Security Directory

The website 'ada.cat' serves as a personal homepage for an individual named Ada, also known as Pixel. It functions primarily as a personal portfolio and social hub linking to various social and gaming platforms. The site is built using modern frontend technologies including Vue.js, Nuxt.js, and Vuetify, indicating a good level of technical maturity for a personal project. Hosting and DNS are managed through OVH and Cloudflare respectively, though DNSSEC is not enabled, and no advanced security headers are detected. The domain is very recently registered in Poland, consistent with the website's new launch. Security posture is moderate but could be improved by implementing standard security headers and enabling DNSSEC. Privacy and cookie policies are absent, and no contact information is provided, which limits compliance and business credibility. Overall, the site is safe, well-designed, and targeted at a general audience with no adult content. The AI overall score is 66, reflecting good content and technical implementation but weaknesses in privacy and security compliance.

I

IRCv3 Working Group

ircv3.net

56

IRCv3.net represents the official website of the IRCv3 Working Group, a collaborative community focused on enhancing the IRC protocol through open standards and extensible specifications. The group is composed of IRC client and server software authors who contribute to the development and maintenance of modern IRC extensions. The website serves as a hub for documentation, specifications, FAQs, and community engagement, targeting IRC developers and users interested in protocol improvements. From a technical perspective, the website is built using modern web standards including HTML5 and CSS3, leveraging frameworks such as Pure.css and FontAwesome for styling and icons. The site is hosted on a reputable DNS provider (NS1) and uses HTTPS with a valid SSL configuration, ensuring secure communications. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and uses domain transfer protection, but lacks DNSSEC and important security headers which could enhance its security posture. There is no published security policy or incident response information, and no privacy or cookie policies are present, which are areas for improvement especially for GDPR compliance. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. Overall, the website is trustworthy, professional, and focused on its niche community. The domain age and WHOIS data support legitimacy. Strategic recommendations include enabling DNSSEC, publishing privacy and security policies, adding security headers, and improving GDPR compliance to strengthen trust and security posture.

E

EmuMovies

emumovies.com

65

EmuMovies is a niche media repository and community platform focused on providing high-quality video previews, artwork, and related media for retro gaming and emulation front-ends. Established in 2005, it has built a loyal user base and offers unique services such as EmuMovies Sync for fast media downloads. The website is powered by the Invision Community CMS and leverages modern web technologies and Cloudflare for hosting and DNS. Security posture is solid with HTTPS and domain locks, though DNSSEC is not enabled. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit terms of service or security policy pages were found. Contact is primarily via a web form, and social media presence is limited to Facebook.

Tygrys is a small technology company founded in 2022 offering privacy-focused secure messaging, email, and code/project management services. The company emphasizes user data ownership, no ads, no tracking, and open source technologies. Their market position is niche with no direct competitors offering the same integrated privacy-centric services. Technically, the website is well implemented with modern technologies, mobile optimization, and good SEO practices. Hosting is via AWS DNS infrastructure. Security posture is strong with HTTPS and no trackers, but lacks some security headers and published policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy with room for improvement in compliance documentation and security transparency.

X

XMPP Standards Foundation

xmpp.org

57

The XMPP Standards Foundation operates xmpp.org as the authoritative site for the XMPP open messaging standard. The organization is a small, US-based non-profit focused on providing open specifications, software resources, and community engagement for developers and users of XMPP technology. The website reflects a mature, well-established project with a clear market position as a foundational technology standard powering messaging, IoT, WebRTC, and social applications. Technically, the site uses modern frontend frameworks like Bootstrap and FontAwesome, is mobile optimized, and served securely over HTTPS. However, it lacks some compliance elements such as privacy and cookie policies, and explicit contact information, which could be improved to enhance trust and regulatory adherence. Security posture is solid with HTTPS and domain transfer protections, but could benefit from additional security headers and published incident response details. Overall, the site is professional, trustworthy, and content-rich, serving its target audience effectively.

O

OpenPGP

openpgp.org

66

OpenPGP.org is the official website for the OpenPGP standard, the most widely used email encryption protocol. The site provides information about the standard, its history, and software implementations across all major operating systems. It positions itself as a trusted, community-driven resource with a long-standing presence in the encryption technology space since 1997. The website is professionally designed with clear navigation and good mobile optimization, reflecting a mature digital presence. However, it lacks explicit privacy, cookie, and terms of service policies, which are important for compliance and user trust. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript, and the Jekyll static site generator with the Minimal Mistakes theme. It employs HTTPS for secure communication but does not implement advanced security headers or disclose security policies. No tracking or advertising technologies are detected, indicating a privacy-respecting approach. The absence of WHOIS data transparency limits the ability to fully verify domain legitimacy, though the open source presence on GitHub and RFC standard references support authenticity. From a security perspective, the site demonstrates good baseline practices such as HTTPS and no exposed sensitive data. However, it lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for improving security posture and user confidence. Overall, the website is safe, professional, and trustworthy but could benefit from enhanced transparency and compliance documentation. Strategically, the site should prioritize publishing privacy and cookie policies, adding security headers, and providing clear contact information for security incidents. These steps will strengthen compliance with regulations like GDPR and improve overall trustworthiness in the security community.

F

Foxscotch

foxscot.ch

42

Foxscotch is a personal website representing an individual web developer who also enjoys programming, 3D modeling, and animals. The site serves primarily as a personal portfolio and social media hub, linking to various social platforms. The business model is personal branding with a focus on web development services. The website is simple, clean, and consistent in branding but lacks formal business information or policies. Technically, the site uses standard HTML and CSS with FontAwesome icons, but no advanced frameworks or CMS are detected. Performance and mobile optimization are moderate to good, though accessibility and SEO are basic. Security posture is weak due to absence of HTTPS confirmation, security headers, and privacy policies. No forms or data collection mechanisms are present, reducing attack surface but also limiting business functionality. Overall, the site is safe and suitable for general audiences with no adult content or tracking technologies detected.

The website 'theresnotime.co.uk' serves as a personal professional portfolio and blog for Sammy Fox, a software engineer affiliated with the Wikimedia Foundation. The site targets a general audience interested in technology, open source, and community engagement, showcasing professional projects, social profiles, and personal interests. The business model is individual-centric, focusing on personal branding and community contributions rather than commercial services. Technically, the site employs modern web standards including HTML5, CSS3, JavaScript, and JSON-LD structured data. It references technologies such as Python, Node.js, and PHP through linked projects and packages. Hosting appears to be provided by Mythic Beasts, and the site uses HTTPS with strong SSL configuration. Performance and mobile optimization are good, though accessibility features are basic. SEO is well addressed through meta tags and structured data. From a security perspective, the site benefits from HTTPS and publishes a public PGP key, indicating a commitment to secure communications. However, no explicit security headers were detected, and there is no cookie consent mechanism despite the use of tracking pixels. The WHOIS data is unavailable due to domain naming rules violations, which raises questions about domain registration legitimacy but does not directly impact the website's content quality or security posture. Overall, the website is professional, trustworthy, and safe for general audiences. The main risks relate to privacy compliance and domain registration transparency. Strategic recommendations include implementing security headers, adding a cookie consent mechanism, publishing security and incident response policies, and clarifying domain registration status to enhance trust.

A

Alternate GmbH

alternate-b2b.de

52

Alternate GmbH operates the ALTERNATE B2B online shop, a professional e-commerce platform targeting businesses and government agencies in Germany. The company offers a broad range of electronics and technology products, supported by personal service and efficient logistics. The website emphasizes sustainability with CO2-neutral shipping and features a comprehensive product catalog with energy efficiency labels. The platform includes tools such as PC configurators and streamlined returns management, positioning it as a market leader in the B2B electronics retail sector. Technically, the website leverages Jakarta Faces (JSF) framework, Bootstrap 4, FontAwesome, and integrates Usercentrics for cookie consent management. Hosting and DNS are managed via Cloudflare, ensuring good performance and security. The site is mobile-optimized and includes SEO best practices, although accessibility features are basic. Analytics are implemented through Google Tag Manager, with moderate user tracking and good privacy compliance. Security posture is strong with HTTPS enforced, security headers present, and no visible vulnerabilities or exposed sensitive data. However, the site lacks a dedicated security policy or incident response contact information, and does not publish a security.txt file. Cookie consent and GDPR compliance are well managed. The domain WHOIS data is limited but consistent with the brand, and no WAF or blocking mechanisms interfere with content access. Overall, ALTERNATE B2B presents a trustworthy, professional, and secure platform for B2B electronics sales. Strategic improvements could include publishing detailed security policies and enhancing accessibility. The site’s sustainability focus and comprehensive product offerings strengthen its market position.

Student Aid Alliance is a well-established coalition of over 40 higher education organizations advocating for increased federal student aid funding in the United States. Their website serves as an informational and advocacy platform, providing policy priorities, updates on funding requests, and calls to action aimed at students, educators, and policymakers. The organization positions itself as a key player in the education advocacy sector, focusing on improving college affordability through federal programs such as Pell Grants and Federal Work-Study. Technically, the website is built on WordPress using common plugins like Yoast SEO and frameworks such as Social Driver. It employs modern web technologies including jQuery and FontAwesome, and is optimized for mobile devices with good SEO practices. The site loads with moderate performance and offers a professional user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. However, it lacks DNSSEC and does not implement common security headers, which are recommended to enhance security posture. No privacy or cookie policies are explicitly presented, and no contact information such as emails or phone numbers are directly visible, which may impact user trust and compliance with privacy regulations. Overall, the website is credible and trustworthy with a strong business presence and clear mission. To improve, the organization should consider publishing comprehensive privacy and cookie policies, implementing security headers, enabling DNSSEC, and providing clear contact information to enhance compliance and user confidence.

F

Faustball Deutschland e.V.

faustball-liga.de

44

Faustball Deutschland e.V. operates as the official governing body for the sport of Faustball in Germany, providing comprehensive information on leagues, national and international competitions, training, and community engagement. The website serves players, coaches, fans, and the broader Faustball community with news, event details, and resources. It maintains a strong market position as the authoritative source for Faustball in Germany. Technically, the website is built on WordPress with a modern tech stack including jQuery, WooCommerce, NextGEN Gallery, and Jetpack. Hosting is provided by IONOS, and the site demonstrates good mobile optimization and moderate performance. Privacy compliance is well addressed with GDPR-compliant privacy and cookie policies, including a consent mechanism. From a security perspective, the site uses HTTPS with excellent SSL configuration and implements cookie consent. However, it lacks explicit security headers and published security or incident response policies. No critical vulnerabilities or exposed sensitive data were detected. The site integrates analytics tools such as Google Analytics and Jetpack Stats with moderate user tracking. Overall, the website is professional, trustworthy, and well-maintained, with good content quality and user experience. Strategic improvements could focus on enhancing security headers, publishing security policies, and expanding contact information transparency.

N

Network Data Center Host, Inc.

ndchost.com

59

Network Data Center Host, Inc. operates a professional web hosting service offering a variety of hosting solutions including shared website hosting, WordPress hosting, cloud servers, dedicated servers, cPanel licensing, and SSL certificates. The company emphasizes fast, stable, and easy-to-use services with 24x7 support, targeting individuals and businesses seeking reliable hosting since 2002. Their market position is that of an established small hosting provider with a consistent brand and multiple social media channels to engage customers. Technically, the website uses modern tracking and live chat technologies such as Google Analytics, Google Tag Manager, and Tawk.to, with good mobile optimization and SEO practices. However, the absence of CMS detection and hosting provider details limits deeper infrastructure insights. Security posture is moderate; HTTPS is implied but no explicit security headers or incident response policies are published. The lack of WHOIS data is a notable concern, reducing trustworthiness despite the professional presentation. Overall, the website is accessible, safe, and business-focused but would benefit from improved transparency and security practices.

A

Alternate GmbH

alternate.de

53

Alternate GmbH operates a leading German e-commerce platform specializing in electronics, computer hardware, household appliances, and related products. The company targets both general consumers and business customers, offering a wide product range and specialized B2B services. The website is professionally designed, mobile-optimized, and provides a seamless user experience with clear navigation and rich content. Technically, the site leverages modern frameworks such as Jakarta Faces and integrates third-party services like Usercentrics for GDPR-compliant cookie management and Epoq for personalized recommendations. Hosting and DNS are managed via Cloudflare, ensuring robust performance and security. Security posture is strong with HTTPS enforcement, security headers, and secure form handling, though explicit security policies and incident response contacts are not published. Overall, the site demonstrates high business credibility, compliance with privacy regulations, and a trustworthy online presence.

T

Tor Project

tails.net

67

Tails.net hosts the official website for Tails, a privacy-focused portable operating system designed to protect users against surveillance and censorship by routing traffic through the Tor network. The project is closely affiliated with the Tor Project, a globally recognized nonprofit focused on online privacy and anonymity. The website provides comprehensive information about Tails' features, target users including activists, journalists, and survivors of domestic violence, and offers resources for installation, documentation, and support. The business model is donation and sponsorship based, emphasizing free and open-source software principles.

P

Private by Design, LLC

prism-break.org

60

PRISM Break is a privacy advocacy website operated by Private by Design, LLC, focused on helping users opt out of global data surveillance programs by recommending privacy-respecting software alternatives. The site targets privacy-conscious users seeking to encrypt communications and reduce reliance on proprietary services. It maintains a niche position in the privacy technology sector with a small organizational footprint and a mission-driven business model. Technically, the website uses standard HTML5 and CSS with FontAwesome icons, is mobile optimized, and provides clear navigation and content relevant to its audience. However, it lacks advanced security headers and formal privacy or cookie policies, which limits its security posture and privacy compliance. The domain is well-established since 2013, registered transparently without privacy protection, aligning with the organization's advocacy goals. Overall, the site is trustworthy but could improve in formalizing privacy and security practices.

N

National Cartoonists Society

nationalcartoonists.com

47

The National Cartoonists Society is a well-established non-profit professional organization dedicated to supporting cartoonists and comic artists. It provides key services such as annual awards, membership networking, educational outreach, and charitable activities through its foundation. The website reflects a focused and professional presence targeting cartoonists, educators, and enthusiasts. Technically, the site is built on WordPress with modern frameworks and is hosted by SiteGround, offering good mobile optimization and accessibility. Security posture is adequate with HTTPS enabled and domain protections, but lacks advanced security headers and explicit privacy/cookie policies, indicating room for improvement. Overall, the site is trustworthy and credible but should enhance privacy compliance and security best practices to reduce risk and improve user trust.

M

Michael Lazar

mozz.us

46

Mozz.us is the personal domain of Michael Lazar, a professional software developer with a strong focus on alternative internet protocols such as Gemini, Gopher, Spartan, and CCSO. The website serves as a portfolio showcasing his open source projects, software development expertise, and personal interests including ASCII art. The site targets technology enthusiasts and developers interested in niche internet protocols and software tools. The business model is primarily personal and community-oriented, with no commercial transactions evident. Technically, the site uses standard HTML5 and CSS with FontAwesome icons, and the backend projects leverage Python frameworks like Flask and Django. Hosting and DNS are managed via Squarespace Domains and Google Cloud DNS respectively. The website is moderately optimized for performance and mobile devices, with basic accessibility and SEO features.

C

Common Dreams

commondreams.org

71

Common Dreams is an established independent, non-profit media organization founded in 1997, serving the progressive community with breaking news and opinion content. The website is well-branded, professionally designed, and provides comprehensive information about its mission and services. It operates on a reader-supported business model without advertising, emphasizing trust and transparency through published ethics and publishing principles. Technically, the site uses modern web technologies including Google Tag Manager, service workers, and the RebelMouse CMS platform, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved and explicit cookie consent mechanisms are absent. WHOIS data is unavailable due to privacy protection, which is justified for this type of organization. Overall, the site demonstrates a mature digital presence with strong business credibility and good security hygiene.

P

Private by Design, LLC

fedia.io

58

Fedia.io is a small technology company operating a content aggregator and micro-blogging platform focused on the fediverse ecosystem. The platform offers services such as thread posting, photo sharing, and magazine creation, targeting general users interested in decentralized social content. The website is modern and functional, with good design and navigation, but lacks visible privacy and cookie policies on the login page. Technically, the site uses modern JavaScript frameworks and is hosted via bunny.net, indicating a CDN-backed infrastructure with moderate performance and good mobile optimization. Security features include CSRF protection on forms and password preview toggling, but the absence of DNSSEC and security headers indicates room for improvement. The WHOIS data is transparent and consistent with the business profile, enhancing trustworthiness. Overall, the site scores moderately well but needs to improve privacy compliance and security hardening.

P

Star Trek Online

playstartrekonline.com

63

The website www.playstartrekonline.com serves as an online portal for the Star Trek Online MMORPG game, targeting gamers and Star Trek enthusiasts. It provides access to the game and community forums, focusing on expanding the Star Trek universe experience. The site employs standard web technologies including Google Tag Manager for analytics and OneTrust for cookie consent management, indicating a moderate level of digital maturity. However, the absence of a visible privacy policy, terms of service, and contact information limits its compliance and user trust. Security posture is moderate with HTTPS and cookie consent implemented, but lacks advanced security headers and incident response information. The domain WHOIS data is unavailable, raising concerns about domain legitimacy and registration status. Overall, the site is functional but requires improvements in transparency, security, and compliance to enhance trust and reduce risk.

E

ExOne

exone.com

72

ExOne is a globally recognized leader in binder jet 3D printing technology, specializing in industrial 3D printing systems and services for metal, sand, and ceramics. The company serves industrial manufacturers and foundries, offering advanced additive manufacturing solutions that enable complex designs, rapid prototyping, and efficient production workflows. ExOne operates under the parent company Desktop Metal, Inc., and maintains a strong market position with a comprehensive portfolio of 3D printing systems, materials, and on-demand tooling services. Technically, the website is built on the Kentico CMS platform and leverages modern web technologies including Google Tag Manager, HubSpot analytics, and jQuery. The site is well-optimized for mobile devices, accessible, and SEO-friendly, providing a professional user experience. Privacy and cookie policies are implemented with GDPR compliance in mind, and the site integrates multiple marketing and tracking tools responsibly. From a security perspective, the site enforces HTTPS and employs secure consent mechanisms, though explicit security headers and incident response contacts are not publicly disclosed. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data for the domain is unavailable or protected, which slightly reduces transparency but does not detract significantly from the site's legitimacy given the strong business indicators and parent company association. Overall, ExOne's digital presence reflects a mature, professional industrial technology company with a solid security posture and compliance awareness. Strategic recommendations include enhancing public security policies, adding incident response contacts, and implementing additional security headers to further strengthen trust and resilience.

The website 'jottings.lol' is a personal blog operated by Private by Design, LLC, focusing on technology and social media commentary. It provides opinionated articles analyzing platforms like Twitter and Threads, targeting general internet users interested in tech and privacy. The business model is content publishing with a niche audience, and the site is relatively new, founded in 2023. Technically, the site uses standard HTML5 and CSS3 with custom fonts and FontAwesome icons. It is hosted under the Porkbun registrar infrastructure, with no detected CMS or advanced frameworks. The site is moderately performant and mobile-optimized but lacks advanced SEO and accessibility features. From a security perspective, the site lacks security headers and published policies, with no evidence of HTTPS enforcement or incident response mechanisms. The domain registration is consistent and legitimate, with no suspicious patterns. Overall, the security posture is basic, and privacy compliance is minimal. The site content is safe for general audiences, with no adult or explicit content. There are no WAF or blocking mechanisms detected, allowing full content access. Strategic improvements in security headers, privacy policies, and incident response contacts are recommended to enhance trust and compliance.

T

Talentegy, Inc.

talentegy.com

68

Talentegy, Inc. operates a specialized Talent Experience Management platform designed to optimize recruiting and talent management processes by providing actionable insights across the employee lifecycle. The company targets HR professionals and organizations seeking to enhance candidate and employee experiences through data-driven analytics and engagement metrics. Recognized with industry awards, Talentegy positions itself as an innovative leader in recruitment marketing technology. Technically, the website is built on the HubSpot CMS platform, leveraging modern JavaScript libraries and marketing automation tools such as Google Analytics and LinkedIn Insight. The site demonstrates good mobile optimization, clear navigation, and professional design, supporting a positive user experience. Privacy and cookie policies are present and indicate GDPR compliance, enhancing trust and regulatory adherence. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms but lacks visible security headers and published security policies or incident response contacts. The absence of WHOIS domain registration data raises concerns about domain legitimacy, although the website content and external references suggest a legitimate business entity. Overall, the security posture is moderate with room for improvement in transparency and technical safeguards. Strategically, Talentegy should prioritize publishing comprehensive security policies, implementing standard security headers, and resolving domain registration visibility issues to strengthen trustworthiness. Enhancing incident response readiness and vulnerability disclosure practices will further improve the security culture and compliance posture, supporting sustainable growth and customer confidence.

R

Radio Seoul

radioseoul1650.com

38

Radio Seoul operates as a Korean-American focused media broadcasting platform, primarily delivering AM1650 radio content, live streaming, news, and entertainment to the Korean-speaking community in the United States. The website positions itself as the largest Korean radio broadcast network in the US, offering a mix of live radio, newsletters, and topical news content. The business model centers on media broadcasting and digital content delivery, targeting a niche ethnic audience. Technically, the site is built on WordPress with Elementor and Yoast SEO Premium, indicating a modern and maintainable infrastructure. The presence of social media integration and structured data enhances its digital maturity. Security posture is moderate with HTTPS enabled and no obvious vulnerabilities, but lacks advanced security headers and formal policies. The absence of WHOIS registration data raises concerns about domain legitimacy, though the website content and social presence suggest operational activity. Overall, the site is functional and professional but requires improvements in privacy compliance and domain registration transparency.

C

Canadian Food Focus

canadianfoodfocus.org

50

Canadian Food Focus is a Canadian-based content and educational platform dedicated to providing information on how food is grown, raised, and prepared in Canada. The website offers recipes, podcasts, courses, and articles aimed at helping consumers make confident food choices. The platform targets Canadian consumers interested in food, agriculture, and culinary education, positioning itself as a niche resource in the Canadian food ecosystem. Technically, the site is built on WordPress with a modern tech stack including Yoast SEO, Genesis Framework, and various plugins for content display and user interaction. The site is mobile optimized, uses HTTPS, and includes structured data for SEO benefits. Security posture is moderate with HTTPS enabled and domain registration protections, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. The site uses third-party analytics and marketing tools such as Google Tag Manager and Facebook Pixel, indicating moderate user tracking. Overall, the website is professional and trustworthy but would benefit from enhanced privacy disclosures and security hardening.

F

Farm and Food Care PEI

farmfoodcarepei.com

45

Farm and Food Care PEI is a small non-profit organization dedicated to educating Islanders about local food production and celebrating local farmers in Prince Edward Island, Canada. The website serves as an educational and community engagement platform, providing resources, events, and projects related to agriculture and food. The organization positions itself as a regional leader in agricultural education and local food promotion. Technically, the website is built on WordPress using the Divi theme, with modern web technologies and a moderate performance profile. It is hosted likely via GoDaddy, with proper HTTPS enabled and basic SEO optimizations in place. Security posture is adequate with SSL but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced compliance and security measures.

F

Farm & Food Care Ontario

farmfoodcareon.org

58

Farm & Food Care Ontario is a registered Canadian charity and coalition dedicated to building public trust and consumer confidence in food and farming in Ontario and Canada. The organization collaborates with farmers, agricultural professionals, related businesses, and government organizations to provide educational resources, events, and support services. Their website serves as a comprehensive resource hub for farmers and the general public interested in agriculture, featuring projects, guides, and partner initiatives such as virtual farm tours and educational campaigns. Technically, the website is built on WordPress with modern plugins like Yoast SEO and WooCommerce, integrated with Google Tag Manager and Analytics for tracking. The site is mobile optimized and demonstrates good SEO practices, although some accessibility features could be improved. Performance is moderate with caching and minification in place. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks visible security headers and cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is incomplete, which slightly impacts trust but the overall digital presence and charity registration support legitimacy. Overall, the website is a well-maintained, professional platform supporting a non-profit agricultural coalition with a strong focus on education and public engagement. Strategic improvements in privacy compliance and security headers would enhance trust and compliance posture.

F

Farm & Food Care Saskatchewan

farmfoodcaresk.org

48

Farm & Food Care Saskatchewan is a whole-sector coalition representing farm families, agribusinesses, food processors, restaurants, retailers, and food companies in Saskatchewan, Canada. The organization focuses on connecting consumers to food and farming through educational resources and sector advocacy. The website serves as an informational platform to support this mission, targeting consumers and stakeholders interested in agriculture and food care in the region. The business model is that of a non-profit coalition with a small organizational size and an established presence since 2014. Technically, the website is built on WordPress 6.8.2, utilizing a range of plugins including Yoast SEO, Gravity Forms, Modern Events Calendar, and MemberPress. The hosting provider is identified as FullHost based on DNS nameservers. The site demonstrates good mobile optimization, SEO practices, and moderate performance. However, accessibility features are basic, and some technical improvements are recommended. From a security perspective, the site uses HTTPS with a valid SSL certificate but lacks DNSSEC and important security headers such as Content-Security-Policy and X-Frame-Options. No explicit security or incident response policies are published, and no vulnerability disclosure or security.txt files are found. The domain registration is privacy protected via Domains By Proxy, LLC, which is justified for this type of organization. Overall, the security posture is moderate but could be enhanced with additional controls and transparency. The website content is safe for general audiences, with no adult or explicit material detected. Social media presence is well integrated, supporting community engagement. Privacy and cookie policies are absent, which impacts compliance scores. The overall AI-assessed score is 74, reflecting a good but improvable website in terms of privacy and security compliance.

R

REM Web Solutions

remwebsolutions.com

70

REM Web Solutions is a Canadian small business specializing in web design, digital marketing, and accessibility solutions primarily serving the Kitchener-Waterloo region. The company offers a comprehensive suite of services including responsive web design, SEO, PPC advertising, content marketing, and dedicated support. Their website demonstrates a professional and consistent brand presence with excellent content quality and user experience. Technically, the site uses a mix of modern and legacy technologies such as jQuery, Bootstrap, and proprietary CMS WebWiz@rd™, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking explicit security headers and public security policies. The absence of WHOIS domain registration data is a notable concern, potentially impacting trust and legitimacy verification. Overall, the website is well-positioned for its target market but should address domain registration transparency and enhance security disclosures.

V

Victorian Order of Nurses for Canada

von.ca

56

VON Canada is a well-established non-profit organization providing home and community healthcare services primarily in Ontario and Nova Scotia. Their services include clinical care, personal support, respite, caregiver support, end-of-life care, and social connection programs. The organization has a strong market position supported by over a century of history and recognized certifications such as Accreditation Canada and BPSO. The website reflects a professional, user-friendly design with clear navigation and mobile optimization, targeting individuals and families seeking healthcare services in their communities. Technically, the site is built on Drupal 10 with modern libraries and tracking tools, hosted behind Cloudflare DNS, and implements HTTPS with good security practices, though DNSSEC is not enabled. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure policy are areas for improvement. Overall, the site demonstrates a high level of business credibility and digital maturity.

Huron Perth Healthcare Alliance is a regional healthcare organization in Ontario, Canada, providing coordinated hospital and healthcare services across multiple sites. The website serves patients, families, caregivers, and healthcare professionals with comprehensive information on services, patient resources, and organizational transparency. The alliance holds accreditation with exemplary standing, indicating a strong commitment to healthcare quality. Technically, the website is built on ASP.NET WebForms with common libraries like jQuery and RoyalSlider, and integrates Google Analytics for visitor tracking. While the site is functional and professionally designed, it shows room for improvement in mobile optimization and accessibility. Security posture is moderate; HTTPS is implied but no explicit security headers were detected in the provided data. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. WHOIS data is unavailable, likely due to privacy protection, which is typical for healthcare entities. Overall, the site is trustworthy and serves its audience well but could benefit from enhanced security and privacy features.

A

Autoritatea de Supraveghere Financiară

asfromania.ro

61

Autoritatea de Supraveghere Financiară (ASF) is the official Romanian financial supervisory authority responsible for regulating, authorizing, and supervising the insurance market, private pensions, and capital markets. The website serves as a comprehensive portal for regulatory information, public consultations, press releases, and consumer alerts, targeting both the general public and financial market participants. The organization is well-established, founded in 2013, and holds a significant position in Romania's financial regulatory landscape. Technically, the website is built on Joomla CMS and incorporates modern web technologies including Google Analytics and Google Tag Manager for analytics, FontAwesome for icons, and Google Fonts for typography. The site is mobile-optimized and includes accessibility features, providing a good user experience. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks advanced security headers such as Content-Security-Policy or X-Frame-Options. There is no visible security policy or incident response contact information published, nor a vulnerability disclosure or security.txt file. Cookie consent mechanisms are implemented, indicating awareness of privacy compliance. WHOIS data is consistent with the organization's claims, enhancing trust. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. Recommendations include enabling DNSSEC, adding security headers, publishing security policies, and establishing a vulnerability disclosure program to further enhance security posture and transparency.

T

THE CANADIAN MENTAL HEALTH ASSOCIATION

here247.ca

58

Here 24/7 is a Canadian non-profit organization providing coordinated addictions, mental health, and crisis services across the Waterloo Wellington region. The website serves as a comprehensive portal for individuals seeking help, providers, and families, offering intake, assessment, referrals, and support services. It is operated by THE CANADIAN MENTAL HEALTH ASSOCIATION, a reputable organization with a domain registered since 2014, reflecting a stable presence in the healthcare sector. The site also partners with government health agencies and participates in the national 9-8-8 Suicide Crisis Helpline initiative. Technically, the website is built on WordPress using the Genesis Framework, with common web technologies such as jQuery and Google Maps API integrated. The site is mobile-optimized and accessible, with good SEO practices and clear navigation. Hosting is via Hover.com, and the site uses HTTPS with a valid SSL certificate. However, DNSSEC is not enabled, and security headers are absent, which are areas for improvement. From a security perspective, the site demonstrates good baseline practices such as HTTPS enforcement and domain transfer protections. There are no visible vulnerabilities or exposed sensitive data. The Google Analytics plugin is installed but not configured, indicating minimal user tracking. Privacy compliance is basic, with a clear privacy policy but no cookie consent mechanism. No explicit security or incident response policies are published. Overall, the website is trustworthy, professional, and well-aligned with its mission to provide mental health and addiction support. Strategic improvements in security headers, DNSSEC, and privacy mechanisms would enhance its security posture and compliance. The domain registration data supports legitimacy and transparency, reinforcing confidence in the organization and its digital presence.

C

County of Wellington

wellington.ca

66

County of Wellington operates as a regional government authority in Ontario, Canada, providing a broad range of municipal services to its residents and businesses. The website serves as a comprehensive portal for accessing information on garbage and recycling, roads and construction, child care, housing supports, social assistance, transportation, public safety, long-term care, and business development. The site targets local residents, businesses, and community stakeholders, positioning itself as a trusted government resource. Technically, the website is built on Drupal 10, leveraging modern web technologies including Google Tag Manager and accessibility monitoring tools, ensuring a good user experience across devices. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although there is room for improvement in publishing explicit security policies and incident response details. The absence of WHOIS data is a notable gap but does not detract significantly from the overall legitimacy given the official .ca domain and consistent government branding. Strategic recommendations include enhancing transparency around security policies and incident response, and verifying domain registration details for trust assurance.

T

Thames Valley Family Health Team

swselfmanagement.ca

63

The South West Self Management Program, operated by the Thames Valley Family Health Team and funded by Ontario Health, offers free workshops and support services to individuals living with chronic health conditions, caregivers, and health professionals in Southwestern Ontario. The program focuses on empowering participants through education and skills training to better manage their health. The website reflects a well-established regional healthcare initiative with clear branding and consistent messaging. Technically, the site uses modern web technologies including jQuery, FontAwesome, and service workers for PWA capabilities, hosted with Cloudflare DNS and managed via the Multiscreensite CMS platform. Analytics are implemented using Google Analytics and Snowplow, indicating moderate user tracking. Security posture is good with HTTPS enforced and domain transfer protections, though some security headers and explicit policies could be improved. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and serves its target audience effectively.

C

CrediMaxx® GmbH

credimaxx.de

60

CrediMaxx® GmbH is a German financial services company specializing in credit mediation with a strong emphasis on social responsibility and personalized customer service. The company offers a variety of loan products including credit without Schufa, instant loans, refinancing loans, modernization loans, and digital loans with online completion. Positioned as a niche player with TÜV-certified customer satisfaction and strong online presence, CrediMaxx targets individuals who face challenges obtaining credit through traditional banks due to negative credit scores or other factors. The website is professionally designed, mobile-optimized, and SEO-friendly, leveraging modern technologies such as WordPress, Yoast SEO, and Cloudflare for performance and security. Privacy and cookie policies are comprehensive and GDPR-compliant, supported by a consent mechanism. Security posture is solid with HTTPS and SSL encryption, though explicit security headers and incident response information are not publicly detailed. Overall, the website and business demonstrate high trustworthiness and professionalism, with room for improvement in explicit security disclosures and direct contact information.

C

Cookies Agency

cookiesagency.gr

47

Cookies Agency is a small, dynamic branding and digital marketing agency based in Greece, specializing in branding, web design, print, and hotel editions. The company positions itself as a creative agency passionate about delivering satisfying communication solutions to its clients, primarily targeting businesses in hospitality and lifestyle sectors. The website showcases a professional portfolio and provides clear contact information, including email addresses and phone numbers, enhancing business credibility. Technically, the website is built on WordPress using the Divi theme and several plugins such as Visual Portfolio and 3D Flipbook. It integrates Google Analytics and Google Tag Manager for tracking and marketing purposes. The site is mobile optimized with good SEO practices but lacks some advanced accessibility features. Performance is moderate, with modern technologies and lazy loading implemented. From a security perspective, the site uses HTTPS with a valid SSL certificate and implements cookie consent with blocking mechanisms, indicating awareness of privacy regulations. However, it lacks visible security headers and published privacy or security policies, which are areas for improvement. No vulnerabilities or suspicious content were detected, and the domain registration data aligns well with the business claims, supporting legitimacy. Overall, the website presents a professional and trustworthy digital presence with room for enhancement in privacy compliance and security best practices. Strategic recommendations include publishing comprehensive privacy and terms of service policies, adding security headers, and considering a vulnerability disclosure policy to strengthen trust and compliance.

H

Health Advocate | Caring for you in all ways. Always.

healthadvocate.com

68

The website 'Health Advocate' appears to be a health-related service platform with a focus on advocacy and support. The site is built on WordPress and uses common plugins such as Yoast SEO and WP Rocket, indicating a moderate level of technical maturity. The content is accessible and appears safe for general audiences, with no adult or explicit content detected. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. The lack of visible privacy, cookie, and terms of service policies further impacts the site's compliance posture. Security measures such as HTTP security headers are not evident, and no contact or incident response information is provided, which limits trust and security readiness. Overall, the site demonstrates basic digital presence but requires improvements in security, compliance, and transparency to enhance trustworthiness and user confidence.

A

Ameritas

ameritas.com

69

Ameritas is a financial services company focused on providing financial strategies, insurance, and retirement planning solutions to individuals seeking to secure a fulfilling life. The website presents a professional and consistent brand image, leveraging WordPress with the Divi theme for content management and presentation. The technical infrastructure includes modern web technologies and third-party marketing scripts, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and some script-based security measures, but lacks explicit security headers and comprehensive privacy policies. The absence of WHOIS data raises concerns about domain registration transparency, which impacts trustworthiness. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security best practices.

C

ContactPigeon

contactpigeon.com

65

ContactPigeon is a specialized omnichannel customer engagement platform targeting retailers and eCommerce businesses. It offers a comprehensive suite of marketing automation tools including email campaigns, push notifications, SMS, chatbots, and advanced segmentation. The company positions itself as a leader in retail marketing automation with multiple industry awards and strong customer testimonials. Technically, the website employs modern technologies such as Google Tag Manager, Facebook Pixel, Microsoft Clarity, and New Relic for analytics and performance monitoring. The site is well-optimized for mobile and SEO, with a professional design and clear navigation. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data reduces transparency but does not detract significantly from the overall trustworthiness given the strong business signals. Overall, ContactPigeon demonstrates a mature digital presence with good privacy compliance and marketing sophistication.

Diabetes Canada is a well-established non-profit organization dedicated to diabetes research, advocacy, education, and support within Canada. The website reflects a professional and consistent brand presence targeting individuals affected by diabetes, healthcare professionals, and researchers. The organization operates with a long-standing domain registered since 2000, indicating stability and trustworthiness. Technically, the website employs a variety of modern marketing and analytics technologies including Google Tag Manager, Google Analytics, Facebook Pixel, and others, indicating a mature digital infrastructure. The site is hosted under a Canadian registrar and uses HTTPS, but lacks DNSSEC and explicit security headers based on the provided data. Mobile optimization and accessibility appear to be good, enhancing user experience. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks visible security policies, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is weak due to the absence of explicit privacy and cookie policies or consent mechanisms. The extensive use of third-party tracking scripts suggests a moderate to extensive user tracking level, which may raise privacy concerns. Overall, the website is professional and trustworthy but would benefit from improved privacy compliance and enhanced security practices. Strategic recommendations include publishing comprehensive privacy and cookie policies, enabling DNSSEC, implementing security headers, and establishing clear incident response and vulnerability disclosure channels.

The website www.pepkritis.gr serves as the official online presence of the Special Management Service for the 'KRITI' Program, a government initiative managing EU funds for the Crete region in Greece. It provides information about the program, calls for proposals, technical assistance, and related news and events. The site targets government officials, regional stakeholders, and the general public interested in regional development programs. Technically, the site is built on WordPress using the Divi theme and several plugins for event management and cookie compliance. It demonstrates good digital maturity with accessibility features and a cookie consent mechanism. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. However, the absence of explicit privacy policy, terms of service, and contact information limits full compliance and user trust. Overall, the site is professional, trustworthy, and well-maintained, but could improve privacy transparency and user contact options.

Ε

Εμπορικό & Βιομηχανικό Επιμελητήριο Ηρακλείου

ebeh.gr

38

The website represents the Εμπορικό & Βιομηχανικό Επιμελητήριο Ηρακλείου (Heraklion Chamber of Commerce and Industry), a regional government/non-profit entity supporting local businesses in Heraklion, Greece. It offers a variety of services including business registration, legal advice, digital signatures, educational seminars, and business promotion activities. The site targets local businesses and members of the chamber, providing them with resources, news, and electronic services to facilitate business operations and growth. Technically, the website is built on Drupal 9, leveraging modern web technologies such as Swiper.js for UI components and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, with a consistent and professional design. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and uses secure forms typical of Drupal CMS. However, it lacks explicit security headers and a visible incident response or vulnerability disclosure policy. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected, which is a gap given GDPR requirements. Overall, the website is trustworthy and professional, with a strong business credibility score. Recommendations include implementing cookie consent, enhancing security headers, and publishing security policies to improve compliance and security posture.

C

Centre canadien sur les dépendances et l’usage de substances

cemusc.ca

52

The website cemusc.ca is a professionally designed, bilingual French-English platform dedicated to providing comprehensive data and resources on the costs and harms of substance use in Canada. It is affiliated with the Centre canadien sur les dépendances et l’usage de substances (CCSA) and the University of Victoria's CISUR research center, positioning it as an authoritative source in the public health and research sector. The site offers interactive data visualization tools, detailed reports, and infographics aimed at researchers, policymakers, and the general public interested in substance use impacts. Technically, the site employs modern web technologies including Bootstrap for responsive design, FontAwesome for icons, and jQuery for scripting. The site is mobile-optimized and accessible, with a moderate performance profile. While no CMS is explicitly detected, the site is well-structured and includes accessibility features and cookie consent mechanisms aligned with GDPR requirements. From a security perspective, the site uses HTTPS and has domain transfer protections in place. However, it lacks DNSSEC and explicit security headers, which are recommended for enhanced security. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is supported by a clear privacy notice and cookie consent banner, though no terms of service or security policy pages were found. Overall, cemusc.ca presents a trustworthy, well-maintained resource with a strong focus on public health research. Strategic improvements in security headers and DNSSEC implementation would further strengthen its security posture. The absence of direct contact emails or phone numbers is mitigated by a contact form. The site is safe for general audiences and free from adult or explicit content.

C

Craft

craft.co

10

Craft operates a supply chain resilience platform aimed at helping businesses better understand their suppliers, mitigate disruptions, and build robust supply chains. Positioned as a B2B SaaS technology provider, Craft targets enterprises seeking to enhance supply chain visibility and resilience. The website is professionally designed, leveraging WordPress CMS with modern analytics and marketing integrations such as Google Analytics, HubSpot, and Facebook Pixel. The technical infrastructure reflects a mature digital presence with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though the absence of security headers and vulnerability disclosure pages suggests room for improvement. The lack of publicly available WHOIS data due to privacy protection is typical for commercial entities but slightly reduces transparency. Overall, the site presents a credible business front with moderate risk, recommending enhancements in security policy transparency and compliance documentation.

A

Adnet Communications Inc.

adnetinc.com

9

Adnet Communications Inc. is a Vancouver-based full-service web agency with over 20 years of experience specializing in website design and development for public companies and investor relations. The company offers a range of services including custom websites, template-based sites, single page and landing pages, coding partnership, and website rescue services. Their business model focuses on tailored web solutions with hosting, SSL certificates, analytics, and SEO as part of their packages. The website targets busy public and private companies seeking professional web presence solutions. Technically, the site uses modern web technologies including Uikit framework, Google Analytics, Matomo, Hotjar, and is hosted on AWS infrastructure. The site is mobile optimized with good navigation and content quality. Security posture is moderate with HTTPS enabled and daily backups, but lacks DNSSEC and explicit security headers. Privacy compliance is weak due to absence of privacy and cookie policies and consent mechanisms. Overall, the domain registration data supports the legitimacy and long-standing presence of the business. Strategic recommendations include enhancing privacy compliance, enabling DNSSEC, publishing security policies, and improving security headers to strengthen trust and compliance.

T

The Centre for Addiction and Mental Health

camh.ca

67

The Centre for Addiction and Mental Health (CAMH) is Canada's largest mental health teaching hospital and a globally recognized research center. The organization provides comprehensive mental health and addiction services, education, and research, targeting patients, families, healthcare professionals, and researchers. The website reflects a mature digital presence with extensive content, clear navigation, and professional branding. Technically, the site leverages modern web technologies including Sitecore CMS, multiple analytics and marketing tools, and is hosted with secure HTTPS protocols. Security posture is good with domain protections and no evident vulnerabilities, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is a notable gap due to the absence of explicit privacy and cookie policies or consent mechanisms. Overall, CAMH demonstrates high business credibility and trustworthiness, supported by consistent WHOIS data and a long-established domain.

R

RGB Media

rgbmedia.org

49

RGB Media is a specialized media technology company focused on developing journalism and content services for new media platforms. Their flagship product, Salamandra, is a content display management system that enables dynamic and flexible editorial websites tailored to commercial and editorial needs. The company serves a niche market of content publishers and journalistic organizations, with a client base including reputable media outlets such as Times of Israel. Their business model centers on providing end-to-end digital solutions including CMS, hosting, design, development, and strategic consulting. Technically, the website employs modern JavaScript libraries, Google Analytics, and reCAPTCHA for spam protection, with good mobile optimization and SEO practices. However, the absence of explicit privacy and cookie policies indicates a compliance gap. Security posture is moderate, with HTTPS usage but lacking visible security headers and incident response information. WHOIS data is incomplete, limiting domain trust verification, but the professional presentation and client endorsements support legitimacy. Overall, the website is well-designed and functional, targeting media companies and publishers with specialized digital journalism solutions.

C

Canadian Centre on Substance Use and Addiction

gamblingguidelines.ca

44

The website gamblingguidelines.ca is an authoritative Canadian government/non-profit resource focused on educating the public about Lower-Risk Gambling Guidelines to reduce gambling-related harms. It offers comprehensive educational materials, interactive risk assessment tools, and downloadable resources to support safer gambling practices. The site is affiliated with the Canadian Centre on Substance Use and Addiction, enhancing its credibility and trustworthiness. Technically, the site is built on WordPress, uses modern web technologies including jQuery and Google Tag Manager, and is hosted by Webnames.ca Inc. The site is mobile-optimized, accessible, and performs moderately well. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and security headers are missing. Privacy compliance is good, with a clear privacy policy, cookie consent banner, and GDPR considerations. No incident response or security policy information is publicly available, which could be improved. Overall, the site is professional, trustworthy, and safe for general audiences.

C

Canadian Centre on Substance Use and Addiction

csuch.ca

50

The Canadian Centre on Substance Use and Addiction (CSUCH) website serves as a comprehensive resource for data and research related to the costs and harms of substance use in Canada. It offers detailed reports, provincial and territorial infographics, and an interactive data visualization tool to support policymakers, researchers, and the public. The site is well-branded and professionally designed, reflecting its authoritative position in the healthcare and public health research sector. Technically, the website employs modern web technologies including Bootstrap for responsive design, FontAwesome for icons, and JavaScript libraries such as jQuery. The site is mobile-optimized and accessible, with good SEO practices evident. Hosting and domain registration are consistent with the Canadian focus of the organization, though DNSSEC is not enabled, and some security headers appear to be missing. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but lacks explicit security policies, incident response information, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies and a GDPR-compliant cookie consent mechanism. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements in security headers, DNSSEC, and formal security policies would enhance the security posture and trust further.