Security Directory

G

GeoEdge Ltd.

geoedge.com

0

GeoEdge Ltd. is a technology company specializing in cybersecurity and ad quality solutions for the digital advertising industry. Established in 2010, GeoEdge positions itself as a trusted partner for publishers and platforms aiming to protect user experience from malicious and bad ads. The company offers services focused on malvertising protection and ad quality monitoring, targeting B2B clients in the digital advertising ecosystem. Their website reflects a professional and modern digital presence, leveraging WordPress with Elementor and NitroPack for performance optimization. The site is well-structured, mobile-optimized, and includes comprehensive business information and social media links, enhancing credibility. From a technical standpoint, GeoEdge employs a modern tech stack with good SEO and accessibility practices. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security policies and vulnerability disclosure mechanisms are absent. Privacy compliance is a notable gap, with no visible privacy or cookie policies or consent mechanisms, which could pose regulatory risks. The WHOIS data is missing or unavailable, which slightly detracts from trustworthiness but is mitigated by the professional site content and branding. Overall, GeoEdge demonstrates a solid security and business posture with room for improvement in privacy compliance and transparency around security policies. The absence of WHOIS data warrants monitoring but does not currently indicate malicious intent. Strategic recommendations include publishing privacy and cookie policies, adding security and incident response information, and implementing a vulnerability disclosure program to enhance trust and compliance.

C

Cosmic

designbycosmic.com

0

Cosmic is a specialized creative agency focused on empowering social impact organizations, particularly nonprofits and mission-driven entities, to build compelling brands and digital presences that succeed in the modern attention economy. Their services include brand strategy, web design and development, and marketing campaigns tailored to drive engagement and real-world action. The company positions itself as a partner for social impact leaders seeking to modernize their communications and digital strategies. Technically, the website is built on a modern React and Next.js stack, hosted with Cloudflare CDN, ensuring fast performance and mobile optimization. The site demonstrates good SEO and accessibility practices, with comprehensive privacy and cookie policies in place. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are not found. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. The website provides clear contact information and social media presence, enhancing business credibility. Recommendations include adding a dedicated security policy and vulnerability disclosure page to further strengthen trust and compliance.

O

Oregon History Project

oregonhistoryproject.org

0

The Oregon History Project is a digital educational platform operated by the Oregon Historical Society, providing public access to a rich collection of historical records, narratives, interpretive essays, and educational resources focused on Oregon's history. The website serves educators, students, historians, and the general public with curated archival content and digital exhibits. It is supported by reputable foundations and government cultural trusts, reinforcing its non-profit educational mission. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Foundation CSS, and various JavaScript libraries for UI components and galleries. It is hosted on Microsoft Azure, indicating a reliable cloud infrastructure. The site is mobile-optimized and accessible, with good SEO basics, though some improvements in meta descriptions and privacy policies are needed. From a security perspective, the site uses HTTPS and does not expose sensitive data. However, it lacks explicit security headers and formal privacy or cookie policies, which are important for compliance and user trust. The absence of WHOIS data limits domain trust analysis, but the strong organizational affiliations and funding sources support legitimacy. Overall, the site is a trustworthy, well-maintained educational resource with moderate technical sophistication and a good security baseline. Enhancements in privacy compliance and security headers would further strengthen its posture.

O

Oregon Historical Society

oregonencyclopedia.org

0

The Oregon Encyclopedia is a non-profit educational project managed by the Oregon Historical Society in partnership with Portland State University. It provides authoritative, accessible information about Oregon's history and culture through a comprehensive online encyclopedia, educational resources, and digital exhibits. The website targets educators, researchers, and the general public interested in Oregon history. Technically, the site uses modern web technologies including Bootstrap and jQuery, with Google Analytics for visitor tracking. The site is mobile optimized and well-structured, offering a good user experience with clear navigation and relevant content. Security posture is moderate; HTTPS is used but no advanced security headers or explicit privacy and cookie policies are found. WHOIS data is unavailable, limiting domain trust assessment, but the site's affiliations and content quality indicate legitimacy. Overall, the site is a valuable educational resource with room for improvement in privacy compliance and security transparency.

B

Black United Fund of Oregon

bufor.org

0

The Black United Fund of Oregon (BUF-OR) is a small, established non-profit organization dedicated to supporting Oregon's underserved communities, particularly focusing on BIPOC groups and youth. Their core mission revolves around social and economic development through scholarships, mentorship, community grants, and economic justice initiatives. The organization has a strong market position as one of the longest-serving BIPOC-led foundations in Oregon with a 40-year history. Technically, the website is built on WordPress using Elementor and Astra theme, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security practices.

M

Mark Spencer Hotel

markspencer.com

0

Mark Spencer Hotel is a well-established boutique hotel located in downtown Portland, Oregon, with a rich history dating back to 1907. The hotel offers upscale accommodations, including renovated guest rooms and suites, extended stay options, and event spaces. It targets business and leisure travelers seeking a stylish and arts-oriented lodging experience in the heart of the city. The website is professionally designed using WordPress and integrates modern technologies and marketing tools, including Google Analytics, Facebook Pixel, and Cookiebot for privacy compliance. The presence of trust badges and active social media channels enhances its market credibility. Security posture is good with HTTPS enforced and domain protections in place, though improvements such as enabling DNSSEC and publishing a security policy are recommended. Overall, the website reflects a mature digital presence with strong business credibility and good privacy compliance.

R

Ronald W. Naito MD Foundation

rwnfoundation.org

0

The Ronald W. Naito MD Foundation is a nonprofit organization dedicated to continuing the legacy of Dr. Ron Naito by providing grants to nonprofit organizations focused on healing communities and the planet. Their key funding areas include climate, health equity, sustainable communities, and Oregon arts and culture. The foundation targets nonprofit organizations and donors interested in social and environmental causes, positioning itself as a regional philanthropic entity with a clear mission and community focus. Technically, the website is built on WordPress using the TwentyTwenty theme and Genesis Blocks plugin, leveraging jQuery and standard web technologies. The site is moderately performant, mobile-optimized, and has basic accessibility features. Security posture is solid with HTTPS enforced but lacks advanced security headers and cookie consent mechanisms. No WHOIS data is available due to privacy protection, which is typical for nonprofits. Overall, the website is professional, trustworthy, and serves its audience well, though improvements in privacy compliance and security headers are recommended.

T

The Collins Foundation

collinsfoundation.org

0

The Collins Foundation is a well-established nonprofit grantmaking organization founded in 1947, focused on supporting Oregon communities through funding in arts, education, health equity, and environmental protection. The website is professionally designed using Squarespace, providing clear information about the foundation's mission and grant programs. Technically, the site uses modern web technologies and enforces HTTPS with HSTS, ensuring secure connections. However, it lacks several security headers and does not publish privacy or security policies, which are important for compliance and trust. Contact information is not explicitly provided, which may hinder user engagement and trust. Overall, the site is accessible and functional but could improve in privacy compliance and security transparency.

O

Oregon Arts Commission

oregonartscommission.org

0

The Oregon Arts Commission website serves as an official state government platform dedicated to supporting arts and culture within Oregon. It provides information about grant programs, advocacy efforts, and cultural development initiatives aimed at artists and arts organizations. The site is positioned as a government agency under Business Oregon, targeting a regional audience interested in arts funding and support. Technically, the website employs standard web technologies including Google Tag Manager for analytics and Font Awesome for iconography. The site is accessible, uses HTTPS, and demonstrates moderate performance and mobile optimization. However, there is room for improvement in security headers and privacy compliance documentation. From a security perspective, the site benefits from HTTPS encryption but lacks visible security headers and explicit privacy or cookie policies in the provided content. No vulnerabilities or suspicious elements were detected, and the domain's .gov status strongly supports its legitimacy. The absence of WHOIS data is likely due to privacy protections common for government domains. Overall, the website presents a trustworthy and professional front for the Oregon Arts Commission, though enhancements in privacy transparency and security best practices would further strengthen its posture. The risk level is low given the nature of the content and domain, but ongoing security hygiene is recommended.

V

Visit Hood River

visithoodriver.com

0

Visit Hood River operates as a regional tourism promotion website dedicated to showcasing the attractions, accommodations, events, and cultural offerings of Hood River, Oregon. The site serves as a comprehensive visitor guide, targeting tourists and travelers interested in exploring the Pacific Northwest region. It provides curated play lists, event calendars, and integrated booking widgets to facilitate travel planning and local engagement. The business model centers on tourism promotion and visitor services, positioning itself as a key resource for the Hood River community and visitors alike. Technically, the website is built on WordPress 6.8.2 with a modern tech stack including jQuery, Google Tag Manager, Google Analytics, Microsoft Clarity, and Mailchimp for marketing automation. Hosting is provided by GoDaddy.com, LLC, with domain registration dating back to 2013, indicating a mature and stable online presence. The site demonstrates good mobile optimization, SEO practices, and user experience, though accessibility features are basic. From a security perspective, the site benefits from HTTPS encryption and domain status protections but lacks DNSSEC and advanced HTTP security headers. Cookie consent mechanisms are implemented, reflecting some privacy compliance efforts, though no explicit privacy policy or terms of service pages were detected. The use of multiple third-party analytics and advertising tools introduces moderate user tracking, which is disclosed via cookie consent but could be enhanced with clearer privacy documentation. Overall, Visit Hood River presents a trustworthy and professional tourism portal with solid business credibility and technical infrastructure. To improve, the site should implement DNSSEC, publish comprehensive privacy and security policies, and enhance security headers. These steps will strengthen compliance, user trust, and resilience against emerging threats.

P

PD Recruiting

pdrecruiting.com

0

PD Recruiting, operating under the brand Epic Recruiting, is a well-established police recruiting agency specializing in comprehensive law enforcement recruitment solutions. With over 20 years of experience, the company offers integrated services including recruitment strategy, video production, website development, and digital recruiting. Their market position as a leading national agency is supported by professional content, client testimonials, and a strong social media presence. Technically, the website is built on WordPress with Elementor and uses modern analytics and marketing tools, though performance is moderate and accessibility is basic. Security posture is good with HTTPS and domain protections, but lacks DNSSEC and published security policies. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanism. Overall, the website is professional and trustworthy but should improve privacy and security transparency to enhance compliance and user trust.

L

Leadline, Inc.

leadline.io

0

Leadline, Inc. is a US-based technology company specializing in recruiting software solutions designed to simplify talent acquisition across multiple industries including education, healthcare, hospitality, law enforcement, and staffing. Their platform offers an AI-powered assistant, applicant tracking, candidate relationship management, job marketing, automated communications, and analytics. The company is relatively new, founded in 2022, and positions itself as a modern, intuitive recruiting platform with a strong focus on user experience and industry-specific solutions. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the website is built on WordPress with Bootstrap and integrates multiple marketing and analytics tools such as HubSpot, Google Tag Manager, Facebook Pixel, LinkedIn Insight Tag, and others. Hosting is provided by SiteGround, and the site uses HTTPS with good SSL configuration. The site employs structured data (JSON-LD) extensively for SEO and business information. Performance and accessibility are good, though DNSSEC is not enabled, which is a minor security gap. From a security perspective, the site follows basic best practices including HTTPS and no visible sensitive data exposure. However, it lacks published security policies, incident response contacts, vulnerability disclosure, and privacy/cookie policies, which are important for compliance and trust. The domain registration is transparent and consistent with the business claims, enhancing legitimacy. Overall, Leadline, Inc. presents a professional and credible online presence with strong business and technical foundations but would benefit from enhanced privacy and security policy disclosures to improve compliance and user trust.

O

Optum Inc.

optumrx.com

0

Optum Rx is a large enterprise healthcare service provider specializing in pharmacy benefit management and prescription delivery services. The website offers comprehensive services including prescription ordering, drug pricing information, pharmacy locator, and home delivery pharmacy options. The site targets Optum Rx members and healthcare professionals, positioning itself as a trusted and accessible pharmacy service provider within the healthcare industry. The parent company is UnitedHealth Group, a major player in healthcare services. Technically, the website is built on Adobe Experience Manager, leveraging Adobe's marketing and analytics tools such as Adobe Target and Adobe Launch. The site demonstrates good performance, mobile optimization, and accessibility features. The use of modern web technologies and structured data enhances SEO and user experience. From a security perspective, the site enforces HTTPS, employs multiple security headers, and shows no signs of exposed sensitive data or vulnerabilities. Certifications from NABP, URAC, NCQA, and LegitScript reinforce trustworthiness. However, explicit security policies and incident response contacts are not published, which could be improved. Overall, the website is professional, secure, and compliant with privacy regulations, though the absence of WHOIS data is notable. This likely results from privacy protection or registry anomalies rather than malicious intent. Strategic recommendations include publishing detailed security policies, adding a security.txt file, and enhancing direct security contact information to further strengthen trust and compliance.

B

Baltimore PD

joinbaltimorepd.org

0

The website joinbaltimorepd.org serves as the official recruitment portal for the Baltimore Police Department, offering information about diverse career paths within the department including patrol, investigations, and specialized units. The site targets individuals interested in law enforcement careers in Baltimore, positioning itself as a government recruitment platform. The content is professionally presented with clear branding and consistent messaging aligned with public safety and community service. Technically, the site is built on WordPress using Elementor and Yoast SEO, with monitoring via Google Tag Manager and New Relic, indicating a moderate level of digital maturity. The site is mobile-optimized and SEO-friendly but lacks visible privacy and cookie policies, which impacts privacy compliance. Security posture is generally good with HTTPS enforced and domain status protections, but absence of DNSSEC and security headers suggests room for improvement. Overall, the site is trustworthy and professional but would benefit from enhanced privacy disclosures and security hardening.

V

Verrica Pharmaceuticals

verrica.com

0

Verrica Pharmaceuticals is a specialized dermatology therapeutics company focused on developing medications for skin diseases that require medical intervention. The company maintains a professional online presence with a well-structured website that targets healthcare professionals, investors, and patients. Their business model centers on pharmaceutical development and commercialization, supported by investor relations and medical education grants. The company is established with a domain age consistent with its founding year 2000, indicating a mature market presence. Technically, the website is built on WordPress using Elementor, incorporating modern web technologies such as jQuery and Google Tag Manager for analytics. Hosting is provided by GoDaddy.com, LLC. The site demonstrates good mobile optimization and SEO practices but lacks some advanced security headers and DNSSEC, which are recommended for enhanced security. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site uses HTTPS and has domain-level protections like clientDeleteProhibited status. However, it lacks explicit security policies, incident response contacts, and cookie consent mechanisms, which are important for compliance and user trust. No vulnerabilities or suspicious patterns were detected, but enabling DNSSEC and security headers would strengthen the security posture. Overall, Verrica Pharmaceuticals presents a credible and professional digital footprint with a solid business foundation. Strategic improvements in privacy compliance and security practices are advised to enhance trust and regulatory adherence.

1

1Day Africa

1dayafrica.org

0

1Day Africa is a small non-profit organization affiliated with 1Day Sooner, focused on advancing local medical research and healthcare delivery in Africa, particularly in infectious diseases and vaccine equity. The website presents a professional and consistent brand image with clear advocacy goals and educational content. Technically, the site is built on Squarespace with modern web technologies and includes security measures such as HTTPS and Google reCAPTCHA Enterprise, but lacks advanced security headers and DNSSEC. Privacy and cookie policies are absent, representing compliance gaps. Overall, the site is trustworthy but could improve in security and privacy transparency.

ArkansasPublicNotices.com is a public service website operated under the Arkansas Press Association, providing searchable access to public notices originally published in Arkansas newspapers. The platform targets citizens interested in government and court activities, offering advanced search capabilities by location, publication, and date. The website uses ASP.NET WebForms technology with modern JavaScript libraries and Google Analytics for tracking. While the site is functional and professionally designed, it lacks visible privacy and cookie policies, and WHOIS data for the domain is missing, raising legitimacy concerns. Security posture is moderate with HTTPS usage but no detected security headers. Overall, the site serves an important public function but would benefit from enhanced compliance and security measures.

D

Detroit Legal News Publishing, LLC

mipublicnotices.com

0

Michigan Public Notices, operated by Detroit Legal News Publishing, LLC, is a specialized platform providing 24/7 access to public legal notices across the State of Michigan. The website serves residents, businesses, and government entities by aggregating notices related to municipal meetings, legal proceedings, property issues, and other government-mandated disclosures. Positioned as a niche government information provider, it leverages a modern React-based frontend with Material-UI components to deliver a user-friendly search experience. The platform integrates Google Analytics and Tag Manager for user behavior tracking but lacks advanced privacy compliance features such as cookie consent banners. Security posture is adequate with HTTPS and domain protections, though improvements in security headers and incident response transparency are recommended. Overall, the site demonstrates a solid business credibility and technical foundation suitable for its public service role.

N

Nevada Press Association

nevadapress.com

0

Nevada Press Association is a well-established non-profit trade organization representing non-broadcast news publications in Nevada. It provides advocacy, resources, and events to support journalism and open government. The website reflects a professional media association with a clear mission and target audience of journalists and news organizations in Nevada. The digital infrastructure is based on WordPress with common plugins for analytics, e-commerce, and event management, hosted by Bluehost. The site is moderately optimized for performance and mobile use, with good content quality and navigation. Security posture is adequate with HTTPS and domain protections, but lacks advanced DNS security and explicit security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and functional but could improve in privacy and security transparency.

W

WEX Asia

wexasia.com

0

WEX Asia operates as a global leader in corporate payment solutions, providing services such as fuel cards, virtual payments, and travel payment solutions. The company targets corporate clients across multiple sectors including transportation, finance, and energy. The website reflects a mature business with a large employee base and a history dating back to 1983, although domain WHOIS data is missing which raises some questions about domain registration transparency. Technically, the website is built on WordPress with modern web technologies including jQuery, Font Awesome, and Google Tag Manager. SEO and mobile optimization are well implemented, though accessibility could be improved. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure, but lacks explicit security headers and public security policies. The site includes privacy and cookie policies with consent mechanisms, indicating GDPR compliance. However, no incident response or vulnerability disclosure information is publicly available. The absence of WHOIS data reduces domain trustworthiness, suggesting a need for further verification of domain legitimacy. Overall, the website is professional and trustworthy in content and design, but domain registration opacity and limited security policy disclosures present moderate risk factors. Strategic improvements in security transparency and domain verification are recommended.

Unum Group is a leading insurance and employee benefits provider focused on delivering disability, life, accident, critical illness, dental, and vision benefits through workplace channels. The company holds a strong market position supported by numerous industry awards and certifications, reflecting its commitment to excellence and diversity. The website targets working adults and employers, providing comprehensive information about its services and subsidiaries across multiple countries. Technically, the site employs modern frameworks such as Bootstrap and jQuery, integrates accessibility and cookie consent tools, and uses Google Tag Manager for analytics. The site is mobile-optimized and accessible, with a professional design and clear navigation. Security posture is solid with HTTPS and consent mechanisms, though some security headers and explicit incident response contacts are absent. The missing WHOIS data is a notable anomaly but does not detract significantly from the overall trustworthiness given the strong external validation and corporate presence. Overall, the site is professional, secure, and compliant with privacy regulations, making it a reliable digital asset for the company.

W

Wipfli Corporate Finance Advisors, LLC

wcfadvisors.com

0

Wipfli Corporate Finance Advisors, LLC operates as the investment banking and corporate finance division of Wipfli LLP, a well-established top 20 advisory and accounting firm. The company specializes in providing tailored investment banking services to privately held middle-market companies, focusing on sell-side and buy-side M&A as well as financial advisory services. Their market position is strengthened by their affiliation with RKCA, Inc., a registered FINRA/SIPC member, and their extensive industry experience dating back to 2002. The website infrastructure leverages modern web technologies including Bootstrap, jQuery, AOS animations, and Slick Carousel, hosted on Microsoft Azure DNS infrastructure. The site is mobile optimized with good SEO practices and integrates Google Analytics for user behavior tracking. However, there is room for improvement in accessibility and security headers implementation. From a security perspective, the site benefits from HTTPS encryption and domain transfer protection but lacks DNSSEC and several recommended HTTP security headers. No explicit security or incident response policies are published, and cookie consent mechanisms are absent, which may affect compliance with privacy regulations. The WHOIS data confirms a long-standing domain registration consistent with the business claims, enhancing trustworthiness. Overall, the website presents a professional and credible front for Wipfli Corporate Finance Advisors, with solid business credibility and moderate technical maturity. Strategic improvements in security policies, privacy compliance, and technical hardening would further strengthen their digital posture.

J

James Martin Center for Nonproliferation Studies

nonproliferation.org

0

The James Martin Center for Nonproliferation Studies is a well-established non-profit academic research center affiliated with the Middlebury Institute of International Studies. It focuses on combating the spread of weapons of mass destruction through research, education, and expert analysis. The website serves a target audience of policymakers, researchers, students, and experts in international security and nonproliferation. It offers publications, educational programs, and events to support its mission. Technically, the website is built on WordPress with common plugins and uses Google Tag Manager for analytics. The site is hosted behind Cloudflare DNS and employs HTTPS, but lacks DNSSEC and some advanced security headers. Performance and mobile optimization are moderate, with room for improvement in accessibility and privacy compliance. From a security perspective, the site has a good SSL configuration and domain registration consistency but lacks explicit privacy and cookie policies, as well as a vulnerability disclosure mechanism. No WAF or blocking mechanisms were detected, and no adult or questionable content is present. Contact information is clearly provided, enhancing trust and credibility. Overall, the site is professional and trustworthy but would benefit from improved privacy compliance and enhanced security practices to align with best practices and regulatory requirements.

M

Middlebury Institute of International Studies at Monterey

miis.edu

0

The Middlebury Institute of International Studies at Monterey is a graduate school affiliated with Middlebury College, specializing in international studies, global security, sustainability, development, education, and language services. The website presents a professional and comprehensive digital presence targeting prospective graduate students worldwide. It offers detailed program information, career services, and rich multimedia content to engage its audience. Technically, the website is built on Drupal 10, leveraging modern analytics and tracking tools such as Google Tag Manager, Microsoft Clarity, and social media pixels, all integrated with a cookie consent mechanism to comply with privacy regulations. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and employs standard security practices, though explicit security headers and a public security policy are not evident. The absence of WHOIS data is notable but likely due to .edu domain registration policies rather than malicious intent. Overall, the site demonstrates a strong security posture with room for improvement in transparency and incident response readiness. The risk assessment is low, with no signs of malicious activity or content safety concerns. Strategic recommendations include enhancing security header implementation, publishing a security policy, and providing clear security incident contacts to further strengthen trust and compliance.

M

Middlebury College Publications

middleburymagazine.com

0

Middlebury Magazine is a well-established publication affiliated with Middlebury College, serving primarily the college's alumni and community with rich editorial content including features, essays, podcasts, and videos. The website demonstrates a professional and consistent brand presence with high-quality content and a clear focus on educational and alumni engagement. Technically, the site is built on WordPress using the Genesis Framework, hosted likely by Middlebury College or its affiliates, with moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and domain registration consistent with the institution, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is weak due to the absence of explicit privacy and cookie policies, which should be addressed to meet modern standards. Overall, the site is trustworthy and professional but could enhance its privacy and security transparency.

W

WEINLANDcreative

wlcr.io

0

WLCR is a well-established full-service creative agency based in Portland, Oregon, specializing in data-driven digital experiences, e-commerce, and marketing strategies for leading brands globally. Their portfolio includes high-profile clients across diverse industries such as wellness, cannabis, hospitality, and retail, demonstrating a strong market position and expertise in Shopify Plus and modern web technologies. The company leverages a robust technical infrastructure including Next.js, React, Vercel hosting, and multiple marketing and analytics tools to deliver high-quality digital solutions. Security posture is strong with HTTPS enforcement and domain transfer protections, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, WLCR presents a professional, trustworthy, and technically mature digital presence with room for improvement in privacy and security transparency.

Revolution Hall + Show Bar operates a small-scale e-commerce website selling branded merchandise such as apparel and gift cards related to their music venue and show bar. The website is built on the Shopify platform using the Dawn theme, providing a modern, responsive, and accessible user experience. The business targets fans and patrons of the venue, offering a straightforward online shopping experience. The domain is recently registered in 2023, consistent with the new business launch. Technically, the site leverages Shopify's infrastructure and scripts, ensuring secure payment processing and integration with digital wallets. Performance and SEO are adequate, with proper meta tags and structured data present. However, the site lacks explicit privacy, cookie, and terms of service pages, which are critical for compliance and user trust. No direct contact information or security policies are published, limiting transparency. From a security perspective, HTTPS is enforced, and domain transfer protections are in place. However, DNSSEC is not enabled, and no security headers are detected, representing areas for improvement. No vulnerabilities or malicious content were found. The site uses tracking pixels and analytics typical for e-commerce but lacks visible cookie consent mechanisms. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, security hardening, and improved transparency to increase trustworthiness and regulatory adherence.

E

Engrain

creativebyengrain.com

0

Creative Services by Engrain is a boutique agency specializing in brand development and custom website design for the multifamily real estate industry. The company positions itself as a top-tier creative partner focused on storytelling and impactful design to connect communities and enhance brand presence. The website is professionally designed using the Squarespace platform, featuring clear navigation and relevant content that aligns with its business focus. Technical infrastructure is modern and leverages Squarespace's hosting and content management capabilities, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and HSTS enabled, though there is room for improvement in privacy compliance and explicit security policies. The absence of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy, but the overall business presentation and contact information support a credible operation. Strategic recommendations include implementing cookie consent mechanisms, publishing security and incident response policies, and enhancing trust signals through certifications or client testimonials.

K

Knock

knock.com

0

Knock is a real estate financing company specializing in bridge loans that enable homebuyers to purchase their next home before selling their current one. The company partners with lenders and real estate agents to provide cash flow solutions, enhancing certainty and convenience for buyers. The website is professionally designed, mobile-optimized, and uses modern web technologies including SvelteKit and various analytics and marketing tools. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response information are not publicly available. The domain WHOIS data is missing or unavailable, which slightly reduces trust but the overall website professionalism and security practices indicate a legitimate business. Strategic recommendations include publishing detailed security and incident response policies and adding vulnerability disclosure information to enhance transparency and trust.

R

RealPage

loftliving.com

0

LOFTLiving.com is the official website for the LOFT resident app, a product of RealPage, Inc., a well-established enterprise in the real estate technology sector since 1996. The platform offers a comprehensive resident portal solution that streamlines the rental experience from leasing to living, including rent payments, moving assistance, rewards, maintenance, and community updates. The website targets renters and property managers, positioning itself as an integrated and seamless solution in the multifamily housing market. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager, OneTrust for cookie compliance, and other marketing and analytics tools. The site is mobile-optimized with good SEO and accessibility basics, hosted likely on RealPage infrastructure with DNS managed via realpage.com nameservers. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR. However, it lacks published security policies, incident response contacts, and vulnerability disclosure information. DNSSEC is not enabled, representing a minor security gap. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. The domain WHOIS data confirms a long-standing and consistent registration history, reinforcing the legitimacy of the business. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and enhancing accessibility and security headers to further strengthen the security posture.

A

Aladdin Theater

aladdin-theater.com

0

Aladdin Theater is a medium-sized live event venue based in Portland, Oregon, specializing in concerts, comedy, and other live performances. The website serves as a platform for event promotion, ticket sales (via a third-party provider), venue rental information, and merchandise sales. The business targets local and regional live event attendees and entertainment fans. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Analytics, Facebook Pixel, and Hive SDK for marketing and analytics. The site is mobile-optimized and provides a good user experience with clear navigation and event information. Security posture is moderate with HTTPS enabled but lacks some recommended security headers. Privacy compliance is limited as no explicit privacy or cookie policies are found. WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency. Overall, the site is professional and trustworthy but could improve in privacy and security practices.

W

Woodland Park Zoo

zoo.org

0

Woodland Park Zoo is a non-profit organization dedicated to wildlife conservation, education, and providing engaging visitor experiences in Seattle, Washington. The website reflects a professional and consistent brand presence focused on these core missions. Technically, the site is built on ASP.NET WebForms and leverages modern JavaScript libraries and third-party marketing and analytics tools, including Google Tag Manager, Facebook Pixel, LinkedIn Insight Tag, and TikTok Pixel. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS enforced, but lacks some security headers and formal vulnerability disclosure mechanisms. Privacy and cookie policies are not evident in the provided content, indicating room for compliance improvement. WHOIS data is unavailable due to malformed responses, limiting domain trust assessment. Overall, the site is safe, professional, and trustworthy but would benefit from enhanced privacy and security transparency.

P

Pabst Blue Ribbon

projectpabst.com

0

Project Pabst is a music festival event organized under the Pabst Blue Ribbon brand, targeting music and beer enthusiasts with a focus on local culture in Portland, Oregon. The website promotes the 2025 event scheduled for July 26-27 at Waterfront Park, providing ticket purchase links and lineup information. The business operates in the event promotion sector with a medium-sized market presence and a clear focus on regional cultural engagement. Technically, the website is built on WordPress using Elementor and Astra theme, with integration of Google Tag Manager and Google Ads for marketing and analytics. The site is mobile-optimized and SEO-friendly but lacks comprehensive privacy and cookie policies, which are critical for compliance and user trust. Security posture is adequate with HTTPS and domain transfer protections, but security headers and incident response information are missing. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

T

True West

pdxholidaybrewfest.com

0

Portland Holiday Brew Fest is a seasonal event hosted in Portland, Oregon, focusing on winter beers and ciders, with entertainment and community engagement. The event targets adults 21+ on most days and all ages on Sunday, providing a festive holiday atmosphere. The website is professionally designed using Squarespace, featuring clear navigation and mobile optimization. However, the absence of privacy and cookie policies, as well as missing WHOIS registration data, reduces overall trust and compliance posture. Security practices are generally good with HTTPS and HSTS enabled, but additional security headers and policies are recommended. Overall, the site serves its business purpose well but should improve privacy compliance and domain registration transparency to enhance credibility.

P

PDX Live

pdx-live.com

0

PDX Live is a small, regionally focused live event promoter specializing in music concerts in Portland, Oregon. The company operates primarily through partnerships with well-known local venues and provides a digital platform for event announcements, ticketing information, and audience engagement. The website is built on WordPress with a modern tech stack including jQuery and integrates marketing and analytics tools such as Google Analytics and Facebook Pixel. The site is mobile optimized and offers a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal security policies. Privacy compliance is limited, with no visible cookie consent or comprehensive privacy policy. Overall, the domain registration is consistent and legitimate, supporting the business credibility. Strategic improvements in privacy compliance and security hardening would enhance trust and regulatory adherence.

O

OD

oregondistilled.com

0

Oregon Distilled is an event-focused business organizing an annual distilled spirits tasting festival in Portland, Oregon. The website promotes the event, ticket packages, and participating distillers, chefs, and vendors. It targets adult consumers interested in spirits and cocktail culture. The business operates primarily through event ticket sales and partnerships with distillers and food vendors. Technically, the website is built on Squarespace, leveraging its CMS and hosting infrastructure, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced but lacks advanced security headers and published policies. The absence of WHOIS data for the domain is a concern for trust but may be due to privacy protection or recent registration. Overall, the site is professional and functional but would benefit from enhanced privacy compliance and security best practices.

H

Hood River Valley Harvest Fest

hoodriverharvestfestival.com

0

Hood River Valley Harvest Fest is a regional event celebrating the local autumn harvest with a focus on farms, orchards, arts and crafts, food vendors, and live music. The website is professionally designed using Squarespace, featuring clear navigation and event information targeted at local community members and visitors interested in seasonal produce and cultural experiences. Technically, the site uses modern web technologies and enforces HTTPS with HSTS, indicating a good security baseline. However, the absence of privacy and cookie policies, lack of explicit contact information, and missing WHOIS data for the domain reduce overall trust and compliance posture. Strategic improvements in privacy compliance and domain legitimacy verification are recommended to enhance credibility and security.

H

Hood River Hops Fest

hoodriverhopsfest.com

0

Hood River Hops Fest is a regional event organizer hosting an annual craft beer festival in Hood River, Oregon. The website promotes the 2024 event with details on date, location, breweries, music, and ticket purchasing via an external platform. The site is built on Squarespace, indicating a moderate level of digital maturity with good design and mobile optimization. Security posture is strong with HTTPS and HSTS enabled, but lacks comprehensive privacy and cookie policies. WHOIS data is missing, raising some legitimacy concerns, though the active social media presence and professional site design support business credibility. Overall, the site serves its purpose well but could improve compliance and transparency.

H

Hood River Cider Fest

hoodriverciderfest.com

0

Hood River Cider Fest is a regional event organizer hosting an annual cider festival in Hood River, Oregon. The event showcases local cider makers from Oregon and Washington, alongside food and craft vendors, targeting cider enthusiasts and families. The website is built on Squarespace, featuring a professional design, clear navigation, and mobile optimization. It integrates third-party services such as Etix for ticket sales and Google Analytics for tracking. Security posture is strong with HTTPS and HSTS enabled, but lacks some security headers and privacy compliance features. WHOIS data is missing or unavailable, which raises legitimacy concerns despite the active and professional website presence. Overall, the site is functional and trustworthy for event promotion but would benefit from enhanced privacy and security disclosures.

W

WisconsinMade Artisan Collective

wisconsinmade.com

0

WisconsinMade Artisan Collective operates an e-commerce platform specializing in artisan products from Wisconsin, including food items, apparel, and gifts. The business targets consumers interested in local and regional artisan goods, positioning itself as a niche marketplace for Badger State products. The website is built on the BigCommerce platform, leveraging modern web technologies and multiple third-party analytics and marketing tools to optimize user experience and sales performance. Privacy and cookie policies are comprehensive and include consent mechanisms, reflecting a commitment to regulatory compliance. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. Security posture is generally strong with HTTPS and security headers implemented, but the lack of a public security policy and incident response information suggests room for improvement in security communication and preparedness. Overall, the website presents a professional and trustworthy front for its business, but the domain registration anomaly should be investigated further.

N

Nueske's

nueskes.com

0

Nueske's is a premium smoked meats company operating an e-commerce website built on the Magento platform. The website targets consumers interested in high-quality smoked meat products and related gourmet foods. The site demonstrates a professional design and consistent branding, leveraging modern web technologies and multiple analytics and tracking tools to optimize user experience and marketing efforts. Security measures include HTTPS enforcement and bot protection via Google reCAPTCHA, though some security headers could be improved. The absence of WHOIS data limits domain registration transparency, but the website content and technical infrastructure suggest a legitimate business presence. Privacy and cookie policies are not clearly found, indicating room for compliance improvements.

P

Pendleton Center for the Arts

pendletonarts.org

0

Pendleton Center for the Arts is a small, established non-profit arts organization located in Eastern Oregon. It operates from a historic Carnegie Library building and offers a variety of cultural services including art exhibits, classes for all ages, live music, and venue rentals. The organization targets local community members and artists, focusing on arts education and community engagement. The website is built on WordPress and uses common web technologies such as jQuery and Google Analytics. It is moderately optimized for performance and mobile devices, with good accessibility and SEO practices. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Contact information and social media presence are clear and professional, supporting business credibility. Overall, the website is trustworthy and serves its community well but could improve in privacy and security compliance.

K

Kids Unlimited

kuoregon.org

0

Kids Unlimited Of Oregon is a well-established non-profit organization focused on youth development and education in Southern Oregon. Their services include afterschool programs, a public charter school, food programs, and summer camps, targeting underserved children and families. The website reflects a mature digital presence with multimedia content, social media integration, and e-commerce capabilities for donations and store purchases. Technically, the site is built on WordPress with a modern theme and plugins, leveraging trusted third-party services like Google Analytics and PayPal. Security posture is adequate with HTTPS and no obvious vulnerabilities, though improvements like DNSSEC and security headers are recommended. Privacy compliance is lacking, with no visible privacy or cookie policies, which is a key area for enhancement. Overall, the site is professional, trustworthy, and serves its community mission effectively.

R

Rejoice! Diaspora Dance Theater

rejoicediasporadance.com

0

Rejoice! Diaspora Dance Theater is a small nonprofit organization focused on diversifying contemporary dance through African Diaspora cultural storytelling and community engagement. The organization operates primarily in Portland, Oregon, and offers performances, community ensembles, and volunteer opportunities. Their business model relies on donations and community support, with a clear nonprofit status and tax ID provided on the website. Technically, the website is built on Webflow with integrations for email marketing and payment processing, showing moderate digital maturity. Security posture is moderate with use of HTTPS and reCAPTCHA but lacks security headers and explicit privacy policies. The absence of WHOIS registration data is a notable anomaly that impacts trustworthiness. Overall, the website is professional and content-rich but would benefit from improved security and compliance documentation.

B

Boom Arts

boomarts.org

0

Boom Arts is a small non-profit performing arts presenter and producer based in Portland, Oregon, focusing on socially and politically engaged performance art. The organization offers curated series featuring international and local artists, with a strong community and cultural emphasis. The website is hosted on Squarespace, leveraging its CMS and native video capabilities, and integrates external services for ticketing, donations, and volunteer engagement. While the site is professionally designed with good content quality and mobile optimization, it lacks explicit privacy, cookie, and terms of service policies, which are important for compliance and user trust. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but security headers and incident response information are missing. Overall, the domain appears legitimate despite the absence of WHOIS data, likely due to privacy protection common for non-profits.

S

Serenity Studios

serenitystudios.com

0

Serenity Studios is a small, boutique creative agency based in Portland, Oregon, specializing in branding, website design, motion graphics, and storytelling for mission-driven organizations. Founded in 2013 by Brian Gotts, the agency positions itself as a partner to clients seeking clarity and authenticity in their messaging. Their market position is strengthened by a portfolio featuring reputable clients such as NASA, Salesforce, and the University of Oregon, along with positive client testimonials and a presence on Clutch.co. Technically, the website is built on the Webflow platform, leveraging modern web technologies including Google Fonts, Google Tag Manager, reCAPTCHA, and Lottie animations. The site is well-optimized for mobile devices, fast loading, and accessible, with a professional and consistent design. However, the absence of explicit security headers and privacy/cookie policies indicates room for improvement in compliance and security best practices. From a security perspective, the site uses HTTPS and includes CAPTCHA protection on its contact form, which are positive indicators. No vulnerabilities or exposed sensitive data were detected in the HTML content. The lack of WHOIS registration data is a concern, as it reduces transparency and trustworthiness of the domain registration, though the website content itself appears legitimate and professional. Overall, Serenity Studios presents a credible and professional online presence with strong business credibility and technical maturity. Strategic improvements in privacy compliance, security headers, and domain registration transparency would enhance trust and security posture further.

S

State of Oregon

oregon4biz.com

0

The website www.oregon.gov/biz serves as the official business portal for the State of Oregon, providing essential resources, licensing, and regulatory information to businesses and entrepreneurs within the state. It operates as a government service platform, targeting local businesses and stakeholders. The site leverages common web technologies such as FontAwesome for icons and Google Tag Manager for analytics and tracking, indicating a moderate level of digital maturity. The website is accessible without any WAF or security challenge blocking content, ensuring usability for its audience. Security posture is adequate with HTTPS enabled, but lacks visible advanced security headers and comprehensive privacy or cookie policies. The absence of WHOIS data is typical for .gov domains but limits domain registration transparency. Overall, the site is trustworthy and professional but could improve in privacy compliance and security best practices.

O

Oregon Historical Society

ohs.org

0

The Oregon Historical Society is a well-established non-profit organization dedicated to preserving and sharing Oregon's rich history through its museum, research library, educational programs, and digital content. The website reflects a mature digital presence with comprehensive content targeting historians, educators, researchers, and the general public interested in Oregon's cultural heritage. The organization maintains a strong market position as the state's collective memory with over a century of history and a large collection of artifacts and archival materials. Technically, the website is built on the CommonSpot CMS platform and employs modern web technologies including Google Analytics for tracking and Adobe Typekit for fonts. The site is mobile-optimized and accessible, with good SEO practices and clear navigation. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and includes anti-clickjacking measures. However, explicit security headers like Content-Security-Policy are not clearly present, and there is no visible security or incident response policy published. Privacy compliance is partial; a privacy policy is present and comprehensive, but cookie consent mechanisms are lacking, which may pose GDPR compliance risks. Overall, the website is trustworthy and professional, with strong business credibility and content quality. The main risk areas include privacy compliance enhancements and formalizing security policies. The absence of WHOIS data limits domain registration trust verification but does not detract significantly from the site's legitimacy.

Oregon Humanities is a well-established non-profit organization founded in 2006, dedicated to fostering community engagement and education in the humanities across Oregon. Their website offers a broad range of programs, grants, fellowships, and educational resources targeting Oregonians interested in cultural and social dialogue. The organization maintains a professional online presence with clear navigation and relevant content tailored to its audience. Technically, the website employs modern web technologies including Bootstrap, jQuery, Google Tag Manager, and Google Analytics, hosted on DNSimple-managed infrastructure. The site is mobile-optimized and performs moderately well, though there is room for improvement in SEO and accessibility features. The domain is secured with HTTPS, but lacks DNSSEC and some recommended security headers. From a security perspective, the site demonstrates a reasonable posture with HTTPS and domain status protections but lacks explicit privacy and cookie policies, security.txt files, and DNSSEC. The use of multiple tracking scripts indicates moderate user tracking without clear consent mechanisms, which may pose privacy compliance risks. The WHOIS data shows privacy protection typical for non-profits and a domain age consistent with the organization's history, supporting legitimacy. Overall, Oregon Humanities presents a trustworthy and professional digital presence with moderate technical maturity and security posture. Strategic improvements in privacy compliance, security headers, and DNS security would enhance their risk profile and user trust.

D

Datafy

datafyhq.com

0

Datafy is a specialized technology company offering an integrated analytics and advertising platform designed to empower businesses with data-driven marketing solutions. Their platform combines comprehensive data analytics, strategic advertising via an owned demand-side platform (DSP), and campaign measurement with attribution, targeting industries such as attractions, retail, and travel & tourism. The company emphasizes customization, transparency, and direct client engagement, supported by in-house software development and data science expertise. Technically, the website is built on modern frameworks including Next.js and React, with a strong focus on performance, mobile optimization, and user experience. The presence of a consent management platform (Osano) and Google Tag Manager indicates mature digital marketing and privacy compliance practices. However, the absence of visible security headers and explicit security policies suggests areas for improvement in security posture. Security-wise, Datafy demonstrates good practices such as HTTPS enforcement and SOC 2 certification, which are positive trust signals. Nonetheless, the lack of WHOIS data raises questions about domain registration legitimacy, which should be addressed to enhance trust. The site does not expose vulnerabilities or sensitive data visibly, but could benefit from publishing incident response contacts and vulnerability disclosure policies. Overall, Datafy presents a professional and trustworthy digital presence with strong business credibility and technical maturity. Addressing the WHOIS data gap and enhancing security transparency would further strengthen their risk profile and stakeholder confidence.