Security Directory

J

Järva-Jaani Gümnaasium

jjaanikool.ee

47

Järva-Jaani Gümnaasium is a public secondary educational institution located in Estonia, providing comprehensive educational services and community engagement. The website serves as an information portal for students, parents, and staff, offering details on school life, teaching schedules, admissions, and extracurricular activities. The institution maintains a strong local presence with partnerships and certifications that enhance its educational offerings. Technically, the website is built on Drupal 10, leveraging modern web technologies such as Swiper.js for interactive elements and Matomo for privacy-conscious analytics. The site demonstrates good mobile optimization and accessibility features, including adjustable font sizes and contrast settings, supporting inclusive access. From a security perspective, the site uses HTTPS and respects Do Not Track signals in analytics, but lacks advanced security headers and published security policies. The domain registration is consistent with the Estonian Ministry of Education, reinforcing legitimacy. No blocking or WAF interference was detected, allowing full content access. Overall, the website presents a professional and trustworthy digital presence for the school, with room for improvement in security policy transparency and enhanced security headers to further protect users and data.

P

PÕLTSAMAA KODANIK MTÜ

poltsamaaraadio.ee

41

Põltsamaa Raadio is a small, community-driven seasonal radio station operated by local youth in the Põltsamaa region of Estonia. It broadcasts both online and on FM frequency 95.0 MHz, supported by project funding from the LEADER program to enhance broadcast reach. The website serves as a portal for live streaming, program schedules, and community engagement, targeting local listeners and supporters. The business model relies on volunteer efforts, donations, and local sponsorships. Technically, the site is built on WordPress with Elementor and several plugins for podcasting and streaming, hosted by Zone Media OÜ. The site is mobile responsive and uses modern web technologies, though performance is moderate. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and trustworthy for its community media purpose but would benefit from improved privacy and security practices.

V

Virumaa Rannakalurite Ühing MTÜ

vrky.ee

38

Virumaa Rannakalurite Ühing MTÜ is a regional non-profit association established in 2007 in Estonia, serving fisheries sector stakeholders in Ida- and Lääne-Virumaa. The organization supports local fisheries businesses, non-profits, and municipalities through project coordination and information dissemination. The website reflects a focused regional presence with clear business objectives and a target audience within the local fisheries community. Technically, the site is built on WordPress with modern libraries such as jQuery, Swiper.js, and Google Fonts, providing a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks some security headers and formal security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates good business credibility and technical maturity appropriate for a small non-profit organization.

E

Eesti Puuetega Inimeste Koda

epikoda.ee

48

Eesti Puuetega Inimeste Koda (EPIK) is a well-established Estonian non-profit organization founded in 2010, dedicated to improving the quality of life, social inclusion, and self-realization opportunities for people with disabilities and chronic illnesses. The organization operates primarily in Estonia and targets disabled individuals, their families, and professionals working in related fields. Their key services include advocacy, counseling, accessibility initiatives, publications, international cooperation, podcasts, and newsletters. The website reflects a professional and accessible digital presence with multi-language support and clear navigation.

AdForum is a well-established global platform serving the advertising and marketing industry by providing a comprehensive directory of agencies, production companies, and talent, alongside a creative library of campaigns and ads. The website demonstrates a strong market position with extensive content and a large user base, targeting marketers and advertising professionals worldwide. Technically, the site uses modern JavaScript libraries, Google advertising services, and Matomo analytics, with a responsive design and good SEO practices. Security posture is solid with HTTPS and CSRF protections, though additional security headers and explicit privacy consent mechanisms could enhance compliance and trust. The absence of WHOIS data introduces some uncertainty about domain registration legitimacy, but the professional presentation and industry presence mitigate concerns. Overall, the site is a credible and valuable resource for its target audience.

D

Drouot Immobilier

drouot-immobilier.com

60

Drouot Immobilier is a small real estate agency based in Paris 9ème, France, affiliated with the Groupe Drouot. The company specializes in property sales, estimations, research, and valorization services primarily targeting individuals and professionals interested in Paris and the surrounding regions. The website presents a professional and well-structured digital presence with clear navigation, good content quality, and compliance with privacy regulations including GDPR. Technically, the site uses modern JavaScript frameworks and Google Analytics for tracking, with a cookie consent mechanism in place. Security posture is generally good with HTTPS enforced, but lacks explicit security policies or incident response contacts. The domain WHOIS data is missing or unavailable, which raises some concerns about domain legitimacy and registration status, though the website content and branding appear consistent and trustworthy.

O

Oikeusministeriö/Oikeushallinnon tietotekniikkakeskus

demokratia.fi

25

Demokratia.fi is an official Finnish government web portal managed by the Ministry of Justice, providing citizens with comprehensive information and tools to participate in democratic processes locally, nationally, and at the EU level. The site aggregates links to various government-maintained participation platforms and legislative tracking services, targeting Finnish citizens interested in civic engagement. Technically, the site is built on WordPress with modern JavaScript libraries and uses Matomo analytics configured for privacy. Security posture is solid with HTTPS and no exposed sensitive data, though DNSSEC and additional security headers could enhance protection. Privacy compliance is good with a clear privacy policy, but lacks a cookie consent mechanism. Overall, the site is trustworthy, professionally maintained, and serves as a key government resource for democratic participation.

B

Bestmarketing.ee

balticbest.eu

56

BalticBest is a specialized advertising competition targeting the Baltic region, organized in partnership with EPICA Awards. The competition is conducted online with live judging sessions, providing entrants with immediate feedback and transparency. The website serves as a hub for competition information, news, submission details, and agency rankings. The business is positioned as a niche media entity focused on marketing and advertising professionals in Estonia and neighboring Baltic countries. Technically, the site is built on WordPress using Elementor, with modern web technologies and a moderate performance profile. Security posture is solid with HTTPS and secure forms, though it lacks some security headers and formal privacy and cookie policies, which are compliance gaps. Contact information is comprehensive, including emails, phone numbers, and physical address, enhancing business credibility. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

A

Alphabet Inc.

trilliondollarcoach.com

62

The website trilliondollarcoach.com serves as the official platform for the book 'Trillion Dollar Coach,' which encapsulates the leadership and management lessons of Bill Campbell, a renowned Silicon Valley coach. The site is professionally designed, featuring rich content including testimonials from prominent industry leaders and multiple purchase options. It targets business leaders and managers interested in leadership principles derived from Silicon Valley's top executives. The business model centers on book sales and leadership education, with strong brand association to Alphabet Inc., enhancing its market credibility. Technically, the website employs modern web technologies such as React, Google Analytics, and Swiper.js, ensuring a fast, mobile-optimized, and accessible user experience. The domain is registered with a reputable registrar and shows no signs of suspicious activity. However, the site lacks explicit privacy and cookie policies, which are critical for compliance with data protection regulations. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but it does not implement security headers or provide incident response contacts or vulnerability disclosure mechanisms. The use of Google Analytics indicates moderate user tracking, but without clear privacy compliance disclosures. Overall, the site demonstrates a solid security posture but has room for improvement in privacy and security transparency. The overall risk assessment is low, with recommendations focusing on enhancing privacy compliance, implementing security headers, and publishing incident response information to strengthen trust and regulatory adherence.

A

Ahola Group

aholagroup.com

60

Ahola Group is a well-established Finnish logistics and transport company with over 70 years of experience, operating primarily in the Nordic and Central/Eastern European markets. The company offers a broad range of services including road transport, special heavy logistics, and digital logistics solutions through its subsidiaries Ahola Transport, Ahola Special, and Ahola Digital. The website reflects a professional and modern digital presence with clear navigation, multilingual support, and a focus on sustainability and innovation. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Cookiebot for privacy compliance. It uses Google Tag Manager for analytics and tracking, and Swiper.js for interactive UI elements. The site is mobile optimized and demonstrates good SEO practices, although accessibility features could be improved. Performance is moderate with no critical technical issues detected. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms, but lacks explicit security policies or incident response contacts. No security vulnerabilities or exposed sensitive data were found in the HTML content. The absence of WHOIS registration data is a concern and should be investigated further to confirm domain legitimacy. Overall, the site presents a secure and trustworthy front for a large logistics business. Strategically, Ahola Group should enhance its security posture by publishing formal security policies and incident response contacts, implementing additional security headers, and considering a vulnerability disclosure program. Improving accessibility and continuing to monitor third-party scripts for vulnerabilities will further strengthen their digital maturity and trustworthiness.

I

INHUS Prefab, UAB

inhusprefab.eu

45

INHUS Prefab, UAB is a medium-sized manufacturing company specializing in prefabricated reinforced concrete structures and architectural concrete facade elements. Operating primarily in Lithuania with projects extending to Nordic countries and the UK, the company positions itself as a reliable regional player in the construction sector. Their website reflects a professional digital presence with clear navigation, multilingual support, and a portfolio of completed projects. Technically, the site uses modern web technologies including HTML5, CSS, JavaScript, and integrates Google Analytics for user tracking. The site is mobile optimized and performs moderately well. Security posture is adequate with HTTPS enforced but lacks advanced security headers and public security policies. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, aligning with GDPR requirements. Contact information is transparent and includes company email, phone, and physical address. Overall, the website demonstrates good business credibility and digital maturity with room for security enhancements.

I

Intuizi

intuizi.com

51

Intuizi is a technology company specializing in predictive consumer intelligence by leveraging large quantitative models and anonymized consumer data to generate actionable insights. Their platform, the Anonymous Knowledge Graph (AKG), enables businesses to analyze de-identified consumer behavior across digital and physical environments, supporting adtech, marketing, and data monetization efforts. The company positions itself as a privacy-conscious data analytics provider with a focus on compliance and innovation. Technically, the website is built on WordPress with Elementor and integrates modern analytics and marketing tools such as Google Analytics and HubSpot. The site is well-structured, mobile-optimized, and professionally designed, reflecting a mature digital presence. Security-wise, the site uses HTTPS and includes some security best practices but lacks explicit security headers and incident response information, which could be improved. The absence of WHOIS data for the domain is a notable anomaly that impacts domain trustworthiness. Overall, Intuizi presents a credible business with strong technical and content quality but should address domain registration transparency and enhance security policies.

L

Leden Group

ledengroup.com

55

Leden Group Oy is a Finnish manufacturing company specializing in metal-based contract manufacturing, steel service center operations, and cold roll formed steel profiles. The company is part of the HANZA Group, a larger parent organization, positioning Leden as a significant player in the Baltic manufacturing sector. Their website reflects a professional and modern digital presence, built on WordPress with Elementor, supporting multiple languages and featuring a consent management platform to comply with privacy regulations. The company emphasizes quality and operational excellence, as evidenced by their ISO 9001:2015 certification and detailed service offerings. Technically, the website is well-structured with good SEO and mobile optimization, though some security headers could be improved. Security posture is solid with HTTPS and domain transfer protections, but lacks explicit security policies or incident response information. Overall, the website and business information indicate a credible and established manufacturing partner with room for enhanced transparency in security and privacy policies.

S

SA Kiusamisvaba Kool

kiusamisvaba.ee

40

SA Kiusamisvaba Kool is a well-established Estonian non-profit organization dedicated to preventing bullying in schools through the implementation of the KiVa anti-bullying program developed in Finland. The organization provides training, resources, and support to schools, parents, and communities, positioning itself as the official representative of the KiVa program in Estonia. The website reflects a professional and consistent brand presence with comprehensive content targeting educators, parents, and socially responsible entities. Technically, the site is built on WordPress with modern plugins and integrations, including WooCommerce for e-commerce and Edwiser Bridge for LMS functionalities. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the site demonstrates good digital maturity and trustworthiness.

S

Scandiweb

scandiweb.com

75

Scandiweb is a well-established full-service eCommerce agency specializing in Magento and Shopify development, digital marketing, and UI/UX design. Founded in 2003, it has grown to become a leader in the eCommerce development space, boasting the world's largest team of certified Magento developers and serving over 600 companies globally. The company offers a comprehensive suite of services including performance marketing, SEO, CRO, PPC, email automation, and AI-powered search optimization, positioning itself as a one-stop solution for eCommerce growth and digital transformation. Technically, the website leverages a modern technology stack including Webflow CMS, HubSpot marketing tools, Google Tag Manager, multiple analytics platforms (Google Analytics, Matomo, VWO), and various advertising pixels. The domain is hosted with Cloudflare DNS and registered via Amazon Registrar, Inc., indicating a stable and secure infrastructure. The site demonstrates good mobile optimization, SEO practices, and performance, although DNSSEC is not enabled, which is a potential area for improvement. From a security perspective, the site uses HTTPS and has domain status protections to prevent unauthorized changes. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not evident. Privacy compliance is partial, with no clear privacy or cookie policy pages detected, though cookie consent mechanisms appear to be implemented. Contact information is clearly provided, enhancing business credibility. Overall, Scandiweb presents a professional and trustworthy online presence with strong business credibility and technical maturity. To further enhance security posture and privacy compliance, it is recommended to publish detailed privacy and cookie policies, enable DNSSEC, and provide explicit security and incident response information.

I

INHUS

inhus.eu

48

INHUS is a Lithuanian-based construction and manufacturing company specializing in precast reinforced concrete building structures, operating primarily in Lithuania and Northern Europe. The company follows a design-build business model integrating design, production, and construction services. Their website presents a professional portfolio of projects and maintains a consistent brand image across multiple subsidiary domains. Technically, the website uses modern web technologies including Google Tag Manager and Google Analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and formal policies are missing. Overall, the site is trustworthy and well-maintained, supporting INHUS's market position as a regional player in the construction sector.

M

Moneyzen

moneyzen.ee

56

Moneyzen is an Estonian-based online financial platform specializing in providing personal loans and investment opportunities through a transparent and empathetic approach. The platform targets individuals seeking flexible loan options and investment avenues, operating primarily in the Estonian market with multilingual support. The business model centers on connecting borrowers and investors, offering various loan types including personal, renovation, travel, health, auto, education, and refinancing loans. Despite recent challenges leading to the cessation of new loan and investment applications as of June 6, 2025, Moneyzen remains committed to servicing existing contracts and investor accounts. Technically, the website is built on WordPress using Elementor and Yoast SEO, integrating modern web technologies such as Google Tag Manager, reCAPTCHA, Hotjar, and Facebook Pixel for analytics and marketing. The site demonstrates good mobile optimization, SEO practices, and basic accessibility features. Security posture is strong with HTTPS enforced, security headers present, and no exposed sensitive data, although explicit security policies and incident response information are absent. Overall, Moneyzen presents a professional and trustworthy online presence with clear business information and contact channels. The domain registration aligns well with the business claims, enhancing legitimacy. However, improvements in privacy compliance documentation, security policy transparency, and incident response readiness are recommended to strengthen trust and regulatory adherence.

V

Valio

valio.com

69

Valio is a well-established Finnish dairy company with over 120 years of history, specializing in innovative dairy ingredient solutions for the global food industry. Their product portfolio includes lactose-free, protein-enriched, sugar-reduced, and specialized nutrition products, supported by a strong commitment to sustainability and quality. The website reflects a mature digital presence with professional design, comprehensive content, and clear navigation targeting food industry professionals and manufacturers. Technically, the site is built on WordPress with modern plugins and analytics tools, optimized for mobile and SEO. Security posture is good with HTTPS and consent management, though some security headers and explicit policies could be improved. The WHOIS data is unavailable, which slightly reduces trust but is mitigated by strong branding and content. Overall, the site demonstrates a high level of professionalism and business credibility.

V

Valio Eesti AS

karjaarvalios.ee

40

Valio Eesti AS operates as a significant player in the Estonian dairy manufacturing sector, providing fresh dairy products and employment opportunities. The website serves as a career portal inviting potential employees to join their team, emphasizing training, fair pay, and a safe work environment. The company is part of the international Valio group, known for its innovative and sustainable food solutions. Technically, the website is built on WordPress with Elementor, offering a modern and responsive user experience. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy compliance mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security policies to meet compliance standards.

The website svenskaspelsidor.com is a newly established (2024) Swedish informational platform focused on providing comprehensive reviews, rankings, and expert analyses of licensed betting sites and bookmakers in Sweden for 2025. It targets Swedish sports bettors seeking trustworthy and licensed operators, offering detailed content on betting odds, bonuses, responsible gambling, and payment methods. The site uses WordPress CMS with Yoast SEO plugin and integrates modern JavaScript libraries like Swiper.js for UI enhancements. Hosting and DNS are managed via Cloudflare and GoDaddy registrar, ensuring reliable infrastructure. Security posture is adequate with HTTPS enabled and domain status protections, but lacks advanced security headers and explicit security or incident response policies on the site. Privacy and cookie policies are missing, representing a compliance gap. No contact information or social media presence is provided, which limits direct user engagement and trust signals. Overall, the site is well-structured, content-rich, and optimized for SEO and mobile, but would benefit from enhanced privacy compliance and security transparency.

G

GSMtasks

gsmtasks.com

63

GSMtasks is a mature SaaS company founded in 2015, specializing in delivery and field service management solutions. Their platform offers comprehensive task and route management, real-time tracking, and mobile applications for drivers, targeting businesses involved in logistics, transportation, and e-commerce. The website is professionally designed with good content quality and clear navigation, supporting mobile responsiveness and SEO best practices. Technically, the site is built on WordPress with WooCommerce, leveraging modern JavaScript libraries and integrations such as Google Analytics, Hotjar, and Facebook Pixel for analytics and marketing. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks explicit security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service. Overall, the site demonstrates moderate to good business credibility and technical maturity.

N

Net Group

netgroup.com

65

Net Group is a well-established digital transformation and software development company founded in 2004, offering a broad range of services including cybersecurity, CTO as a service, business model innovation, product development, AI-powered solutions, and software development. The company targets businesses seeking to innovate and grow through technology, positioning itself as a strategic partner with a strong portfolio of success stories and reputable clients. Technically, the website is built on WordPress and integrates modern marketing and analytics tools such as HubSpot, Google Tag Manager, and Facebook Pixel. The site is mobile-optimized and designed with a professional user experience. Security posture is good with HTTPS enforced and domain transfer protection, but lacks some security headers and DNSSEC. Privacy compliance is strong with clear cookie and privacy policies and consent mechanisms. Overall, the website reflects a credible and professional business with moderate to high digital maturity.

N

Nucleate Bio, Inc.

nucleate.org

56

Nucleate Bio, Inc. operates a globally recognized, student-led organization dedicated to empowering biotech leaders and innovators. The organization offers educational programs, venture acceleration through its Activator program, and fosters a global community of bio-entrepreneurs. Supported by leading biotech companies and world-class advisors, Nucleate positions itself as a key player in the biotech innovation ecosystem. Technically, the website is built on WordPress with modern SEO and analytics tools, delivering a professional and responsive user experience. Security posture is solid with HTTPS and no evident vulnerabilities, though it lacks some advanced security headers and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site reflects a credible and trustworthy organization with room for improvement in privacy and security transparency.

T

Thinking in Billions – 21 May 2025

thinkinginbillions.eu

43

Thinking in Billions is a specialized event focused on fostering innovation through government-led regulatory sandboxes and legal experimentation frameworks. The event is closely tied to Estonian government entities and Latitude59, positioning it as a niche but credible platform for collaboration between public and private sectors in technology and defense innovation. The website is built on a modern WordPress platform using Elementor, with integration of Google Analytics and Tag Manager for tracking. While the site is professionally designed and mobile-optimized, it lacks critical privacy and cookie policies, which impacts compliance and user trust. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but security headers and incident response information are missing. Overall, the site is legitimate and consistent with its stated purpose but would benefit from enhanced privacy compliance and security transparency.

H

Hoperfy

hoperfy.com

53

Hoperfy is a small technology company specializing in a white-label event hotel booking platform designed to help event organizers monetize hotel bookings made by their international visitors. The platform offers a 50/50 revenue-sharing model and subscription upgrades with advanced analytics and flight booking capabilities. The website is professionally designed, mobile-optimized, and provides clear business information and customer testimonials, positioning Hoperfy as a niche player in the hospitality technology sector. Technically, the site uses modern JavaScript libraries, integrates Google Tag Manager and reCAPTCHA for security and analytics, and is hosted with reputable providers including GoDaddy and Cloudflare. Security posture is good with HTTPS and form protections, but lacks published security policies and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is functional and credible but could improve transparency and security practices.

Overwolf operates as a leading technology platform empowering players, developers, and creators to enhance gaming experiences through user-generated content (UGC). The company provides tools and services for building overlay apps, mods, game servers, and monetization solutions, positioning itself as a central ecosystem in the gaming industry. Their market position is reinforced by partnerships with major brands and a large active user base. Technically, the website demonstrates a mature digital infrastructure with modern web technologies, comprehensive analytics, and strong mobile optimization. Security posture is robust, with HTTPS enforcement, security headers, and no visible vulnerabilities, although incident response contact details could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, Overwolf presents a professional, trustworthy, and technically sound online presence.

C

Contract Pharma

contractpharma.com

61

Contract Pharma operates as a specialized media outlet focused on connecting contract service providers with pharmaceutical and biopharmaceutical sponsors. The website offers a comprehensive range of services including industry news, digital and print magazine editions, directories, event information, and sponsored content. It targets professionals and companies within the pharma and biopharma sectors, positioning itself as a premier information and networking platform in this niche. Technically, the site is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various analytics and marketing tools such as Google Analytics, HubSpot, and AdRoll. The site demonstrates good SEO practices with structured data and meta tags, and it is mobile optimized with responsive design elements. Performance is moderate, with standard ad integrations and tracking scripts. From a security perspective, the site uses HTTPS and integrates Google reCAPTCHA for form protection. Cookie consent mechanisms are in place, and privacy policies are comprehensive and GDPR compliant. However, explicit security policies and incident response information are not publicly available. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the site presents a professional and trustworthy front for its business model, but the lack of WHOIS transparency and absence of direct contact information on the homepage slightly reduce its trustworthiness. Strategic improvements in security transparency and contact availability would enhance credibility and compliance.

C

CORE Indonesia

youtheconomicsummit.org

52

Youth Economic Summit (YES) is a program organized by CORE Indonesia aimed at engaging Indonesian youth in advancing the national economy through digital and green economy initiatives. The website serves as a platform to promote events, programs, publications, and multimedia content related to youth economic empowerment. The target audience includes young professionals, students, and community groups interested in economic innovation and sustainability. Technically, the website employs modern frontend technologies such as Tailwind CSS, Flowbite, and Swiper.js, hosted behind Cloudflare DNS, ensuring good performance and mobile responsiveness. However, the site lacks critical privacy and cookie policies, and no direct contact information is provided, which impacts compliance and trust. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. Overall, the domain registration is recent but consistent with the event timeline and uses privacy protection appropriately.

K

KG Media

kgmedia.id

64

KG Media is a leading Indonesian multi-platform media group operating under the Kompas Gramedia umbrella. The company offers a broad range of media services including digital, broadcast, print, and integrated marketing solutions. It holds a strong market position with multiple subsidiary media brands and a comprehensive digital ecosystem. Technically, the website employs modern web technologies such as YouTube IFrame API, Google Tag Manager, and Swiper.js, delivering a good user experience with multimedia content and responsive design. Security posture is solid with HTTPS and no visible vulnerabilities, though the absence of cookie consent and security policies indicates room for compliance improvement. Overall, KG Media presents a professional and trustworthy digital presence aligned with its business stature.

P

PT Gramedia Asri Media

gramedia.com

67

Gramedia.com is the largest and most trusted online bookstore in Indonesia, operated by PT Gramedia Asri Media. The website offers a comprehensive catalog of books and related products, targeting Indonesian consumers interested in literature and educational materials. The business model is e-commerce retail with a strong emphasis on official stores and promotional campaigns. The company maintains a significant market position as a leading book retailer in the region. Technically, the website is built on modern frameworks such as React and Next.js, incorporating various analytics and marketing tools including Google Analytics, Hotjar, TikTok Pixel, and Facebook Pixel. The site demonstrates good mobile optimization and SEO practices, although accessibility features could be improved. Performance is moderate, with a well-structured and professional design. From a security perspective, the site enforces HTTPS and employs standard security headers, reflecting a solid security posture. However, the absence of a visible cookie consent mechanism and explicit security or incident response policies indicates room for improvement in privacy compliance and transparency. The WHOIS data is unavailable, which slightly reduces trust but is mitigated by the company's established market presence and consistent branding. Overall, Gramedia.com is a credible and professionally managed e-commerce platform with a strong business foundation and good technical implementation. Strategic enhancements in privacy compliance and security transparency would further strengthen its trustworthiness and regulatory adherence.

T

TAUNEX AUTO

taunexauto.ee

41

TAUNEX AUTO is a small Estonian company operating primarily in the transportation and retail sectors, specializing in used vehicle sales, trailer rental and sales, automotive accessories, and related services. The company is based in Pärnu and operates under the parent company Lille Rent OÜ, founded in 2013. Their website reflects a local market focus with clear service offerings and contact channels. The business maintains a consistent brand presence and provides essential information such as company registration and contact details, supporting trustworthiness. Technically, the website is built on WordPress with modern plugins and libraries including jQuery, Swiper.js, and Contact Form 7, enhanced with Google reCAPTCHA for spam protection. The site is mobile-optimized and includes SEO best practices such as meta tags and structured data. Cookie consent mechanisms are implemented in compliance with GDPR, providing users with detailed control over cookie categories. From a security perspective, the site enforces HTTPS and uses reCAPTCHA, but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or suspicious content were detected. The domain registration data aligns well with the business claims, indicating legitimacy and consistency. Overall, the website presents a professional and trustworthy digital presence suitable for its business scale and market. Strategic improvements in security headers and transparency policies could further enhance its security posture and compliance.

W

Wunderkind

bouncex.com

64

Wunderkind is a technology company focused on delivering personalized marketing solutions that leverage customer data to optimize revenue for brands. Their website demonstrates a professional and modern design, utilizing React and Gatsby frameworks, and integrates marketing automation tools such as Marketo. The company targets brands and marketers seeking advanced performance marketing and customer engagement technologies. While the website is well-structured and mobile-optimized, it lacks visible privacy, cookie, and terms of service policies, which are critical for compliance and user trust. The absence of WHOIS data due to privacy protection reduces transparency, though the site content and branding suggest a legitimate business. Security posture is moderate with no detected security headers or explicit security policies, indicating room for improvement in hardening and compliance. Overall, the site is functional and professional but would benefit from enhanced privacy disclosures and security practices.

A

Admicom

trackinno.com

57

Admicom is a Finnish technology company specializing in software solutions for fleet management, maintenance, and construction project management. Their product Trackinno offers digital tools to keep important fleet and maintenance information accessible anytime and anywhere. The company targets businesses in construction, real estate, and related sectors, providing SaaS solutions to improve operational efficiency. Technically, the website is built on the HubSpot CMS platform and integrates modern web technologies including Google Tag Manager, Cookiebot for consent management, and analytics tools such as Google Analytics and Hotjar. The site is mobile optimized and provides a professional user experience with clear navigation and structured content. From a security perspective, the website uses HTTPS and cookie consent mechanisms but lacks visible security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. However, the absence of WHOIS data for the domain raises some concerns about domain registration transparency. Overall, the website presents a professional and trustworthy front for Admicom's business offerings, but improvements in security transparency and WHOIS data availability are recommended to enhance trust and compliance.

K

Kreedix OÜ

kreedix.ee

69

Kreedix OÜ is an established Estonian company specializing in comprehensive credit management and debt collection services, operating since 2004. The company offers a full spectrum of services from sales credit management to cash collection, including credit ratings, debt portfolio analysis, and credit insurance. Kreedix holds a strong market position as a pioneer in the Estonian credit management sector, supported by partnerships with reputable finance and credit insurance companies such as Euler Hermes, Atradius, Coface, and EVUL. The website reflects a professional and consistent brand image targeting business clients requiring credit and debt management solutions. Technically, the website is built on WordPress using Elementor and Yoast SEO plugins, integrating modern web technologies such as Google Analytics and Google reCAPTCHA for security and analytics. The site is mobile-optimized with good SEO practices and moderate performance. Security posture is solid with HTTPS enforced and reCAPTCHA protecting forms, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the security posture is good with no critical vulnerabilities detected, and the domain registration data supports the legitimacy of the business. The site does not show signs of blocking or WAF interference, allowing full content access. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility features to further strengthen compliance and user experience.

А

Апостроф

apostrophe.ua

62

Апостроф is a Ukrainian online news media outlet established in 2014, providing comprehensive news coverage, analytical articles, interviews, and video content focused on Ukrainian society, politics, economy, and world events. The website targets Ukrainian-speaking audiences interested in current affairs and cultural topics. It operates primarily on an advertising revenue model, leveraging Google Adsense and Google Tag Manager for monetization and analytics. The site demonstrates a good level of digital maturity with modern JavaScript libraries and responsive design, ensuring a positive user experience across devices. Security posture is strong with HTTPS enforcement and standard security headers, though there is room for improvement in privacy compliance and incident response transparency. Overall, Апостроф presents as a credible and professional media entity with consistent branding and quality content.

I

iSport.ua

isport.ua

59

iSport.ua is a Ukrainian sports news website providing fresh updates on football, boxing, basketball, hockey, tennis, and other sports. It targets Ukrainian sports fans with news, match schedules, results, online broadcasts, and videos. The site is moderately sized and well-established since 2017, with a consistent brand and good content quality. Technically, it uses a modern tech stack including Bootstrap, jQuery, Google Adsense, and various analytics and advertising platforms. The site is mobile optimized and SEO friendly with structured data and Open Graph tags. Security posture is adequate with HTTPS and CSRF tokens, but could improve by updating libraries and adding security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is legitimate and trustworthy but should enhance privacy and security transparency.

Г

ГОРДОН

gordonua.com

45

ГОРДОН is a Ukrainian media company operating an online news portal providing up-to-date news, exclusive interviews, and multimedia content focused on Ukraine and global events. The website targets Ukrainian-speaking audiences interested in politics, war, culture, and current affairs. It maintains a strong market position as a recognized news source with a medium-sized operation founded in 2013. The business model relies on advertising revenue and mobile app distribution. Technically, the site uses a mix of modern and legacy technologies, including Google Analytics, Google Tag Manager, Facebook Pixel, and Cloudflare DNS services. The site is mobile-optimized and SEO-friendly but uses an outdated jQuery version and lacks some security headers. Security posture is moderate with HTTPS enforced but missing DNSSEC and some headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional and trustworthy but can improve security and privacy practices.

A

Andevis

virosoft.ee

42

Andevis is an Estonian software development company specializing in integrated HR and payroll management solutions, including their flagship Virosoft HR system. The company targets businesses seeking tailored personnel accounting, work time tracking, payroll, training, and self-service portals. The website is professionally designed using WordPress and includes multiple contact forms secured with Google reCAPTCHA v2. The technical infrastructure is modern but lacks some advanced security headers. The domain is well-established since 2010 and registered with an Estonian registrar consistent with the business location. However, the site lacks visible privacy and cookie policies, which impacts compliance scores. Overall, the website presents a credible and professional business presence with room for improvement in privacy and security practices.

A

A Million Ads

amillionads.com

56

A Million Ads (AMA) is a technology-driven company specializing in dynamic creative advertising for audio platforms. They position themselves as a leader in delivering customized, data-driven audio ads across major platforms, serving notable clients such as Target, Starbucks, and American Express. The website reflects a mature digital presence with professional design, strong branding, and extensive client showcases. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools including Google Analytics, HubSpot, and LinkedIn Insight Tag. Security posture is generally good with HTTPS enforced and use of reCAPTCHA, though some security headers are not explicitly detected and no dedicated security or incident response policies are published. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, the WHOIS data is missing or indicates the domain is unregistered or privacy protected, which conflicts with the professional image and client portfolio, raising legitimacy concerns. Overall, the site is functional, professional, and compliant but would benefit from improved transparency on domain registration and security policies.

E

eKool

ekool.eu

62

eKool is a well-established educational platform based in Estonia, offering a comprehensive school management system that facilitates communication, administrative tasks, and academic tracking for schools, parents, and students. The platform is positioned as a trusted solution with a strong presence in the Estonian education sector, supported by multiple certifications and partner integrations with notable educational service providers. Technically, the website is built on Webflow CMS and leverages modern web technologies such as GSAP and Swiper.js to deliver a responsive and engaging user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some improvements in security headers and explicit policies could enhance trust. Privacy compliance is generally good, with a comprehensive privacy policy present, but lacks a cookie consent mechanism. Overall, eKool demonstrates a mature digital presence with strong business credibility and a high-quality website experience.

R

Relari AI

relari.ai

61

Relari AI is a technology company specializing in contract-based development tools for AI agents, enabling teams to define, verify, and inspect complex agent behaviors using natural language contracts. The company positions itself as an innovator in AI agent verification and simulation, targeting AI development teams and organizations. Their platform offers services such as Agent Contracts, Custom Evaluators, Agent Simulation, Synthetic Test Cases, and Trace Analytics. The website is professionally designed, consistent in branding, and includes developer resources such as GitHub and documentation links. Technically, the site is built on Webflow with modern JavaScript libraries and tracking tools, delivering moderate performance and good mobile optimization. Security posture is generally good with HTTPS enforced and no exposed sensitive data, but lacks some security headers and formal privacy and cookie policies. The WHOIS data is privacy protected, which is typical for startups, but limits domain ownership transparency. Overall, the site demonstrates a moderate level of trustworthiness and technical maturity.

Nasdaq Baltic operates as the regional stock exchange platform for the Baltic countries of Estonia, Latvia, and Lithuania, providing trading services for shares, bonds, and funds. The website serves investors, companies, brokers, and advisers by offering real-time market data, news, and capital raising facilitation. It is part of the larger Nasdaq Inc. corporate group, reflecting a strong market position in the finance sector. The site is professionally designed with consistent branding and clear navigation, targeting financial market participants and stakeholders in the Baltic region. Technically, the website is built on WordPress with modern front-end technologies including Bootstrap, jQuery, Swiper.js, and Highstock for data visualization. It integrates Google Analytics and Tag Manager for user tracking and marketing insights. The site is mobile optimized and SEO friendly, with structured data enhancing search engine understanding. Hosting and domain registration are managed by reputable providers, ensuring stable infrastructure. From a security perspective, the site enforces HTTPS and employs domain status locks to prevent unauthorized changes. However, DNSSEC is not enabled, and no explicit security headers or incident response policies are published. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. No critical vulnerabilities or exposed sensitive data were detected. Overall, Nasdaq Baltic's website demonstrates a mature digital presence with strong business credibility and good security hygiene. Strategic improvements could focus on enhancing DNS security, publishing formal security policies, and expanding incident response transparency to further strengthen trust and compliance.

F

FCI Levadia

fcilevadia.ee

31

FCI Levadia is an Estonian football club with an online presence primarily focused on providing football-related content and engaging with local sports fans. The website is built on WordPress and utilizes common plugins such as Yoast SEO and WP Rocket to enhance SEO and performance. The technical infrastructure is moderate, hosted by Zone Media OÜ, a known Estonian registrar and hosting provider. The site is accessible without any WAF or security challenge blocking content. However, the website lacks critical privacy and cookie policies, contact information, and published security or incident response policies, which are important for compliance and trust. Security posture is basic with no advanced headers or vulnerability disclosures evident. Overall, the site is functional but would benefit from improvements in privacy compliance, security best practices, and business transparency.

M

Molongui

molongui.com

63

Molongui is a specialized WordPress plugin provider focusing on authorship management tools such as author boxes, guest authors, and co-authors. The company targets WordPress site owners and publishers who require advanced authorship features to credit content creators properly. The website is professionally designed, mobile-optimized, and provides comprehensive documentation and support resources. Technically, the site leverages WordPress with Elementor and several performance and privacy plugins, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and security headers present, though explicit security policies and incident response information are absent. The lack of WHOIS data is a notable gap, slightly impacting trust but not detracting from the overall professionalism. Strategic recommendations include publishing security policies and incident response contacts to enhance trust and compliance.

E

European table tennis union

ettu.org

56

The European Table Tennis Union (ETTU) is a recognized governing body for table tennis activities across Europe, managing competitions, rankings, and development initiatives. The website serves as an information hub for players, associations, and fans, offering news, event schedules, and multimedia content. Technically, the site is built on a modern WordPress platform with Elementor, incorporating SEO best practices and responsive design. Security posture is strong with HTTPS, security headers, and a consent management platform for GDPR compliance. However, WHOIS data is unavailable due to privacy protection, which is typical for such organizations. Overall, the site is professional, trustworthy, and well-maintained.

B

Bloom Robbins SI

bloomrobbins.si

47

Bloom Robbins SI is a Slovenian e-commerce business specializing in vitamins and supplements aimed at supporting hair health and growth. The company operates primarily through a Shopify-based online store, targeting consumers interested in hair care products. The website is professionally designed with consistent branding and good content quality, focusing on product benefits and customer engagement. The business appears to be relatively new, with domain registration dating from early 2023, and is part of a broader network of regional sister sites serving multiple European countries. Technically, the website leverages modern e-commerce technologies including Shopify's Dawn theme, Google Tag Manager, Facebook Pixel, and Klaviyo for marketing automation and analytics. Hosting is managed via Cloudflare, ensuring good performance and security. The site includes GDPR-compliant cookie consent mechanisms and a clear privacy policy, reflecting a mature approach to privacy and data protection. However, some standard legal pages such as terms of service and security policies are missing, and no direct contact information is readily available on the site. From a security perspective, the site enforces HTTPS and employs consent management for tracking and marketing scripts. While no critical vulnerabilities or exposed sensitive data were detected, the absence of explicit security headers and incident response information suggests room for improvement. The domain registration is consistent and transparent, with no privacy protection masking registrant details, which supports legitimacy. Overall, Bloom Robbins SI presents a solid e-commerce presence with good technical and privacy compliance foundations. Strategic enhancements in security policies, contact transparency, and legal documentation would further strengthen trust and compliance posture.

B

Bloom Robbins HU

bloomrobbins.hu

55

Bloom Robbins HU operates as a specialized e-commerce platform focused on selling hair vitamin supplements to the Hungarian market. The website presents a clear business focus on hair health products, leveraging a Shopify-based infrastructure that supports a modern and responsive user experience. The company targets consumers seeking nutritional support for healthy and long hair, positioning itself within a niche segment of the health and beauty industry. The site is well-branded and consistent, with a professional design and good content relevance.

B

Bloom Robbins PL

bloomrobbins.pl

64

Bloom Robbins PL operates as a regional e-commerce retailer specializing in online sales through a Shopify platform, targeting primarily the Polish market with localized content and dedicated country-specific stores for other European countries. The website demonstrates a mature digital infrastructure with integration of modern marketing and analytics tools such as Google Tag Manager, Klaviyo, and Facebook Pixel, supporting effective customer engagement and data-driven marketing strategies. The site is well-optimized for mobile devices and incorporates GDPR-compliant cookie consent mechanisms, reflecting a commitment to privacy and regulatory adherence. Security posture is strong with HTTPS enforced and appropriate security headers, although the absence of explicit Terms of Service and security policy pages suggests room for improvement in transparency and customer trust. The lack of WHOIS data from the Polish registry limits domain trust assessment but does not detract significantly from the overall professional presentation and operational maturity of the website.

B

Bloom Robbins CZ

bloomrobbins.cz

61

Bloom Robbins CZ operates as a specialized e-commerce platform focused on selling vitamin supplements aimed at promoting hair growth and scalp health. The website targets consumers primarily in the Czech Republic and neighboring countries, leveraging a Shopify-based infrastructure to deliver its products. The business model centers on direct online retail with regional sister sites supporting localized markets. The site demonstrates consistent branding and a clear product focus, appealing to a niche audience seeking hair care solutions. Technically, the website utilizes a modern tech stack including Shopify's Dawn theme, JavaScript libraries such as Swiper.js, and integrates multiple marketing and analytics tools like Google Tag Manager, Facebook Pixel, Klaviyo, and Smartlook. The site is hosted on Shopify's CDN, ensuring moderate performance and good mobile optimization. SEO and accessibility are adequately addressed, though some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms compliant with GDPR. However, explicit security headers such as Content-Security-Policy and X-Frame-Options are not evident, and no dedicated security or incident response policies are published. The absence of WHOIS data limits domain trust assessment, though the website content and technology usage suggest a legitimate operation. Overall, Bloom Robbins CZ presents a professional and trustworthy e-commerce presence with room for improvement in security hardening and transparency regarding business and security policies. Strategic enhancements in these areas would bolster customer trust and compliance posture.

Z

Zasedáme.cz, s.r.o.

zasedame.cz

46

Zasedáme.cz, s.r.o. operates a premium event and conference space rental business located in the heart of Prague, offering multiple room sizes with modern technical equipment and comprehensive event services. The company targets corporate clients and individuals seeking well-equipped, centrally located venues with flexible scheduling options. The website is professionally designed, mobile-optimized, and provides clear pricing, contact information, and customer testimonials, supporting a strong market position in the hospitality and real estate sectors. Technically, the website employs a modern tech stack including Bootstrap, Swiper.js, and Usercentrics for cookie consent management, alongside analytics tools like Google Analytics and Hotjar. The site is served over HTTPS with no visible security vulnerabilities in the content, though security headers are not explicitly detected. The presence of a consent management platform indicates good privacy compliance practices. Security posture is solid with HTTPS and no exposed sensitive data, but the absence of explicit security policies or incident response contacts is a gap. The missing WHOIS data reduces domain trustworthiness and should be investigated further. Overall, the site demonstrates a mature digital presence with room for improvement in security transparency and domain registration clarity. Strategic recommendations include implementing security headers, publishing a security policy, adding incident response contacts, auditing third-party scripts, and considering a vulnerability disclosure policy to enhance trust and compliance.