern but basic setup. Security posture is moderate with HTTPS enabled but lacking advanced security headers and DNSSEC. Privacy compliance is weak due to the absence of explicit privacy and cookie policies. Overall, the site is functional and professionally presented but would benefit from enhanced security and compliance measures to improve trust and user protection.

F

Fedi.Garden

fedi.garden

57

Fedi.Garden is a small, human-curated directory website focused on listing well-run Mastodon and Fediverse servers that adhere to responsible moderation and reliability standards. It serves a niche audience of users seeking trustworthy Fediverse communities and provides categorized listings by language, topic, country, and other criteria. The website is built on WordPress using a classic theme, with basic but clear navigation and content relevant to its target audience. Technical infrastructure is standard for a small WordPress site, hosted under a reputable registrar, with HTTPS enabled but lacking advanced security headers and DNSSEC. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or detailed GDPR indicators. No contact emails or phone numbers are provided, but a Mastodon social link is available for communication. The site does not employ advertising or analytics tracking, reflecting a privacy-conscious approach. Overall, the site is trustworthy and safe for general audiences, with room for improvement in security hardening and privacy compliance.

J

Judicial Appointments Commission

judicialappointments.gov.uk

63

The Judicial Appointments Commission is a UK government statutory body responsible for selecting candidates for judicial office in England and Wales. The website serves as an official platform to provide information about judicial roles, application guidance, diversity initiatives, and publishes official reports and announcements. It targets legal professionals and the general public interested in judicial appointments. The site is well-branded, consistent, and reflects its authoritative government status. Technically, the website is built on WordPress with common plugins and uses Google Analytics for visitor tracking. It is mobile-optimized and accessible, with good SEO practices. The SSL configuration is excellent, ensuring secure connections. However, some security headers are not explicitly detected, and there is no public security policy or incident response information. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are present and GDPR compliant, though no explicit vulnerability disclosure or security.txt file is found. The domain registration is consistent with a legitimate UK government entity, with a long domain age supporting trustworthiness. Overall, the website is professional, secure, and trustworthy, with minor recommendations to enhance security headers and publish security policies to further improve transparency and security posture.

H

Heatherhornses's Amazing Cyber Site – When you're here, you're family

heatherhorns.com

43

Heatherhornses.com is a small personal or hobby website created in 2020, featuring minimal content centered around a friendly theme. The site uses WordPress CMS hosted on WebHostingHub with basic technical infrastructure. The website lacks comprehensive business information, privacy policies, and contact details, indicating it is not a commercial or enterprise-grade site. Technically, the site is functional with HTTPS enabled but lacks advanced security headers and DNSSEC, which are recommended for improved security posture. The security posture is basic with no detected vulnerabilities but also no formal security or incident response policies. Overall, the site is low risk but also low in business credibility and privacy compliance.

X

xmpp.work

xmpp.work

61

xmpp.work is a specialized job board platform focused on employment opportunities related to XMPP technology. Founded in 2020, it serves a niche audience of job seekers and employers in the XMPP ecosystem. The website offers job listings, job posting services, and search functionality tailored to this sector. Technically, the site is built on WordPress with common plugins and libraries such as jQuery and Select2, hosted by Hosting Concepts B.V. The site is accessible, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or detailed GDPR compliance indicators. Contact information is limited to a contact form with no direct emails or phone numbers visible. Overall, the site is legitimate and trustworthy for its niche but could improve security and privacy practices.

OpenDomain is a small US-based entity founded in 2004 that offers free use of domains they own but do not actively develop. Their business model is non-commercial, focusing on supporting open source communities by providing domain usage rights without transfer or sale. The website is built on WordPress and uses Cloudflare for DNS services. The technical infrastructure is moderate with basic mobile optimization and SEO. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. No contact information or incident response details are provided, limiting trust and compliance. Overall, the site is functional and safe but would benefit from enhanced security and compliance measures.

BunnyHearted is a small content creator focused on vtuber streaming and community engagement. The website serves as a hub for BunnyHearted's Twitch streams, social media presence, merchandise sales, and community support via Patreon and tips. The business model revolves around content creation and fan monetization through merchandise and donations. The site is well-branded with consistent retro and cozy themes, targeting a general audience interested in vtuber content. Technically, the website is built on WordPress using Elementor and Yoast SEO plugins, hosted by HOSTINGER operations, UAB. The site shows moderate performance and good mobile optimization. SEO is well addressed with proper meta tags and structured data. Accessibility is basic but functional. No advanced analytics or tracking services are detected. From a security perspective, the site uses HTTPS and has domain transfer protections enabled. However, it lacks DNSSEC and security headers, which are recommended for improved security posture. No privacy or cookie policies are present, indicating gaps in compliance with GDPR and other privacy regulations. No incident response or vulnerability disclosure information is provided. Overall, the website is safe, professional, and trustworthy for its niche audience but would benefit from enhanced security measures and privacy compliance to improve trust and legal standing.

W

Wikimedia UK

wikimedia.org.uk

62

Wikimedia UK is a well-established UK charity founded in 2005, dedicated to promoting open access to knowledge and supporting the Wikimedia movement. The organization operates primarily in the non-profit sector, focusing on education, cultural partnerships, community engagement, and advocacy for open knowledge. Their website reflects a professional and consistent brand image, targeting a broad audience including volunteers, educational institutions, and the general public interested in free knowledge. Technically, the website is built on WordPress with modern plugins and tools such as Yoast SEO and Smart Slider 3, hosted by Fasthosts Internet Ltd. It demonstrates good mobile optimization, accessibility, and SEO practices, although there is room for improvement in security headers and explicit vulnerability disclosure mechanisms. Security posture is strong with HTTPS enforced and privacy compliance evident through a comprehensive privacy policy and cookie consent mechanism. Contact information is clearly provided, including email, phone, and physical address, enhancing business credibility. No critical security issues or content safety concerns were detected, and the domain registration is consistent with the organization's profile, indicating high legitimacy and trustworthiness.

L

LeadDigital

leaddigital.com

68

LeadDigital is a specialized digital marketing agency focusing on PPC and email marketing services aimed at helping businesses scale from £1M to £10M through data-driven marketing strategies. The company positions itself as an expert delivering targeted marketing messages to the right audience at the right time. The website demonstrates a professional and consistent brand presence with client logos and active social media channels, indicating a credible market position within the technology sector. Technically, the site is built on WordPress with Elementor and integrates modern marketing and analytics tools such as Google Tag Manager, Google Analytics, Facebook Pixel, and Fathom Analytics, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS and implements a comprehensive cookie consent mechanism, but lacks visible advanced security headers or published security policies, suggesting room for improvement in formal security governance. Overall, the website is accessible, well-structured, and compliant with GDPR cookie regulations, but the absence of WHOIS registration data reduces transparency and slightly impacts trustworthiness.

K

Knock Knock WHOIS Not There, LLC

voidgoddess.org

55

Voidgoddess.org is a niche artistic and spiritual website focused on themes of mysticism, liminality, and alternative culture. It targets a community of witches, shamans, psychonauts, ravers, and artists, offering blog content, art, music promotion, and community engagement. The site is built on WordPress and hosted by Automattic Inc., leveraging WooCommerce and Jetpack plugins for enhanced functionality. Social media integration is strong, linking to multiple platforms including Twitter, SoundCloud, Spotify, Facebook, Reddit, Instagram, Cohost, and Patreon. The website demonstrates good content quality and consistent branding, appealing to its target audience effectively.

P

PureNet Solutions Limited

purenet.co.uk

58

PureNet Solutions Limited is a UK-based ecommerce and portal solutions agency with over a decade of experience delivering bespoke, integrated ecommerce platforms primarily for B2B and B2C clients. The company offers a broad range of services including ecommerce development, bespoke portals, integration, AI application development, custom CMS, web design, consultancy, and support. Their client portfolio includes recognized brands and they emphasize delivering both functional and visually appealing solutions. Technically, the website is built on WordPress with modern plugins and tools such as Yoast SEO, Google Analytics, and CookieYes for consent management, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit incident response policies. Overall, the website is professional, well-structured, and compliant with privacy regulations, reflecting a trustworthy business presence. However, WHOIS data for the domain is unavailable due to a domain naming error, which should be investigated further to confirm domain legitimacy.

T

The Science Coalition

sciencecoalition.org

57

The Science Coalition is a well-established nonprofit organization founded in 1994, representing over 50 leading public and private research universities in the United States. Its mission centers on advocating for sustained federal investment in fundamental scientific research to drive economic growth, innovation, and global competitiveness. The organization operates primarily as an advocacy and educational entity, targeting policymakers, research institutions, and the general public interested in science funding. The website reflects a professional and consistent brand image with comprehensive content including news, reports, and event information.

A

Association of American Medical Colleges

aamcaction.org

54

The website aamcaction.org represents the Association of American Medical Colleges, a well-established healthcare advocacy organization based in the United States. The site serves as a platform for medical education advocacy and healthcare policy initiatives, targeting medical professionals and healthcare stakeholders. The business model is non-profit and focused on public health and policy action. The website is built on WordPress using the Divi theme, integrating modern technologies such as jQuery, Google Fonts, and LinkedIn Insight for marketing analytics. Hosting appears to be on Amazon AWS infrastructure, providing reliable performance and scalability. Security posture is generally good with HTTPS enabled and domain transfer protections in place, though DNSSEC is not enabled and security headers are missing. Privacy and cookie policies are absent, which is a compliance gap. No incident response or security contact information is provided, limiting transparency in security management. Overall, the website is professional, trustworthy, and safe for general audiences, but could improve privacy compliance and security transparency.

Student Aid Alliance is a well-established coalition of over 40 higher education organizations advocating for increased federal student aid funding in the United States. Their website serves as an informational and advocacy platform, providing policy priorities, updates on funding requests, and calls to action aimed at students, educators, and policymakers. The organization positions itself as a key player in the education advocacy sector, focusing on improving college affordability through federal programs such as Pell Grants and Federal Work-Study. Technically, the website is built on WordPress using common plugins like Yoast SEO and frameworks such as Social Driver. It employs modern web technologies including jQuery and FontAwesome, and is optimized for mobile devices with good SEO practices. The site loads with moderate performance and offers a professional user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. However, it lacks DNSSEC and does not implement common security headers, which are recommended to enhance security posture. No privacy or cookie policies are explicitly presented, and no contact information such as emails or phone numbers are directly visible, which may impact user trust and compliance with privacy regulations. Overall, the website is credible and trustworthy with a strong business presence and clear mission. To improve, the organization should consider publishing comprehensive privacy and cookie policies, implementing security headers, enabling DNSSEC, and providing clear contact information to enhance compliance and user confidence.

U

Union Tigers Vöcklabruck

faustball-tigers.at

44

Union Tigers Vöcklabruck is a regional Faustball sports club based in Austria, providing team information, news, events, and community engagement through their website. The site targets sports enthusiasts and local supporters with a focus on club activities, event calendars, and social media integration. The business model is that of a non-profit sports organization with a small size and a founding date around 2016. Technically, the website is built on WordPress using popular plugins such as Yoast SEO, Revolution Slider, and Contact Form 7, hosted by easyname GmbH. The site demonstrates moderate performance and good mobile optimization with a consistent branding approach.

G

Generations Beyond

generationsbeyond.com

64

Generations Beyond is a specialized marketing and web design agency focused on supporting challenger brands to achieve leadership positions. The company offers proactive web design, management, and marketing strategy services, positioning itself as a no-homework agency that handles technical and strategic tasks behind the scenes. The business is small-sized, US-based, and founded in 2000, with a mature domain presence and consistent branding. Technically, the website is built on WordPress with Elementor and integrates modern analytics and marketing tools such as Google Tag Manager and LinkedIn Insight. Security posture is adequate with HTTPS enabled and regular updates mentioned, but lacks explicit security headers and DNSSEC. Privacy compliance is limited due to absence of visible privacy and cookie policies. Overall, the website is professional, well-branded, and trustworthy, but could improve in privacy transparency and security best practices.

D

Dakar Institute of Technology

dit.sn

50

Dakar Institute of Technology (DIT) is a specialized educational institution based in Senegal, focusing on Artificial Intelligence, Big Data, and digital finance education. Established in 2019, it holds government recognition and accreditation from ANAQ-SUP, positioning itself as a pioneering AI engineering school in West Africa. The institution offers a range of degree programs, certifications, and professional training designed to prepare students and professionals for the evolving technology market. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting students and professionals interested in AI and Big Data.

I

Institut Pasteur Dakar

institutpasteurdakar.sn

51

Institut Pasteur Dakar (IPD) is a well-established healthcare and research institution focused on accelerating equitable, sustainable, and affordable access to healthcare in Senegal, Africa, and globally. The website reflects a strong market position with over 100 years of history, offering key services such as vaccine production, sentinel surveillance, reference laboratories including WHO collaborations, and academic programs. The target audience includes healthcare professionals, researchers, and public health stakeholders. The business model is non-profit, emphasizing public health impact and research excellence. Technically, the website is built on WordPress using modern plugins such as Yoast SEO and WPBakery Page Builder, with integration of Google Analytics via Google Site Kit. The site is mobile optimized and demonstrates good SEO practices, though accessibility features are basic. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS with good SSL configuration but lacks visible security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected, but the absence of privacy and cookie policies, as well as incident response information, indicates gaps in compliance and transparency. The WHOIS data aligns well with the website's claims, supporting legitimacy. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, security policy disclosures, and contact information transparency to improve user trust and regulatory adherence.

C

Canadian Football League

cfl.ca

62

The Canadian Football League's official website, CFL.ca, serves as the primary digital platform for delivering news, opinions, video highlights, schedules, scores, and statistics related to Canadian football. Positioned as the authoritative source for CFL content, the site targets sports fans and media consumers interested in Canadian football. The business model centers on media content delivery and fan engagement, leveraging digital channels to maintain and grow its audience. Technically, the website is built on WordPress CMS and incorporates a modern technology stack including jQuery, Materialize CSS, Google Tag Manager, and various analytics and advertising scripts. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS, employs standard security headers, and integrates a cookie consent mechanism compliant with privacy regulations. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of an explicit privacy policy and terms of service pages, as well as lack of visible contact information for security or business inquiries, represent areas for improvement. Overall, the website is trustworthy and professional, with strong branding consistency and relevant content. The missing WHOIS data suggests privacy protection, which is reasonable for a high-profile sports league domain. Strategic recommendations include publishing clear privacy and terms policies, enhancing accessibility, and providing explicit contact channels to strengthen compliance and user trust.

E

Emerson College

pshares.org

70

Ploughshares is a well-established literary journal operated under Emerson College, with a domain registered since 1998. The website serves literary readers, writers, and educators by publishing literary content and offering subscription services. Technically, the site is built on WordPress with popular plugins such as WooCommerce and Gravity Forms, and uses the Kadence theme, indicating a modern and maintainable infrastructure. The site employs HTTPS and integrates analytics tools like Google Analytics and Silktide, but lacks explicit privacy and cookie policies, which impacts privacy compliance. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosure information. Overall, the website is professional and trustworthy but could improve transparency and compliance aspects.

C

Cascadia Poetics LAB

cascadiapoeticslab.org

48

Cascadia Poetics LAB is a small non-profit organization based in Seattle focused on poetry and place-based cultural activities in the Cascadia region. Their offerings include community events such as the Poetry Postcard Fest, a podcast series, online workshops, a poetry festival, and related publications. The organization targets poetry enthusiasts and regional community members, operating primarily as a cultural and educational non-profit entity. Technically, the website is built on WordPress using the Divi theme, hosted by InMotion Hosting. It integrates modern web technologies including Google Fonts, reCAPTCHA for form security, and Google Tag Manager for analytics. The site demonstrates good mobile optimization and SEO practices but lacks some advanced accessibility features. From a security perspective, the site uses HTTPS with a good SSL configuration and employs reCAPTCHA to protect forms. However, it lacks DNSSEC, security headers like Content-Security-Policy, and a published security or vulnerability disclosure policy. The domain registration is privacy-protected but consistent with the organization's profile and age. Overall, the website is professionally presented and trustworthy for its niche audience but would benefit from enhanced privacy compliance and security practices to improve user trust and regulatory adherence.

S

SpaceNews Icon Awards

spacenewsawards.com

58

SpaceNews Icon Awards is a niche event-focused website dedicated to honoring leaders in space innovation through annual awards. The site targets space industry professionals, sponsors, and media, providing event information, sponsorship opportunities, and press materials. The business operates primarily as an event organizer and media promoter within the space sector. Technically, the website is built on WordPress with modern plugins such as Event Espresso and Revolution Slider, hosted likely on GoDaddy infrastructure. The site is mobile-optimized and uses Google Analytics for tracking, but lacks some advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled and domain protection flags set, but lacks DNSSEC and explicit security headers. Privacy compliance is weak due to missing privacy and terms of service pages, though a cookie consent mechanism is present. Overall, the domain registration is consistent and appropriate for the business history, indicating legitimacy.

G

Goods Unite Us

goodsuniteus.com

66

Goods Unite Us is a consumer advocacy platform focused on providing political background checks on thousands of brands and companies to help consumers align their spending with their political values. The organization operates primarily as a non-profit entity targeting consumers interested in political transparency and ethical purchasing. Their key services include a mobile app, brand ratings, and tools to influence corporate political expenditures. The website is built on WordPress with a modern tech stack including React components and integrates multiple third-party services for analytics, advertising, and push notifications. Privacy and cookie consent mechanisms are robust and GDPR compliant, reflecting a mature approach to user data protection. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though some security headers could be improved. The absence of WHOIS registration data is a concern for domain legitimacy verification but the professional website and active social media presence support trustworthiness. Overall, the site is well-designed, user-friendly, and serves a clear advocacy purpose.

P

Progressive Shopper, Inc.

progressiveshopper.com

55

Progressive Shopper, Inc. operates a niche platform focused on empowering consumers to align their purchases with their social and political values. The company offers browser extensions for major browsers and provides brand impact information, targeting socially conscious consumers. The website is built on a modern WordPress infrastructure with React and Gutenberg technologies, hosted by Pressable, and integrates common analytics and marketing tools such as Google Analytics, Facebook Pixel, and Mailchimp. Security posture is solid with HTTPS and domain registration protections, though improvements are needed in security headers and privacy compliance mechanisms. Overall, the website presents a professional and trustworthy front with good content quality and user experience.

R

Rise for Freedom

rise4freedom.org

42

Rise for Freedom is a US-based non-profit coalition focused on nationwide mass trainings to promote democracy and civic engagement. The organization offers live online and in-person training sessions, partnering with entities like the ACLU and using platforms such as Mobilize.us to coordinate events. The website reflects a grassroots movement model targeting a broad audience interested in democracy activism. Technically, the site is built on WordPress with common plugins and uses DreamHost for hosting. It employs Google Analytics with an opt-out mechanism, indicating moderate digital maturity. Security posture is adequate with HTTPS enabled but lacks advanced DNS security and explicit security headers. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the site is professional and trustworthy but could improve transparency and security practices.

L

Leaders We Deserve

leaderswedeserve.com

62

Leaders We Deserve is a grassroots political action committee focused on electing young progressive candidates to Congress and State Legislatures across the United States. Founded by David Hogg and Kevin Lata, the organization aims to counter far-right agendas and promote progressive policies. The website serves as a platform for voter engagement, fundraising, and candidate promotion, targeting young progressives and donors interested in political change. The business model revolves around grassroots campaigning and donation-driven support for progressive candidates. Technically, the website is built on WordPress with Yoast SEO plugin, leveraging modern web technologies including jQuery, Google Tag Manager, Hotjar, and Facebook Pixel for analytics and marketing. Hosting and domain registration are managed through Squarespace Domains and Cloudflare DNS services, ensuring reliable infrastructure. The site is mobile-optimized with good SEO practices but lacks some advanced accessibility features. From a security perspective, the site enforces HTTPS and uses domain status locks to prevent unauthorized changes. However, DNSSEC is not enabled, and no advanced security headers are detected, indicating room for improvement. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or detailed GDPR compliance statements. The site collects personal data via multiple signup forms with explicit SMS consent, integrating with ActionKit and ActBlue for campaign management and donations. Overall, the website is professionally designed, trustworthy, and aligned with its political advocacy mission. Security posture is adequate but could be enhanced with additional controls and transparency. Privacy compliance should be improved to meet evolving regulatory standards. The domain registration is consistent and legitimate, supporting the organization's credibility.

R

Run For Something

runforsomething.net

58

Run For Something is a non-profit political action committee focused on recruiting and supporting young progressive leaders to run for state and local offices. The organization provides candidate recruitment, support systems, volunteer coordination, fundraising, and educational resources to build long-term political power. Their market position is niche and specialized within the progressive political landscape. The website is built on WordPress with a modern tech stack including Gravity Forms, Yoast SEO, and multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, LinkedIn Insight Tag, and Mixpanel. Hosting and DNS services are managed via Cloudflare, providing good performance and security. The security posture is generally good with HTTPS enforced and domain transfer protections in place, but lacks DNSSEC and security headers, and does not have a published security or incident response policy. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite extensive tracking. Contact information is available primarily via email and web forms, with no phone numbers or physical addresses listed. Overall, the website is professional, trustworthy, and well-branded, serving its target audience effectively.

E

Election Truth Alliance

electiontruthalliance.org

66

Election Truth Alliance is a small non-profit organization focused on exploring election fraud consequences and advocating for safeguarding the voting process to support a healthy democracy. The website serves as an informational and advocacy platform with integrated donation capabilities to support its mission. The organization maintains an active social media presence across major platforms to engage its target audience interested in election integrity. Technically, the website is built on WordPress using modern plugins and themes, with payment processing integrated via Stripe and PayPal. The site is hosted with reputable providers and uses HTTPS, but lacks DNSSEC and explicit privacy or security policies. Security posture is moderate with domain locking but could be improved with enhanced DNS security and formalized incident response documentation. Overall, the website is professional and functional but would benefit from improved privacy compliance and clearer contact information.

S

Stop Project 2025 Comic

stopproject2025comic.org

60

Stop Project 2025 Comic is a small US-based non-profit initiative focused on political education and advocacy against the Project 2025 agenda associated with a potential second Trump presidency. The website uses comics as a medium to explain complex political issues and encourages voter registration. Technically, the site is built on WordPress with Elementor, hosted by pair Networks, and uses HTTPS, but lacks some security headers and privacy compliance documentation. The security posture is moderate with no critical vulnerabilities detected but could be improved with better policies and headers. Overall, the site is safe, professional, and serves a niche advocacy role with moderate trustworthiness.

E

Euromaidan Press

euromaidanpress.com

69

Euromaidan Press is a specialized media outlet providing English-language news, opinions, and analysis focused on political and military developments in Ukraine. Established in 2014, the website serves an audience interested in Ukrainian affairs, leveraging a WordPress CMS with SEO optimization via Yoast and structured data for enhanced search visibility. The technical infrastructure includes reputable hosting and DNS providers, with HTTPS enabled and Cloudflare DNS in use, ensuring a secure browsing experience. However, the absence of DNSSEC and security headers indicates room for improvement in DNS and HTTP security configurations. The site integrates multiple third-party analytics and advertising scripts, reflecting moderate user tracking and monetization strategies. Privacy compliance is limited, with no visible privacy or cookie policies, which may pose regulatory risks. Overall, the website demonstrates good content quality and technical implementation but should enhance privacy and security policies to improve trust and compliance.

A

Andrews McMeel

readpoetry.com

55

Read Poetry is an online media platform and community focused on celebrating poetry worldwide. It offers curated poetry content, interviews, writing tips, and event information, targeting poetry enthusiasts and writers. The site is professionally designed using WordPress with modern plugins and SEO optimizations, supported by affiliate marketing as a revenue stream. The platform maintains a consistent brand presence and active social media engagement, enhancing community reach and trust. Technically, the site uses a mature WordPress infrastructure with common third-party tools for analytics and marketing, ensuring moderate performance and good mobile responsiveness. Security posture is solid with HTTPS and some security best practices, though lacking explicit security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanisms. The absence of WHOIS data for the domain raises concerns about registration transparency, although the website content and branding suggest legitimacy. Overall, the site is a well-maintained niche media platform with room for improvement in privacy and security disclosures.

N

National Cartoonists Society

nationalcartoonists.com

47

The National Cartoonists Society is a well-established non-profit professional organization dedicated to supporting cartoonists and comic artists. It provides key services such as annual awards, membership networking, educational outreach, and charitable activities through its foundation. The website reflects a focused and professional presence targeting cartoonists, educators, and enthusiasts. Technically, the site is built on WordPress with modern frameworks and is hosted by SiteGround, offering good mobile optimization and accessibility. Security posture is adequate with HTTPS enabled and domain protections, but lacks advanced security headers and explicit privacy/cookie policies, indicating room for improvement. Overall, the site is trustworthy and credible but should enhance privacy compliance and security best practices to reduce risk and improve user trust.

O

Osmosis

osmosis.net

58

Osmosis is a small, established IT services company founded in 1991, specializing in total IT management, infrastructure design, security risk assessment, and custom computer system manufacturing. The company targets business owners and small to medium businesses seeking reliable IT management solutions. Their website reflects a professional and consistent brand image with clear service offerings and client testimonials indicating trust and long-term relationships. Technically, the website is built on WordPress with Elementor, uses modern JavaScript libraries, and integrates Google services such as reCAPTCHA and Tag Manager. The site is hosted behind Cloudflare DNS, uses HTTPS with good SSL configuration, and employs security best practices like CAPTCHA on forms. However, the absence of published privacy and cookie policies and lack of explicit security or incident response policies represent compliance gaps. Overall, the security posture is solid but could be improved with enhanced security headers and policy transparency. The domain WHOIS data is consistent with the business claims, showing a long registration period without privacy protection, supporting legitimacy. The website content is safe for general audiences with no adult or questionable content detected.

U

Unencumbered by Facts – Taking unsubstantiation to new levels

unencumberedbyfacts.com

59

Unencumbered by Facts is a personal technology blog primarily focused on open source webmail client development and related software topics. The site is authored by Jason Munro and hosted on WordPress.com, leveraging standard WordPress technologies such as PHP, JavaScript, and CSS. The blog features detailed posts about software projects, personal anecdotes, and technical insights, targeting developers and technology enthusiasts interested in open source email clients and related protocols. The website has a consistent branding and good content quality, though it lacks formal business contact information and privacy policies.

A

Andrews McMeel Universal

andrewsmcmeel.com

62

Andrews McMeel Universal is a large, established global media company specializing in publishing, syndication, entertainment, and licensing of comics, illustrated humor, and inspirational content. The company targets a broad general audience and operates multiple divisions and affiliate sites. The website is professionally designed, well-branded, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, the site uses WordPress CMS with modern JavaScript libraries and SEO plugins, supported by Google Analytics for user insights. Security posture is good with HTTPS enforced and firewall plugins active, though explicit security headers and incident response policies are not publicly documented. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. However, the absence of WHOIS data for the domain raises questions about domain registration transparency, warranting further verification. Overall, the site is trustworthy, professional, and safe for general audiences.

T

The Congressional Award

congressionalaward.org

58

The Congressional Award website represents a prestigious non-profit organization recognized as the United States Congress' highest honor for youth civilians. It focuses on recognizing initiative, service, and achievement among American youth. The site targets youth participants, educators, and community leaders, providing information about award programs and encouraging community service. The organization maintains a strong market position as an official government-endorsed entity with a clear mission and trusted brand identity. Technically, the website is built on WordPress with Elementor and uses modern web technologies including Google reCAPTCHA for form security and Google Analytics for traffic analysis. The site demonstrates good mobile optimization, SEO practices, and accessibility features, although some security headers could be improved. Performance is moderate, with a well-structured and professional design. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the absence of some security headers like Content-Security-Policy and X-Frame-Options suggests room for enhancement. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR considerations. Contact information is readily available, enhancing business credibility. Overall, the website is trustworthy, professionally maintained, and aligned with its non-profit mission. The lack of WHOIS data due to privacy protection does not detract from its legitimacy given the official nature of the organization. Strategic recommendations include enhancing security headers, conducting regular security audits, and maintaining up-to-date software to ensure continued trust and compliance.

R

Rock the Vote

rockthevote.org

58

Rock the Vote is a well-established non-profit organization focused on engaging young voters and promoting civic participation in the United States. The organization has maintained its domain since 1995, reflecting a long-standing presence in the non-profit advocacy sector. The website is built on WordPress and employs the Defender Security plugin to protect against malicious traffic and bots. However, the current content is inaccessible due to an IP block triggered by the AntiBot Global Firewall, limiting the ability to fully assess the site's content and user experience. From a technical perspective, the site uses standard web technologies including jQuery and is hosted on infrastructure likely provided by Amazon AWS, as inferred from DNS servers. The lack of DNSSEC and absence of visible security headers suggest room for improvement in domain and web security configurations. No privacy, cookie, or terms of service policies were detected in the provided content, indicating potential compliance gaps. Security posture shows some strengths such as the use of a security plugin and domain transfer protection, but also weaknesses like missing DNSSEC and no visible security headers. The blocking mechanism indicates active security management but also restricts access for some users. Overall, the risk assessment is moderate with recommendations to enhance security configurations, improve privacy compliance, and ensure accessibility. Strategic recommendations include enabling DNSSEC, implementing comprehensive security headers, publishing clear privacy and cookie policies, and providing accessible contact information to improve trust and compliance. Enhancing transparency and user experience will support Rock the Vote's mission and digital presence.

H

Hikosoft

hiko.link

47

HIKO Software is a small Taiwan-based company specializing in a Shopify social login app designed to simplify user authentication for e-commerce merchants. The website serves as a marketing platform built on WordPress, showcasing the app's features and linking to the Shopify app store and a demo site. The technical infrastructure is modern and stable, leveraging AWS hosting and HTTPS encryption, with a clean and responsive design optimized for mobile users. However, the site lacks some privacy compliance features such as a cookie policy and consent mechanism, and does not provide explicit contact information or security policies. The WHOIS data is consistent with the business profile, indicating legitimacy and domain age appropriate for the company's founding date in 2020. Overall, the website demonstrates a moderate security posture with room for improvement in security headers and privacy compliance.

T

The Beaverton

thebeaverton.com

70

The Beaverton is a Canadian satirical news media website established in 2010, offering humorous news articles, quizzes, workshops, and merchandise. It targets a general audience interested in satire and current events, positioning itself as a trusted source for comedic news content in North America. The website is built on WordPress CMS with Visual Composer and integrates multiple third-party advertising and tracking services, including Google Analytics, Facebook Pixel, and Taboola. The technical infrastructure is moderate in performance with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced and domain transfer protections in place, but lacks DNSSEC and advanced security headers like CSP. Privacy compliance is weak due to absence of visible privacy and cookie policies, which is a notable gap given the extensive use of tracking technologies. Overall, the domain registration is consistent and legitimate, supporting the business credibility. Strategic improvements in privacy transparency and security hardening would enhance trust and compliance.

Z

Zight

cl.ly

60

Zight is a technology company offering an all-in-one screen recording software solution for Mac, Windows, Chrome, and iOS platforms. The company targets business users who require tools to create, edit, and share videos, screenshots, and GIFs efficiently. Positioned as an established player in the screen recording market, Zight provides SaaS-based services with a focus on usability and business productivity. The website is built on WordPress with modern SEO and marketing tools integrated, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and domain registration locks in place, but lacks advanced DNS security and published security policies. Privacy compliance is weak due to missing privacy and cookie policies and absence of consent mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security transparency.

Parachute is a Canadian national non-profit organization dedicated to injury prevention through education, advocacy, and training programs. The organization targets a broad audience including healthcare professionals, educators, parents, seniors, youth, and the general public. Their market position is strong within the Canadian injury prevention sector, offering recognized programs and resources. Technically, the website is built on WordPress with modern technologies such as Google reCAPTCHA and Google Tag Manager, hosted likely by Webnames.ca Inc. The site is well optimized for mobile and accessibility, with good SEO practices. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and security headers are missing. Privacy compliance is basic with a clear privacy policy but no cookie consent mechanism detected. Overall, the website is professional, trustworthy, and serves its mission effectively.

C

Cœur + AVC

jeunescoeursrythmes.ca

56

Jeunes Cœurs rythmés is a French-language educational website operated by Cœur + AVC, a Canadian non-profit organization dedicated to heart disease and stroke prevention. The site offers educational resources and interactive programs targeting children and youth, as well as educators and families. It serves as a digital learning center with a focus on heart and brain health, providing a library of activities and an interactive mystery game for older students. The website is well-branded, consistent, and professionally designed, reflecting the organization's long-standing reputation in healthcare education. Technically, the site is built on WordPress with modern plugins and integrates analytics and tracking tools such as Google Analytics and Facebook Pixel. It uses Cloudflare for DNS and domain protection but lacks DNSSEC and some security headers. The site supports multilingual content via WPML and offers secure login and registration forms for educators. However, explicit privacy and cookie policies are not found, indicating a gap in compliance. Overall, the site is trustworthy, secure, and serves its educational mission effectively.

C

COVID-19 Resources Canada

covid19resources.ca

57

COVID-19 Resources Canada is a small non-profit organization focused on mobilizing volunteers and providing public health information to support Canada's response to the COVID-19 pandemic. The platform offers volunteer matching, vaccine Q&A sessions, and public COVID-19 data resources, targeting both the general Canadian public and healthcare professionals. The website is well-branded, consistent, and provides clear navigation and relevant content. Technically, it is built on WordPress with the Divi theme, using common analytics and marketing tools such as Google Analytics and Facebook Pixel. The site is mobile optimized and performs moderately well. Security posture is adequate with HTTPS and Cloudflare DNS, but lacks DNSSEC and security headers, and does not provide explicit security policies or incident response information. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional, with room for improvement in security and privacy transparency.

C

CanCOVID

cancovid.ca

60

CanCOVID is a Canadian non-profit network established in 2020 to facilitate multidisciplinary collaboration among researchers, academics, patient partners, decision makers, and industry stakeholders focused on the COVID-19 pandemic response. It provides knowledge products, data trackers, resource libraries, and community engagement platforms to support evidence-informed decision-making and policy development. The organization is government-funded and well-positioned within the Canadian public health ecosystem. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and integrates Google Analytics and Google Maps APIs. The site is hosted behind Cloudflare DNS, uses HTTPS with a good SSL configuration, and demonstrates good mobile optimization and accessibility. SEO practices are well implemented, and the site offers a professional user experience with clear navigation and relevant content. From a security perspective, the site employs HTTPS and domain transfer protection but lacks DNSSEC and explicit security headers. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial; a comprehensive privacy policy is present, but no cookie consent mechanism is implemented despite tracking scripts. Incident response and security policies are not publicly disclosed, which could be improved to enhance trust. Overall, CanCOVID presents a high level of business credibility and trustworthiness with a strong focus on public health research collaboration. The website quality is excellent, with minor improvements recommended in security headers and privacy compliance to further strengthen its security posture and regulatory adherence.

A

Aidro

aidro.it

44

Aidro is an established Italian manufacturing company specializing in hydraulic components and additive manufacturing solutions, founded in 2000. The company holds recognized certifications such as AS/EN 9100, ISO 9001, and DNV-ST-B203, positioning itself as a quality and innovation leader in fluid power and 3D printing sectors. Their website reflects a professional B2B business model targeting industrial clients in energy, aerospace, and manufacturing sectors. Technically, the website is built on WordPress with Elementor and uses modern web technologies including Google Analytics and YouTube API integrations. The site is well-structured, SEO optimized, and mobile responsive, though some accessibility features are basic. Security posture is generally good with HTTPS and DNSSEC enabled; however, the domain registration is currently expired, posing a risk to service continuity. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the site is trustworthy and professional but requires domain renewal and enhanced privacy features.