Security Directory

G

General Logistics Systems US, Inc. (GLS)

gls-us.com

0

General Logistics Systems US, Inc. (GLS) operates a regional parcel delivery service focused on the Western United States, providing faster delivery services across multiple states including California, Washington, Oregon, Idaho, and Colorado. The company offers a variety of shipping tools, account management, and integration options for business customers. The website reflects a medium-sized transportation business with a clear focus on parcel delivery and customer support. Technically, the site uses modern JavaScript frameworks such as Vue.js and integrates multiple marketing and analytics tools including HubSpot, Marketo, Google Analytics, and Hotjar. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts the security posture and trustworthiness of the site. Privacy compliance is basic, with a privacy policy present but no visible cookie consent mechanism. Overall, the site provides good content and user experience but requires urgent security improvements to protect user data and enhance trust.

S

San Gabriel Valley Regional Housing Trust

sgvrht.org

0

The San Gabriel Valley Regional Housing Trust is a non-profit joint powers authority established in 2020 to facilitate funding and financing for homeless and affordable housing projects in the San Gabriel Valley region. The organization serves as a regional resource to support extremely low, very low, and low-income housing initiatives, targeting residents and stakeholders within the area. The website provides information on project funding requests, board meetings, and homelessness resources, reflecting a focused mission on housing affordability and community support. Technically, the site is built on the Wix platform leveraging modern frameworks such as React 18 and Wix-specific components, but suffers from slow performance and lacks mobile optimization. Security posture is weak due to the absence of HTTPS and security headers, exposing the site to risks. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates moderate professionalism and trustworthiness but requires significant improvements in security and technical performance to enhance user trust and compliance.

F

Fuerte Arts Movement

fuerte.org

0

Fuerte Arts Movement is a small non-profit organization focused on leveraging art and culture to drive collective action on social issues such as voting rights, housing justice, and environmental justice, with a focus on Arizona women of color and LGBTQ perspectives. The website serves as a community hub featuring advocacy campaigns, events, a zine library, and multimedia content. Technically, the site is built on WordPress with various plugins for event management and media display, but suffers from slow performance and lacks a valid SSL certificate, resulting in insecure HTTP connections. Security posture is weak due to missing HTTPS, lack of security headers, and absence of email authentication records. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site is content-rich and professionally designed but requires urgent improvements in security and privacy to protect users and build trust.

C

Connecticut Democratic Party

ctdems.org

0

The Connecticut Democratic Party website serves as the official online presence for the state-level Democratic Party organization. It focuses on voter engagement, volunteer recruitment, fundraising, and disseminating party information. The site targets Connecticut residents interested in Democratic politics and activism, providing resources such as voter registration links, event calendars, and donation portals. The party positions itself as a key political actor within the state, aiming to mobilize support and fight GOP extremism. Technically, the website is built on WordPress with a modern but somewhat heavy tech stack including jQuery, DataTables, and Google services. However, performance is slow with a large page size and long load times. Security posture is weak due to the absence of a valid SSL certificate, lack of HTTPS, and missing security headers, exposing users to potential risks. Privacy compliance is minimal with no cookie consent mechanism despite tracking scripts. Contact information and social media presence are clearly provided, enhancing business credibility. Overall, the site is functional and content-rich but requires urgent security and privacy improvements to protect users and enhance trust.

S

San Gabriel Valley Council of Governments

sgvcog.org

0

The San Gabriel Valley Council of Governments (SGVCOG) is a regional government agency dedicated to serving the San Gabriel Valley area in California. It provides coordination and support to local governments in key sectors such as transportation, energy, homelessness, and regional planning. The website reflects a well-structured government entity with clear communication channels and a focus on community engagement through various committees and programs. Technically, the site is built on the Wix platform utilizing modern web technologies including React and several Wix apps, ensuring a functional and moderately optimized user experience. Security measures are appropriately implemented with HTTPS, valid SPF and DMARC records, and no detected vulnerabilities, though some enhancements like HSTS and DNSSEC could further strengthen the posture. Privacy compliance is basic with accessible privacy and cookie policies, and contact information is clearly provided, enhancing trust and transparency. Overall, the site demonstrates a solid digital presence suitable for a regional government organization.

F

For Good

forgood.org

0

For Good is a well-established 501(c)(3) non-profit organization operating a technology-enabled donor-advised fund platform that facilitates charitable giving for individuals and companies. Founded in 2001 by tech executives from AOL, Yahoo!, and Cisco, it has positioned itself as a leader in digital philanthropic innovation, partnering with major platforms such as YouTube, Walmart, and Patagonia. The website clearly communicates its mission, services, and impact, targeting donors, nonprofits, and corporate partners. The business model centers on enabling donors to support charities efficiently and transparently through a secure online platform. Technically, the website is built on Webflow CMS, leveraging modern web technologies and hosting infrastructure with CDN support. It employs Google Tag Manager and Analytics for tracking and performance monitoring. The site is mobile-optimized and accessible, with good SEO practices and a moderate page load time. Security-wise, the site uses HTTPS with TLS 1.3 and 1.2, has valid SPF and DMARC records, and avoids known SSL vulnerabilities. However, it lacks some advanced security features such as HSTS, DNSSEC, OCSP stapling, and Certificate Transparency compliance, which are recommended for enhanced protection. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but no explicit cookie consent mechanism was detected, which may impact GDPR compliance. Contact information is clearly provided, including email, phone, and physical address, along with active social media profiles, enhancing business credibility and trustworthiness. Overall, the site demonstrates a strong professional presence with room for security and privacy improvements.

Bonterra LLC is a leading provider of nonprofit software solutions designed to empower social impact organizations including foundations, corporations, government agencies, and nonprofits. Their product suite covers fundraising, case management, corporate social responsibility, grant management, and volunteer management, positioning them as the second-largest social good software company globally. The website reflects a mature digital presence with strong branding, comprehensive content, and clear navigation targeting a broad social good ecosystem. Technically, the site is built on WordPress with modern JavaScript frameworks like React and uses various marketing and analytics tools such as Google Tag Manager and Marketo. However, performance is currently slow, and there is room for optimization. Accessibility and SEO practices are well implemented, supporting a good user experience. From a security perspective, the site lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability impacting trust and data protection. While SPF, DMARC, and HSTS headers are configured, the absence of HTTPS severely undermines the security posture. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Overall, Bonterra's website is professional and content-rich but requires urgent security improvements to protect user data and maintain trust. Strategic recommendations include immediate SSL deployment, enabling TLS 1.2/1.3, and enhancing security configurations to align with best practices.

ETO Software is an enterprise-level software solution focused on human services and case management, operated by Social Solutions Global, Inc. The website analyzed is primarily a login portal with limited public-facing content. The technical infrastructure is based on legacy ASP.NET WebForms technology with Bootstrap and Telerik UI components, hosted on Amazon AWS. The site integrates modern user engagement and analytics tools such as Pendo and Aptrinsic, indicating a focus on user experience and product analytics. However, the website suffers from significant security shortcomings, including the absence of a valid SSL certificate and HTTPS, lack of security headers, and no visible privacy or cookie policies. These issues pose risks to user data confidentiality and trust. Performance is suboptimal with slow load times and a large page size, and SEO and accessibility optimizations are minimal or absent. Overall, the site demonstrates moderate digital maturity but requires urgent security and compliance improvements.

L

LA Forward Institute

laforward.institute

0

LA Forward Institute is a small nonprofit organization focused on advancing racial and economic justice in Los Angeles County through civic education, leadership development, and coalition building. The website is built on Squarespace, featuring rich educational content, videos, and guides aimed at empowering local residents and activists. Technically, the site uses modern TLS protocols and strong cipher suites but lacks advanced security headers and email authentication policies such as DMARC and DNSSEC. Privacy compliance is weak, with no visible privacy or cookie policies, and no explicit contact emails or phone numbers are provided, only a contact form. Overall, the site is functional and professional but could improve in security and privacy transparency to enhance trust and compliance.

Streets For All operates as a focused non-profit advocacy organization dedicated to advancing sustainable and equitable transportation policies in California. Their website serves as a comprehensive platform to assess and report on the performance of state legislators regarding transportation legislation, providing transparency and accountability to the public and stakeholders. The organization positions itself as a key influencer in California's transportation policy landscape, emphasizing legislative sponsorship, support, and public engagement. Technically, the website employs modern web technologies including React and Material-UI, hosted on DigitalOcean infrastructure. While the site offers rich content and a professional design, performance issues such as slow load times and lack of some security headers are noted. The site uses Umami for privacy-focused analytics, indicating a moderate approach to user tracking. From a security perspective, the site benefits from a valid SSL certificate but lacks advanced security headers and DNS protections like DNSSEC and DMARC. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible consent mechanisms. Contact information is limited to an email address, with no phone or physical address provided. Overall, the website is a credible and professional resource for transportation policy advocacy but would benefit from enhanced security practices and privacy compliance to strengthen trust and protect users. Performance optimizations and clearer privacy disclosures are recommended to improve user experience and regulatory adherence.

S

Streets For All San Francisco

streetsforallsf.org

0

Streets For All San Francisco is a small non-profit advocacy organization dedicated to improving transportation safety and public space in San Francisco. Their website serves as a platform for community engagement, initiatives, events, and fundraising. The organization positions itself as a local leader in advocating for safer, greener streets and better transit options. Technically, the website is built on Squarespace, leveraging standard web technologies and third-party services such as Mailchimp for email marketing and ActBlue for donations. While the site is visually consistent and user-friendly, performance is somewhat slow and SEO/accessibility features are basic. Security posture is adequate with modern TLS protocols and no known SSL vulnerabilities, but lacks advanced security headers, DNS protections, and privacy compliance mechanisms. Contact information is limited to an email address and social media links, with no phone or physical address provided. Overall, the site is functional and professional but would benefit from enhanced privacy policies, security hardening, and performance optimization.

Bonterra is a leading provider of nonprofit software solutions focused on social impact, offering products for fundraising, case management, corporate social responsibility, and grant management. The company is positioned as the second-largest social good software provider globally, targeting nonprofits, foundations, corporations, and government agencies. Their SaaS business model integrates multiple acquired products to serve a broad social good ecosystem. Technically, the website is built on WordPress hosted on WP Engine with Cloudflare CDN, leveraging modern JavaScript frameworks like React and animation libraries such as GSAP. SEO and accessibility are well implemented, with comprehensive metadata and structured data. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS support, severely impacting the security posture. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

Bonterra is a purpose-built software company specializing in corporate social responsibility (CSR) solutions that empower organizations to enhance their philanthropic programs. Founded in 2021, Bonterra has quickly established itself as the second-largest social good software company globally, serving nonprofits, foundations, corporations, and government entities. Their key offerings include grant management, employee engagement, volunteer management, and fundraising software, all designed to maximize social impact and streamline administrative workflows. Technically, the website is built on a WordPress CMS platform with a modern tech stack including React, Bootstrap, and GSAP for animations. The site integrates multiple marketing and analytics tools such as Marketo, Microsoft Clarity, Facebook Pixel, and Google Tag Manager, reflecting a mature digital marketing strategy. However, performance is currently slow, and while mobile optimization and accessibility are good, there is room for improvement in loading speed. From a security perspective, the site lacks a valid SSL certificate and does not enforce HTTPS, which is a critical vulnerability. Other security best practices like HSTS, OCSP stapling, and modern TLS protocols are missing, significantly lowering the security posture. Privacy and cookie policies are present and include consent mechanisms, indicating good privacy compliance. Contact information is limited to a physical address without explicit phone or email contacts publicly visible. Overall, Bonterra's website demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS and modern TLS protocols, and implementing additional security headers and mechanisms to improve the security score and user confidence.

B

Bonterra

givegab.com

0

Bonterra is a leading provider of nonprofit software solutions focused on social impact, offering products for fundraising, case management, corporate giving, and grant management. Founded in 2021, it has quickly established itself as the second-largest social good software company globally, serving nonprofits, foundations, corporations, and government agencies. The company emphasizes a 'better together' approach, integrating multiple social good platforms under its brand. Technically, the website is built on WordPress with modern JavaScript frameworks like React and GSAP, and integrates numerous marketing and analytics tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS enforcement, which significantly impacts the site's security posture. Privacy and cookie policies are comprehensive and GDPR compliant, and the site demonstrates strong SEO and accessibility practices. Overall, Bonterra's digital presence is professional and content-rich but requires urgent security improvements to protect user data and maintain trust.

Bonterra LLC operates Network for Good, a leading fundraising software platform tailored for small to medium-sized nonprofits. The company has a strong market position as the second-largest social good software provider globally, offering a comprehensive suite of tools including donor and volunteer management, peer-to-peer fundraising, and coaching services. Bonterra's business model focuses on SaaS solutions for nonprofit organizations, foundations, corporations, and government entities, supported by a robust ecosystem of subsidiaries and partner products. The website content is professionally crafted, targeting nonprofit organizations seeking efficient fundraising and engagement solutions. Technically, the website is built on WordPress hosted on WP Engine with Cloudflare CDN, utilizing modern JavaScript frameworks like React and libraries such as GSAP and Splide.js for UI enhancements. SEO and accessibility are well implemented, with extensive use of structured data and meta tags. However, performance metrics are not explicitly provided, though mobile optimization and user experience appear strong. From a security perspective, while the site employs several security headers and policies, it suffers from a critical issue: the SSL certificate is invalid or missing, and no modern TLS protocols are enabled. This severely impacts the security posture and user trust. Other security best practices like CSP and permissions policies are in place, but the lack of proper SSL/TLS undermines these efforts. Overall, the site is content-rich, professionally designed, and business credible but requires urgent remediation of SSL/TLS issues to ensure secure user interactions and compliance with modern security standards.

R

RollWorks

rollworks.com

0

RollWorks is a B2B marketing technology company specializing in account-based marketing (ABM) and account-based advertising solutions. Positioned as a leading ABM platform, RollWorks offers AI-driven targeting and engagement tools designed to help marketers grow revenue by focusing on high-value accounts. The company operates as a division of NextRoll, Inc., serving primarily enterprise clients in the technology and business services sectors. Their platform integrates multiple marketing and analytics technologies, including Marketo, Google Tag Manager, and AdRoll, to provide comprehensive marketing automation and measurement capabilities. Technically, the website is built on WordPress with Elementor and Yoast SEO plugins, hosted behind Cloudflare CDN. The site demonstrates good SEO optimization, mobile responsiveness, and professional design quality. However, the SSL/TLS configuration is currently invalid or missing, which is a critical security vulnerability that undermines user trust and data protection. The site uses multiple third-party marketing and tracking tools, indicating extensive user tracking and data collection practices. From a security perspective, while some best practices like SPF and DMARC email policies are in place, the lack of a valid SSL certificate and disabled TLS protocols represent significant risks. The site also lacks advanced security headers and mechanisms such as OCSP stapling and session resumption. Privacy policies and terms of service are hosted on the parent company domain, and while privacy compliance is generally good, no explicit cookie consent mechanism was detected on the homepage. Overall, RollWorks presents a professional and trustworthy business front with strong market positioning and comprehensive marketing solutions. However, the critical SSL/TLS issues must be addressed immediately to ensure secure communications and maintain compliance with industry standards. Strategic improvements in security posture and privacy transparency will enhance trust and reduce risk exposure.

S

Spark Photonics

sparkphotonics.com

0

Spark Photonics is a US-based photonic integrated circuit design and software distribution company serving defense, commercial, government, and academic sectors. The company offers end-to-end PIC design services, distributes Luceda IPKISS design software in North America, and provides educational PIC kits. The website is built on the Wix platform, leveraging modern JavaScript frameworks and various Wix apps to deliver content and services. However, the site lacks a valid SSL certificate, which is a critical security vulnerability that undermines user trust and data protection. Additionally, no privacy or cookie policies are present, indicating poor privacy compliance. The site provides clear contact information including a phone number, physical address, and a contact form, but lacks explicit security policies or incident response information.

Community Partners is a nonprofit organization focused on accelerating social change through fiscal sponsorship and intermediary services. Their website presents a professional and content-rich platform targeting nonprofit leaders, funders, and changemakers. The organization emphasizes equity, justice, and vibrant communities as core themes. Technically, the site is built on WordPress and hosted on Pantheon, utilizing modern JavaScript libraries for UI elements and Google Analytics for tracking. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Security headers are partially implemented but incomplete, and no cookie consent mechanism is present despite the use of tracking scripts. Privacy and legal policies are available and comprehensive, enhancing compliance posture. Overall, the site demonstrates good business credibility and user experience but requires urgent security improvements.

N

Next Big Idea Club

heleo.com

0

Next Big Idea Club operates a subscription-based nonfiction book club curated by renowned authors, targeting readers and professionals seeking curated knowledge. The platform offers physical book deliveries, digital content including audio and video courses, and exclusive events, positioning itself as a niche leader in the media sector. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and integrates multiple marketing and analytics tools such as Mixpanel, Google Tag Manager, and ProfitWell. Hosting is on Amazon AWS with a valid SSL certificate ensuring secure HTTPS connections. Security posture is solid but could be enhanced by implementing additional security headers and DNSSEC. Privacy compliance is adequate with a clear privacy policy and terms of service, though cookie consent mechanisms are lacking. Overall, the website is professional, content-rich, and trustworthy, with extensive user tracking for marketing purposes.

Asian Pacific Islander Forward Movement (APIFM) is a non-profit organization dedicated to cultivating healthy and vibrant Asian and Pacific Islander communities through engagement, education, and advocacy. The organization operates various community programs including food security initiatives, youth advocacy, and environmental sustainability projects. APIFM maintains an active digital presence with integrated social media feeds and regularly updated blog content, positioning itself as a community-centric entity within the non-profit sector in the United States. Technically, the website is built on WordPress with Elementor and several plugins for social media integration. Hosting is provided by DreamHost. While the site has good SEO metadata and structured data, performance metrics are lacking, and the site exhibits slow loading characteristics. Mobile optimization is good, but accessibility features are basic. From a security perspective, the site lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability exposing users to potential data interception. Security headers are minimal, and no incident response or security policies are published. Privacy compliance is limited, with no cookie consent mechanism detected and only a basic privacy policy present. Overall, APIFM's website serves its community well in content and engagement but requires urgent improvements in security infrastructure and privacy compliance to protect users and enhance trustworthiness.

L

Los Angeles Walks

losangeleswalks.org

0

Los Angeles Walks is a small non-profit organization dedicated to promoting safe and walkable communities in Los Angeles. The organization focuses on community training, policy advocacy, and pedestrian safety initiatives, supported by donations and partnerships, notably with Community Partners as their fiscal sponsor. Their target audience includes local residents, families affected by traffic violence, and community advocates. Technically, the website is built on Webflow, uses Cloudflare CDN, and integrates Google Fonts and jQuery. The site is mobile optimized with good design and navigation but lacks advanced SEO and accessibility features. Security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which is a critical issue. Privacy compliance is minimal, with no visible privacy or cookie policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent improvements in security and privacy compliance to enhance trust and protect users.

A

ActiveSGV

activesgv.org

0

ActiveSGV is a small non-profit organization dedicated to promoting sustainability, mobility, climate action, health, and wellness in the San Gabriel Valley region. The website serves as a community hub showcasing projects, events, and advocacy efforts, targeting local residents and stakeholders interested in environmental and social improvements. The organization positions itself as a regional leader in community-driven green infrastructure and transit initiatives. Technically, the website is built on Webflow, leveraging modern web fonts, Google Tag Manager for analytics, and a translation service for accessibility. However, the site suffers from a critical security misconfiguration with no valid SSL certificate despite using Cloudflare CDN and HSTS headers, which undermines user trust and security. Privacy compliance is basic, with a privacy policy and terms of service present but lacking cookie consent mechanisms and GDPR indicators. Social media integration is strong, enhancing community engagement. Overall, the site is professionally designed with good content quality but requires urgent security improvements to ensure safe user interactions.

L

LA Forward

laforward.org

0

LA Forward is a small non-profit organization focused on progressive advocacy and community organizing in Los Angeles County. It operates as a 501(c)(4) entity and collaborates closely with its 501(c)(3) partner, LA Forward Institute, to provide education, training, and research. The organization builds grassroots power, promotes progressive leadership, and provides voter education resources. Technically, the website is built on Squarespace and uses standard web technologies and third-party services like EveryAction for forms. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a significant security concern. Privacy and cookie policies are not present, indicating compliance gaps. The site is accessible and well-structured with good content quality and branding consistency. Security posture is weak due to missing HTTPS and security headers configuration. Overall, the site is functional but requires urgent improvements in security and privacy compliance to enhance trust and protect user data.

Investing in Place is a small non-profit organization focused on leveraging public spaces in Los Angeles to improve quality of life for residents. The organization acts as an independent voice in local politics, advocating for better budgeting and planning of sidewalks, streets, and public spaces. Their key services include policy advocacy, public engagement, and research reporting. The website reflects a professional and consistent brand with clear messaging targeted at local stakeholders and community members. Technically, the website is built on WordPress using Elementor and WooCommerce plugins, hosted by DreamHost. While the site has a good design and user experience, it suffers from slow performance and lacks advanced SEO and accessibility features. The absence of a valid SSL certificate and modern TLS protocols is a significant security concern, exposing users to risks and undermining trust. Security posture is weak due to missing HTTPS, lack of security headers, and no evident privacy or cookie policies. Analytics are implemented via Google Analytics and Jetpack, but privacy compliance is poor with no GDPR indicators. Contact information is limited to an email address and a contact form, with no phone or physical address provided. Overall, the site is functional and informative but requires urgent improvements in security and privacy compliance to enhance trustworthiness and protect user data.

S

Sunrise Movement LA

sunrisemovementla.org

0

Sunrise Movement LA is a youth-led environmental justice organization focused on combating climate change and promoting the Green New Deal within the Greater Los Angeles area. The organization operates as a grassroots non-profit movement, recruiting young activists and engaging the community through events, political advocacy, and educational efforts. Their digital presence is built on the Squarespace platform, leveraging modern web technologies and integrating social media and donation platforms to facilitate engagement and fundraising. The website is well designed with clear navigation and mobile optimization, though performance metrics suggest room for improvement. Security posture is adequate with HTTPS and some security headers, but lacks advanced configurations such as full HSTS and DMARC for email protection. Privacy compliance is weak due to the absence of privacy and cookie policies, which poses regulatory risks. Overall, the website reflects a credible and professional organization with moderate trustworthiness but requires enhancements in privacy and security policies to strengthen compliance and user trust.

S

Streets For All

streetsforall.org

0

Streets For All is a small non-profit organization focused on transportation advocacy primarily in Los Angeles, with a sister chapter in San Francisco. The organization campaigns for safer streets, improved bus and bike lanes, and pedestrian-friendly urban environments. Their website serves as a hub for community engagement, volunteer recruitment, membership, and donations. Technically, the site is built on Squarespace, leveraging modern web fonts, JavaScript libraries, and third-party services such as Mailchimp for email marketing and Facebook Pixel for tracking. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security flaw. Security headers are partially implemented but insufficient to compensate for the missing SSL. Privacy and cookie policies are absent, and no formal security or incident response policies are published. Overall, the site provides good content and user experience but requires urgent improvements in security and privacy compliance to protect users and enhance trust.

E

Eurasia Group

eurasiagroup.net

0

Eurasia Group is a prominent global political risk consultancy headquartered in the United States with additional offices in Washington and London. The company specializes in providing political risk advisory, management consulting, thought leadership, speaking engagements, and event services to businesses and organizations navigating geopolitical uncertainties. Their market position is that of an established leader in the political risk and geopolitical analysis sector, supported by a strong digital presence and client engagement platforms. Technically, the website is built on a modern ASP.NET framework with extensive use of JavaScript libraries such as jQuery and UI components, hosted behind Cloudflare for performance and security. The site demonstrates good mobile optimization, fast loading times, and solid SEO practices. Integration with marketing and analytics tools like MailChimp, Hotjar, Facebook Pixel, and Twitter tracking indicates a mature digital marketing strategy. From a security perspective, the site employs HTTPS with TLS 1.3 and 1.2, uses secure and HttpOnly cookies, and has OCSP stapling enabled. However, it lacks some advanced security headers such as HSTS and Content-Security-Policy, which are recommended for enhanced protection. The site has well-defined privacy and cookie policies with consent mechanisms, indicating good privacy compliance. No critical vulnerabilities or exposed sensitive data were detected. Overall, Eurasia Group's website reflects a professional, secure, and privacy-conscious digital presence aligned with its business objectives. Strategic improvements in security headers and incident response transparency could further strengthen its security posture and trustworthiness.

D

Destruction For Nada

destructionfornada.com

0

Destruction For Nada is a focused advocacy campaign operating primarily in Los Angeles County, aiming to halt freeway widening projects that contribute to increased traffic, pollution, and displacement of communities. The campaign promotes investment in public and active transportation alternatives to address climate change and housing crises. The website is built on Squarespace, leveraging standard web technologies and integrates Mailchimp for email list management. While the site presents clear messaging and partner affiliations, it lacks critical security infrastructure such as a valid SSL certificate, which undermines user trust and data security. Privacy and cookie policies are absent, indicating gaps in compliance with data protection regulations. Overall, the site serves as an informational and engagement platform for a small non-profit advocacy group but requires significant improvements in security and privacy to enhance credibility and user safety.

I

Inland Southern California Climate Collaborative

iscclimatecollaborative.org

0

The Inland Southern California Climate Collaborative (ISC3) is a regional, cross-sectoral network focused on advancing equitable climate resilience solutions in Inland Southern California. The organization facilitates collaboration among agencies, organizations, and institutions to address climate risks such as heat, drought, and wildfires. The website serves as an informational platform providing resources, membership information, and regional climate reports. Technically, the site is built on WordPress with common plugins and libraries but suffers from a lack of a valid SSL certificate, resulting in insecure HTTP connections. Security posture is weak due to missing HTTPS, lack of security headers, and absence of email authentication DNS records. Privacy compliance is minimal, with no privacy or cookie policies detected. Business credibility is moderate, supported by university facilitation and government partnerships, but could be improved with more transparent policies and contact information. Overall, the site is functional and content-rich but requires significant security and privacy improvements to enhance trust and compliance.

P

PBS SoCal

kcet.org

0

PBS SoCal is a prominent public media organization serving the Greater Los Angeles and Southern California region. As a non-profit entity and a member of the Public Media Group of Southern California, it provides a wide range of PBS programming, local content, and educational resources. The website reflects a strong brand presence with consistent messaging and a focus on community engagement through various media formats including video, news, and educational tools. Technically, the website employs modern web technologies such as Polymer for custom elements, integrates multiple analytics and advertising platforms including Google Tag Manager, Facebook SDK, and Fathom Analytics, and is hosted on Amazon AWS infrastructure. However, the site suffers from a critical security issue due to an invalid or missing SSL certificate, which undermines the security posture and user trust. Performance is moderate with a relatively high page size and load time, but mobile optimization and accessibility are well addressed. From a security perspective, the absence of a valid SSL certificate and lack of security headers are significant vulnerabilities that need immediate remediation. Privacy compliance is well handled with clear privacy and cookie policies, including GDPR compliance indicators and consent mechanisms. Business credibility is strong with clear contact information, social media presence, and trust signals such as PBS Passport membership. Overall, while the site excels in content quality and business credibility, the security shortcomings notably reduce its overall risk posture. Strategic improvements in SSL implementation and security headers are recommended to enhance user trust and compliance.

E

EnviroMetro

envirometro.org

0

EnviroMetro is a small non-profit coalition focused on advocating for green, equitable, and healthy transportation policies in Los Angeles. The coalition collaborates with Metro and other organizations to influence transportation investment priorities and has played a key role in shaping regional ballot measures. The website is built on WordPress and uses common plugins such as Yoast SEO and MailChimp for marketing and analytics. While the site provides useful content and contact information, it lacks critical security features such as a valid SSL certificate and security headers, which exposes visitors to risks. Additionally, privacy and cookie policies are absent, indicating compliance gaps. The site’s performance is slow, and technical implementation could be improved to enhance user experience and security.

C

Climate Resolve

climateplans.la

0

Climate Plans Los Angeles is a small, niche advocacy and informational website focused on promoting climate-conscious community planning within the City of Los Angeles. The site provides resources and information about local community plan areas and encourages integration of climate considerations into urban development. Technically, the site is built on WordPress with Elementor and uses common web technologies such as jQuery and Bootstrap. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. The absence of privacy and cookie policies, as well as contact information, further reduces trust and compliance posture. Tracking technologies like Facebook Pixel and Google Analytics are present, indicating moderate user tracking without clear privacy disclosures. Overall, the site is functional but basic in content quality and technical implementation, with significant security and privacy gaps that should be addressed to improve user trust and regulatory compliance.

C

Climate Resolve

coolestinla.org

0

Climate Resolve is a well-established non-profit organization focused on climate advocacy and community engagement in Los Angeles. Their flagship event, Coolest in LA, celebrates 15 years of climate action and brings together leaders, advocates, and sponsors to promote sustainable solutions. The website is professionally designed using WordPress and Elementor, with good SEO and social media integration. The technical infrastructure leverages modern web technologies and Cloudflare for hosting and CDN services, ensuring good performance and availability. Security posture is adequate with HTTPS and valid SSL, but could be improved by enabling HSTS and DNSSEC. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. Contact information is clearly provided, including obfuscated emails and a phone number. Overall, the site presents a credible and trustworthy image for a medium-sized non-profit organization.

M

McCourt Global, Inc

mccourt.com

0

McCourt Global, Inc is a private family-owned diversified company with a 132-year legacy focused on real estate, sports, technology, media, and capital investment. The company operates globally with a strong emphasis on social impact and community value. The website is professionally designed with rich content, clear navigation, and good SEO practices, targeting investors, partners, and community stakeholders. Technically, the site is built on WordPress with modern JavaScript modules and uses Matomo for privacy-conscious analytics. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS, exposing users to potential risks. Performance is slow, and security headers are missing, indicating room for improvement in security posture. Privacy compliance is good with a cookie consent mechanism and a comprehensive privacy policy. Overall, the site demonstrates high business credibility but requires urgent security enhancements to protect visitors and improve trust.

P

Project Liberty LLC

thepeoplesbid.com

0

The People's Bid for TikTok is an initiative led by Project Liberty LLC aiming to create a consortium to purchase TikTok and migrate it to a decentralized platform that empowers users with control over their data. The website positions itself as a movement to reclaim digital rights and reshape social media governance. Technically, the site is built on Webflow, hosted on AWS infrastructure, and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the site suffers from critical security shortcomings, including the absence of a valid SSL certificate and HTTPS protocols, lack of security headers, and no cookie consent mechanism, which significantly impact its security posture. Privacy policies and terms of service are present but basic, and contact information is limited to an email address. Overall, the site presents a professional and consistent brand image with good content quality but requires urgent security improvements to protect users and build trust.

C

Climate Resolve

climateresolve.org

0

Climate Resolve is a medium-sized non-profit organization focused on advancing equitable climate solutions primarily in the Los Angeles area. The organization builds collaborations among communities, organizations, and policymakers to address climate change through local action. Their key services include initiatives such as Keeping Cool, transportation solutions, outreach, climate planning and technical assistance, nature-based solutions, climate science, wildfire mitigation, smart growth, and zero emissions transit. The website reflects a strong market position as a local climate advocacy leader with a clear mission and impactful community engagement. Technically, the website is built on WordPress using Elementor and Yoast SEO, hosted behind Cloudflare DNS, and integrates various marketing and analytics tools including Facebook Pixel and Klaviyo. While the site is well-designed and content-rich, performance is somewhat slow due to a high number of resources. Security posture is basic with valid SSL and SPF/DMARC records but lacks advanced DNS security features like DNSSEC and CAA records. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite tracking pixels. Overall, the site is professional and trustworthy but could improve in security and privacy practices.

A

Aerial Rapid Transit LLC

laart.la

0

Los Angeles Aerial Rapid Transit (LA ART) is a small-scale transportation project proposing a zero emissions aerial gondola system to connect key locations in Los Angeles, including Union Station, Chinatown, and Dodger Stadium. The project is affiliated with a non-profit and aims to reduce traffic congestion and pollution by providing an alternative transit option. The website serves as an informational and engagement platform, offering contact forms and social media links to connect with the community. Technically, the website is built on WordPress with common plugins and external integrations such as Google Analytics and Vimeo for media content. However, the site suffers from slow load times and lacks a valid SSL certificate, which impacts security and user trust. The absence of modern security headers and privacy policies further weakens its compliance posture. From a security perspective, the site has basic SPF email protection but lacks HTTPS, HSTS, and DMARC records, exposing visitors to potential risks. No incident response or vulnerability disclosure information is provided. Overall, the security posture is weak and requires urgent improvements to protect user data and enhance trust. Strategically, the website should prioritize obtaining a valid SSL certificate, implementing privacy and cookie policies, and enhancing security headers. Improving site performance and accessibility will also benefit user experience and SEO. These steps will strengthen the project's credibility and support its mission to promote sustainable transportation in Los Angeles.

G

Georgetown University

georgetown.edu

0

Georgetown University is a prestigious higher education institution located in Washington, DC, offering a wide range of academic programs, research initiatives, and campus life services. The website reflects a strong brand presence with comprehensive content targeting prospective students, faculty, alumni, and the public. Technically, the site is built on WordPress with modern libraries such as jQuery and Swiper.js, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS and security headers, although no major vulnerabilities like Heartbleed or POODLE were detected. Privacy compliance is moderate with a clear privacy policy but no visible cookie consent mechanism. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

M

McCourt Partners

mccourtpartners.com

0

McCourt Partners is a family-owned real estate development, investment, and management company with a strong focus on community impact and innovative projects. The company positions itself as a visionary leader blending financial results with social responsibility, operating primarily in the United States with projects also internationally. Their website reflects a professional and consistent brand image with clear business messaging and multiple contact channels including forms and social media. Technically, the website is built on WordPress with modern frontend libraries such as Swiper.js and uses LiteSpeed Cache for performance optimization. However, the site suffers from a lack of a valid SSL certificate and does not serve content over HTTPS, which is a critical security and trust issue. Performance is moderate to slow, with a load time of over 7 seconds, and accessibility is basic but mobile optimization is good. From a security perspective, the site has SPF and DMARC records configured properly for email protection but lacks HTTPS, HSTS, OCSP stapling, and other important security headers. No advanced security policies or incident response information is publicly available. Privacy compliance is minimal with a privacy policy present but no cookie consent mechanism. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing HTTPS, adding security headers, and improving privacy compliance mechanisms.

M

McCourt Global, Inc

mg.com

0

McCourt Global, Inc is a private family-owned company with a long-standing legacy since 1893, focused on diversified sectors including real estate, sports, technology, media, and capital investment. The company emphasizes social impact and community value alongside financial results, led by Executive Chairman Frank McCourt and an international leadership team. The website reflects a mature business with strong branding, comprehensive content, and clear navigation targeting investors, partners, and community stakeholders. Technically, the site is built on WordPress with modern SEO and accessibility practices, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and HTTPS support. This exposes the site and its users to significant risks. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Business credibility is high, supported by philanthropic initiatives and partnerships with academic institutions. Overall, the site is professional and trustworthy but urgently requires security improvements to protect its digital presence.

S

St. Regis Boutique

stregisboutique.com

0

St. Regis Boutique is a luxury e-commerce platform offering a curated collection of premium home and lifestyle products associated with the St. Regis brand, part of Marriott International. The website targets affluent consumers and Marriott Bonvoy members seeking exclusive bedding, bath, fragrance, and signature accessories. Technically, the site uses a modern tech stack including Adobe Launch, Google Tag Manager, Salesforce integration, and AWS hosting. While the site is visually appealing and mobile-optimized, performance is somewhat slow due to a large number of resources. Security posture is strong with HTTPS, valid SSL certificates, SPF and DMARC email authentication, and cookie consent mechanisms, though DNSSEC and CAA records are absent. Privacy compliance is well implemented with clear policies and consent banners. Overall, the site demonstrates a mature digital presence with good business credibility and trust indicators.

I

ION Group

iontrading.com

0

ION Group is a global enterprise specializing in financial software and automation technology, serving financial institutions, central banks, and corporations. Their comprehensive product portfolio spans markets, analytics, core banking, treasury, commodities, and credit information, positioning them as a key player in the finance and technology sectors. The website reflects a mature digital presence with extensive content, clear navigation, and strong branding consistency. Technically, the site is built on WordPress with modern analytics and marketing tools integrated, hosted on AWS infrastructure. Security posture is solid with HTTPS and valid SPF/DMARC records, though improvements like HSTS and DNSSEC are recommended. Privacy compliance is robust, featuring a detailed cookie consent mechanism and GDPR-aligned policies. Overall, the site demonstrates high professionalism and trustworthiness, supporting ION's market position as a leading automation technology provider.

D

DASH Financial Technologies

dashfinancial.com

0

DASH Financial Technologies is a prominent provider of electronic trading platforms and capital markets technology solutions, serving large institutional clients such as hedge funds and professional traders. The company offers a broad range of services including execution services, analytics, workflow tools, regulatory technology, and prime brokerage services. Their market position is reinforced by multiple industry awards and recognitions, highlighting their leadership in the financial technology sector. Technically, the website is built on WordPress with modern technologies such as TLS 1.3, OCSP stapling, and integrates marketing and analytics tools like HubSpot, Google Tag Manager, and Facebook Pixel. Security posture is good with HTTPS enforced and SPF/DMARC email protections, though improvements like HSTS and DNSSEC could enhance security further. Privacy compliance is moderate with a privacy policy present but lacking explicit cookie consent mechanisms. Overall, the website demonstrates strong business credibility, professional design, and functional user experience, making it a reliable digital presence for DASH Financial Technologies.

I

Infralogic

inframationgroup.com

0

Infralogic is a specialized platform delivering predictive analytics and comprehensive data intelligence focused on global infrastructure investment opportunities, primarily in the energy and renewables sectors. It operates as a service under the ION Group umbrella, leveraging advanced technologies and partnerships to provide real-time market insights and analytics tailored for advisors, banks, corporates, governments, investors, and legal professionals. The website demonstrates a professional digital presence with good SEO, structured data, and a modern technology stack based on WordPress and Bootstrap. The technical infrastructure is robust, featuring TLS 1.3 support, OCSP stapling, and integration with multiple analytics and marketing tools such as Google Tag Manager, Hotjar, and 6sense. However, some security enhancements like enabling HSTS and DNSSEC could further strengthen the security posture. The site implements a comprehensive cookie consent mechanism aligned with GDPR requirements, reflecting a strong privacy compliance stance. Security-wise, the platform shows good practices with no detected vulnerabilities or exposed sensitive data. The absence of explicit security policies or incident response information on the site suggests an area for improvement in transparency and readiness communication. Overall, Infralogic presents a trustworthy and credible business platform with a clear focus on delivering value through data-driven infrastructure market intelligence.

I

ION Analytics

barclayhedge.com

0

BarclayHedge, operated under ION Analytics and the ION Group, is a well-established provider of alternative investment data and analytics with over 40 years of market presence. The company offers comprehensive fund databases, performance indices, fund rankings, and market insights targeted at financial institutions such as banks, hedge funds, advisors, and institutional investors. The website reflects a professional and consistent brand image, with clear navigation and relevant content tailored to its target audience. Technically, the site is built on WordPress with modern libraries and frameworks, though performance could be improved due to high load times and resource counts. Security posture is solid with HTTPS, TLS 1.3 support, and OCSP stapling, but lacks HSTS and some security headers. Privacy compliance is robust, featuring a comprehensive cookie consent mechanism and a detailed privacy policy aligned with GDPR. Overall, the site demonstrates a mature digital presence with good business credibility and trust indicators.

B

Backstop Solutions

backstopsolutions.com

0

Backstop Solutions is a finance-focused software provider specializing in investment management solutions including research management, portfolio management, and data services. Positioned as a service of ION Analytics, it targets institutional investors, private fund managers, and consultants with a comprehensive SaaS platform. The website demonstrates strong branding, client testimonials, and a clear business model focused on empowering investment decisions through technology. Technically, the site is built on WordPress with modern front-end frameworks and integrates multiple marketing and analytics tools. However, performance is hindered by slow load times and a large page size. Security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocols, although SPF, DMARC, and HSTS policies are in place. Privacy compliance is robust with GDPR-aligned cookie consent mechanisms and clear privacy and terms policies. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

I

ION Analytics

blackpeakgroup.com

0

ION Analytics operates as an enterprise-level financial intelligence platform integrating multiple specialized services such as Mergermarket, Debtwire, Dealogic, and Blackpeak under the ION Group umbrella. The company targets capital markets participants including advisors, banks, corporates, investors, and lawyers, providing predictive analytics and market intelligence to empower decision-making. The website reflects a strong market position as a pioneer in combining human insight with machine intelligence for capital markets transformation. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses various JavaScript libraries for enhanced user experience. Hosting is supported by Microsoft Azure DNS infrastructure. While the site is rich in content and well-structured, performance is somewhat slow due to large page size and numerous resources. SEO and mobile optimization are well addressed, though accessibility is basic. Security posture is good with HTTPS enforced, TLS 1.3 support, OCSP stapling, and strong SPF and DMARC email policies. However, improvements such as enabling HSTS, DNSSEC, and CAA records would enhance security further. Privacy compliance is robust, featuring a comprehensive privacy policy, GDPR-compliant cookie consent mechanisms, and detailed user controls. Overall, the site demonstrates high professionalism and trustworthiness with clear business information and multiple trust signals. No critical security issues or blocking mechanisms were detected, allowing full content access and analysis.

I

Infralogic

infralogic.com

0

Infralogic is a specialized platform offering predictive analytics and comprehensive data services focused on global infrastructure investment opportunities, particularly in the energy and renewables sectors. It operates under the ION Group umbrella, leveraging a strong partnership ecosystem to provide market intelligence, fund intelligence, and profiling services tailored for advisors, banks, corporates, governments, investors, and legal professionals. The website demonstrates a professional and consistent brand presence with good content quality and clear navigation. Technically, the site is built on WordPress with modern frameworks such as Bootstrap and integrates multiple third-party analytics and marketing tools including Google Tag Manager, Hotjar, and 6sense. Hosting is supported by Microsoft Azure DNS infrastructure. While the site is mobile optimized and SEO friendly, performance is somewhat slow due to a large page size and resource count. Security posture is solid with HTTPS enforced, valid SPF records, and OCSP stapling enabled. However, improvements are recommended such as enabling HSTS, DNSSEC, and CAA records to enhance DNS and SSL security. Privacy compliance is robust, featuring a comprehensive cookie consent mechanism and a clear privacy policy aligned with GDPR requirements. Overall, Infralogic presents a trustworthy and credible digital presence with strong business and technical foundations, though there is room for performance and security enhancements to further strengthen its posture.