Security Directory

A

AS Lahevesi

lahevesi.ee

45

AS Lahevesi is a municipal utility company founded in 2008, providing water supply, sewage, property management, cemetery services, and public space maintenance in Lääne-Harju municipality, Estonia. The company operates under contracts with the local government and serves residents and businesses in the region. The website is built on WordPress using Elementor and several plugins, featuring a professional design with clear navigation and mobile optimization. Security measures include HTTPS and Google reCAPTCHA on forms, though additional security headers and cookie consent mechanisms are recommended. The WHOIS data confirms the legitimacy of the company with consistent registration details. Overall, the website demonstrates a solid technical and business foundation with room for improvement in privacy compliance and security policies.

Ida-Virumaa Omavalitsuste Liit is a regional government association serving the municipalities of Ida-Virumaa, Estonia. The website provides comprehensive information on governance, development strategies, programs, projects, education, public health, safety, culture, and visa-related matters. It targets local residents, government officials, and stakeholders interested in regional development. The organization operates as a small-sized government entity founded in 2010, with a clear focus on regional coordination and public service. Technically, the website is built on the Liferay CMS platform, utilizing technologies such as jQuery, Bootstrap, Google reCAPTCHA, and Font Awesome. The site is hosted by Elkdata OÜ, consistent with the WHOIS data. The website is mobile-optimized and provides a good user experience, although some technical aspects like the use of an outdated jQuery version and lack of security headers indicate areas for improvement. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to mitigate automated abuse. However, the absence of security headers and outdated JavaScript libraries present potential vulnerabilities. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms, which could expose the organization to regulatory risks. Overall, the website is trustworthy and professional but would benefit from enhanced security practices and improved privacy compliance to align with modern standards and regulations.

Aktsiaselts Koeru Hooldekeskus is a regional healthcare and eldercare service provider based in Järva County, Estonia. The organization specializes in 24/7 general care, nursing assistance, special care for individuals with deep disabilities, and dementia care. The website reflects a medium-sized entity with a clear focus on providing comprehensive care services to elderly and special needs clients. The business maintains a consistent brand presence and provides clear contact information and service descriptions, positioning itself as a trusted local healthcare provider. Technically, the website is built on WordPress using a modern tech stack including LayerSlider, WPBakery Page Builder, and Google reCAPTCHA for security. The site is mobile-optimized, accessible, and SEO-friendly, leveraging Yoast SEO and structured data for enhanced search visibility. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and integrates Google reCAPTCHA to protect forms. However, it lacks some security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website demonstrates a solid digital presence with good business credibility and technical implementation. Strategic improvements in security headers, privacy compliance, and incident response documentation would enhance the security posture and regulatory adherence.

E

eHost OÜ

arenduskeskus.ee

40

Investor.ee is a small Estonian educational website focused on providing information and guidance about investing and financial growth. The site targets individuals and organizations interested in learning about investment strategies, risk management, and financial planning. The business operates primarily as an informational resource with content in Estonian, positioning itself as a niche player in the finance education sector. The website is built on WordPress using modern themes and plugins, with a moderate level of technical maturity and good mobile optimization. Security measures include HTTPS enforcement and Google reCAPTCHA integration, although some security best practices such as security headers and explicit privacy policies are missing. Overall, the site demonstrates a moderate security posture with room for improvement in privacy compliance and security transparency.

K

Kihnu Vallavalitsus

visitkihnu.ee

43

Visit Kihnu is a specialized tourism website promoting the Estonian island of Kihnu. It provides comprehensive information about local events, accommodations, transport options, cultural heritage, and services, targeting tourists interested in visiting the island. The website is operated by Kihnu Vallavalitsus, an official local government entity, which adds credibility and trustworthiness to the platform. The domain is registered since 2017 and aligns well with the business purpose and location. Technically, the website uses a modern JavaScript stack including jQuery, Leaflet.js for maps, Google Analytics, and Facebook Pixel for tracking. It employs Google reCAPTCHA for form security and uses HTTPS to secure communications. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. However, it lacks explicit privacy and cookie policies, which is a compliance gap. From a security perspective, the site has a good SSL configuration and uses CSRF tokens in forms, but no security headers were detected in the provided data. There is no visible incident response or vulnerability disclosure information. Tracking and analytics are moderately extensive, but privacy compliance is weak due to missing policies and consent mechanisms. Overall, the website is a credible and functional tourism portal with good business credibility and technical implementation. To improve, it should address privacy compliance by publishing policies and implementing cookie consent, enhance security headers, and provide incident response contacts to strengthen trust and compliance.

Maardu Linnavalitsus operates as the municipal government portal for the city of Maardu, Estonia, providing residents and visitors with information about city services, news, events, and contact details. The website serves as an essential communication channel for local government functions and citizen engagement. It targets local residents, visitors, and stakeholders seeking municipal information and services. The business model is that of a government entity offering public services and information dissemination.

Promised Land Art Festival is a professionally organized event celebrating digital and traditional art, primarily targeting creative professionals in gaming, film, and advertising industries. The festival is supported and organized by CD PROJEKT RED and local cultural institutions in Łódź, Poland, positioning it as a significant niche event in the creative media sector. The website reflects a high level of digital maturity, utilizing modern web technologies such as Next.js and React, with good performance and mobile optimization. Security posture is solid with HTTPS enforcement and use of reCAPTCHA, though improvements in security headers and explicit security policies are recommended. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including GDPR considerations. Overall, the website presents a trustworthy and professional image, though the lack of WHOIS data for the domain introduces some uncertainty about domain registration status.

J

John Lothian News

johnlothiannews.com

58

John Lothian News is a specialized media outlet focused on delivering financial markets news and analysis. Established in 2011, it serves a niche audience of financial professionals and market participants. The website employs a WordPress CMS with the Divi theme and WooCommerce plugin, indicating a modern and flexible technical infrastructure. Hosting is provided by SiteGround, and the site uses Google Analytics and Tag Manager for user tracking. Security posture is solid with HTTPS enabled and use of Google reCAPTCHA, though there is room for improvement in security headers and DNSSEC implementation. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

E

Eesti Meediaettevõtete Liit

meedialiit.ee

41

Eesti Meediaettevõtete Liit is a well-established Estonian media association founded in 1990, representing a broad spectrum of private media outlets including web portals, TV, radio, newspapers, and magazines. The organization focuses on promoting trustworthy journalism, protecting the interests of its members, and advocating for fair competition in the media market. The website reflects this mission with relevant content, press council decisions, and news updates targeted at media professionals and the Estonian public. Technically, the site is built on WordPress with a modern tech stack including Bootstrap, Yoast SEO, and Google reCAPTCHA, ensuring a good user experience and basic security measures. The security posture is solid with HTTPS and anti-bot protections, though some advanced security headers could be added. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the site is professional, trustworthy, and serves its audience effectively.

Z

Zone Media OÜ

digioskused.ee

47

Digioskused.ee is an Estonian educational platform offering free AI and digital skills training, developed in partnership with Google and Estonian government agencies. The website serves individuals and businesses aiming to enhance their digital competencies through practical, accessible online courses. The platform leverages modern web technologies including WordPress, jQuery, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. Security measures include HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers are missing. The domain registration is consistent with the business purpose and geographic location, supporting legitimacy. Overall, the site presents a professional and trustworthy digital presence with good content quality and user experience.

Juuriharja Consulting Group Oy operates the First Whistle Service, a confidential online whistleblowing platform designed to help organizations report and manage misconduct and non-compliance efficiently. The service emphasizes legal compliance, particularly with GDPR and national personal data protection laws, targeting organizations seeking secure and anonymous reporting tools. The company positions itself as a niche provider in the compliance and whistleblowing sector within Finland and potentially broader European markets. Technically, the website is built as a modern single-page application likely using React, with asynchronous JavaScript modules and Google reCAPTCHA integration for bot protection. Hosting appears to leverage AWS infrastructure, indicated by the nameservers. The site demonstrates good mobile optimization and basic accessibility but lacks some advanced SEO and security header implementations. From a security perspective, the site uses HTTPS and reCAPTCHA to secure user inputs and protect anonymity. However, it lacks DNSSEC, explicit security headers, and a cookie consent mechanism, which are areas for improvement. The WHOIS data is transparent and consistent with the business identity, enhancing trustworthiness. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable security posture. Overall, the website and service present a trustworthy and professional offering with room for technical and security enhancements to fully align with best practices and regulatory requirements.

M

Milrem Robotics

milrem.com

54

Milrem Robotics is a leading global provider of autonomous unmanned ground vehicles (UGVs) specializing in combat-ready robotic solutions that enhance military operational effectiveness and tactical advantages. Established in 2013 and headquartered in Estonia, the company has expanded its footprint with offices across Europe, the UAE, and the USA, serving 19 customer countries. Their product portfolio includes multi-mission UGVs such as THeMIS, VECTOR, HAVOC, and Type-X, supported by advanced autonomy kits and participation in key EU defense projects. The website reflects a professional and modern digital presence with comprehensive content tailored to defense and military audiences. Technically, the website is built on WordPress with modern SEO and user experience optimizations, including mobile responsiveness and accessibility considerations. It employs standard security measures such as HTTPS, Google reCAPTCHA, and GDPR-compliant cookie consent mechanisms. However, there is room for improvement in security headers and explicit security policy disclosures. Analytics usage is moderate, primarily via Google Analytics through Google Tag Manager, with privacy compliance well addressed. The security posture is solid with no visible vulnerabilities or exposed sensitive data, but lacks dedicated incident response or vulnerability disclosure information. WHOIS data confirms domain legitimacy and consistency with the company's history and operations. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance, supporting Milrem Robotics' position as a reputable defense technology provider.

P

Placet Group OÜ

placetgroup.com

55

Placet Group OÜ is a financial services company established in 2005, specializing in secured and unsecured loans, credit cards, and related financial products. Operating primarily in Estonia and Lithuania, with additional brands in Poland, the company serves private individuals and legal entities, emphasizing fast, convenient, and reliable financing solutions. Their market position is supported by a broad customer base and multiple subsidiaries, with a focus on individual customer approach and quality service. Technically, the website employs a modern JavaScript stack including jQuery, Google Analytics, and various carousel libraries, hosted under a domain registered since 2010. The site is mobile optimized and presents a professional design with clear navigation. However, some accessibility features are basic, and no CMS or advanced frameworks are detected. From a security perspective, the site uses HTTPS and Google reCAPTCHA on its contact form, but lacks DNSSEC, security headers, and published security or privacy policies. The WHOIS data is consistent with the business claims, indicating legitimacy. No WAF or blocking mechanisms are detected, allowing full content access. Overall, the website demonstrates a moderate to good security posture and business credibility but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

R

Reliex

activitytimeline.com

63

ActivityTimeline, operated by Reliex, is a mature and reputable provider of a Jira plugin focused on resource planning and time tracking. The company has established a strong market presence with over 5,000 teams worldwide, including large enterprises. Their product integrates deeply with Jira, offering capacity planning, timesheets, reporting, and synchronization features that enhance Jira's native capabilities. The website is professionally designed, mobile-optimized, and rich in content, including customer testimonials and detailed documentation. Technically, the site leverages modern web technologies and analytics tools, ensuring good performance and user experience. Security-wise, the site enforces HTTPS and uses reCAPTCHA and cookie consent mechanisms, though it lacks explicit security headers and incident response contact details. Overall, the domain registration and WHOIS data confirm the legitimacy and longevity of the business.

A

ALMIC OÜ

creditreports.ee

73

The website creditreports.ee represents the Estonian branch of Dun & Bradstreet, a globally recognized business information provider. It offers credit reports, AAA credit ratings, and marketing packages primarily targeting businesses seeking reliable financial and credit data. The site is professionally designed, multilingual, and integrates key services such as Google Tag Manager and reCAPTCHA for enhanced user experience and security. The technical infrastructure is based on Drupal 7 with modern tracking and consent management tools, indicating a mature but slightly dated platform. Security posture is solid with HTTPS enforcement and bot protection, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site reflects a credible and trustworthy business presence in the finance sector within Estonia.

Z

Zone Media OÜ

tellimine.ee

53

Tellimine.ee is an Estonian e-commerce platform specializing in online subscriptions for newspapers and magazines. Operated by Zone Media OÜ since 2010, the website targets Estonian-speaking customers interested in print media subscriptions. The platform offers a range of products including newspapers, magazines, and gift subscriptions, positioning itself as a niche player in the local media subscription market. The website uses Magento 2 with a custom Olegnax theme and integrates GDPR compliance modules to manage cookie consent and user privacy. Technically, the site employs modern JavaScript libraries and frameworks such as jQuery, KnockoutJS, and RequireJS, and includes Google reCAPTCHA for bot protection on login forms. Security posture is generally good with HTTPS enforced and no exposed sensitive data, although some security headers are missing and DNSSEC is not enabled. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service found. Contact information is not directly available on the site, which may impact user trust. Overall, the website is functional, professionally designed, and moderately secure, but could improve transparency and compliance documentation.

M

Moneyzen

moneyzen.ee

56

Moneyzen is an Estonian-based online financial platform specializing in providing personal loans and investment opportunities through a transparent and empathetic approach. The platform targets individuals seeking flexible loan options and investment avenues, operating primarily in the Estonian market with multilingual support. The business model centers on connecting borrowers and investors, offering various loan types including personal, renovation, travel, health, auto, education, and refinancing loans. Despite recent challenges leading to the cessation of new loan and investment applications as of June 6, 2025, Moneyzen remains committed to servicing existing contracts and investor accounts. Technically, the website is built on WordPress using Elementor and Yoast SEO, integrating modern web technologies such as Google Tag Manager, reCAPTCHA, Hotjar, and Facebook Pixel for analytics and marketing. The site demonstrates good mobile optimization, SEO practices, and basic accessibility features. Security posture is strong with HTTPS enforced, security headers present, and no exposed sensitive data, although explicit security policies and incident response information are absent. Overall, Moneyzen presents a professional and trustworthy online presence with clear business information and contact channels. The domain registration aligns well with the business claims, enhancing legitimacy. However, improvements in privacy compliance documentation, security policy transparency, and incident response readiness are recommended to strengthen trust and regulatory adherence.

S

Sisustuskoda OÜ

sisuko.ee

42

Sisustuskoda OÜ is a small Estonian company specializing in custom furniture manufacturing, particularly kitchen furniture. Established in 2014, it serves local consumers seeking high-quality, tailor-made interior solutions. The website reflects a niche retail business model with a focus on craftsmanship and design. The company maintains an active online presence with social media integration and a WooCommerce-based e-commerce platform. Technically, the website is built on WordPress using Elementor and Astra theme, leveraging modern web technologies and Google services such as reCAPTCHA and Tag Manager. Security posture is adequate with HTTPS enabled and basic protections, but lacks explicit security headers and formal privacy or cookie policies. Overall, the site is professional and functional, though privacy compliance and security best practices could be enhanced to improve trust and regulatory adherence.

The website laen.eu operates as a loan information and comparison portal primarily targeting Estonian consumers seeking various loan products such as quick loans, small loans, and secured loans. It provides detailed loan comparisons, affiliate links to loan providers, and educational content about loan types and borrowing in Estonia. The site leverages WordPress CMS with plugins for loan comparison, table of contents, and Google services for analytics and CAPTCHA protection. The technical infrastructure is modern and supports mobile responsiveness with moderate performance. Security posture is good with HTTPS enforced and use of Google reCAPTCHA, though it lacks explicit security headers and formal privacy or cookie policies. Contact information is limited to a contact form without direct emails or phone numbers, which may impact user trust. Overall, the site is functional, professional, and serves its niche well but would benefit from enhanced privacy compliance and security best practices.

Drama Queen Communications is a Nordic marketing and communications agency founded in 2018, specializing in creative business advantage through marketing, advertising, technology, and communications services. The company positions itself as an award-winning agency with a strong presence in the Nordic market, targeting businesses seeking innovative and creative marketing solutions. Their website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the site is built on WordPress with modern tools such as Gravity Forms, Yoast SEO, and Google Tag Manager, hosted behind Cloudflare DNS. Security measures include HTTPS enforcement and Google reCAPTCHA on forms, with a comprehensive cookie consent mechanism supporting GDPR compliance. However, explicit security policies and incident response information are not published, representing an area for improvement. Overall, the website and domain registration data indicate a legitimate and credible business with a strong digital presence.

R

Raison FinTechnologies Inc.

raison.app

68

Raison FinTechnologies Inc. operates raison.app as a comprehensive digital family office platform offering investment opportunities across venture deals, public stocks, crypto-assets, structured products, and asset management services. The company targets both individual and institutional investors, providing tiered account plans and a broad range of financial instruments. With over 30,000 users globally and regulatory licenses from multiple jurisdictions, Raison positions itself as a trusted fintech innovator in the investment space. Technically, the website is built on a modern Nuxt.js and Vue.js stack, optimized for performance and mobile responsiveness. It integrates essential third-party services such as Google Tag Manager, reCAPTCHA, and Intercom for analytics, security, and customer engagement. The site demonstrates good SEO and accessibility practices, with comprehensive metadata and structured content. From a security perspective, the platform enforces HTTPS, employs security headers, and uses CAPTCHA to protect forms. It holds multiple financial regulatory licenses, enhancing trust and compliance. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response information are not publicly detailed. Overall, raison.app presents a professional, secure, and user-friendly investment platform with strong regulatory backing and a clear business model. Strategic recommendations include publishing detailed security policies, adding vulnerability disclosure mechanisms, and enhancing transparency around data protection roles to further strengthen trust and compliance.

H

Hoperfy

hoperfy.com

53

Hoperfy is a small technology company specializing in a white-label event hotel booking platform designed to help event organizers monetize hotel bookings made by their international visitors. The platform offers a 50/50 revenue-sharing model and subscription upgrades with advanced analytics and flight booking capabilities. The website is professionally designed, mobile-optimized, and provides clear business information and customer testimonials, positioning Hoperfy as a niche player in the hospitality technology sector. Technically, the site uses modern JavaScript libraries, integrates Google Tag Manager and reCAPTCHA for security and analytics, and is hosted with reputable providers including GoDaddy and Cloudflare. Security posture is good with HTTPS and form protections, but lacks published security policies and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is functional and credible but could improve transparency and security practices.

K

Kodulehe tegemine OÜ

disain.ee

44

Kodulehe tegemine OÜ operates a professional web design and development studio based in Estonia, specializing in website creation, e-commerce solutions, SEO optimization, and graphic design services. The company targets businesses and organizations primarily in Europe and the USA, offering a comprehensive suite of digital services including website maintenance, analysis, and branding. Their market position is that of a trusted, experienced small business with nearly two decades of industry presence and a strong portfolio of satisfied clients. Technically, the website is built on WordPress with modern frameworks like Uikit, integrates Google services such as reCAPTCHA and Tag Manager, and demonstrates good mobile optimization and SEO practices. Security posture is adequate with HTTPS and CAPTCHA usage, but lacks advanced security headers and explicit privacy and cookie policies, indicating room for compliance and security improvements. Overall, the site is accessible without WAF or blocking, and the domain registration is consistent and legitimate. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, and providing explicit contact information to improve trust and compliance.

V

vDesignly

vdisain.ee

40

vDesignly operates as a small Estonian web design and development company, focusing on creating custom digital solutions to elevate web standards. The company leverages WordPress as its CMS platform, enhanced by popular plugins such as Yoast SEO and Google Tag Manager for SEO and analytics. The website demonstrates a good level of technical maturity with HTTPS enabled and reCAPTCHA implemented to secure forms. However, the absence of explicit privacy and cookie policies, as well as contact information, indicates gaps in privacy compliance and user trust facilitation. Security posture is generally sound but could be improved by adding security headers and formal incident response contacts. Overall, the site is professional and functional but would benefit from enhanced transparency and compliance documentation.

C

Contract Pharma

contractpharma.com

61

Contract Pharma operates as a specialized media outlet focused on connecting contract service providers with pharmaceutical and biopharmaceutical sponsors. The website offers a comprehensive range of services including industry news, digital and print magazine editions, directories, event information, and sponsored content. It targets professionals and companies within the pharma and biopharma sectors, positioning itself as a premier information and networking platform in this niche. Technically, the site is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various analytics and marketing tools such as Google Analytics, HubSpot, and AdRoll. The site demonstrates good SEO practices with structured data and meta tags, and it is mobile optimized with responsive design elements. Performance is moderate, with standard ad integrations and tracking scripts. From a security perspective, the site uses HTTPS and integrates Google reCAPTCHA for form protection. Cookie consent mechanisms are in place, and privacy policies are comprehensive and GDPR compliant. However, explicit security policies and incident response information are not publicly available. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the site presents a professional and trustworthy front for its business model, but the lack of WHOIS transparency and absence of direct contact information on the homepage slightly reduce its trustworthiness. Strategic improvements in security transparency and contact availability would enhance credibility and compliance.

A

Art Media Agency

artmedia.ee

50

Art Media Agency is a small Estonian digital agency specializing in website creation services, catering to notable clients including marketers, digital agencies, and advertising bureaus. The website demonstrates a professional and consistent brand presence with good content quality and clear target audience focus. The business model revolves around providing tailored website development solutions, positioning itself as a trusted service provider in its niche. Technically, the website is built on WordPress CMS, leveraging modern web technologies such as Google reCAPTCHA for bot protection, Cookiebot for cookie consent management, and common frontend libraries including jQuery and Bootstrap. The site is mobile-optimized and exhibits good SEO practices with structured data and meta tags, although some accessibility features could be enhanced. From a security perspective, the website employs HTTPS and integrates reCAPTCHA to secure forms, alongside a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers and published security policies or incident response contacts, which are recommended for improving its security posture. No vulnerabilities or suspicious activities were detected in the analysis. Overall, the website presents a low-risk profile with a solid business credibility and technical foundation. Strategic improvements in security headers, privacy policy publication, and incident response readiness would further enhance trust and compliance.

Cinderella Wine operates as a specialized e-commerce retailer focusing on limited-time wine deals, typically offering deeply discounted wines for 24 hours only. It is part of the Wine Library network, a recognized wine retail brand in the United States. The website targets wine consumers seeking value deals and uses a flash sale business model to create urgency and exclusivity. The company leverages social media and email subscriptions to engage customers and alert them to new offers. Technically, the site is built on WordPress with common web technologies such as jQuery and integrates Google Analytics and Google reCAPTCHA for tracking and spam prevention. Hosting and DNS services are provided via Cloudflare, enhancing performance and security. Security posture is moderate, with HTTPS enforced and domain registrar locks enabled, but lacks advanced security headers and DNSSEC. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR-specific indicators. Overall, the site presents a professional and trustworthy retail experience but could improve in security and privacy transparency.

P

Panoee - The Best Free 360 Virtual Tour Software

panoee.com

44

Panoee.com is a website offering free virtual tour software focused on creating immersive 3D and 360-degree tours for industries such as real estate, hospitality, tourism, education, museums, and art galleries. The platform positions itself as a versatile and user-friendly solution with a strong market presence indicated by positive user ratings and social media engagement. Technically, the site is built on WordPress and leverages modern analytics and tracking tools including Google Analytics, Microsoft Clarity, and Facebook Pixel. Hosting and DNS services are provided by reputable providers, with domain registration dating back to 2019, consistent with the business's founding year. Security posture is adequate with HTTPS enabled and bot protection via reCAPTCHA; however, the absence of security headers and formal privacy and cookie policies indicates room for improvement. Overall, the website demonstrates a good balance of content quality and technical implementation but lacks in privacy compliance and explicit contact information, which impacts trust and regulatory adherence.

S

Saarehotell

saarehotell.ee

42

Saarehotell operates the Saaremaa Rannahotell, a hospitality business located in Saaremaa, Estonia, offering accommodation, sauna services, restaurant dining, event hosting, and holiday packages. The website targets families, couples, and groups seeking a peaceful seaside retreat. The business positions itself as a niche regional hospitality provider with a focus on a tranquil and cozy atmosphere. Technically, the website is built on WordPress using Elementor and Yoast SEO, integrating modern analytics and marketing tools such as Google Tag Manager, Hotjar, and MailerLite. The site is mobile-optimized and features a comprehensive cookie consent mechanism, reflecting a moderate level of digital maturity. Security posture is strong with HTTPS enforced, proper security headers, and use of reCAPTCHA, although explicit security policies and incident response contacts are absent. Overall, the site is professional and trustworthy, with clear contact information and social media presence. Recommendations include publishing privacy and security policies, enhancing accessibility, and maintaining regular security audits.

A

Accorp Sp. z o.o.

pollster.pl

72

Instytut Badań Pollster, operated by Accorp Sp. z o.o., is a well-established Polish market research institute founded in 2012. It specializes in comprehensive market and opinion research services, including CAWI, CAPI, CATI, and qualitative studies. The company holds a strong market position, ranking second in Poland for CAWI interviews in 2022, and targets businesses and institutions seeking data-driven insights to support growth. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the website employs modern web technologies such as Bootstrap, FontAwesome, Google reCAPTCHA, Hotjar, and Google Analytics, with a CMS identified as Bolt. Hosting and domain registration are managed by home.pl S.A. The site is mobile-optimized and demonstrates good SEO practices. Privacy compliance is robust, featuring a consent management platform and detailed privacy and cookie policies, ensuring GDPR adherence. From a security perspective, the site enforces HTTPS, uses reCAPTCHA to protect forms, and integrates a consent management platform. However, it lacks explicit security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business claims, enhancing trustworthiness. Overall, the website presents a low-risk profile with strong compliance and professional business representation. Strategic improvements in security headers and incident response transparency could further enhance its security posture and trust.

I

IRIS

irisnetwork.org

41

IRIS is a well-established global network of independent market research institutes, operating since 2003 with over 30 offices worldwide. The organization specializes in delivering comprehensive market research services, including public confidence studies and pharma industry research, targeting businesses seeking international market insights. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern web technologies such as jQuery, Bootstrap, Google Analytics, and reCAPTCHA, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but lacks DNSSEC and security headers, and does not provide privacy or cookie policies, which are compliance gaps. Overall, the domain WHOIS data supports the legitimacy and long-term operation of the business. Strategic improvements in privacy compliance and security hardening are recommended to enhance trust and regulatory adherence.

STORYBOOK OÜ operates the website ssb.ee, providing a comprehensive business information database with over 123 million companies and thousands of job listings. The platform offers credit reports, tenders, content marketing, and AI applications targeting businesses and professionals primarily in Estonia but also internationally. The company is positioned as a significant player in the finance and media sectors, leveraging a large dataset and AI technologies to serve its audience. Technically, the website is built on WordPress with modern libraries such as jQuery, Elementor, and Google services integrated for analytics and user interaction. The site is mobile-optimized and SEO-friendly, with structured data enhancing search visibility. Security-wise, the site uses HTTPS and includes reCAPTCHA for form protection, but lacks some advanced security headers and explicit security policies. Privacy compliance is basic, with cookie consent implemented but no visible privacy or terms of service pages. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

K

Kreedix OÜ

kreedix.ee

69

Kreedix OÜ is an established Estonian company specializing in comprehensive credit management and debt collection services, operating since 2004. The company offers a full spectrum of services from sales credit management to cash collection, including credit ratings, debt portfolio analysis, and credit insurance. Kreedix holds a strong market position as a pioneer in the Estonian credit management sector, supported by partnerships with reputable finance and credit insurance companies such as Euler Hermes, Atradius, Coface, and EVUL. The website reflects a professional and consistent brand image targeting business clients requiring credit and debt management solutions. Technically, the website is built on WordPress using Elementor and Yoast SEO plugins, integrating modern web technologies such as Google Analytics and Google reCAPTCHA for security and analytics. The site is mobile-optimized with good SEO practices and moderate performance. Security posture is solid with HTTPS enforced and reCAPTCHA protecting forms, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the security posture is good with no critical vulnerabilities detected, and the domain registration data supports the legitimacy of the business. The site does not show signs of blocking or WAF interference, allowing full content access. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility features to further strengthen compliance and user experience.

F

Football.ua - Новини футболу - Футбол онлайн - Результати матчів, трансляції — football.ua

football.ua

64

Football.ua is a Ukrainian online media platform specializing in football news, live match results, video content, and analytics. It targets football fans primarily in Ukraine, providing comprehensive coverage of national and international football events. The site is well-established with a consistent brand presence and a good volume of relevant content. Technically, the site uses modern web technologies including JavaScript, jQuery, Google Fonts, and Google services such as reCAPTCHA and Adsense. It employs HTTPS for secure communications and integrates Google Tag Manager for analytics. Security posture is solid with no visible vulnerabilities or exposed sensitive data, though additional security headers could enhance protection. Privacy compliance is basic with a privacy policy and cookie consent mechanism present, but lacks detailed GDPR compliance statements or incident response information. Business credibility is moderate due to the absence of explicit contact details but supported by consistent WHOIS data and domain legitimacy. Overall, the site is functional, content-rich, and moderately secure, suitable for its media business model.

H

Harju Elekter

harjuelekter.se

39

Harju Elekter Sverige is a medium-sized business specializing in electrical distribution and electrification solutions, serving energy companies, industrial sectors, infrastructure projects, and large properties primarily in Sweden and the Nordic-Baltic region. The company is part of the larger Harju Elekter group headquartered in Estonia, with a well-established market presence since 2010. Their website reflects a professional and consistent brand image, showcasing key services such as prefabricated distribution stations, transformers, SCADA systems, and fiber cabinets. Technically, the site is built on WordPress using the Avada theme and incorporates modern SEO and marketing tools, including Google Tag Manager and Facebook Pixel. Security posture is adequate with HTTPS enforced and reCAPTCHA protecting forms, though improvements like DNSSEC and security headers are recommended. Privacy compliance is addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a solid business credibility and digital maturity appropriate for its sector and size.

R

Recreativ

recreativ.com

61

Recreativ operates as a native advertising network connecting over 20,000 partner publisher websites and reaching more than 500 million users monthly. The company focuses on personalized native ads and dynamic retargeting to convert audiences into buyers, positioning itself as a significant player in the digital advertising ecosystem. Their business model centers on providing advertisers and publishers with advanced AdTech solutions to optimize audience engagement and monetization. The website demonstrates a mature digital infrastructure with modern technologies including Google reCAPTCHA, Google Tag Manager, and Iubenda for privacy compliance, supported by a Laravel backend inferred from route structures. The site is well-optimized for mobile and SEO, with good content quality and clear navigation. Security posture is solid with HTTPS enforced and bot protection, though lacking explicit security policies and HTTP security headers. Privacy compliance is robust, featuring granular cookie consent and GDPR adherence. Overall, the website is professional, trustworthy, and technically sound, with room for improvement in security transparency and accessibility.

9

9Dots

9dotsmedia.com

57

9Dots is a Mediatech service provider specializing in advanced monetization solutions for publishers and app developers. Their offerings include header bidding, video and audio monetization, and app distribution services aimed at maximizing ad revenue and audience engagement. The company positions itself as an industry connector with innovative native monetization technologies. Technically, the website is built on WordPress using Elementor, with modern libraries such as jQuery and FontAwesome, and integrates Google Analytics and reCAPTCHA for analytics and security. The site is well-designed, mobile-optimized, and provides a good user experience. Security posture is moderate with HTTPS enabled and use of reCAPTCHA, but lacks explicit security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. WHOIS data is missing or unavailable, raising concerns about domain legitimacy. Overall, the website is functional and professional but requires improvements in transparency and security documentation.

A

Accorp Sp. z o.o.

instytut-pollster.pl

72

Instytut Badań Pollster, operated by Accorp Sp. z o.o., is a well-established Polish market research institute founded in 2012. The company specializes in various research methodologies including CAWI, CAPI, CATI, and qualitative studies, holding a strong market position as the second largest CAWI research provider in Poland in 2022. Their services target businesses and institutions requiring reliable market and opinion data to support business growth and societal development. The website reflects a professional and modern digital presence with comprehensive content and clear navigation.

L

Luwi OÜ

luwi.ee

45

Luwi OÜ operates as a specialized training center in Estonia, providing a broad range of educational services including group and individual training courses, psychological and addiction counseling, and supervision services. The company is recognized as a partner of the Estonian Unemployment Insurance Fund's training card program, which enhances its credibility and market position. The website is professionally designed, multilingual, and offers clear navigation to various training categories and services, targeting individuals and organizations seeking professional development in Estonia. Technically, the website is built on WordPress with a modern technology stack including Bootstrap, jQuery, and several optimization and security plugins. It employs Google reCAPTCHA v3 for form protection and uses cookie consent mechanisms to comply with privacy regulations. The site is hosted by Zone Media OÜ, a known Estonian hosting provider, and demonstrates moderate performance and good mobile optimization. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, but lacks explicit security headers and published security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic but present, with a privacy policy and cookie consent banner. Business credibility is strong with clear contact information, company registration details, and trust signals such as partnerships and certifications. Overall, Luwi OÜ's website presents a trustworthy and professional online presence with room for improvement in security header implementation and formal security policies. The risk level is moderate with no critical issues detected, making it a reliable platform for its users.

N

Nanox

nanox.vision

56

Nanox is a healthcare technology company specializing in advanced medical imaging solutions and AI-powered diagnostic tools. Their flagship products include the FDA-cleared Nanox.ARC 3D tomosynthesis imaging system and Nanox.AI suite of diagnostic solutions targeting chronic diseases. The company operates a cloud-based platform (Nanox.MARKETPLACE) to connect imaging providers globally and offers OEM components and radiology services. The website demonstrates a mature digital presence with professional design, clear navigation, and mobile optimization. Technically, it is built on WordPress with modern libraries and integrates Google Tag Manager and reCAPTCHA for security and analytics. Security posture is strong with HTTPS and spam protection, though security headers and explicit incident response policies are absent. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, Nanox presents a credible and trustworthy business with a focus on innovation in healthcare imaging technology.

A

Alma Career

careerexpo.cz

59

Career Expo is a major career opportunities festival organized by Alma Career Czechia s.r.o., targeting job seekers and employers primarily in the Czech Republic. The website presents a professional and content-rich platform promoting the event, workshops, and networking opportunities. The company positions itself as a leading organizer in the career event space with partnerships including Jobs.cz and Prace.cz. Technically, the site is built on WordPress with modern libraries and frameworks, ensuring a good user experience and mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA usage, though lacks some security headers and formal security policies. Privacy compliance is partial, with cookie consent implemented but no clear privacy or terms pages. WHOIS data is unavailable, which slightly impacts trust but the overall digital presence is consistent and professional.

E

Ettevõtja infovärav Aktiva

aktiva.ee

40

Aktiva.ee is an Estonian business information portal focused on supporting entrepreneurs at various stages, including startups, operating companies, and those expanding internationally. The platform offers practical guidance, resources, and insights to help businesses succeed, with content tailored to the Estonian market and language. The website is positioned as a trusted resource for business knowledge and development in Estonia, with a clear focus on entrepreneurship and business growth.

Getty Images is a leading global provider of high-quality royalty-free images, editorial stock photos, vector art, video footage, and stock music licensing. The company targets creative professionals, marketers, and media companies seeking licensed digital content. The website reflects a mature digital media licensing platform with a strong brand presence and extensive content offerings. Technically, the site employs modern web technologies including AngularJS, Google reCAPTCHA for bot mitigation, and OneTrust for cookie consent management, indicating a well-maintained and user-focused infrastructure. Security posture is strong with HTTPS enforced and bot protection mechanisms, though explicit security headers and public security policies are not evident on this page. Privacy compliance is robust with clear privacy and cookie policies and GDPR considerations. Overall, the site demonstrates high professionalism and trustworthiness, though WHOIS data is unavailable due to domain naming rules, which does not detract from the legitimacy of the business.

A

ADHOG Advertising, s.r.o.

adhog.eu

52

ADHOG Advertising, s.r.o. is a small Czech marketing communication agency with over 20 years of experience, offering comprehensive creative services from concept to campaign evaluation. The company targets local and international brands seeking innovative and reliable marketing solutions. The website is built on WordPress using the Betheme theme and integrates standard technologies such as jQuery and Google reCAPTCHA for form security. The site is well-structured, mobile-optimized, and presents clear contact information including multiple company email addresses and a physical address in Prague. Security posture is good with HTTPS enforced and CAPTCHA protection, though advanced security headers and cookie consent mechanisms are missing. The domain registration is consistent and trustworthy, supporting the legitimacy of the business. Overall, the website reflects a professional and credible marketing agency with room for improvement in privacy compliance and security best practices.

P

P&P Legal

pplegal.sk

46

P&P Legal is a Slovak law firm established in 2018, providing comprehensive legal services across various domains including commercial law, litigation, family law, and constitutional law. The firm targets both individual and corporate clients within Slovakia and offers multilingual services including Slovak, Czech, and English. Their market position is that of a trusted local legal partner with a strong emphasis on professionalism, confidentiality, and security, supported by a substantial liability insurance coverage of 1.5 million euros. Technically, the website is built on WordPress and leverages modern web technologies such as jQuery, Select2, Google reCAPTCHA, and FontAwesome. The site enforces HTTPS and includes a cookie consent mechanism compliant with GDPR, indicating a reasonable level of digital maturity. Performance and mobile optimization are adequate, though accessibility features could be improved. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect its contact form from spam. However, it lacks advanced security headers and does not publicly disclose a security policy or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected, and the domain registration details align well with the business claims, supporting legitimacy. Overall, the website presents a professional and trustworthy front for the law firm, with good privacy compliance and a solid security baseline. Strategic improvements in security headers, incident response transparency, and accessibility would further enhance their posture and client trust.

K

Kauza ApS

kauza.dk

56

Kauza ApS is a Danish technology company specializing in data-driven consumer insights through its WhatIBuy app and platform. The company aggregates grocery receipts from multiple stores to provide users with budgeting, consumption analytics, and personalized insights. The website reflects a small but professional operation with clear business information and a focus on privacy and compliance. Technically, the site is built on WordPress with modern plugins and frameworks, offering a good user experience and mobile optimization. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some improvements in security headers and incident response transparency are recommended. Overall, Kauza presents a trustworthy and compliant digital presence with a niche market focus in Denmark.

L

Lumi Capital OÜ

lumimajas.lv

50

Lumi Majas, operated by Lumi Capital OÜ, is a regional real estate rental service specializing in long-term apartment and commercial space leasing primarily in Latvia, with partner sites in Estonia and Lithuania. The website provides detailed rental options, terms, and contact mechanisms targeting individuals seeking flexible and long-term housing solutions. The business model focuses on providing accessible rental properties with additional services to enhance tenant experience. Technically, the website is built on Joomla CMS with modern front-end frameworks and integrates Google reCAPTCHA and cookie consent mechanisms to ensure user privacy and security. The site demonstrates good digital maturity with multi-language support and social media integration. Security posture is solid with HTTPS enforcement and spam protection on forms, though it lacks explicit security policies and incident response contacts. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, though improvements in security headers and transparency could enhance its posture further.

T

Tallinna Kontserdimaja AS

kontserdimaja.ee

38

Alexela Kontserdimaja is a prominent concert hall located in Tallinn, Estonia, recognized as the largest in the Baltic region with seating for up to 1829 visitors. The venue offers a variety of services including event hosting, ticket sales, and catering options such as pre-ordered coffee tables and private champagne salon rentals. The website reflects a well-established business with a domain registered since 2010, consistent with its market presence. The target audience includes cultural event attendees and event organizers in the region. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Fonts, and multilingual support via WPML. SEO is well-implemented using Yoast SEO, and analytics are managed through Google Analytics and Facebook Pixel. The site is mobile-optimized and provides a good user experience with clear navigation and event information. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect forms, indicating a baseline security posture. However, there is a lack of explicit security headers and no visible incident response or security policy pages, which could be improved. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected, which may pose GDPR compliance risks. Overall, the website is professional, trustworthy, and functional, serving its business purpose effectively. Strategic improvements in privacy compliance and security transparency would enhance its security posture and regulatory adherence.

P

Powerhouse OÜ

powerhouse.ee

49

Powerhouse OÜ is a well-established communications agency based in Estonia with nearly 25 years of experience. The company specializes in public and internal communications, government relations, process management, event organization, and managing communication channels. Their market position is that of a trusted regional player with a versatile team and a strong focus on client relationships. The website reflects a professional and consistent brand image with clear contact information and expert profiles. Technically, the website uses a modern but straightforward technology stack including jQuery, Bootstrap 4, Google reCAPTCHA, and the Voog CMS platform. The site is mobile-optimized and performs moderately well, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA for form protection, but lacks advanced security headers such as Content-Security-Policy and HSTS. No privacy or cookie policies are present, indicating gaps in GDPR compliance. No incident response or vulnerability disclosure information is provided, which could be improved to enhance trust. Overall, the website is functional, professional, and trustworthy but would benefit from enhanced privacy compliance and security hardening to align with best practices and regulatory requirements.