Security Directory

W

WEINLANDcreative

wlcr.io

0

WLCR is a well-established full-service creative agency based in Portland, Oregon, specializing in data-driven digital experiences, e-commerce, and marketing strategies for leading brands globally. Their portfolio includes high-profile clients across diverse industries such as wellness, cannabis, hospitality, and retail, demonstrating a strong market position and expertise in Shopify Plus and modern web technologies. The company leverages a robust technical infrastructure including Next.js, React, Vercel hosting, and multiple marketing and analytics tools to deliver high-quality digital solutions. Security posture is strong with HTTPS enforcement and domain transfer protections, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, WLCR presents a professional, trustworthy, and technically mature digital presence with room for improvement in privacy and security transparency.

Revolution Hall + Show Bar operates a small-scale e-commerce website selling branded merchandise such as apparel and gift cards related to their music venue and show bar. The website is built on the Shopify platform using the Dawn theme, providing a modern, responsive, and accessible user experience. The business targets fans and patrons of the venue, offering a straightforward online shopping experience. The domain is recently registered in 2023, consistent with the new business launch. Technically, the site leverages Shopify's infrastructure and scripts, ensuring secure payment processing and integration with digital wallets. Performance and SEO are adequate, with proper meta tags and structured data present. However, the site lacks explicit privacy, cookie, and terms of service pages, which are critical for compliance and user trust. No direct contact information or security policies are published, limiting transparency. From a security perspective, HTTPS is enforced, and domain transfer protections are in place. However, DNSSEC is not enabled, and no security headers are detected, representing areas for improvement. No vulnerabilities or malicious content were found. The site uses tracking pixels and analytics typical for e-commerce but lacks visible cookie consent mechanisms. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, security hardening, and improved transparency to increase trustworthiness and regulatory adherence.

E

Engrain

creativebyengrain.com

0

Creative Services by Engrain is a boutique agency specializing in brand development and custom website design for the multifamily real estate industry. The company positions itself as a top-tier creative partner focused on storytelling and impactful design to connect communities and enhance brand presence. The website is professionally designed using the Squarespace platform, featuring clear navigation and relevant content that aligns with its business focus. Technical infrastructure is modern and leverages Squarespace's hosting and content management capabilities, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and HSTS enabled, though there is room for improvement in privacy compliance and explicit security policies. The absence of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy, but the overall business presentation and contact information support a credible operation. Strategic recommendations include implementing cookie consent mechanisms, publishing security and incident response policies, and enhancing trust signals through certifications or client testimonials.

E

Engrain

engrain.com

0

Engrain is a technology company specializing in interactive mapping and property management solutions aimed at enhancing real estate experiences. Their offerings include platforms like SightMap and TouchTour, which focus on renter engagement, leasing success, and property content automation. The company targets real estate professionals, property managers, and leasing agents, positioning itself as a specialized B2B SaaS provider in the real estate technology sector. The website demonstrates a high level of professionalism with excellent design, navigation, and mobile optimization, supported by modern technologies such as Webflow CMS, Google Tag Manager, and Hotjar for analytics. Security posture is generally strong with HTTPS enforced and no exposed sensitive data, though the absence of security headers and formal privacy and cookie policies indicates room for improvement. The WHOIS data is unavailable, which slightly reduces trust but is likely due to privacy protection measures. Overall, the site is credible and well-maintained, serving a medium-sized business in the real estate technology industry.

K

Knock

knock.com

0

Knock is a real estate financing company specializing in bridge loans that enable homebuyers to purchase their next home before selling their current one. The company partners with lenders and real estate agents to provide cash flow solutions, enhancing certainty and convenience for buyers. The website is professionally designed, mobile-optimized, and uses modern web technologies including SvelteKit and various analytics and marketing tools. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response information are not publicly available. The domain WHOIS data is missing or unavailable, which slightly reduces trust but the overall website professionalism and security practices indicate a legitimate business. Strategic recommendations include publishing detailed security and incident response policies and adding vulnerability disclosure information to enhance transparency and trust.

R

RealPage

loftliving.com

0

LOFTLiving.com is the official website for the LOFT resident app, a product of RealPage, Inc., a well-established enterprise in the real estate technology sector since 1996. The platform offers a comprehensive resident portal solution that streamlines the rental experience from leasing to living, including rent payments, moving assistance, rewards, maintenance, and community updates. The website targets renters and property managers, positioning itself as an integrated and seamless solution in the multifamily housing market. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager, OneTrust for cookie compliance, and other marketing and analytics tools. The site is mobile-optimized with good SEO and accessibility basics, hosted likely on RealPage infrastructure with DNS managed via realpage.com nameservers. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR. However, it lacks published security policies, incident response contacts, and vulnerability disclosure information. DNSSEC is not enabled, representing a minor security gap. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. The domain WHOIS data confirms a long-standing and consistent registration history, reinforcing the legitimacy of the business. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and enhancing accessibility and security headers to further strengthen the security posture.

H

Hyly.AI

hyly.ai

0

Hyly.AI is a technology company specializing in AI-driven solutions for the multifamily real estate sector. Their platform integrates artificial intelligence, business intelligence, and human intelligence to automate property management operations, provide actionable insights, and empower property management teams. The company positions itself as an innovative player in the real estate technology market, focusing on improving operational efficiency and decision-making for multifamily properties. The website reflects a mature digital presence with professional design and clear navigation, targeting B2B customers in the real estate industry. Technically, the website is built on the HubSpot CMS platform, leveraging modern JavaScript libraries such as React, Swiper.js, and AOS for animations. It integrates Google Analytics 4 and Facebook Pixel for marketing and analytics purposes. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Hosting and CDN services are provided by HubSpot, ensuring reliable performance and security. From a security perspective, the site enforces HTTPS and employs domain transfer protection. However, DNSSEC is not enabled, and there is no publicly available security policy or incident response information. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy policies and cookie consent mechanisms are present and appear comprehensive, indicating good privacy compliance. The use of WHOIS privacy protection is justified and consistent with the business profile. Overall, Hyly.AI presents a low-risk profile with a solid technical foundation and professional business presence. Strategic recommendations include enabling DNSSEC, publishing explicit security and incident response policies, and establishing a vulnerability disclosure program to enhance trust and security posture.

A

Aladdin Theater

aladdin-theater.com

0

Aladdin Theater is a medium-sized live event venue based in Portland, Oregon, specializing in concerts, comedy, and other live performances. The website serves as a platform for event promotion, ticket sales (via a third-party provider), venue rental information, and merchandise sales. The business targets local and regional live event attendees and entertainment fans. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Analytics, Facebook Pixel, and Hive SDK for marketing and analytics. The site is mobile-optimized and provides a good user experience with clear navigation and event information. Security posture is moderate with HTTPS enabled but lacks some recommended security headers. Privacy compliance is limited as no explicit privacy or cookie policies are found. WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency. Overall, the site is professional and trustworthy but could improve in privacy and security practices.

W

Woodland Park Zoo

zoo.org

0

Woodland Park Zoo is a non-profit organization dedicated to wildlife conservation, education, and providing engaging visitor experiences in Seattle, Washington. The website reflects a professional and consistent brand presence focused on these core missions. Technically, the site is built on ASP.NET WebForms and leverages modern JavaScript libraries and third-party marketing and analytics tools, including Google Tag Manager, Facebook Pixel, LinkedIn Insight Tag, and TikTok Pixel. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS enforced, but lacks some security headers and formal vulnerability disclosure mechanisms. Privacy and cookie policies are not evident in the provided content, indicating room for compliance improvement. WHOIS data is unavailable due to malformed responses, limiting domain trust assessment. Overall, the site is safe, professional, and trustworthy but would benefit from enhanced privacy and security transparency.

P

Pabst Blue Ribbon

projectpabst.com

0

Project Pabst is a music festival event organized under the Pabst Blue Ribbon brand, targeting music and beer enthusiasts with a focus on local culture in Portland, Oregon. The website promotes the 2025 event scheduled for July 26-27 at Waterfront Park, providing ticket purchase links and lineup information. The business operates in the event promotion sector with a medium-sized market presence and a clear focus on regional cultural engagement. Technically, the website is built on WordPress using Elementor and Astra theme, with integration of Google Tag Manager and Google Ads for marketing and analytics. The site is mobile-optimized and SEO-friendly but lacks comprehensive privacy and cookie policies, which are critical for compliance and user trust. Security posture is adequate with HTTPS and domain transfer protections, but security headers and incident response information are missing. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

T

True West

pdxholidaybrewfest.com

0

Portland Holiday Brew Fest is a seasonal event hosted in Portland, Oregon, focusing on winter beers and ciders, with entertainment and community engagement. The event targets adults 21+ on most days and all ages on Sunday, providing a festive holiday atmosphere. The website is professionally designed using Squarespace, featuring clear navigation and mobile optimization. However, the absence of privacy and cookie policies, as well as missing WHOIS registration data, reduces overall trust and compliance posture. Security practices are generally good with HTTPS and HSTS enabled, but additional security headers and policies are recommended. Overall, the site serves its business purpose well but should improve privacy compliance and domain registration transparency to enhance credibility.

P

PDX Live

pdx-live.com

0

PDX Live is a small, regionally focused live event promoter specializing in music concerts in Portland, Oregon. The company operates primarily through partnerships with well-known local venues and provides a digital platform for event announcements, ticketing information, and audience engagement. The website is built on WordPress with a modern tech stack including jQuery and integrates marketing and analytics tools such as Google Analytics and Facebook Pixel. The site is mobile optimized and offers a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal security policies. Privacy compliance is limited, with no visible cookie consent or comprehensive privacy policy. Overall, the domain registration is consistent and legitimate, supporting the business credibility. Strategic improvements in privacy compliance and security hardening would enhance trust and regulatory adherence.

O

OD

oregondistilled.com

0

Oregon Distilled is an event-focused business organizing an annual distilled spirits tasting festival in Portland, Oregon. The website promotes the event, ticket packages, and participating distillers, chefs, and vendors. It targets adult consumers interested in spirits and cocktail culture. The business operates primarily through event ticket sales and partnerships with distillers and food vendors. Technically, the website is built on Squarespace, leveraging its CMS and hosting infrastructure, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced but lacks advanced security headers and published policies. The absence of WHOIS data for the domain is a concern for trust but may be due to privacy protection or recent registration. Overall, the site is professional and functional but would benefit from enhanced privacy compliance and security best practices.

H

Hood River Valley Harvest Fest

hoodriverharvestfestival.com

0

Hood River Valley Harvest Fest is a regional event celebrating the local autumn harvest with a focus on farms, orchards, arts and crafts, food vendors, and live music. The website is professionally designed using Squarespace, featuring clear navigation and event information targeted at local community members and visitors interested in seasonal produce and cultural experiences. Technically, the site uses modern web technologies and enforces HTTPS with HSTS, indicating a good security baseline. However, the absence of privacy and cookie policies, lack of explicit contact information, and missing WHOIS data for the domain reduce overall trust and compliance posture. Strategic improvements in privacy compliance and domain legitimacy verification are recommended to enhance credibility and security.

H

Hood River Hops Fest

hoodriverhopsfest.com

0

Hood River Hops Fest is a regional event organizer hosting an annual craft beer festival in Hood River, Oregon. The website promotes the 2024 event with details on date, location, breweries, music, and ticket purchasing via an external platform. The site is built on Squarespace, indicating a moderate level of digital maturity with good design and mobile optimization. Security posture is strong with HTTPS and HSTS enabled, but lacks comprehensive privacy and cookie policies. WHOIS data is missing, raising some legitimacy concerns, though the active social media presence and professional site design support business credibility. Overall, the site serves its purpose well but could improve compliance and transparency.

H

Hood River Cider Fest

hoodriverciderfest.com

0

Hood River Cider Fest is a regional event organizer hosting an annual cider festival in Hood River, Oregon. The event showcases local cider makers from Oregon and Washington, alongside food and craft vendors, targeting cider enthusiasts and families. The website is built on Squarespace, featuring a professional design, clear navigation, and mobile optimization. It integrates third-party services such as Etix for ticket sales and Google Analytics for tracking. Security posture is strong with HTTPS and HSTS enabled, but lacks some security headers and privacy compliance features. WHOIS data is missing or unavailable, which raises legitimacy concerns despite the active and professional website presence. Overall, the site is functional and trustworthy for event promotion but would benefit from enhanced privacy and security disclosures.

P

Purr Design, LLC

purrdesign.com

0

Purr Design, LLC operates a website focused on creative design services, branding itself with the tagline 'Design Good Enough to Eat.' The company appears to be a small-sized entity founded around 2015, targeting a general audience interested in design. The website is built on WordPress, utilizing popular plugins such as Yoast SEO and Google Analytics, indicating a moderate level of digital maturity. The technical infrastructure is standard for small businesses, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled but lacks advanced security headers and incident response information. The absence of WHOIS domain registration data raises concerns about domain legitimacy and trustworthiness. Overall, the website is professional but would benefit from enhanced privacy compliance and clearer business contact details.

M

My Therapist Cooks

mytherapistcooks.com

0

My Therapist Cooks is a niche recipe blog founded in 2020, focusing on easy, family-friendly recipes for busy households. The website offers a wide range of recipes including gluten-free and kid-friendly options, positioning itself as a helpful resource for home cooks seeking quick and delicious meal ideas. The business model revolves around content publishing with monetization through advertising and subscription newsletters. Technically, the site is built on WordPress, leveraging popular plugins like Yoast SEO and WP Rocket for SEO and performance optimization. It uses Mediavine for advertising and Google Analytics for traffic analysis, indicating a mature digital infrastructure. Security posture is solid with HTTPS enabled, security headers present, and domain registration consistent and transparent. However, the site lacks publicly available privacy and cookie policies, as well as incident response information, which are areas for improvement. Overall, the website is professional, trustworthy, and safe for general audiences, but could enhance compliance and transparency to strengthen user trust and regulatory adherence.

W

WisconsinMade Artisan Collective

wisconsinmade.com

0

WisconsinMade Artisan Collective operates an e-commerce platform specializing in artisan products from Wisconsin, including food items, apparel, and gifts. The business targets consumers interested in local and regional artisan goods, positioning itself as a niche marketplace for Badger State products. The website is built on the BigCommerce platform, leveraging modern web technologies and multiple third-party analytics and marketing tools to optimize user experience and sales performance. Privacy and cookie policies are comprehensive and include consent mechanisms, reflecting a commitment to regulatory compliance. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. Security posture is generally strong with HTTPS and security headers implemented, but the lack of a public security policy and incident response information suggests room for improvement in security communication and preparedness. Overall, the website presents a professional and trustworthy front for its business, but the domain registration anomaly should be investigated further.

N

Nueske's

nueskes.com

0

Nueske's is a premium smoked meats company operating an e-commerce website built on the Magento platform. The website targets consumers interested in high-quality smoked meat products and related gourmet foods. The site demonstrates a professional design and consistent branding, leveraging modern web technologies and multiple analytics and tracking tools to optimize user experience and marketing efforts. Security measures include HTTPS enforcement and bot protection via Google reCAPTCHA, though some security headers could be improved. The absence of WHOIS data limits domain registration transparency, but the website content and technical infrastructure suggest a legitimate business presence. Privacy and cookie policies are not clearly found, indicating room for compliance improvements.

W

Wp Royal

wp-royal-themes.com

0

WP Royal is a small technology company specializing in the development and sale of WordPress themes, both free and premium, targeting WordPress users and developers. Established in 2012, the company maintains a niche market position with a focus on quality, customizable, and e-commerce compatible themes. Their website demonstrates a professional design with good navigation and content relevance, supported by customer reviews and active support forums. Technically, the site is built on WordPress with WooCommerce and other popular plugins, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enforced, though lacking some advanced security headers and explicit security policies. Privacy compliance is partial, with a cookie consent mechanism present but no clear privacy policy or terms of service pages. Overall, the website is trustworthy and functional but could improve compliance and security transparency.

Restored 316, LLC operates an e-commerce website specializing in affordable and customizable feminine WordPress themes targeted primarily at bloggers and entrepreneurs. The company has an established market presence since 2008, offering niche digital products that cater to a specific audience seeking budget-friendly and unique website designs. The website is professionally designed using WordPress with Kadence theme and blocks, integrating SEO and marketing tools to enhance visibility and customer engagement. Technically, the site employs modern web technologies and analytics platforms, ensuring a functional and responsive user experience across devices. Security posture is adequate with HTTPS enabled and domain protections in place, though the absence of security headers and published security policies indicates room for improvement. Privacy compliance is currently lacking, with no visible privacy or cookie policies, which could expose the business to regulatory risks. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy and security transparency to strengthen user trust and compliance.

Alan Woo is a graphic designer and developer based in Berlin, specializing in collaborations with cultural institutions, museums, galleries, and art organizations internationally. The website serves as a professional portfolio showcasing recent and current collaborations with notable entities in the arts and culture sector. The business model appears to be freelance or consultancy-based, targeting creative professionals and institutions. Technically, the website is minimalistic with basic HTML content and no detected advanced technologies, frameworks, or CMS. There is no evidence of HTTPS or security headers, and no privacy or cookie policies are present. The site lacks analytics and tracking technologies, indicating a low digital footprint and limited data collection. From a security perspective, the absence of WHOIS data and lack of HTTPS are significant concerns. No security policies or incident response contacts are provided, and no security best practices are observed. These factors reduce the overall trustworthiness and security posture of the website. Overall, the website is accessible and safe but lacks critical security and privacy features. Strategic improvements in SSL implementation, privacy compliance, and domain registration transparency are recommended to enhance trust and security.

P

Pendleton Center for the Arts

pendletonarts.org

0

Pendleton Center for the Arts is a small, established non-profit arts organization located in Eastern Oregon. It operates from a historic Carnegie Library building and offers a variety of cultural services including art exhibits, classes for all ages, live music, and venue rentals. The organization targets local community members and artists, focusing on arts education and community engagement. The website is built on WordPress and uses common web technologies such as jQuery and Google Analytics. It is moderately optimized for performance and mobile devices, with good accessibility and SEO practices. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Contact information and social media presence are clear and professional, supporting business credibility. Overall, the website is trustworthy and serves its community well but could improve in privacy and security compliance.

K

Kids Unlimited

kuoregon.org

0

Kids Unlimited Of Oregon is a well-established non-profit organization focused on youth development and education in Southern Oregon. Their services include afterschool programs, a public charter school, food programs, and summer camps, targeting underserved children and families. The website reflects a mature digital presence with multimedia content, social media integration, and e-commerce capabilities for donations and store purchases. Technically, the site is built on WordPress with a modern theme and plugins, leveraging trusted third-party services like Google Analytics and PayPal. Security posture is adequate with HTTPS and no obvious vulnerabilities, though improvements like DNSSEC and security headers are recommended. Privacy compliance is lacking, with no visible privacy or cookie policies, which is a key area for enhancement. Overall, the site is professional, trustworthy, and serves its community mission effectively.

R

Rejoice! Diaspora Dance Theater

rejoicediasporadance.com

0

Rejoice! Diaspora Dance Theater is a small nonprofit organization focused on diversifying contemporary dance through African Diaspora cultural storytelling and community engagement. The organization operates primarily in Portland, Oregon, and offers performances, community ensembles, and volunteer opportunities. Their business model relies on donations and community support, with a clear nonprofit status and tax ID provided on the website. Technically, the website is built on Webflow with integrations for email marketing and payment processing, showing moderate digital maturity. Security posture is moderate with use of HTTPS and reCAPTCHA but lacks security headers and explicit privacy policies. The absence of WHOIS registration data is a notable anomaly that impacts trustworthiness. Overall, the website is professional and content-rich but would benefit from improved security and compliance documentation.

B

Boom Arts

boomarts.org

0

Boom Arts is a small non-profit performing arts presenter and producer based in Portland, Oregon, focusing on socially and politically engaged performance art. The organization offers curated series featuring international and local artists, with a strong community and cultural emphasis. The website is hosted on Squarespace, leveraging its CMS and native video capabilities, and integrates external services for ticketing, donations, and volunteer engagement. While the site is professionally designed with good content quality and mobile optimization, it lacks explicit privacy, cookie, and terms of service policies, which are important for compliance and user trust. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but security headers and incident response information are missing. Overall, the domain appears legitimate despite the absence of WHOIS data, likely due to privacy protection common for non-profits.

S

Serenity Studios

serenitystudios.com

0

Serenity Studios is a small, boutique creative agency based in Portland, Oregon, specializing in branding, website design, motion graphics, and storytelling for mission-driven organizations. Founded in 2013 by Brian Gotts, the agency positions itself as a partner to clients seeking clarity and authenticity in their messaging. Their market position is strengthened by a portfolio featuring reputable clients such as NASA, Salesforce, and the University of Oregon, along with positive client testimonials and a presence on Clutch.co. Technically, the website is built on the Webflow platform, leveraging modern web technologies including Google Fonts, Google Tag Manager, reCAPTCHA, and Lottie animations. The site is well-optimized for mobile devices, fast loading, and accessible, with a professional and consistent design. However, the absence of explicit security headers and privacy/cookie policies indicates room for improvement in compliance and security best practices. From a security perspective, the site uses HTTPS and includes CAPTCHA protection on its contact form, which are positive indicators. No vulnerabilities or exposed sensitive data were detected in the HTML content. The lack of WHOIS registration data is a concern, as it reduces transparency and trustworthiness of the domain registration, though the website content itself appears legitimate and professional. Overall, Serenity Studios presents a credible and professional online presence with strong business credibility and technical maturity. Strategic improvements in privacy compliance, security headers, and domain registration transparency would enhance trust and security posture further.

S

State of Oregon

oregon4biz.com

0

The website www.oregon.gov/biz serves as the official business portal for the State of Oregon, providing essential resources, licensing, and regulatory information to businesses and entrepreneurs within the state. It operates as a government service platform, targeting local businesses and stakeholders. The site leverages common web technologies such as FontAwesome for icons and Google Tag Manager for analytics and tracking, indicating a moderate level of digital maturity. The website is accessible without any WAF or security challenge blocking content, ensuring usability for its audience. Security posture is adequate with HTTPS enabled, but lacks visible advanced security headers and comprehensive privacy or cookie policies. The absence of WHOIS data is typical for .gov domains but limits domain registration transparency. Overall, the site is trustworthy and professional but could improve in privacy compliance and security best practices.

O

Oregon Historical Society

ohs.org

0

The Oregon Historical Society is a well-established non-profit organization dedicated to preserving and sharing Oregon's rich history through its museum, research library, educational programs, and digital content. The website reflects a mature digital presence with comprehensive content targeting historians, educators, researchers, and the general public interested in Oregon's cultural heritage. The organization maintains a strong market position as the state's collective memory with over a century of history and a large collection of artifacts and archival materials. Technically, the website is built on the CommonSpot CMS platform and employs modern web technologies including Google Analytics for tracking and Adobe Typekit for fonts. The site is mobile-optimized and accessible, with good SEO practices and clear navigation. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and includes anti-clickjacking measures. However, explicit security headers like Content-Security-Policy are not clearly present, and there is no visible security or incident response policy published. Privacy compliance is partial; a privacy policy is present and comprehensive, but cookie consent mechanisms are lacking, which may pose GDPR compliance risks. Overall, the website is trustworthy and professional, with strong business credibility and content quality. The main risk areas include privacy compliance enhancements and formalizing security policies. The absence of WHOIS data limits domain registration trust verification but does not detract significantly from the site's legitimacy.

Oregon Humanities is a well-established non-profit organization founded in 2006, dedicated to fostering community engagement and education in the humanities across Oregon. Their website offers a broad range of programs, grants, fellowships, and educational resources targeting Oregonians interested in cultural and social dialogue. The organization maintains a professional online presence with clear navigation and relevant content tailored to its audience. Technically, the website employs modern web technologies including Bootstrap, jQuery, Google Tag Manager, and Google Analytics, hosted on DNSimple-managed infrastructure. The site is mobile-optimized and performs moderately well, though there is room for improvement in SEO and accessibility features. The domain is secured with HTTPS, but lacks DNSSEC and some recommended security headers. From a security perspective, the site demonstrates a reasonable posture with HTTPS and domain status protections but lacks explicit privacy and cookie policies, security.txt files, and DNSSEC. The use of multiple tracking scripts indicates moderate user tracking without clear consent mechanisms, which may pose privacy compliance risks. The WHOIS data shows privacy protection typical for non-profits and a domain age consistent with the organization's history, supporting legitimacy. Overall, Oregon Humanities presents a trustworthy and professional digital presence with moderate technical maturity and security posture. Strategic improvements in privacy compliance, security headers, and DNS security would enhance their risk profile and user trust.

E

Bot or Not?

expedia.com

0

The website content for www.expedia.com is currently inaccessible due to a security or bot challenge page, preventing extraction of meaningful business or technical data. The WHOIS query returned no match, indicating either privacy protection or query limitations, resulting in no registrar or registrant information. Consequently, no privacy, cookie, or terms of service policies were found, and no contact information or business details could be extracted. This severely limits the ability to assess the company's digital maturity or security posture. The site appears to be protected by a web application firewall or similar security mechanism that blocks automated access, which is common for high-profile commercial sites but restricts external analysis.

D

Datafy

datafyhq.com

0

Datafy is a specialized technology company offering an integrated analytics and advertising platform designed to empower businesses with data-driven marketing solutions. Their platform combines comprehensive data analytics, strategic advertising via an owned demand-side platform (DSP), and campaign measurement with attribution, targeting industries such as attractions, retail, and travel & tourism. The company emphasizes customization, transparency, and direct client engagement, supported by in-house software development and data science expertise. Technically, the website is built on modern frameworks including Next.js and React, with a strong focus on performance, mobile optimization, and user experience. The presence of a consent management platform (Osano) and Google Tag Manager indicates mature digital marketing and privacy compliance practices. However, the absence of visible security headers and explicit security policies suggests areas for improvement in security posture. Security-wise, Datafy demonstrates good practices such as HTTPS enforcement and SOC 2 certification, which are positive trust signals. Nonetheless, the lack of WHOIS data raises questions about domain registration legitimacy, which should be addressed to enhance trust. The site does not expose vulnerabilities or sensitive data visibly, but could benefit from publishing incident response contacts and vulnerability disclosure policies. Overall, Datafy presents a professional and trustworthy digital presence with strong business credibility and technical maturity. Addressing the WHOIS data gap and enhancing security transparency would further strengthen their risk profile and stakeholder confidence.

S

Smithsonian Journeys

smithsonianjourneys.org

0

Smithsonian Journeys is a reputable travel company affiliated with the Smithsonian Institution, offering culturally immersive and educational travel experiences worldwide. Their market position leverages the Smithsonian brand to provide unique land journeys, river and ocean cruises, and tailor-made trips targeting culturally curious travelers. The website demonstrates a mature digital infrastructure with extensive use of modern analytics and marketing tools, good mobile optimization, and strong content quality. Security posture is solid with HTTPS and security headers, though public security policies and incident response information are not disclosed. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

S

Smithsonian Channel

smithsonianchannel.com

0

Smithsonian Channel operates as a prominent media brand specializing in documentary and educational content focused on history and culture. The website serves as a portal for streaming content, program schedules, and promotional materials, targeting a broad audience interested in educational media. The brand is associated with Paramount Global, indicating strong market positioning and backing. Technically, the website employs modern web technologies including React, Webpack, and advanced monitoring tools like New Relic. It demonstrates good performance, mobile optimization, and accessibility features, reflecting a mature digital infrastructure. Privacy and cookie consent mechanisms are robust, leveraging OneTrust and related services to ensure compliance with GDPR and other regulations. From a security perspective, the site enforces HTTPS with strong security headers and content security policies. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. Overall, the website is professional, trustworthy, and well-maintained, with a strong focus on user experience and compliance. The lack of WHOIS data is likely due to privacy protection and does not detract from the legitimacy of the domain or brand. Strategic recommendations include publishing security policies, providing vulnerability disclosure channels, and enhancing visible contact information for security matters.

S

Smithsonian Magazine

smithsonianmag.com

0

Smithsonian Magazine is a well-established media publication focused on delivering in-depth stories in history, science, arts, and culture. The website presents high-quality content with professional design and consistent branding, targeting a general audience interested in educational and cultural topics. Technically, the site employs modern analytics and advertising technologies such as Google Tag Manager, Parsely, and Freestar Ads, indicating a mature digital infrastructure. Security posture is generally good with HTTPS enabled and error monitoring via Sentry; however, the absence of security headers and explicit privacy policies suggests room for improvement. The lack of WHOIS data reduces domain trust slightly but does not detract significantly from the overall legitimacy given the strong brand presence and content quality. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving security headers to strengthen trust and compliance.

C

Cooper Hewitt, Smithsonian Design Museum

cooperhewitt.org

0

Cooper Hewitt, Smithsonian Design Museum is a well-established non-profit cultural institution located in New York City, affiliated with the Smithsonian Institution. The museum offers a variety of services including exhibitions, educational programs, memberships, donations, and a retail shop. The website reflects a professional and polished digital presence, targeting a broad audience including design enthusiasts, educators, students, and families. The business model is focused on cultural education and community engagement, supported by memberships and donations. Technically, the website is built on WordPress and leverages modern web technologies such as jQuery, Google Analytics, Facebook Pixel, and Google Tag Manager. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. The technical infrastructure supports a secure HTTPS connection, but some security headers could be improved. From a security perspective, the site enforces HTTPS and uses reputable analytics and marketing tools. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not present. The WHOIS data is unavailable or blocked, which limits domain registration trust analysis, but the Smithsonian affiliation and website professionalism strongly support legitimacy. Overall, the website is a trustworthy and authoritative source for museum visitors and stakeholders, with recommendations to enhance security headers, implement cookie consent, and publish security policies to further strengthen compliance and trust.

W

WESTAF

publicartarchive.org

0

Public Art Archive, operated by WESTAF, is a well-established non-profit platform dedicated to making public artworks more accessible and discoverable worldwide. The website serves as an authoritative source curated by public and private arts organizations, offering search, exploration, and educational resources about public art. It targets arts organizations, researchers, and the general public interested in cultural heritage and public art. The platform's business model focuses on providing collection management services and fostering community contributions to enrich the archive. Technically, the website is built on modern frameworks such as Next.js and React, leveraging Amazon AWS CloudFront for hosting and Google Maps API for location services. It integrates Google Tag Manager for analytics and Usercentrics for cookie consent management, reflecting a mature digital infrastructure. The site demonstrates good performance, mobile optimization, and accessibility compliance. From a security perspective, the site enforces HTTPS, employs domain transfer protection, and uses a consent management platform to comply with privacy regulations. However, DNSSEC is not enabled, and there is no publicly available security policy or incident response contact, which are areas for improvement. No vulnerabilities or suspicious activities were detected. Overall, the website presents a high level of professionalism, trustworthiness, and compliance with privacy standards. The domain registration aligns well with the organization's identity and history, supporting its legitimacy. Strategic recommendations include enabling DNSSEC, publishing a security policy, and establishing a vulnerability disclosure process to enhance security posture and stakeholder trust.

artlookmap.com is a specialized data platform focused on increasing arts education equity across the United States. The platform aggregates and visualizes arts education data for partner cities, enabling stakeholders such as school administrators, community agencies, and funders to make informed decisions. The business operates under the parent company Parliament and has been active since 2013, with a growing network of partner communities nationwide. Technically, the website uses modern JavaScript frameworks like React and integrates Heap Analytics for user behavior tracking. While the site is well-designed and provides relevant content, it lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security-wise, the domain is stable and uses HTTPS, but lacks DNSSEC and security headers, indicating room for improvement in hardening its security posture. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security practices.

L

Latvijas Gāze

lg.lv

0

Latvijas Gāze is a leading natural gas supplier in Latvia, providing residential and commercial customers with natural gas for heating and cooking. The website offers comprehensive information on payment methods, meter reading submissions, tariffs, and pricing, targeting primarily Latvian consumers. The company maintains a professional online presence with consistent branding and good content quality. Technically, the website leverages Cloudflare for DNS and security, Cookiebot for cookie consent management, Google Tag Manager for analytics, and Sentry for error tracking, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced, security headers present, and no visible vulnerabilities. Privacy compliance is robust, with clear GDPR-aligned privacy and cookie policies and an active consent mechanism. Overall, the website is trustworthy, well-maintained, and aligned with industry best practices.

Gemeente Goeree-Overflakkee operates as the official local government authority for the Goeree-Overflakkee region in the Netherlands, providing residents and visitors with municipal information, news, and online services. The website serves as a comprehensive portal for public services including waste management, social support, subsidies, and contact scheduling. The municipality maintains a consistent and professional online presence with clear navigation and accessibility features, targeting local citizens and stakeholders. Technically, the website leverages modern web technologies including React with Next.js, Drupal CMS, and integrates accessibility and user engagement tools such as ReadSpeaker and TalkJS chat. Hosting is managed by SIM Group's infrastructure, ensuring reliable performance and mobile optimization. SEO and accessibility are well addressed, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and uses nonce attributes for scripts, indicating good security hygiene. However, it lacks visible security headers and a cookie consent mechanism, which are recommended for full GDPR compliance. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and alignment with the municipality's identity. Overall, the website is trustworthy, professionally maintained, and serves its public sector role effectively. Strategic improvements in privacy compliance and security policy transparency would further enhance its security posture and user trust.

Make-A-Wish Nederland is a well-established non-profit organization dedicated to fulfilling the wishes of children aged 3 to 18 with serious or life-threatening illnesses. The organization operates primarily within the Netherlands and has been active since 2011. Their website reflects a professional and consistent brand image, targeting donors, volunteers, and families of children in need. The site provides clear information about their mission and services, supported by a modern technical infrastructure including Cookiebot for consent management and Google Tag Manager for analytics. The use of Craft CMS is inferred from cookie names, indicating a robust content management system. Security posture is solid with HTTPS enforced and CSRF protections in place, though some security headers could be explicitly implemented. Privacy compliance is well addressed with a comprehensive cookie policy and consent mechanism. However, contact information and formal security policies are not explicitly published, which could be improved to enhance trust and transparency. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR requirements.

G

Gemeente Heemskerk

heemskerk.nl

0

Gemeente Heemskerk is the official municipal government website for the town of Heemskerk in the Netherlands, providing a wide range of digital services and information for residents and businesses. The site offers key services such as passport and ID card applications, waste management, tax information, and local governance details. It maintains a strong local government presence with clear navigation and comprehensive content tailored to its community. Technically, the website is built on TYPO3 CMS, hosted by Cobytes, and uses Matomo for analytics, reflecting a modern and privacy-conscious infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with consistent branding and trust indicators including official social media channels. Security posture is solid with HTTPS, security headers, and no visible vulnerabilities, though it lacks some explicit security and privacy policy pages. Overall, the website demonstrates a mature digital presence suitable for a government entity, with room for improvement in privacy consent mechanisms and incident response transparency.

A

ASN Bank

devolksbank.nl

0

ASN Bank is a well-established Dutch financial institution focused on sustainable and socially responsible banking. The website clearly communicates its mission to contribute to a sustainable and just future, targeting a general audience interested in ethical banking solutions. The bank maintains a strong market position within the Netherlands, supported by its parent company De Volksbank. Key services include banking and investor relations with a focus on sustainability. Technically, the website is built on modern technologies including Craft CMS, uses Google Tag Manager for analytics, and is optimized for mobile and accessibility. Security posture is strong with HTTPS, CSRF protection, and cookie consent mechanisms, although explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

S

Social Care Network

bredavoorelkaar.com

0

Bredavoorelkaar is a Dutch non-profit online platform dedicated to facilitating voluntary help and neighborhood assistance within the Breda community. The platform enables residents to post help requests and volunteer offers, fostering community engagement and support. It partners with local organizations such as MOOIWERK Breda to provide volunteer vacancy listings, positioning itself as a key local resource for social care and community support. The website is professionally designed, mobile-optimized, and provides comprehensive information and user-friendly navigation.

S

Social Care Network

zorgzaam010.nl

0

Zorgzaam010 is a well-established non-profit platform dedicated to connecting volunteers and individuals seeking help within Rotterdam. It operates as part of the larger NLvoorelkaar network, providing a comprehensive suite of services including volunteer matching, social activities, and community support. The platform targets local residents and organizations, facilitating social engagement and impact through a user-friendly web interface. Technically, the website employs modern JavaScript frameworks, integrates with analytics and monitoring tools such as Google Analytics, Hotjar, and New Relic, and uses push notification services like OneSignal. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security-wise, the platform enforces HTTPS, implements standard security headers, and maintains privacy and cookie policies with consent mechanisms, though it lacks a dedicated security policy or incident response contact. Overall, the website is professional, trustworthy, and aligned with its community-focused mission.

S

Servicepaspoort

servicepaspoort.nl

0

Servicepaspoort is a Dutch membership organization focused on providing convenience, comfort, health, and care services primarily to residents in the Kennemerland region. The website offers information about membership benefits, health-related services, and a webshop with member discounts. The organization positions itself as a regional non-profit entity supporting seniors and families with health and wellbeing solutions. Technically, the website is built on WordPress with common plugins such as Yoast SEO and Google reCAPTCHA, hosted by team.blue nl B.V. The site uses HTTPS and DNSSEC, indicating good domain security practices. However, some outdated libraries like jQuery 1.11.2 present minor security risks. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but lacks a cookie consent mechanism. Contact is primarily via phone and a contact form, with no public email addresses found. Overall, the website is professional, trustworthy, and well-structured, serving its target audience effectively.

Z

Zorgbalans

werkenbijzorgbalans.nl

0

Zorgbalans is a healthcare recruitment and employment platform based in the Netherlands, established since 2008. The website serves as a portal for job seekers, healthcare professionals, and students to find vacancies, internships, and training opportunities within the healthcare sector. It positions itself as a regional employer with a focus on personal and specialized care, supported by employee testimonials and active social media engagement. The business model revolves around connecting talent with healthcare roles and providing flexible working options.

N

Nationale Postcode Loterij N.V.

postcodeloterij.nl

0

Nationale Postcode Loterij is a well-established Dutch lottery operator founded in 1989, focusing on providing lottery services where participants' postcodes serve as their lottery numbers. The organization supports over 146 charitable causes, distributing a significant portion of proceeds to these good causes. The website reflects a professional and trustworthy platform with clear business objectives, targeting a general audience interested in lottery participation and social good. Technically, the site employs modern web technologies including Vue.js and RequireJS, hosted likely on Microsoft Azure infrastructure, and managed via the Enonic CMS platform. The site is mobile-optimized and SEO-friendly, with a good user experience and clear navigation. Security posture is strong with HTTPS enforced, consent management via Usercentrics, and reputable third-party analytics and marketing tools integrated. No critical vulnerabilities or suspicious domains were detected. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the website demonstrates a mature digital presence aligned with its business goals and regulatory requirements.