Other security reports

P

Pronto Rental

prontorental.com

46

Pronto Rental is a Colombian-based company specializing in the rental of heavy machinery and equipment, serving multiple sectors such as construction, industrial assembly, logistics, urban services, and events. Established in 2015, it positions itself as the largest machinery rental company in Colombia, offering a wide range of equipment and services tailored to client needs. The website reflects a professional and consistent brand image with clear contact information and trust certifications like Great Place To Work and Socotec. Technically, the website is built on WordPress using Elementor and integrates modern tools such as Google Tag Manager and Google Analytics. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Security-wise, HTTPS is enforced, but the absence of DNSSEC and security headers indicates potential areas for enhancement. Privacy compliance is basic, with privacy and terms policies present but lacking cookie consent mechanisms. Overall, the security posture is adequate but could benefit from implementing additional security headers and formal incident response policies. The domain registration is consistent with the business claims, enhancing trustworthiness. Strategic improvements in privacy compliance and security practices would further strengthen the company's digital maturity and customer trust.

I

International Ice Hockey Federation

iihf.com

66

The International Ice Hockey Federation (IIHF) operates as the global governing body for ice hockey and inline hockey, organizing major international tournaments such as World Championships and Olympic events. The website serves as a comprehensive portal for fans, players, officials, and member associations, offering news, event schedules, development resources, and media streaming services. The IIHF maintains strong partnerships with recognized brands like Nike and Tissot, enhancing its market position and credibility. Technically, the website employs modern JavaScript libraries and tracking tools including Google Tag Manager and Azure Application Insights, indicating a mature digital infrastructure. The site is mobile-optimized with good navigation and content quality, though accessibility features could be improved. Performance is moderate, with a custom framework powering the site. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms, but lacks visible security headers and a published vulnerability disclosure policy. The absence of WHOIS data reduces transparency but does not detract significantly from the site's legitimacy given its professional presentation and official partnerships. Overall, the IIHF website demonstrates a solid security posture and compliance with privacy regulations, providing a trustworthy and professional user experience. Strategic improvements in security header implementation and explicit incident response contacts would further enhance its security maturity.

Z

Zero First

zerofirst.io

51

Zero First's website at zerofirst.io currently presents a minimal login page with very limited content and no visible business or contact information. The domain is newly registered in December 2024 with privacy protection enabled, which is typical for new startups but limits trust signals. The site uses modern frontend tooling such as Vite and is hosted behind Cloudflare DNS, indicating a modern technical infrastructure but lacks visible security headers or advanced configurations. There are no privacy or cookie policies, no terms of service, and no contact details, which negatively impacts compliance and user trust. Overall, the website appears to be in an early development or pre-launch stage with minimal public-facing content.

B

Before you continue to YouTube

boomerangtv.co.uk

64

The analyzed URL is a consent management subpage under the domain consent.youtube.com, which is a subdomain of youtube.com owned by Google. The page serves as a user interface for managing consent preferences, likely related to GDPR or regional privacy compliance. It does not contain substantive business information, contact details, or privacy policies directly on this page. The technical infrastructure relies heavily on JavaScript and Google-hosted resources, consistent with Google's internal consent management systems. Due to the nature of the page as a consent UI, it is minimal in content and does not provide typical website business or security information. The security posture cannot be fully assessed from this page alone, but given the association with YouTube and Google, it is presumed to be managed under Google's robust security frameworks. Overall, this page is a functional component of YouTube's compliance mechanisms rather than a standalone business website.

The World Karate Federation (WKF) is a globally recognized international sports federation dedicated to promoting karate as a sport. It is the only karate organization recognized by the International Olympic Committee and boasts 198 member countries and over a hundred million members worldwide. The organization operates primarily as a non-profit entity focused on organizing karate events, managing rankings, accrediting approved brands, and running educational programs. The website reflects a professional and authoritative presence consistent with a large international sports federation headquartered in Spain. Technically, the WKF website employs modern web technologies including Blazor, Bootstrap 5, and various JavaScript libraries for enhanced user experience and performance. The site is mobile-optimized, accessible, and SEO-friendly, with structured data and comprehensive metadata supporting discoverability and rich search results. Privacy and cookie policies are clearly presented with consent mechanisms, indicating good compliance with GDPR and related regulations. From a security perspective, the site uses HTTPS with strong SSL configuration and implements cookie consent. While explicit security headers are not fully confirmed, no vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response information is noted as an area for improvement. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain registration legitimacy; however, the website content and social media presence strongly support the authenticity of the organization. Overall, the WKF website demonstrates a high level of professionalism, technical maturity, and compliance with privacy standards. The main risk factor is the lack of WHOIS transparency, which should be investigated further to ensure domain legitimacy and trustworthiness.

E

European Powerlifting Federation (EPF)

epfmalta.com

53

The website epfmalta.com serves as the official platform for the European Open, Sub-Junior, Junior & Masters Equipped & Classic Bench Press Championships scheduled in Malta in September 2025. It provides comprehensive event information, accreditation processes, booking options for accommodation, transportation, and banquet tickets, targeting athletes, coaches, officials, and powerlifting enthusiasts. The site is positioned as a key communication channel for the European Powerlifting Federation's event, showcasing partner logos and official messages to build trust and engagement. Technically, the site is built on WordPress using the Divi theme, hosted with domain registration via GoDaddy and DNS managed by Cloudflare. The site is secured with HTTPS and domain status locks, but lacks DNSSEC and advanced security headers. Performance and mobile optimization are moderate to good, with basic accessibility and SEO practices in place. From a security perspective, the site demonstrates fundamental protections such as HTTPS and domain locking but lacks comprehensive security headers, vulnerability disclosure mechanisms, and privacy compliance documentation. No privacy or cookie policies were found, indicating compliance gaps with GDPR and related regulations. Contact information is limited to an email address for sponsorship inquiries, with no phone numbers or physical addresses clearly provided. Overall, the website is functional and professional for its event purpose but requires improvements in privacy compliance, security best practices, and transparency to enhance trustworthiness and regulatory adherence.

I

Internet Invest, Ltd. dba Imena.ua

goodlift.info

43

GOODLIFT.INFO is a specialized website dedicated to providing official and verified information about powerlifting competitions, events, and athletes affiliated with the International Powerlifting Federation (IPF). The site supports competition management through the GOODLIFT software, which is the official competition management tool for IPF. The target audience includes powerlifting athletes, teams, federations, and enthusiasts seeking authoritative competition data and rankings. The business operates primarily as an information and software support service within the niche sports sector, maintaining a consistent and professional online presence since 2008. Technically, the website employs a straightforward HTML, CSS, and JavaScript stack without reliance on modern CMS or frameworks. Hosting and domain registration are managed by Internet Invest, Ltd. dba Imena.ua, a Ukrainian registrar, consistent with the site's author and content origin. The site demonstrates moderate performance and basic mobile optimization, with good SEO practices evident in meta tags and structured navigation. However, there is room for improvement in accessibility and modern technical enhancements. From a security perspective, the site lacks advanced security headers and DNSSEC, which are recommended to enhance protection against common web threats. The domain is secured with clientTransferProhibited status, and WHOIS data is transparent and consistent, supporting legitimacy. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. No incident response or security policy information is published, which could be improved to strengthen trust. Overall, GOODLIFT.INFO is a credible and authoritative resource within its niche, with a solid business foundation and consistent branding. Security and privacy practices require enhancement to meet modern standards and regulatory requirements. Strategic improvements in security headers, DNSSEC, cookie consent, and published policies would elevate the site's trustworthiness and compliance posture.

I

International Powerlifting Federation

powerlifting.sport

53

The International Powerlifting Federation (IPF) website serves as the official online presence for the global governing body of powerlifting. It provides comprehensive information about the federation's activities, including news, championships, anti-doping policies, and educational programs. The site targets athletes, coaches, referees, and fans worldwide, positioning itself as a leading authority in the sport. The business model is that of a non-profit sports federation focused on governance, event organization, and athlete support. Technically, the website is built on the TYPO3 CMS platform, utilizing modern web technologies such as jQuery, Matomo analytics for privacy-conscious tracking, and Lightbox for media display. The site demonstrates good mobile optimization and SEO practices, though accessibility features could be improved. Performance is moderate, with no major technical issues detected. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and a cookie consent mechanism, which are recommended for enhanced protection and compliance. The WHOIS data is privacy protected by the registry, which is common for .sport domains, and does not raise immediate trust concerns given the professional nature of the site and its affiliations. Overall, the IPF website is a professional, trustworthy platform with solid content and technical implementation. Strategic improvements in privacy compliance and security headers would further strengthen its posture.

R

Ramirent

ramirent.sk

60

Ramirent is a Slovakia-based company specializing in the rental of tools, machinery, and equipment, supported by professional services and a wide branch network. The website presents a modern, well-structured digital presence built on React and Material-UI, offering good user experience and mobile optimization. However, the site lacks explicit privacy and cookie policies, as well as clear contact information, which impacts its privacy compliance and trustworthiness scores. Security posture is adequate with HTTPS enabled and secure forms, but missing security headers and incident response details suggest room for improvement. Overall, the website is functional and professional but would benefit from enhanced compliance and security transparency.

T

The National Outdoor Expo

nationaloutdoorexpo.com

69

The National Outdoor Expo is a well-established event organizer focused on outdoor community meet-ups, featuring inspirational speakers, exhibitors, and interactive features. The website reflects a professional and consistent brand presence, targeting outdoor enthusiasts primarily in the UK. The technical infrastructure is based on WordPress, hosted via Cloudflare, and incorporates modern SEO and analytics tools, including Google Analytics and PixelYourSite. The site implements a comprehensive cookie consent mechanism, aligning with GDPR requirements. Security posture is strong with HTTPS enforced and clientTransferProhibited domain status, though DNSSEC is not enabled and some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a mature digital presence suitable for its business model and audience.

C

Cleverservice

cleverservice.se

48

Cleverservice.se is a Swedish website primarily serving as a login portal for its users, likely customers or employees of Cleverservice. The site is built on Drupal 7 CMS with Bootstrap and jQuery for frontend components. The technical infrastructure includes Google Analytics and Google Tag Manager for user tracking, with IP anonymization enabled to enhance privacy. The website content is minimal, focusing on user authentication without public-facing business descriptions or contact information. Security posture is moderate with HTTPS enabled but lacks DNSSEC and visible security headers. No privacy or cookie policies are present, indicating compliance gaps. Overall, the site is functional but basic in content and security maturity.

R

Rugby Europe

rugbyeurope.eu

78

Rugby Europe is the governing body responsible for the administration and promotion of rugby union across European countries outside the Six Nations Championship. The organization focuses on organizing competitions, developing rugby at various levels, and serving the rugby community in Europe. The website serves as the official digital presence, providing information and resources related to European rugby activities. Technically, the website employs modern web technologies including Google Tag Manager for analytics and Cookiebot for cookie consent management, hosted on a reliable Azure CDN platform. The site is mobile-optimized and includes structured data for enhanced SEO. Security-wise, the site enforces HTTPS and implements a comprehensive cookie consent mechanism, though lacks some advanced security headers and explicit security policies. Overall, the website is professional and trustworthy, but could improve privacy compliance and transparency by publishing privacy and terms of service policies and providing clear contact information. The domain WHOIS data is protected by EURid privacy services, which is common and justified for this type of organization.

W

World Rowing

worldrowing.com

69

World Rowing is an established international sports federation responsible for organizing rowing events worldwide, including the upcoming 2025 World Rowing Cup in Lucerne, Switzerland. The website serves as an official platform to provide event information and promote the sport to athletes, fans, and the rowing community. The domain is long-standing, registered since 1999, and hosted on a reliable infrastructure with AWS DNS and CDN services, reflecting a mature digital presence. Technically, the website employs modern JavaScript frameworks such as Vue.js, uses Google Tag Manager for analytics and marketing, and implements HTTPS with appropriate security headers. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. However, some standard compliance elements like a dedicated privacy policy and terms of service pages are not detected on the event page, though a cookie consent mechanism is present. From a security perspective, the site demonstrates good practices including HTTPS enforcement and clientTransferProhibited domain status, but lacks DNSSEC and a published security.txt file for vulnerability disclosure. No critical vulnerabilities or exposed sensitive data were found. The WHOIS data aligns well with the website's claims, supporting legitimacy and trustworthiness. Overall, the website is professional, secure, and credible, serving its purpose effectively. Enhancements in privacy compliance documentation and security disclosures would further strengthen its posture.

The European Powerlifting Federation (EPF) operates as a recognized sports federation governing powerlifting activities across Europe. The website serves as a comprehensive portal for event information, news, anti-doping policies, and member federation resources. It targets athletes, coaches, referees, and enthusiasts within the European powerlifting community. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and includes privacy-conscious analytics via Matomo and a consent management platform (Usercentrics). Security posture is solid with HTTPS and privacy policies in place, though some security headers could be improved. The absence of WHOIS data limits domain registration insights, but the site’s content and partnerships strongly indicate legitimacy. Overall, the site is professional, well-structured, and trustworthy.

E

European Karate Federation

europeankaratefederation.net

61

The European Karate Federation website serves as the official digital presence for the continental karate governing body in Europe. It provides comprehensive news, event calendars, organizational structure details, and contact information targeted at athletes, coaches, referees, and karate enthusiasts. The site is built on WordPress with modern plugins for SEO, cookie compliance, and user engagement, reflecting a moderate to advanced digital maturity. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though additional security headers could enhance protection. The absence of WHOIS registration data is a notable anomaly that slightly impacts trust but does not detract from the professional presentation and compliance evident on the site. Overall, the website effectively supports the federation's mission and community engagement.

E

European Chess Union

europechess.org

49

The European Chess Union (ECU) operates as the continental governing body for chess in Europe, organizing championships, supporting member federations, and promoting chess education. The website serves as an information hub for news, events, commissions, and official communications. The organization targets chess players, federations, and enthusiasts across Europe, positioning itself as a key non-profit sports federation in the chess domain. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and various plugins for event management and media embedding. The site is mobile-optimized with good navigation and content structure, though accessibility features are basic. Performance is moderate, with room for improvement in SEO and accessibility. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and a public vulnerability disclosure policy. The absence of a privacy policy and WHOIS data reduces compliance and trust scores. No blocking or WAF mechanisms were detected, indicating full content accessibility. Overall, the site is professional and trustworthy from a content and business perspective but would benefit from enhanced privacy disclosures, security headers, and transparent domain registration information to improve compliance and trustworthiness.

E

European Bridge League

eurobridge.org

42

The European Bridge League (EBL) is a non-profit organization dedicated to administering the mind sport Bridge across Europe. The website serves as a central hub for governance, competitions, education, and community engagement for bridge players and national federations. The site is well-structured with clear navigation and consistent branding, targeting bridge enthusiasts, youth, and women players. Technically, the website is built on WordPress with a modern plugin stack including WPBakery, Slider Revolution, and EventON, and integrates Google Analytics and reCAPTCHA for analytics and security. While the site is accessible and mobile-optimized, it lacks explicit privacy and terms of service pages, and no direct contact information is found in the provided content. Security posture is moderate with some best practices like reCAPTCHA and cookie consent implemented, but missing security headers and unknown SSL status present risks. The WHOIS data is unavailable or malformed, limiting domain trust analysis. Overall, the website is functional and professional but would benefit from enhanced security measures and clearer privacy compliance documentation.

B

Badminton Europe

badmintoneurope.com

66

Badminton Europe operates as the official governing body for badminton across Europe, offering a comprehensive digital platform that includes live scoring, news, player profiles, rankings, and multimedia content. The website targets badminton enthusiasts and stakeholders, positioning itself as a leading source of European badminton information and engagement. Technically, the site is built on a modern Liferay DXP CMS platform, leveraging React and Clay UI components, and is hosted with Cloudflare DNS services, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and domain registration consistent with a legitimate organization; however, the absence of explicit privacy, cookie, and security policies indicates room for compliance improvement. Overall, the site presents a professional and trustworthy front but should enhance privacy and security disclosures to align with best practices.

E

HOME | Europaralympic

europaralympic.org

58

The website www.europaralympic.org appears to be a Wix-hosted site related to the European Paralympic Committee or a similar organization. However, the content provided is minimal and truncated, with no clear business description, contact information, or privacy policies visible. The WHOIS data is unavailable or malformed, preventing extraction of registrar or registrant details, which negatively impacts trust and legitimacy assessment. Technically, the site uses Wix's standard JavaScript and hosting infrastructure but lacks visible security headers or HTTPS confirmation in the provided data. Overall, the site shows low digital maturity and limited compliance with privacy and security best practices.

The website peipsivald.ee is currently inaccessible due to a Cloudflare Turnstile security challenge page, preventing access to any substantive content or business information. The domain is registered since 2018 with a reputable Estonian registrar, indicating a legitimate and stable presence. However, the lack of accessible content limits the ability to assess the business model, services, or compliance posture. The technical infrastructure relies on Cloudflare for security and performance, but no further details on CMS or frameworks are available. Security posture cannot be fully evaluated due to the blocked content, and no privacy or cookie policies are detectable. Overall, the site appears legitimate but is currently not analyzable beyond domain registration and WAF presence.

X

XTAXI.LV | taksometrs Rīgā un Liepājā

xtaxi.lv

58

The website www.xtaxi.lv appears to be a small business site built on the Wix platform, likely related to taxi or transportation services in Latvia. The site uses standard Wix hosting and JavaScript technologies but lacks visible business descriptions, contact information, or privacy and cookie policies. The technical infrastructure is typical for Wix sites, with moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled but missing important security headers and policies. The absence of WHOIS data due to query limits restricts domain legitimacy verification. Overall, the site shows minimal digital maturity and limited trust signals, which may impact user confidence.

The website hokejablogs.lv is currently inaccessible due to a security challenge page implemented by BitNinja.IO, indicating the presence of a Web Application Firewall (WAF) or similar security mechanism. The visible content is minimal, consisting mainly of a redirect countdown and browser integrity check scripts. The site references outdated CMS versions (Joomla 1.5 and WordPress 2.5) in its metadata, suggesting legacy technology usage. No business-specific content, contact information, or privacy-related policies are accessible, limiting the ability to assess the business or compliance posture. The WHOIS lookup failed due to query limits, preventing extraction of domain registration details and further trust verification. Overall, the site exhibits a low security and business credibility posture with significant gaps in transparency and modern web practices.

L

Latvijas Hokeja Federācija

lhf.lv

53

Latvijas Hokeja Federācija (LHF) is the national governing body for ice hockey in Latvia, providing comprehensive information about Latvian ice hockey including news, statistics, tournaments, teams, referees, and organizational details. The website targets ice hockey players, fans, coaches, and officials within Latvia and offers a centralized platform for updates and resources related to the sport. The business model is non-profit and focused on sports federation activities, supported by multiple sponsors and partners. Technically, the website employs modern JavaScript frameworks such as Vue.js and jQuery, integrates social media SDKs, and uses Google Analytics for visitor tracking. The site is mobile-optimized with good navigation and content relevance, though accessibility features are basic. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks some security headers and explicit privacy and terms policies. WHOIS data is unavailable due to query limits, but website content and contact details indicate legitimacy. Overall, the site is professional and trustworthy with room for improvement in privacy compliance and security best practices.

A

American Beauty Summer Meet

americanbeauty.ee

40

American Beauty Summer Meet is a niche event organizer focused on American car enthusiast gatherings in Estonia, with the upcoming event scheduled for July 2025. The website serves as an informational and ticketing platform for this event, targeting automotive fans in the region. The business operates on a small scale with a clear focus on event hosting and entertainment services. Technically, the website is built on WordPress using common plugins such as Yoast SEO and WPML, ensuring multilingual support and SEO optimization. The site is moderately performant and mobile-optimized, with a consistent branding approach and good user experience. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration aligns well with the business profile, indicating legitimacy.

Rogue Fish Media operates as a digital real estate business specializing in the sale and leasing of premium domain names. The website presents a portfolio of high-value domains but lacks detailed business information, contact details, or compliance documentation. Technically, the site is built using Dynadot's website builder platform and includes common web technologies such as jQuery, FontAwesome, and Google Analytics. However, the use of an outdated jQuery version and absence of visible security headers or HTTPS status raise concerns about security maturity. The WHOIS data is notably absent, which undermines domain legitimacy and trust. Privacy and cookie policies are missing, indicating poor compliance with data protection regulations. Overall, the site provides basic content with moderate technical implementation but lacks critical security and compliance features.

The website linnuriik.ee serves as an informational and promotional platform focused on birdwatching and nature tourism in Matsalu National Park, Estonia. It provides detailed descriptions of bird species, observation towers, hiking trails, and virtual tours, targeting nature enthusiasts and tourists interested in the region. The site is operated by the Foundation of Lääne County and funded by the European Regional Development Fund, indicating a regional public interest focus. Technically, the website is built on WordPress using a modern tech stack including popular plugins like Yoast SEO, WPBakery Page Builder, and Slider Revolution. The site is hosted under the registrar Zone Media OÜ, an Estonian entity, with HTTPS enabled and good SEO practices implemented. Mobile optimization and accessibility are adequate, though some improvements could be made. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks DNSSEC and important security headers, and does not publish explicit security or incident response policies. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms, which is a notable gap given GDPR requirements. Overall, the website is a well-maintained regional informational resource with good business credibility but requires enhancements in privacy compliance and security best practices to improve trust and regulatory adherence.

The website tartu2024.ee is currently inaccessible due to a Cloudflare security challenge page employing Turnstile captcha to verify visitors as human. This indicates a strong security posture at the perimeter but prevents content analysis. The domain is registered since 2018 with Telia Eesti AS, a reputable Estonian registrar, consistent with the domain's country context. No business, contact, or policy information is visible on the landing page, limiting insights into the organization's operations or compliance status. The technical infrastructure leverages Cloudflare's security and analytics services, but no CMS or other technologies are detectable due to blocked content. Overall, the site appears to be protected but lacks publicly accessible content for detailed evaluation.

S

Solo Build It!

sitesell.com

60

Solo Build It! (SBI!) is an online platform focused on enabling solopreneurs to build profitable online businesses rather than just websites or blogs. The platform targets individual entrepreneurs seeking comprehensive tools and guidance to establish and grow their online presence. The website is professionally designed with good SEO and mobile optimization, leveraging modern web technologies and third-party marketing and analytics tools such as Google Analytics, Facebook Pixel, and Microsoft Clarity. However, the absence of WHOIS registration data and domain ownership details introduces uncertainty regarding domain legitimacy. Security posture is weak due to lack of visible security headers and absence of explicit privacy or cookie policies, which also impacts privacy compliance. Overall, the site presents a moderate risk profile with room for improvement in transparency and security.

The website www.isca-web.org currently presents only minimal placeholder content with no meaningful information, metadata, or business details. The lack of WHOIS data and absence of security or privacy policies indicate a very low digital maturity and poor trustworthiness. There is no evidence of active business operations or user engagement features. Technically, the site lacks HTTPS and security headers, which exposes it to security risks and reduces user confidence. Overall, the site appears inactive or under construction, with critical gaps in security, compliance, and business transparency.

Riga Hockey Cup is a youth ice hockey tournament organizer based in Latvia, providing a platform for various age groups to compete in a well-structured European championship. The website offers multilingual support and comprehensive event information, targeting youth hockey teams, coaches, and fans. The digital infrastructure leverages common web technologies such as jQuery, Fancybox, and social media integrations, with moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though security headers and explicit incident response policies are absent. Privacy compliance is basic with a privacy policy and cookie consent implemented, reflecting GDPR awareness. The absence of WHOIS data limits domain legitimacy verification, but the site appears professional and trustworthy overall.

Cuper.se is a Swedish online platform serving as the country's largest and most comprehensive cup register for sports tournaments, primarily targeting sports clubs and event organizers. The service offers free registration of cups, tournaments, and series, enhancing visibility for organizers both within the platform and via search engines. The website is operated by CoreIT, a Swedish technology company, and integrates with partner services such as CupOnline for tournament administration and live result reporting. The platform holds a strong market position within its niche in Sweden, supported by a domain with a long history dating back to 2005. Technically, the website is custom-built, leveraging modern web technologies such as Material Icons, Google Fonts, and JavaScript libraries including Modernizr. The site is mobile-optimized with good navigation and SEO practices, though it lacks a CMS and some advanced accessibility features. Performance is moderate, and the site uses Google Tag Manager and Google Analytics for user tracking, with a cookie consent mechanism in place to comply with GDPR requirements. From a security perspective, the site uses HTTPS but lacks DNSSEC and advanced security headers, which could be improved to enhance DNS and web security. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a published security policy, incident response contacts, and Terms of Service pages indicates room for maturity in security governance and compliance documentation. Overall, Cuper.se presents a trustworthy and functional service with a solid business foundation and technical implementation. Strategic improvements in security policies, DNS security, and compliance documentation would further strengthen its risk posture and user trust.

The website ronangelo.com is currently inaccessible due to a Cloudflare security block page preventing content access. As a result, no direct business information, contact details, or policies are available for analysis. The domain is registered since 2012 with Cloudflare, Inc. as the registrar, indicating a mature and legitimate registration. However, the lack of accessible content severely limits the ability to assess the company's business model, services, or market position. The technical infrastructure includes Cloudflare protection, but no further details on hosting or CMS are available. Security posture cannot be fully evaluated due to the block, but the presence of Cloudflare WAF suggests some level of protection. Overall, the site is currently not analyzable beyond domain registration data, and the security block significantly reduces the confidence in content and compliance assessments.

The website ilmateenistus.ee is currently inaccessible due to a Cloudflare Turnstile security challenge that blocks automated access and requires human verification. This prevents retrieval of actual website content, including business descriptions, policies, and contact information. The domain is registered since 2013 with an Estonian registrar, indicating a stable and legitimate presence. The technical infrastructure relies on Cloudflare services for security and performance. Due to the blocking, no privacy, cookie, or terms of service policies are detectable, and no contact or business details are accessible. The security posture is strong in terms of WAF protection but limits content visibility for analysis. Overall, the site’s risk assessment is limited by lack of accessible data, and the AI score is capped low due to blocking.

R

Running Industry Alliance

runningindustryalliance.com

44

Running Industry Alliance (RIA) is a UK and Ireland focused member-based trade organization dedicated to advancing the running industry through networking, education, and collaboration. The website presents a professional and consistent brand image, targeting businesses and professionals within the running sector. Technically, the site is built on WordPress with the Divi theme, uses modern web fonts, and integrates Google Analytics for visitor tracking. Security posture is generally good with HTTPS enabled and no obvious vulnerabilities, but lacks important security headers and published policies. The absence of WHOIS data for the domain is a notable concern, suggesting either privacy protection or data unavailability, which impacts trustworthiness. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and transparency.

The website apek.ee is currently inaccessible, returning a 503 Service Unavailable error indicating maintenance or capacity issues. Due to this, no business content, metadata, or contact information is available for analysis. The domain is registered since 2016 with Zone Media OÜ, a reputable Estonian registrar, suggesting legitimacy of the domain ownership. The technical infrastructure is basic, running on an Apache server hosted by Zone Media OÜ. Security posture is weak as no security headers or policies are detected, and the site lacks privacy and cookie policies. Overall, the site is not currently functional for end users, which severely limits its business and security effectiveness.

The website healthybuildingsdesigncompetition.com currently returns a 404 error page indicating that the site is not configured or accessible. There is no visible business content, contact information, or policies available. The domain is newly registered in March 2023 and hosted by OVH sas, a reputable registrar and hosting provider. The site uses TYPO3 CMS technology but lacks any active content or configuration. Due to the lack of content and accessibility, the technical maturity and security posture cannot be fully assessed. No security headers or HTTPS information was provided, and no privacy or cookie policies are present. Overall, the site appears to be inactive or under development, resulting in a low trust and credibility score.

The analyzed content corresponds to an internal Chrome browser error page (chrome-error://chromewebdata/) which serves as a local offline or error display, including the embedded Chrome Dino game. No external website content, business information, or contact data is present. The page is not a public website but a browser internal resource, thus no typical business or compliance information is available. The technical infrastructure is minimal, relying on Chromium's internal scripts and styles. Security posture is limited to the browser's internal environment with no external SSL or headers applicable. Overall, this page cannot be evaluated as a commercial or organizational website.

The website rtk.ee is currently inaccessible due to a Cloudflare Turnstile human verification challenge, which blocks access to actual content. The domain is registered since 2012 by Zone Media OÜ, an Estonian registrar, indicating a legitimate and stable registration. However, no business, contact, or policy information is accessible on the challenged page. The technical infrastructure relies heavily on Cloudflare's security and analytics services, but no further CMS or platform details are available. Due to the blocking, the security posture cannot be fully assessed, but the use of Cloudflare indicates a baseline security measure. Overall, the site cannot be properly evaluated until the WAF challenge is passed.

Z

Zone Media OÜ

kiiskshooting.ee

52

The website kiiskshooting.ee represents Team KiiskShooting, a small Estonian business focused on sport shooting mental toughness literature and related content. The primary offering is a book titled "Sisekümne Seisund" which addresses mental strength in sport shooting, targeting athletes and enthusiasts in this niche. The site also provides team information and uses social media channels such as Facebook and X (Twitter) for outreach. The business is registered under Zone Media OÜ, consistent with the domain registration data, and the domain age supports the legitimacy of the business. Technically, the website is built on WordPress using the OceanWP theme and Elementor page builder, with SEO enhancements via Yoast SEO and analytics through Jetpack Stats. The site is hosted with a registrar Zone Media OÜ and uses Cloudflare for DNS. Performance and mobile optimization are good, though accessibility is basic. The site uses HTTPS with a valid SSL certificate but lacks advanced security headers and explicit privacy or cookie policies. From a security perspective, the site has a moderate posture with HTTPS enabled and no visible vulnerabilities or exposed sensitive data. However, it lacks security headers and formal security or incident response policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Contact information is limited to a contact form without direct emails or phone numbers, which may impact user trust. Overall, the website is functional and professional for its niche but would benefit from enhanced privacy compliance, security hardening, and clearer contact information to improve trust and regulatory adherence.

L

Liikumistervise innovatsiooni klaster SportEST

sportest.eu

42

Liikumistervise innovatsiooni klaster SportEST is a small Estonian cluster organization focused on fostering innovation in the field of movement health. The website presents the cluster as a recognized European-level partner with a bronze certification from the European Cluster Excellence program. The business model centers on collaboration among sector organizations and companies to develop innovative solutions in movement health. The website content is primarily in Estonian with language options for English and Russian, targeting regional and international stakeholders in the health innovation sector. Technically, the website is built on WordPress 4.7.29, utilizing common JavaScript libraries such as jQuery and plugins for slideshows and lightboxes. Google Analytics and Google Tag Manager are implemented for user tracking. The site is served over HTTPS, ensuring encrypted communication. However, the WordPress version is outdated, and minor PHP warnings are visible, indicating backend issues that could pose security risks. Accessibility and SEO optimizations are basic but functional, and mobile responsiveness is good. From a security perspective, the site lacks important security headers and does not publicly disclose privacy or cookie policies, which impacts GDPR compliance. No incident response or vulnerability disclosure information is available. The WHOIS data is unavailable due to EURid privacy policies, but the domain appears legitimate based on website content and certifications. Overall, the security posture is moderate but could be improved by addressing backend errors, updating software, and enhancing privacy compliance. The overall risk is moderate with recommendations to improve backend stability, implement security headers, publish privacy and cookie policies, and update the CMS to a supported version. These steps will enhance trust, compliance, and security posture for the cluster and its stakeholders.

J

Jocs dels Petits Estats d'Europa

gsse-andorra2025.com

49

The website gsse-andorra2025.com serves as the official digital platform for the Games of the Small States of Europe (GSSE) event hosted by Andorra in 2025. It provides comprehensive information about the event, including schedules, venues, media resources, and transport details. The site targets athletes, officials, media, and fans interested in this biennial multi-sport event featuring small European states. The business model focuses on event promotion and information dissemination, positioning itself as the authoritative source for GSSE 2025 in Andorra. Technically, the website is built on WordPress with Elementor page builder, leveraging modern web technologies such as jQuery, Swiper, and SEO tools like Rank Math. The site demonstrates good mobile optimization, SEO practices, and moderate performance. It uses HTTPS and includes a cookie consent mechanism, reflecting a mature digital infrastructure suitable for event promotion. From a security perspective, the site enforces HTTPS and employs domain transfer protection. However, it lacks explicit security headers and dedicated security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies aligned with GDPR requirements. Contact information is limited, with no direct emails or phone numbers found on the main pages. Overall, the website presents a low-risk profile with a professional appearance and solid privacy compliance. Strategic recommendations include enhancing security headers, publishing explicit security policies, and providing clearer contact channels to improve trust and incident response readiness.

The website www.easywl.com hosts content related to the EWF CHISINAU 2025 weightlifting championship, providing event schedules, results, protocols, and live scoreboard embeds. The site targets weightlifting athletes, officials, and fans, serving as an informational portal for the event. The business model is focused on event information dissemination with no evident commercial transactions or user data collection. Technically, the site is basic, built with standard HTML and CSS, embedding YouTube videos for live content. There is no detected CMS or advanced frameworks, and the site lacks modern SEO and accessibility features. Security posture is minimal with no visible security headers or HTTPS confirmation in the data provided. The absence of privacy, cookie policies, and contact information indicates low compliance with data protection regulations. WHOIS data is missing, raising concerns about domain legitimacy and trustworthiness. Overall, the site functions as a niche event information platform but lacks professional security and compliance maturity.

U

Uma Mekk

umamekk.ee

44

Uma Mekk is a regional food brand based in Estonia, specifically targeting the Vana-Võromaa area. The website serves as a platform for local food and beverage producers to obtain branding and certification under the Uma Mekk trademark. The business model focuses on promoting local food products and supporting regional producers. The website is built on WordPress using the Divi Builder and Bootstrap framework, indicating a modern and maintainable technical infrastructure. SEO is enhanced with Yoast SEO and structured data, improving search visibility. The site is mobile optimized and includes cookie consent mechanisms, reflecting awareness of privacy regulations. Security posture is solid with HTTPS and security headers implemented, though explicit privacy and security policies are absent. Tracking via Google Analytics and Facebook Pixel is present, indicating moderate user data collection. Overall, Uma Mekk presents a credible and professional online presence for a small regional food brand.

K

kalateave.ee

kalateave.ee

42

The website kalateave.ee serves as the Fisheries Information Centre for Estonia, focusing on enhancing knowledge and sustainability in fisheries, aquaculture, and aquatic resource utilization. It targets industry professionals, non-profits, research institutions, and the general public interested in fisheries. The site offers informational content, research publications, educational materials, and event announcements, positioning itself as a central knowledge hub in the Estonian fisheries sector. Technically, the site is built on Joomla CMS with modern web technologies including jQuery, Bootstrap, and FontAwesome, and integrates Google Analytics for visitor tracking. The site is mobile-optimized and has good SEO practices but lacks some accessibility features and security headers. Security posture is solid with HTTPS enforced and CSRF protections, but there is room for improvement in privacy compliance and explicit security policies. Overall, the site is professional and trustworthy but should enhance privacy transparency and security headers to align with best practices.

Z

Zone Media OÜ

xn--puhvetitepiv-pcb.ee

43

The website 'PUHVETITE PÄIV RÕNGUST RANNUNI' serves as the official online presence for a regional Estonian food and cultural event organized by Zone Media OÜ. It provides visitors with event details, galleries, maps, and multimedia content to promote local buffets and experiences in the Rõngu and Rannu areas. The site targets local visitors and tourists interested in Estonian culinary culture. Technically, the site is built on WordPress with a modern theme and several plugins supporting multilingual content, social media integration, and cookie consent management. The infrastructure is hosted likely by Zone Media OÜ, with proper HTTPS and moderate performance. Security posture is adequate with SSL and cookie consent but lacks advanced security headers and explicit incident response or vulnerability disclosure mechanisms. Privacy compliance is partial, with a cookie policy and consent mechanism but no visible privacy policy or terms of service. Overall, the site is professional and trustworthy for its niche but could improve in privacy and security transparency.

The website www.norway-hei.com is a personal informational site focused on Norwegian culture, history, food, and language, created by a native author. It serves a niche audience interested in authentic Norwegian experiences and provides rich content including stories, recipes, and cultural insights. The business model appears to be primarily advertising-based, leveraging Google Adsense and related ad networks. Technically, the site is built on the SBI! CMS platform with standard HTML, CSS, and JavaScript, but lacks advanced frameworks or modern infrastructure. Performance and mobile optimization are basic, with room for improvement in accessibility and SEO. Security posture is moderate with HTTPS enabled but missing important security headers and policies. No privacy, cookie, or terms of service policies are present, and no contact information is provided, which impacts privacy compliance and business credibility. Critically, WHOIS data for the domain is missing or unavailable, raising concerns about domain legitimacy and trustworthiness. Overall, the site is functional and content-rich but requires significant improvements in security, compliance, and transparency to enhance trust and professionalism.

Global Water Partnership (GWP) is an established international organization focused on water resource management and investment initiatives. The website serves primarily as a landing page announcing a transition to a new phase called the Global Transformation Agenda On Water Investments and directs users to a new website (gwpo-gwp.org). The organization appears to be a non-profit or partnership entity with a global focus on water-related projects. The domain has a long history dating back to 1996, supporting its legitimacy and established presence. Technically, the website uses common web technologies including Google Analytics, Google Tag Manager, and Facebook SDK for tracking and marketing purposes. The hosting provider appears to be Loopia based on DNS nameservers. The site is moderately optimized for performance and mobile use but lacks advanced accessibility and SEO features. No CMS or major frameworks are detected from the provided data. From a security perspective, HTTPS is enabled, but no DNSSEC or security headers are present, which reduces the overall security posture. There are no visible forms or data collection points on the landing page, limiting attack surface but also limiting user engagement. Privacy and cookie policies are absent, indicating poor privacy compliance. No contact information or incident response details are provided, which may impact user trust and compliance. Overall, the website is functional but minimalistic, with room for improvement in privacy compliance, security hardening, and content richness. The domain registration data aligns well with the organization's identity, supporting trustworthiness. Strategic improvements in security headers, privacy policies, and user engagement features are recommended to enhance the website's credibility and compliance.

The website www.isover.ee is currently inaccessible due to a Cloudflare security challenge page employing Turnstile captcha, which blocks direct access to the site's content. As a result, no business, contact, or policy information is available for analysis. The site appears to be protected by Cloudflare's WAF, indicating an intent to secure the site from automated access or attacks. However, this also prevents a comprehensive assessment of the site's content, technical infrastructure, and security posture. Without access to the actual website content, it is not possible to evaluate the company's market position, services, or compliance status.

The website rara.ee is currently inaccessible due to a Cloudflare Turnstile security challenge page, which blocks direct access to the site's content. This prevents extraction of business, contact, or policy information. The domain is registered with a legitimate Estonian registrar, Zone Media OÜ, and was created in 2021, indicating a relatively new but legitimate domain. The technical infrastructure relies heavily on Cloudflare services for security and performance. Due to the blocking, no privacy, cookie, or terms of service policies are visible, and no contact information or business details can be confirmed. The overall website quality and content presence cannot be assessed beyond the challenge page.

The website riigiplaneering.ee is currently inaccessible due to a Cloudflare Turnstile human verification challenge, which blocks access to the actual site content. As a result, no business, contact, or policy information is available for analysis. The domain is registered with Zone Media OÜ, an Estonian registrar, and was created recently in April 2023. The site uses Cloudflare services for security and analytics, but no further technical or content details can be extracted due to the access restriction. This limits the ability to assess the website's business model, technical infrastructure, or security posture comprehensively. The lack of visible privacy or cookie policies and contact information further limits compliance and trust evaluations.