Security Directory

S

State of North Carolina

nc.gov

68

The website www.nc.gov serves as the official online portal for the State of North Carolina, providing comprehensive information about government services, updates, and resources for residents, businesses, and visitors. It is positioned as a key digital gateway for accessing state government resources and public information. The site features a modern, accessible design built on Drupal 10, incorporating responsive layouts and multiple accessibility tools to ensure usability across devices and user needs. The technical infrastructure includes integration with Google Analytics, Google Tag Manager, and Monsido for analytics and accessibility enhancements, hosted on Digital Commons, a state IT service provider. Security posture is strong with HTTPS enforced and anonymized IP tracking in analytics, though explicit security headers and a cookie consent mechanism could be improved. The WHOIS data is incomplete, lacking registrar and registrant details, which is unusual but may be due to government domain registration policies. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with privacy standards, making it a reliable resource for its audience.

T

ThinkLA

thinkla.org

53

ThinkLA is a well-established advertising, marketing, and media collective focused on serving the Los Angeles marketing community. The organization offers membership programs, hosts events, and provides educational initiatives to connect and inspire professionals in the region. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its target audience. Technically, the site is built on Drupal 10 with Bootstrap and integrates third-party services such as GlueUp for event management and AddToAny for social sharing. Mobile optimization and SEO practices are good, though accessibility could be improved. Security posture is solid with HTTPS enforced, but lacks some security headers and published policies. Privacy compliance is basic, with no cookie consent mechanism detected. WHOIS data is unavailable, likely due to privacy protection, but the site’s content and contact information support its legitimacy.

M

Media Rating Council

mediaratingcouncil.org

53

The Media Rating Council (MRC) is a well-established non-profit organization founded in 1963 at the request of the US Congress. It serves the media industry by auditing and accrediting media measurement services across multiple platforms including digital, out-of-home, print, radio, and television. The organization positions itself as a trusted industry self-regulatory body providing standards and accreditation to ensure measurement validity and reliability. The website reflects this professional and authoritative role with clear descriptions of objectives and services, targeting media professionals and measurement service users. Technically, the website is built on Drupal 10, leveraging modern web technologies such as jQuery Validation. The site is mobile optimized, accessible, and SEO friendly with proper meta tags and structured navigation. Hosting and domain registration are consistent with the organization's US presence, though DNSSEC is not enabled. The site lacks some advanced security headers and formal privacy or cookie policies, which are areas for improvement. From a security perspective, the site uses HTTPS and has domain transfer protections in place. However, no explicit security policies, incident response contacts, or vulnerability disclosure mechanisms are published. No WAF or blocking mechanisms were detected, and no vulnerabilities or exposed sensitive data were found in the analysis. The absence of privacy and cookie policies reduces privacy compliance scores. Overall, the website is professional, trustworthy, and serves its niche well. Strategic recommendations include publishing privacy and cookie policies, enabling DNSSEC, adding security headers, and establishing formal security and incident response documentation to enhance trust and compliance.

C

Conga

getconga.com

71

Conga is an established enterprise software company founded in 1996, specializing in commercial operations automation including CPQ, Contract Lifecycle Management, Document Automation, and Revenue & Commerce solutions. The company targets businesses seeking to streamline and automate revenue operations and contract management processes. Their market position is strong, supported by recognitions such as Gartner's Customers' Choice and a comprehensive product suite. Technically, the website is built on Drupal 10, leveraging modern marketing and analytics tools like Google Tag Manager, Marketo, and ZoomInfo, hosted with Cloudflare DNS services. The site demonstrates excellent performance, mobile optimization, and SEO practices. Security posture is robust with HTTPS, security headers, and domain protections, though enabling DNSSEC and publishing explicit security policies could enhance trust further. Overall, Conga presents a professional, trustworthy, and mature digital presence aligned with its enterprise business model.

C

CIVIC

civiccomputing.com

61

CIVIC is a UK-based digital agency specializing in digital innovation and collaborative problem-solving to enhance everyday interactions. Their services span strategy, design, development, hosting, and support, targeting primarily government and public sector clients. The company positions itself as a trusted partner with a strong focus on accessibility, GDPR compliance, and user-centered design. The website reflects a professional and consistent brand image with clear navigation and comprehensive service descriptions. Technically, the website is built on Drupal 10 and integrates Matomo analytics for privacy-conscious user tracking. The presence of a GDPR-compliant cookie control mechanism demonstrates a mature approach to privacy and compliance. The site is mobile-optimized and accessible, though some security headers are not detected, indicating room for improvement in security hardening. From a security perspective, the site uses HTTPS and enforces cookie consent, but lacks visible security headers and published security policies or incident response contacts. The WHOIS data is missing or unavailable, which raises concerns about domain registration transparency, although the website content and professional presentation support legitimacy. Overall, CIVIC's website is well-designed and functional, with strong privacy compliance and a clear business focus. However, the absence of WHOIS data and some security best practices suggest areas for enhancement to improve trust and security posture.

N

NBCUNIVERSAL MEDIA

nbcuni.com

66

NBCUniversal Media is a leading global media and entertainment company specializing in the development, production, and marketing of entertainment, news, and information content. As a subsidiary of Comcast Corporation, NBCUniversal holds a strong market position with a broad portfolio of media brands and services targeting a general audience worldwide. The website reflects a mature digital presence with rich multimedia content, clear branding, and integration of modern web technologies such as Drupal 10 CMS, Datadog RUM for monitoring, and OneTrust for cookie consent management. Security posture is generally good with HTTPS enforced and privacy consent mechanisms in place; however, the absence of explicit security headers and a visible privacy policy page indicates room for improvement. The WHOIS data is notably missing or unavailable, which is unusual for a major corporate domain and warrants further verification. Overall, the website demonstrates professionalism and trustworthiness but should enhance transparency and security best practices to align with enterprise standards.

U

United States Postal Service Office of Inspector General

uspsoig.gov

72

The United States Postal Service Office of Inspector General (USPS OIG) website serves as the official federal oversight portal for the USPS, providing comprehensive audit reports, investigative work, and resources to prevent fraud, waste, and abuse within the postal service. The site targets government employees, postal stakeholders, and the general public interested in USPS oversight. It operates under the parent organization USPS and maintains a strong market position as the authoritative oversight body. Technically, the website is built on Drupal 10, leveraging modern web technologies including Font Awesome and Google Tag Manager. It demonstrates good digital maturity with mobile optimization, accessibility features, and a clean, professional design. The site is hosted securely with HTTPS and integrates standard analytics tools. From a security perspective, the site enforces HTTPS and includes a vulnerability disclosure policy, but lacks some advanced security headers and a cookie consent mechanism, which are recommended for enhanced compliance and protection. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy, professional, and well-maintained, with minor areas for improvement in privacy compliance and security header implementation. The domain WHOIS data is incomplete but the .gov domain and consistent branding strongly support legitimacy.

V

VITO NV

vitopolis.be

70

VITOpolis is an interactive pop-up exhibition by VITO NV, a Belgian research organization focused on sustainable technology and solutions. The website serves as an educational platform to raise awareness about sustainability through interactive modules and exhibits. The target audience includes the general public, schools, and municipalities. The business model is centered on public engagement and education, positioning VITOpolis as an innovative player in sustainability education within Belgium. Technically, the website is built on Drupal 10, leveraging modern web technologies such as jQuery and Google Tag Manager for analytics and marketing. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. The hosting appears to be stable and consistent with the domain registrar BELNET, a trusted Belgian network provider. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism compliant with GDPR. However, explicit security headers and a published security policy or incident response contacts are absent. No vulnerabilities or exposed sensitive data were detected. Tracking is done via Google Tag Manager and Facebook Pixel with user consent. Overall, the website is professional, trustworthy, and compliant with privacy regulations. The domain registration and WHOIS data align well with the business claims, indicating legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to improve transparency and security posture.

I

Interreg North Sea Programme

interregnorthsea.eu

62

Interreg North Sea Programme is a regional cooperation initiative focused on stimulating green and sustainable development across the North Sea Region. The website serves as a platform to provide information about funding opportunities, project partnerships, and program goals. It targets innovators, project managers, and regional stakeholders seeking to collaborate on impactful projects. The site is professionally designed, well-structured, and provides comprehensive content aligned with its mission. Technically, the website is built on Drupal 10, employs Matomo for analytics, and uses HTTPS to secure communications. The site demonstrates good mobile optimization and accessibility features, though some security headers are not explicitly visible in the HTML source. Privacy compliance is partially addressed with a clear privacy policy but lacks a cookie consent mechanism. Security posture is solid with no evident vulnerabilities or exposed sensitive data. The absence of WHOIS data is due to EURid privacy policies, which is common for .eu domains and justified for this type of governmental/non-profit entity. Overall, the website is trustworthy, professional, and serves its audience effectively.

S

Sabancı Üniversitesi

sabanciuniv.edu

64

Sabancı Üniversitesi is a prominent private university in Turkey offering interdisciplinary education and research. The website provides comprehensive academic, administrative, and research information targeting prospective and current students, faculty, and researchers. The site uses modern web technologies including Drupal 10 and Google Tag Manager, ensuring a professional and responsive user experience. Security posture is strong with HTTPS and no visible vulnerabilities, though cookie consent and incident response policies could be improved. Overall, the website reflects a trustworthy and well-established educational institution with a strong digital presence.

M

Mayfair Club

mayfairclub.london

56

Mayfair Club operates a loyalty scheme targeting residents and workers in the Mayfair area of London, offering exclusive discounts and offers at local restaurants, luxury fashion brands, and spas. The website is built on Drupal 10 and integrates Google Tag Manager for analytics. The site is professionally designed with good mobile optimization and accessibility features, providing a positive user experience. However, it lacks critical privacy and cookie policies, contact information, and explicit security policies, which impacts its overall trustworthiness and compliance posture. Security headers are not detected, and no vulnerability disclosure or incident response information is provided, indicating room for improvement in security maturity. Overall, the website is safe for general audiences and functions well as a local loyalty platform but would benefit from enhanced transparency and security practices.

B

Belgravia Plus

belgraviaplus.london

57

Belgravia Plus operates a local loyalty scheme targeting residents and workers in the Belgravia area of London, offering exclusive discounts and special offers at restaurants, gyms, and boutiques. The website is built on Drupal 10 and incorporates modern JavaScript technologies along with Google Tag Manager and Facebook Pixel for marketing and analytics purposes. The site is mobile optimized and provides a good user experience with clear navigation and professional design. However, it lacks critical privacy and cookie policies, as well as visible contact information, which impacts its privacy compliance and trustworthiness. Security posture is moderate with HTTPS enabled but missing key security headers and incident response information. Overall, the website is functional and serves its business purpose but requires improvements in privacy, security, and transparency to enhance user trust and compliance.

M

Mount Street Neighbourhood

mayfairldn.com

65

Mount Street Neighbourhood is a luxury retail and cultural destination located in London’s Mayfair district, offering designer fashion, luxury beauty, dining, and cultural events. The website presents a polished and professional digital presence, leveraging Drupal 10 CMS and modern web technologies to deliver a rich user experience optimized for mobile and accessibility. The business targets affluent shoppers and tourists seeking high-end retail and dining experiences. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Security posture is generally good with HTTPS and no exposed sensitive data, but lacks explicit security policies and cookie consent mechanisms. Overall, the site is trustworthy and professional but would benefit from improved transparency and compliance documentation.

G

Grosvenor

belgravialdn.com

61

Belgravia Village is a lifestyle and retail destination website promoting independent shops, cafes, and restaurants in a prestigious London area. It is managed by Grosvenor, a well-known property group, and targets visitors interested in shopping, dining, and local events. The website is built on Drupal 10 and integrates multiple analytics and marketing tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS and secure forms, though explicit security policies are not published. The absence of WHOIS data is a notable concern but does not detract significantly from the site's professional presentation and trust signals. Overall, the site is well-designed, accessible, and compliant with privacy regulations, making it a credible and trustworthy online presence for Belgravia Village.

E

Econocom

econocom.com

71

Econocom is a European enterprise specializing in digital transformation projects, offering a comprehensive portfolio including equipment, services, audiovisual integration, and asset financing. The company positions itself as a digital general contractor with a strong market presence and a commitment to CSR and sustainability. The website is professionally designed, mobile-optimized, and rich in content, targeting businesses and public organizations. Technically, the site leverages Drupal 10 CMS and modern JavaScript libraries, with good performance and accessibility features. Security posture is solid with HTTPS and secure analytics tracking, though explicit security headers and published security policies are absent. The WHOIS data is unavailable, which raises some concerns about domain registration transparency, but the overall business credibility remains high due to stock listing and detailed corporate information.

V

ViV - Isomatic

viv-isomatic.com

63

ViV - Isomatic is a Bulgarian-based distributor specializing in electrical equipment and industrial automation products. The company represents multiple reputable manufacturers and offers a broad product portfolio including automation devices, protective apparatus, cables, connectors, and industrial enclosures. Their website is built on Drupal 10 with Commerce 2, providing e-commerce capabilities and a professional user experience tailored to industrial clients. The site is mobile-optimized and includes a cookie consent mechanism, but lacks explicit privacy and terms of service pages, which are important for compliance and user trust. Security posture is adequate with HTTPS enforced and domain transfer protection enabled, though DNSSEC is not active. Google Analytics is used for user tracking at a moderate level.

A

ALPLA Werke Alwin Lehner GmbH

alpla.com

68

ALPLA Werke Alwin Lehner GmbH is a global leader in the manufacturing and development of innovative plastic packaging solutions, serving a wide range of industries with products such as bottles, caps, and injection-moulded parts. The company emphasizes sustainability and circular economy principles, leveraging over 30 years of recycling expertise. The website reflects a mature enterprise with a strong market position and comprehensive digital presence. Technically, the site is built on Drupal 10, employs modern analytics and marketing tools, and is optimized for mobile and accessibility. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. WHOIS data is unavailable, which slightly reduces trust but is offset by strong branding and compliance disclosures. Overall, ALPLA presents a professional, trustworthy, and well-structured digital footprint aligned with its business stature.

G

Global Alliance for Buildings and Construction (GlobalABC)

globalabc.org

65

GlobalABC is a well-established international alliance dedicated to promoting zero-emission, efficient, and resilient buildings and construction sectors worldwide. The organization serves as a collaborative platform for governments, private sector entities, civil society, research institutions, and intergovernmental organizations. Their website reflects a professional and content-rich platform offering resources, reports, and engagement opportunities to its diverse global audience. Technically, the site is built on Drupal 10, uses Cloudflare DNS services, and integrates Google Tag Manager for analytics, indicating a modern and maintainable infrastructure. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy and cookie policies are notably absent, which impacts compliance and user trust. Overall, the site is accessible, well-branded, and trustworthy, with room for improvement in privacy compliance and DNS security.

3

3D Systems

3dsystems.com

73

3D Systems is a leading enterprise in the 3D printing and additive manufacturing industry, offering a broad portfolio of products and services including 3D printers, print materials, software, on-demand manufacturing, and healthcare solutions. The company targets industrial manufacturers, healthcare providers, and technology developers, positioning itself as a comprehensive solutions provider in the digital manufacturing space. The website reflects a mature digital presence with professional design, clear navigation, and extensive content tailored to its B2B audience. Technically, the site is built on Drupal 10, leveraging modern analytics and marketing tools such as Google Analytics 4, Google Tag Manager, OneTrust for cookie consent, and Visual Website Optimizer for A/B testing. The infrastructure includes Amazon Cloudfront CDN for performance optimization and global delivery. Security posture is strong with HTTPS enforced, multiple security headers implemented, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, the absence of WHOIS data is notable and unusual for a company of this scale, though it does not detract from the overall trustworthiness of the site. Strategic recommendations include publishing a dedicated security policy, incident response contacts, and vulnerability disclosure information to enhance transparency and trust. Overall, the website demonstrates a high level of professionalism, security, and compliance suitable for an enterprise in the technology and healthcare manufacturing sectors.

U

United States Department of Agriculture

farmers.gov

67

Farmers.gov is an official U.S. government website operated by the United States Department of Agriculture (USDA) providing comprehensive resources, tools, and information to support farmers and agricultural producers across the United States. The site offers services including farm loan assistance, disaster recovery programs, conservation initiatives, and local service center locators, positioning itself as a critical digital platform for agricultural stakeholders. The website is well-branded with consistent USDA imagery and messaging, targeting a broad audience of farmers, ranchers, and producers. Technically, the site is built on Drupal 10 CMS and integrates multiple analytics and tracking tools such as Google Analytics, Hotjar, Microsoft Clarity, and Siteimprove, indicating a mature digital infrastructure focused on user experience and performance monitoring. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate likely due to the complexity and volume of content. From a security perspective, the site enforces HTTPS with a government-signed SSL certificate and likely employs standard security headers, though explicit header details are not fully confirmed. No vulnerabilities or exposed sensitive data were detected. However, the absence of a visible cookie consent mechanism and vulnerability disclosure page suggests areas for compliance improvement. Overall, the site maintains a strong security posture appropriate for a government service portal. The domain is a .gov domain, restricted to U.S. government entities, which strongly supports legitimacy despite the lack of publicly available WHOIS data. The website’s content, branding, and external links further confirm its authenticity. The site is safe for general audiences with no adult or questionable content detected. Strategic recommendations include implementing explicit cookie consent, publishing a vulnerability disclosure policy, and enhancing transparency around security practices to further strengthen trust and compliance.

The U.S. Department of Agriculture (USDA) website serves as an authoritative federal government portal providing extensive resources and support related to food, agriculture, natural resources, rural development, nutrition, and related policy areas. The site targets a broad audience including American citizens, farmers, ranchers, agricultural stakeholders, and government employees. It offers comprehensive information on food safety, farming and ranching, forestry, sustainability, trade, and disaster assistance programs, positioning itself as a critical resource in the agricultural sector. Technically, the website is built on Drupal 10, a modern and robust content management system, and integrates multiple analytics tools including Google Analytics, Google Tag Manager, and the U.S. government's Digital Analytics Program. The site demonstrates good performance, excellent mobile optimization, and strong accessibility features, ensuring a positive user experience across devices. The presence of HTTPS and secure cookie consent mechanisms further enhance its technical maturity. From a security perspective, the USDA website employs HTTPS with excellent SSL configuration and follows best practices such as secure forms and no visible vulnerabilities in third-party libraries. While explicit security headers are not fully confirmed, the overall posture is strong. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR considerations. Incident response mechanisms are partially visible through a lawfare complaint portal, though more explicit security contact channels could improve readiness. Overall, the website is highly trustworthy, professionally designed, and consistent with its government identity. The lack of WHOIS data is expected due to the .gov domain restrictions, and no suspicious patterns were detected. The site is safe for general audiences with no adult or questionable content. Strategic recommendations include enhancing security header implementation, increasing transparency around incident response, and maintaining up-to-date CMS and third-party components to sustain security and compliance.

S

State of North Dakota

nd.gov

70

The website www.nd.gov serves as the official portal for the State of North Dakota, providing comprehensive information and resources related to living, working, industries, business, government services, news, and data. It targets residents, businesses, visitors, and government stakeholders, positioning itself as a trusted government resource. The site leverages a modern technical infrastructure based on Drupal 10 CMS, Bootstrap 5, and various JavaScript libraries to deliver a responsive, accessible, and user-friendly experience. Security is well implemented with HTTPS and secure linking practices, although explicit security headers could be enhanced. Privacy compliance is moderate, with a clear privacy policy but lacking a cookie consent mechanism. WHOIS data is limited but consistent with .gov domain privacy norms, supporting the site's legitimacy. Overall, the site demonstrates high professionalism, trustworthiness, and content quality.

E

ENBRA

enbra.cz

68

ENBRA is a Czech-based company specializing in energy-saving solutions and measurement of heat and water for both professional and end customers. It holds a leading market position in the sale of water meters and heat meters, offering comprehensive services including metrology, heating, cooling, ventilation, project design, and training. The website demonstrates a mature digital presence with a modern Drupal 10 CMS, integrated analytics, and a cookie consent mechanism compliant with GDPR. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though the absence of a public security policy and incident response contacts suggests room for improvement. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.

I

Instituto Cervantes

cervantes.es

62

Instituto Cervantes is a well-established Spanish public institution dedicated to promoting the Spanish language and Hispanic cultures worldwide. The website serves as a comprehensive portal offering language courses, cultural activities, official exams, and digital resources. It targets learners, educators, and cultural enthusiasts globally, maintaining a strong market position as the leading authority in Spanish language promotion. Technically, the site is built on Drupal 10 with modern web technologies, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is robust, with clear GDPR-aligned policies and consent management. Overall, the website is professional, trustworthy, and content-rich, reflecting the institution's credibility and global presence.

Pegasystems Inc. is a leading enterprise software company specializing in AI decisioning and workflow automation platforms. Their website positions them as a market leader in enterprise transformation, offering a comprehensive suite of AI-driven products and cloud services targeted at large organizations and enterprises. The company emphasizes innovation in AI agents, generative AI, and predictive AI to help businesses automate and optimize operations. The digital infrastructure is built on modern technologies including Drupal 10 CMS and integrates advanced analytics and consent management tools, reflecting a mature and professional digital presence. Security posture is strong with HTTPS enforcement, security headers, and recognized certifications such as ISO 27001 and SOC 2, although explicit incident response and vulnerability disclosure details are not prominently available. Overall, the website is well-designed, accessible, and trustworthy, supporting a high level of business credibility and compliance with privacy regulations.

Z

Z/S Jaunminkiņi

medusbite.lv

48

Medusbite.lv is a Latvian small business specializing in the retail of beekeeping products such as honey, bee bread, beeswax candles, and propolis items. The website serves as an e-commerce platform built on Drupal 10 with Commerce 2, targeting general consumers interested in natural bee products. The company maintains an active social media presence and provides clear contact information, enhancing customer trust. Technically, the site uses modern web technologies including Bootstrap and FontAwesome, with Google Analytics integrated for visitor tracking. The site is mobile-optimized and offers a cookie consent mechanism compliant with GDPR requirements. Security posture is moderate with no visible critical vulnerabilities, but lacks explicit security headers and detailed security policies. WHOIS data could not be retrieved due to query limits, limiting domain registration verification. Overall, the site is professional, trustworthy, and suitable for its niche market.

D

Dolf.lv

dolf.lv

43

Dolf.lv is a Latvian niche media platform dedicated to disc golf, providing news, articles, event calendars, and course information to the local disc golf community. The website promotes its mobile applications available on iOS and Android, enhancing user engagement. The platform is built on Drupal 10 CMS, leveraging modern web technologies and integrating Google Analytics and Tag Manager for user tracking and marketing insights. The site is well-structured, mobile-optimized, and presents consistent branding, indicating a professional approach to content delivery. However, the absence of privacy and cookie policies, as well as contact information, limits its compliance posture and user trust signals. Security-wise, the site uses HTTPS but lacks visible security headers, suggesting room for improvement in hardening its security posture. WHOIS data is unavailable due to query limits, but the website content and technical setup do not raise immediate legitimacy concerns. Overall, Dolf.lv serves its niche audience effectively but should enhance privacy compliance and security practices to improve trust and regulatory adherence.

Mežabirža is a Latvian online auction platform specializing in the sale and purchase of forests and forest lots. It serves as a marketplace connecting over 450 forestry companies, positioning itself as a leading portal in Latvia's forestry auction sector. The website offers interactive maps and detailed listings to facilitate transactions between buyers and sellers. Technically, the site is built on Drupal 10 with Commerce 3, leveraging modern web technologies such as Leaflet.js for mapping and integrates analytics tools like Google Tag Manager and Facebook Pixel. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the website enforces HTTPS and includes cookie consent mechanisms, but lacks some advanced security headers and explicit security policies. WHOIS data was unavailable due to query limits, limiting full domain trust assessment. Overall, the site demonstrates a solid digital presence with moderate technical maturity and good privacy compliance, suitable for its business domain.

Y

Yad Vashem

yadvashem.org

64

Yad Vashem is a globally recognized non-profit institution established in 1953 by the Israeli government, dedicated to Holocaust remembrance, education, research, and commemoration. The website serves as a comprehensive portal offering access to archival materials, museum information, educational resources, and commemorative events, targeting a broad audience including educators, researchers, students, and the general public. The institution holds a leading position in its sector with a strong brand presence and consistent messaging. Technically, the website is built on Drupal 10, utilizing modern web technologies such as responsive images, SVG icons, and jQuery. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. Security posture is solid with HTTPS enforced and secure forms, but lacks visible security headers and explicit incident response or vulnerability disclosure policies. Overall, the site is professionally designed, content-rich, and trustworthy, with minor gaps in privacy compliance such as the absence of a cookie consent mechanism. The WHOIS data is unavailable, likely due to privacy protection, but this is justified given the non-profit nature of the organization. The site links to multiple official social media channels and partner organizations, reinforcing its legitimacy.

LPKS GreenBeef.Lv is a Latvian agricultural cooperative specializing in breeding selected beef cattle breeds and producing biologically certified beef products. The cooperative emphasizes sustainable farming practices with high animal welfare standards and minimal ecological footprint. Their business model includes direct-to-consumer sales through an e-commerce platform and cooperative membership expansion. The website is built on Drupal 10, featuring a cookie consent mechanism compliant with GDPR, and provides clear contact information and bio certification as trust signals. Technically, the site is moderately performant, mobile-optimized, and accessible, though it lacks visible security headers and detailed security policies. WHOIS data could not be retrieved due to query limits, limiting domain trust assessment. Overall, the site presents a professional and trustworthy image suitable for its niche market.

L

Latvijas Meža īpašnieku Biedrība

mezaipasnieki.lv

58

Latvijas Meža īpašnieku Biedrība is a Latvian forestry owners' association focused on providing educational resources, organizing events, and promoting sustainable forest management. The website is built on Drupal 10 and uses modern web technologies including lazy loading, Google Analytics, and Facebook SDK for social integration and analytics. The site is well-structured, mobile-optimized, and includes a GDPR-compliant cookie consent mechanism. Security posture is moderate with HTTPS enforced but lacks explicit security headers and published security policies. WHOIS data could not be retrieved due to query limits, limiting domain trust verification. Overall, the site is professional, content-rich, and safe for general audiences.

H

Heidelberg Materials SBC Latvia SIA

sbc.lv

63

Heidelberg Materials SBC Latvia SIA is a medium-sized company specializing in metal structure design, manufacturing, installation, and general construction services with over 20 years of experience. The company is part of the Heidelberg Materials group and holds the EN 1090 EXC4 certification, indicating high standards in steel construction. The website is professionally designed using Drupal 10 CMS and provides comprehensive information about the company's services and sustainability efforts. Technically, the site uses modern web technologies and includes GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS enforced and no visible vulnerabilities, though additional security headers and explicit security policies could enhance protection. Overall, the website reflects a credible and professional business presence in the Latvian construction sector.

E

EHI Group

ehi.lv

47

EHI Group is a Latvian company specializing in the design, production, and delivery of prefabricated timber frame houses, log cabins, and glue-laminated beams. The company leverages modern machinery and specialized design software (Sema Soft) to ensure high-quality products with short delivery times. Their market presence includes international projects, particularly in Switzerland and France, indicating a solid regional footprint in the construction and manufacturing sector. Technically, the website is built on Drupal 10, utilizing modern web technologies and integrating Google Analytics and Tag Manager for user tracking and marketing insights. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Cookie compliance is implemented with a GDPR-consistent consent banner. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms but lacks advanced security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The absence of WHOIS data limits domain registration trust verification, but the website's content and contact details support legitimacy. Overall, the website presents a professional and trustworthy front for a small manufacturing business with moderate technical maturity and a good baseline security posture. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would enhance trust and compliance.

L

Liellopu izsoļu nams

liellopuizsoles.lv

48

Liellopu izsoļu nams is a Latvian agricultural business specializing in organizing cattle auctions, including breeding bulls and both biological and conventional cattle slaughtering services. The website serves as a platform to provide auction results, event calendars, news updates, and contact information, targeting farmers and cattle breeders primarily in Latvia. The business operates in a niche local market with a clear focus on livestock auction services and related agricultural equipment sales. Technically, the website is built on Drupal 10 CMS, utilizing modern JavaScript libraries such as jQuery UI and FullCalendar for event management. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a professional design and clear navigation. Cookie consent mechanisms and privacy policies indicate awareness of GDPR compliance. From a security perspective, the site uses HTTPS and implements cookie consent but lacks visible HTTP security headers and incident response contact information. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data limits domain registration trust analysis, but the website content and contact details suggest legitimacy. Overall, the website presents a professional and trustworthy front for a small agricultural auction business with moderate technical maturity and good privacy compliance. Strategic improvements in security headers and incident response transparency would enhance its security posture and trustworthiness.

T

Tikkurila

tikkurila.lv

55

Tikkurila.lv is the Latvian localized website of Tikkurila, a well-established paint and coatings company operating under the parent brand PPG Tikkurila. The website targets both consumers and professionals, offering a comprehensive range of decorative paints, professional coatings, and industrial coatings. It provides rich content including product catalogs, color collections, inspiration, and educational resources through Tikkurila Academy. The site is built on Drupal 10 with modern front-end technologies and integrates Google Tag Manager and Analytics for marketing and tracking purposes. The website is well-structured, mobile-optimized, and professionally designed, reflecting a mature digital presence.

SIA Vizuālā diagnostika is a Latvian healthcare company specializing in visual diagnostics and related medical services. The website presents a professional and well-structured digital presence, supporting multiple languages and providing comprehensive privacy and cookie policies compliant with GDPR. The company targets patients and healthcare consumers in Latvia, offering diagnostic services including remote diagnostics. Technically, the website is built on Drupal 10 CMS, uses modern frontend frameworks like Bootstrap, and integrates Google Tag Manager and Cookiebot for analytics and privacy management. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers are not confirmed in the HTML. No critical vulnerabilities or suspicious content were detected. Overall, the website reflects a legitimate and trustworthy healthcare service provider with a moderate to good digital maturity level.

T

Trivik

trivik.lv

64

Trivik is a Latvian small business specializing in data recovery services from various damaged data carriers including hard drives, SSDs, USB flash drives, memory cards, and phones. The website presents a professional and focused service offering targeting individuals and businesses in Latvia needing data recovery solutions. The company maintains a clear online presence with contact information and privacy compliance measures such as cookie consent management. Technically, the website is built on Drupal 10 with Commerce 3, uses Google Analytics for traffic analysis, and implements Klaro! for cookie consent. The site is mobile optimized and accessible with good SEO practices. Security posture is adequate with HTTPS enforced and consent mechanisms in place, but lacks explicit security headers and published security policies. WHOIS data could not be retrieved due to query limits, limiting domain registration trust analysis. Overall, the website is trustworthy, professional, and compliant with privacy regulations, suitable for its business scope.

Superia is a leading financial advisory firm operating in the Baltic region with offices in Estonia, Latvia, and Lithuania. The company specializes in mergers and acquisitions, capital markets advisory, and corporate finance services. Their website highlights a strong market position with multiple references to significant transactions and recent news showcasing active business operations. The target audience primarily consists of corporate clients seeking expert financial advisory services in the Baltic states. Technically, the website is built on Drupal 10 CMS with a modern and professional design. It demonstrates good mobile optimization, accessibility, and SEO practices. However, the absence of visible security headers and privacy-related policies indicates room for improvement in security and compliance maturity. No WHOIS data was available due to query limits, limiting domain legitimacy verification. Security posture is moderate with no evident vulnerabilities in the HTML content, but the lack of security headers and privacy policies reduces the overall security score. Contact information is clearly presented, enhancing business credibility. Overall, the website is professional and trustworthy but would benefit from enhanced security and privacy compliance measures.

P

Puto pašapkalpošanās automazgātavas

puto.lv

45

PUTO is a leading Latvian self-service and express car wash network offering modern, contactless car washing technologies across more than 40 stations nationwide. The company targets both private vehicle owners and corporate fleets, providing flexible washing programs, client loyalty cards, and franchise opportunities. The website is built on Drupal 10 with modern web technologies and demonstrates strong digital maturity with mobile optimization, clear navigation, and comprehensive content. Security posture is adequate with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. Overall, the business presents a professional and trustworthy online presence aligned with its market position.

Z

ZaVínom.sk | Ochutnávky a degustácie vína 2025

zavinom.sk

57

ZaVínom.sk is a Slovak regional online platform specializing in wine tasting and degustation event bookings. It targets wine enthusiasts and groups interested in wine experiences across various Slovak wine regions. The website offers a range of wine tasting events, picnics, and tours, facilitating online reservations. The business operates in the hospitality sector and appears to be a small-sized enterprise founded in 2020. The platform uses Drupal 10 CMS with Commerce 2 for e-commerce functionalities, integrating Google Fonts, Google Maps API, Facebook Pixel, and Google Tag Manager for enhanced user experience and marketing. Technically, the website is well-structured with good mobile optimization and moderate performance. Security posture is strong with HTTPS and DNSSEC enabled, though it lacks some advanced security headers and explicit security policies. Privacy compliance is basic, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. No direct contact information or incident response contacts are found, which could impact user trust and compliance. Overall, the website is professional and trustworthy for its niche, but improvements in privacy transparency, security policies, and contact information would enhance its credibility and compliance posture. There are no indications of malicious content or blocking mechanisms, and the domain registration details align well with the website's regional and business focus.

S

Sportmedia, s. r. o.

sportmedia.sk

58

Sportmedia, s. r. o. is a Slovak media company specializing in publishing specialized magazines, operating online portals, and organizing sports events. Established in 2008, it holds a stable position in the Slovak media market, targeting general audiences interested in sports and leisure magazines. The website offers subscription services for various magazines and maintains a professional online presence with clear contact information and social media engagement. Technically, the site is built on Drupal 10 with Commerce 2, integrating Google Tag Manager for analytics and marketing. The site is mobile-optimized and accessible, with good SEO practices. Security posture is adequate with HTTPS enforced and secure login forms, though it lacks some advanced security headers and explicit security policies. Privacy and terms of service are present, indicating basic GDPR compliance. Overall, the site is trustworthy and professionally maintained, with room for security enhancements.

L

Lattiz

lattiz.com

72

Lattiz is a professional smart milk frother solution provider targeting coffee professionals, baristas, and hospitality businesses. The company offers innovative milk frothing machines and milk packs designed to deliver high-quality milk foam efficiently, enhancing customer satisfaction and business sales. The website is well-branded and linked to FrieslandCampina Professional, indicating a strong market position and corporate backing. Technically, the site is built on Drupal 10, uses modern JavaScript libraries, and integrates Google Tag Manager and hCaptcha for analytics and security. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is good with HTTPS and form protection, but lacks explicit security headers and published security policies. Privacy compliance is strong with comprehensive privacy and cookie policies and consent mechanisms. WHOIS data is missing or protected, which slightly reduces domain trustworthiness but is mitigated by the professional site and corporate association. Overall, the website presents a credible and professional business presence with minor areas for security and transparency improvement.

N

NBCUNIVERSAL MEDIA

peacock.com

67

NBCUniversal Media is a leading global media and entertainment company specializing in the development, production, and marketing of entertainment, news, and information to a worldwide audience. As a subsidiary of Comcast Corporation, NBCUniversal operates multiple subsidiaries including Peacock streaming service, Universal Pictures, and NBC Sports, positioning itself as a dominant player in the media industry. The website reflects a mature digital presence with professional design, rich multimedia content, and consistent branding aligned with its corporate identity. Technically, the site is built on Drupal 10, leveraging modern analytics and consent management tools, indicating a high level of digital maturity. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site demonstrates a high level of professionalism and trustworthiness, though the lack of WHOIS data limits domain registration transparency. Strategic recommendations include publishing detailed security and incident response information and establishing a vulnerability disclosure program to enhance trust and compliance.

F

FrieslandCampina Professional

frieslandcampinaprofessional.com

71

FrieslandCampina Professional is a B2B business providing high-quality dairy products and innovative food solutions targeted at food professionals in hospitality, bakery, and the food industry. The website reflects a mature digital presence built on Drupal 10 with modern JavaScript libraries and integrations such as Google Analytics and hCaptcha for security. The content is rich, professionally presented, and well-structured, supporting a strong brand image aligned with its parent company, Royal FrieslandCampina N.V. However, the absence of WHOIS registration data raises some concerns about domain legitimacy or recent registration, though the website content and external brand links strongly suggest a legitimate business operation. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. Contact information is primarily via web forms, with no direct emails or phone numbers publicly listed.

D

Debic

debic.com

10

Debic is a professional dairy product brand targeting bakers and chefs, offering a wide range of dairy products, recipes, and culinary inspiration. The website is well-structured, visually appealing, and optimized for professional users, reflecting a mature digital presence. Technically, the site uses Drupal 10 CMS, integrates modern analytics and marketing tools, and employs security best practices such as HTTPS and CAPTCHA protection on forms. However, the absence of WHOIS data for the domain www.debic.com raises some concerns about domain registration transparency, although the website content and external references strongly indicate legitimacy. Privacy and cookie policies are comprehensive and GDPR compliant, supporting good privacy practices. Overall, the site demonstrates a strong security posture with room for improvement in explicit security disclosures and direct contact information.

Č

Čistou Stopou Prahou – MHMP

cistoustopou.cz

41

Čistou Stopou Prahou is a government-affiliated project operated by the Magistrát hlavního města Prahy focused on promoting sustainable and clean mobility options in Prague. The website provides informational resources, event calendars, and educational content aimed at encouraging walking, cycling, and use of eco-friendly transport modes. It targets both the general public and professionals interested in urban transport development. The project is positioned as a trusted public service with a clear mission to improve urban mobility and environmental quality in Prague. Technically, the website is built on Drupal 10 CMS with Bootstrap UI framework, leveraging modern web technologies such as jQuery and Google Fonts. The site is mobile-optimized, accessible, and structured with semantic markup including JSON-LD for enhanced SEO and data interoperability. Hosting appears to be provided by opalstack.com. Performance is moderate with good navigation and content organization. From a security perspective, the site uses HTTPS and employs deferred and async loading of scripts to optimize performance and security. However, explicit security headers are not detected in the provided data, and no privacy or cookie policies are present, which are important for GDPR compliance. No incident response or vulnerability disclosure information is available. The absence of WHOIS data is a concern and should be investigated to confirm domain legitimacy. Overall, the website presents a professional and trustworthy front for a government project promoting sustainable transport. Strategic improvements in privacy compliance, security headers, and domain registration transparency are recommended to enhance trust and security posture.

C

Committee for a Responsible Federal Budget

futurebudget.org

51

The Committee for a Responsible Federal Budget operates the website futurebudget.org, which provides interactive tools and quizzes aimed at educating the public about federal government spending, taxes, national debt, and deficits. The site targets a general audience interested in fiscal policy and government budgeting. The business model is educational and advocacy-focused, typical of a non-profit organization. The website is professionally designed with consistent branding and clear navigation, supporting good user engagement. Technically, the site is built on Drupal 10 CMS and integrates Google Tag Manager and Google reCAPTCHA for analytics and form security. The site is mobile-optimized and accessible, with good SEO practices. However, some security best practices such as security headers are missing, and there is no explicit cookie consent mechanism, which could be improved for better privacy compliance. From a security perspective, the site uses HTTPS and includes reCAPTCHA to protect forms, but lacks published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable due to a malformed request, but the domain appears privacy protected, which is common and justified for non-profit organizations. The overall security posture is moderate with room for improvement. Overall, the website is a credible and professional resource for federal budget education with moderate technical maturity and security posture. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trust and compliance.

C

Committee for Responsible Federal Budget

covidmoneytracker.org

55

The COVID Money Tracker website is an informational platform operated by the Committee for Responsible Federal Budget, a non-profit organization focused on tracking and visualizing the trillions of dollars spent by the U.S. federal government in response to the COVID-19 pandemic. The site provides interactive data visualizations and detailed tables to help policymakers, researchers, and the public understand federal spending, tax cuts, loans, grants, and subsidies related to COVID relief efforts. The platform positions itself as a niche government transparency tool with a clear mission to enhance fiscal accountability. Technically, the website is built on Drupal 10 CMS and incorporates modern web technologies including Google Tag Manager for analytics and tracking. The site is mobile-optimized, accessible, and SEO-friendly, offering a good user experience with clear navigation and professional design. Performance is moderate, with no major technical issues detected in the provided content. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks several recommended security headers such as Content-Security-Policy and X-Frame-Options, which could enhance protection against common web attacks. Privacy compliance is limited, with no visible privacy or cookie policies and no GDPR compliance indicators. Contact information and incident response channels are not evident, which could hinder user trust and security reporting. Overall, the website is a credible and trustworthy source for COVID-19 federal spending data, but it would benefit from improved privacy disclosures, enhanced security headers, and clearer contact information to strengthen its security posture and compliance. The domain WHOIS data is unavailable or privacy-protected, which is typical for non-profit organizations but limits external verification of registrant details.

C

Chronopost

chronopost.fr

61

Chronopost is a leading French express parcel delivery company serving both individual and professional customers. The website offers comprehensive information about their services, including parcel tracking, online postage, and specialized delivery options such as Shop2Shop. The company is part of the Geopost group, which is reflected in the website branding and footer links. Technically, the website is built on Drupal 10 with modern libraries and includes cookie consent and tracking mechanisms. Security posture is good with HTTPS and secure forms, though explicit security headers and incident response contacts are not published. The absence of WHOIS data limits domain trust assessment but the website content and branding strongly indicate legitimacy. Overall, the site is professional, user-friendly, and compliant with privacy regulations.

I

International Confederation of Societies of Authors and Composers

cisac.org

65

The International Confederation of Societies of Authors and Composers (CISAC) operates as the world's largest network in the creative sector, representing 228 societies across 111 countries and serving 5 million creators. The organization focuses on advocacy for authors' rights, providing business tools and services to authors' societies, and acting as a global information authority on collective management systems. Their market position is strong as a leading non-profit entity in the media and creative industries, targeting authors, creators, and policy makers worldwide. Technically, the website is built on Drupal 10 CMS, utilizing Matomo for analytics and OneTrust for cookie consent management, reflecting a modern and privacy-conscious digital infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, with moderate performance and a professional design. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, though explicit security headers like Content-Security-Policy were not detected in the provided content. No vulnerabilities or exposed sensitive data were found. The WHOIS data is unavailable due to a malformed response, but the website's professionalism and consistent branding support its legitimacy. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance efforts. Strategic recommendations include enhancing security headers, maintaining regular audits of third-party scripts, and improving transparency by publishing privacy and terms of service documents.