Security Directory

F

FuturAbility eG

hauska.com

50

FuturAbility eG is a cooperative organization based in Austria, founded in 2019, focused on driving collaboration for a sustainable future. The company invites experts, investors, institutions, and organizations to co-create strategies and fund projects that contribute to sustainability and societal impact. Their market position is niche, targeting sustainability-focused stakeholders with services including strategy co-creation, project funding, and impact improvement tools. The website reflects a professional and consistent brand image with good content quality and clear navigation.

G

GOPA Worldwide Consultants GmbH

gopa.de

54

GOPA Worldwide Consultants GmbH is a Germany-based international development consultancy specializing in implementing projects in developing and transition economies. Their business model focuses on delivering socially inclusive growth and poverty reduction through six core sectors including education, governance, environment, statistics, health, and monitoring and evaluation. The company holds ISO 9001 and ISO 14001 certifications, underscoring their commitment to quality and environmental responsibility. Their target audience includes national and international development partners, authorities, NGOs, and beneficiaries. Technically, the website is built on Drupal 10 with modern web technologies including SVG graphics and Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security posture is strong with HTTPS enforced and cookie consent mechanisms implemented, though some security headers could be improved and explicit security policies are not publicly available. Overall, the security posture is good with no visible vulnerabilities or exposed sensitive data. The WHOIS data is consistent and supports the legitimacy of the domain and business. The website demonstrates high professionalism, trustworthiness, and compliance with GDPR through clear privacy and cookie policies. Strategically, GOPA should consider publishing a formal security policy and incident response contacts, enhancing security headers, and possibly adding a vulnerability disclosure policy to further strengthen trust and security culture.

D

Deutsche Börse Group

eurexgroup.com

70

Eurex, operated by Deutsche Börse Group, is a leading global derivatives exchange specializing in EUR-denominated equity index and fixed income derivatives. The website presents comprehensive market and product information targeting financial market participants such as traders, clearing members, and institutional investors. The business model focuses on providing derivatives trading, clearing services, market data, and repo market solutions, positioning Eurex as a key player in the global financial markets. Technically, the website is built on CoreMedia CMS with JavaScript and integrates Matomo analytics for user tracking. The site demonstrates good mobile optimization, clear navigation, and professional design, supporting a positive user experience. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are not clearly published. WHOIS data is unavailable, likely due to privacy protections common in financial sector domains, but the domain and content legitimacy are supported by consistent branding and association with Deutsche Börse Group. Overall, the website is professional, secure, and credible, serving its target audience effectively.

B

Bing Digital

bingdigital.com

66

Bing Digital is a well-established ecommerce and digital marketing agency founded in 1999, specializing in ecommerce website design, development, and marketing services. The company targets businesses seeking to grow their online presence through platforms like Magento, Shopify, and BigCommerce, offering a full suite of services including UX design, SEO, PPC, and ongoing support. Their market position is strong with a consistent brand presence and a portfolio of successful client case studies. Technically, the website is built on WordPress using Elementor and Gravity Forms, integrating modern analytics and marketing tools such as Google Analytics, Matomo, Microsoft Clarity, and Facebook Pixel. The site is mobile-optimized, SEO-friendly, and uses secure HTTPS with appropriate security headers, reflecting a mature digital infrastructure. From a security perspective, the site demonstrates good practices including HTTPS enforcement, security headers, and CAPTCHA on forms. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure mechanisms indicates room for improvement in transparency and readiness. The missing WHOIS data for the domain raises concerns about domain registration legitimacy, although the professional site and social media presence mitigate some risk. Overall, Bing Digital presents a professional and trustworthy online presence with strong technical and marketing capabilities. The main risk lies in the domain registration opacity, which should be addressed to enhance trust. Strategic recommendations include publishing security and incident response policies, implementing vulnerability disclosure, and verifying domain registration details.

F

Fichtner GmbH & Co. KG

fichtner.de

58

Fichtner GmbH & Co. KG is a well-established independent engineering and consulting company with a global presence, specializing in energy, environment, water, and infrastructure sectors. Celebrating over 100 years of operation, the company offers comprehensive consulting and project management services, positioning itself as a leader in its industry. The website reflects a mature digital presence built on TYPO3 CMS, with modern design and good mobile optimization. It integrates Matomo analytics for user tracking and employs cookie management with consent mechanisms, indicating awareness of privacy compliance. Security posture is solid with HTTPS enforced and secure form handling, though there is room for improvement in implementing security headers and publishing explicit privacy and incident response policies. Overall, the domain registration data aligns well with the company's claims, supporting legitimacy and trustworthiness.

U

Universum Communications Sweden AB

universumglobal.com

65

Universum Communications Sweden AB operates a professional website focused on employer branding and talent attraction services. The company leverages extensive research and data insights to support employers in building strong workforces. The website demonstrates a mature digital infrastructure using modern technologies such as Next.js, Cloudflare, and Matomo analytics, ensuring good performance and security. The security posture is strong with HTTPS, security headers, and Cloudflare protection, although explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is well addressed with a comprehensive cookie policy and consent mechanism aligned with GDPR requirements. Overall, the website reflects a credible and professional business presence with transparent advertising and tracking practices.

V

Väderstad

vaderstad.co.uk

66

Väderstad is an international manufacturer specializing in high-performance farm machinery designed to improve fuel efficiency, reduce work hours, and increase profitability for agricultural professionals. The website presents a professional and well-branded digital presence with clear messaging targeted at farmers and agricultural businesses. The technical infrastructure includes modern web technologies and integrates multiple analytics and marketing tools such as Google Tag Manager, Matomo, and Microsoft Application Insights, indicating a mature digital marketing strategy. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit security policies. The absence of WHOIS data and lack of visible contact or privacy policy information slightly reduce trustworthiness but do not negate the overall legitimacy of the business presence online.

E

Erasmus University Rotterdam

eur.nl

77

Erasmus University Rotterdam (EUR) is a well-established Dutch educational institution with a strong focus on bachelor and master programs, research, and societal impact. The university targets students, researchers, and academic professionals, maintaining a leading position in the Dutch and international education market. The website reflects a mature digital presence with comprehensive content, clear navigation, and multilingual support. Technically, the site is built on Drupal CMS, leveraging modern analytics tools like Matomo and Google Tag Manager, and employs OneTrust for cookie consent management, indicating a commitment to privacy compliance. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities. However, explicit security policies and incident response contacts could be improved. Overall, the domain registration data aligns well with the university's identity, supporting legitimacy and trustworthiness.

E

Equinox Payments

equinoxpayments.com

65

Equinox Payments is a well-established Canadian payment solutions provider with over 50 years of experience delivering point-of-sale hardware and software products. Their offerings include a range of payment terminals and software development kits tailored for various industries such as retail, hospitality, healthcare, and banking. The company emphasizes security, customer support, and environmentally responsible practices. Technically, the website is built on WordPress using the Divi theme and LayerSlider plugin, with modern JavaScript libraries and Matomo analytics for privacy-conscious tracking. Security posture is strong with HTTPS and security headers, though the absence of a cookie consent mechanism and published security policies indicates room for improvement in privacy compliance and transparency. Overall, the website is professional, user-friendly, and trustworthy, supporting the company's market position as a reliable payment solutions partner.

L

La Brosse & Dupont

lbd.fr

42

La Brosse & Dupont is a well-established French company founded in 1998, specializing in the conception, manufacturing, and distribution of daily consumer products sold primarily through large and medium retail outlets. The company holds a strong market position in the retail and manufacturing sectors, emphasizing innovation and sustainability, as evidenced by its PME+ certification and commitment to corporate social responsibility (RSE). Their key services include product design, logistics, and in-store sales force support, targeting retail partners and end consumers. Technically, the website is built on WordPress and leverages modern web technologies including jQuery, Google Tag Manager, Matomo Analytics, and cookie consent management via Axeptio. The site is hosted by OVH, a reputable provider, and demonstrates good mobile optimization, accessibility, and SEO practices. Embedded multimedia content and social media integrations enhance user engagement. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA for form protection, alongside cookie consent mechanisms. However, it lacks explicit security headers and a published security policy or incident response contacts, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional and trustworthy digital presence with strong business credibility and compliance with privacy regulations. Strategic enhancements in security policy transparency and technical security headers would further strengthen its posture.

A

Adtran Networks SE

advaoptical.com

55

Adtran Networks SE, represented by the domain www.adva.com, is a prominent technology company specializing in optical networking, Ethernet technology, and data transport solutions. The website content emphasizes the recent integration of ADVA into Adtran, highlighting a strategic move to lead the fiber-everywhere future. Their offerings target telecommunications providers and enterprises requiring advanced networking solutions. The site is professionally designed with clear navigation and good mobile optimization, reflecting a mature digital presence. Technically, the site employs modern analytics and consent management tools, ensuring compliance with privacy regulations such as GDPR. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response information are absent. The WHOIS data for the domain www.adva.com is missing, which introduces some uncertainty about domain registration legitimacy, but the overall branding and content align with a reputable enterprise. Strategic recommendations include enhancing security headers, publishing a security policy, and providing direct security contact information to improve trust and compliance.

W

Webnorth

standoutweb.dk

66

Webnorth is a specialized digital agency based in Copenhagen with over 14 years of experience in custom WordPress and WooCommerce development. They position themselves as a technical partner for agencies and businesses, offering tailored web solutions, hosting, and service agreements. Their market position is strong within the niche of WordPress development, emphasizing performance, scalability, and security. The website is professionally designed, multilingual (Danish and English), and optimized for SEO and mobile use. Technically, the site leverages WordPress CMS with integrations including Google Analytics, Matomo, Hotjar, Google Tag Manager, and Cloudflare DNS services. The infrastructure supports fast performance and good accessibility. Privacy compliance is robust, featuring a comprehensive cookie consent mechanism aligned with GDPR and Google Consent Mode. Security posture is solid with HTTPS enforced, security headers present, and domain registration consistent with business claims. No critical vulnerabilities or exposed sensitive data were detected. However, DNSSEC is not enabled, and no explicit security or incident response policies are published, which could be improved. Overall, Webnorth presents a trustworthy and professional digital presence with strong technical and privacy compliance foundations. Strategic recommendations include enabling DNSSEC, publishing security policies, and enhancing transparency around incident response and data protection officer contacts.

V

V.Group

vshipsoffshore.com

63

V.Group is a globally recognized leader in ship management and marine services, operating across 30 countries with 60 offices and managing over 3,000 vessels. The company provides a broad range of services including ship management, crew management, technical services, supply chain, and marine insurance. Their business model focuses on being an independent service provider, not owning ships or manufacturing, which positions them as a trusted partner in the maritime industry. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to maritime stakeholders. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Matomo Analytics, indicating a focus on SEO and privacy-conscious analytics. The site is mobile-optimized and performs moderately well, hosted likely on SiteGround. Security posture is strong with HTTPS enforced and domain registration protections in place, though DNSSEC is not enabled and security headers are not explicitly detected, representing areas for improvement. From a security and compliance perspective, the site provides comprehensive privacy, cookie, and terms of use policies, demonstrating GDPR compliance and transparency. However, there is no explicit incident response or vulnerability disclosure information, which could be enhanced to improve trust and readiness. Overall, the domain registration is consistent with the business claims, showing a long-established presence without privacy protection, which aligns with the company's transparency. The overall risk is low with no critical vulnerabilities detected. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing incident response contacts, and establishing a vulnerability disclosure policy to further strengthen security posture and stakeholder trust.

M

Modern Times Group

mtg.se

66

Modern Times Group (MTG) is a well-established international gaming group headquartered in Sweden, focused on owning and operating multiple gaming studios with popular global intellectual properties across casual and mid-core gaming genres. The company actively drives industry consolidation and strategic acquisitions, positioning itself as a significant player in the gaming sector. The website reflects a mature corporate presence with detailed investor relations, governance, and sustainability information, supporting its Nasdaq Stockholm listing under MTGA and MTGB symbols. Technically, the site is built on WordPress with modern SEO and analytics tools, including Yoast SEO and Matomo, and incorporates a robust cookie consent mechanism via OneTrust, indicating good privacy compliance. Security posture is strong with HTTPS enforced and security headers present, though explicit security policies and incident response contacts are not published, representing an area for improvement. The absence of WHOIS data reduces transparency but does not detract significantly from the overall legitimacy given the company's public market presence and comprehensive website content.

O

OpenCraft

opencraft.com

60

OpenCraft is a specialized company focused on Open edX® platform design, development, hosting, and support services. Established in 2011, they have positioned themselves as an official Open edX® Partner with a global client base including prestigious academic institutions and corporations. Their key offerings include fully managed hosting, bespoke learning solutions, and full product design services tailored to online education providers. The website reflects a professional and consistent brand image with high-quality content and clear navigation aimed at learning providers, academic institutions, corporations, and governments. Technically, the site is built on WordPress using Oxygen Builder, with modern JavaScript libraries such as Alpine.js and jQuery, and integrates Matomo analytics and Google reCAPTCHA for security and tracking. Hosting is managed via Gandi SAS, consistent with the domain registration data. Security posture is good with HTTPS and reCAPTCHA usage, but lacks some advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is trustworthy, professional, and well-positioned in the education technology sector.

I

Internetstiftelsen

iis.se

73

Internetstiftelsen is an established Swedish non-profit organization responsible for managing the top-level domains .se and .nu. The organization focuses on promoting a positive internet experience for individuals and society, providing domain registration services, knowledge dissemination, and community meeting places. The website reflects a professional and consistent brand image with good content quality and clear navigation tailored for Swedish internet users and domain registrants. Technically, the website is built on WordPress with a modern tech stack including SVG icons, JavaScript, and CSS. It employs Matomo analytics with a consent-based tracking mechanism managed by OneTrust, indicating a mature approach to privacy compliance. The site is mobile-optimized and accessible, with good SEO practices including structured data and meta tags. From a security perspective, the site uses HTTPS and cookie consent blocking before tracking activation, but lacks DNSSEC and explicit security headers, which are recommended for enhanced security. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and consistency with the organization's claims, with a domain age appropriate for the business history. Overall, Internetstiftelsen's website demonstrates a strong security posture, good privacy compliance, and high business credibility. Strategic improvements include enabling DNSSEC, adding security headers, and publishing explicit security and incident response policies to further enhance trust and security maturity.

E

Esri Schweiz

esri.ch

67

Esri Schweiz operates as a leading provider of geospatial information systems and solutions based on the ArcGIS platform, targeting private sector, government, and academic customers in Switzerland. The website content emphasizes spatial analysis, indoor mapping, and integration of artificial intelligence to enhance geospatial insights. The company is positioned as an enterprise-level entity with a strong brand presence consistent with its parent company Esri Inc. The digital infrastructure leverages Adobe Experience Manager CMS, modern JavaScript frameworks, and multiple analytics and marketing tools, indicating a mature digital presence. Security posture is generally strong with HTTPS and no visible vulnerabilities, but lacks explicit security headers and published privacy or cookie policies, which are areas for improvement. Overall, the website is professional, content-rich, and trustworthy, though privacy compliance and contact transparency could be enhanced.

H

Hexaware Technologies Pvt Ltd

hexaware.com

83

Hexaware Technologies Pvt Ltd is a well-established global IT consulting and services company founded in 1996, with a strong market presence and $1.4 billion in annual revenue. The company offers a broad portfolio of technology services including digital software solutions, cloud services, data analytics, AI-driven automation, and business process outsourcing, targeting enterprise clients across multiple industries. Their website reflects a mature digital infrastructure with modern technologies, responsive design, and comprehensive content showcasing their expertise and client success stories. Security posture is robust with HTTPS, clientTransferProhibited domain status, CAPTCHA-protected forms, and reputable analytics tools, though there is room for improvement in DNSSEC and security headers. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, Hexaware demonstrates high business credibility and professionalism, supported by consistent branding and trust indicators.

E

Euroleague Basketball

euroleague.net

63

Euroleague Basketball operates a professional and comprehensive digital platform dedicated to the EuroLeague, Europe's premier basketball competition. The website offers extensive content including live match updates, player and team statistics, video highlights, interviews, and fan engagement features such as fantasy challenges. The platform targets basketball fans and sports enthusiasts, positioning itself as the authoritative source for EuroLeague basketball content. Technically, the site leverages modern web technologies including React and Next.js, and integrates multiple analytics and tracking services to monitor user engagement and marketing effectiveness. The site is well-optimized for mobile devices and accessibility, providing a high-quality user experience. Security-wise, the website enforces HTTPS and avoids exposing sensitive data, but lacks visible security headers and formal privacy or cookie policies, which are critical for compliance and user trust. The absence of WHOIS registration data is a concern for domain legitimacy, though the professional presentation and consistent branding mitigate some risk. Overall, the site is a robust media platform with room for improvement in privacy compliance and security transparency.

L

Linstow Baltic

linstow.lv

52

Linstow Baltic is a leading real estate developer in the Baltic region, focusing on property development, office space leasing, and sustainable urban environments. The company positions itself as a major player in the Latvian and Baltic real estate market, targeting investors, tenants, and the general public interested in quality living and working spaces. The website is built on WordPress and incorporates modern web technologies including jQuery, Slick Slider, and analytics tools such as Matomo and Google Tag Manager, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no visible exposed sensitive data, though the absence of security headers suggests room for improvement. Privacy and cookie policies are present and appear GDPR compliant, supporting good privacy practices. Overall, the site reflects a professional business presence with clear contact information and partner links, though WHOIS data unavailability limits full domain legitimacy verification.

F

FKM

fkm.de

49

FKM is a German-based organization specializing in providing certified trade fair data, including exhibitor and visitor numbers for events in Germany. With a longstanding presence of over five decades, FKM serves decision-makers and the exhibiting economy by delivering reliable marketing data. The website is professionally designed using WordPress and integrates common plugins such as Yoast SEO and Matomo analytics, indicating a moderate level of digital maturity. The site is accessible, mobile-optimized, and SEO-friendly, although some accessibility features could be improved. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks visible security headers and explicit security policies. Privacy compliance is partial, with a cookie consent mechanism present but no clear privacy or terms of service pages. Overall, the website reflects a credible business with room for enhancement in privacy and security transparency.

I

International Powerlifting Federation

powerlifting.sport

53

The International Powerlifting Federation (IPF) website serves as the official online presence for the global governing body of powerlifting. It provides comprehensive information about the federation's activities, including news, championships, anti-doping policies, and educational programs. The site targets athletes, coaches, referees, and fans worldwide, positioning itself as a leading authority in the sport. The business model is that of a non-profit sports federation focused on governance, event organization, and athlete support. Technically, the website is built on the TYPO3 CMS platform, utilizing modern web technologies such as jQuery, Matomo analytics for privacy-conscious tracking, and Lightbox for media display. The site demonstrates good mobile optimization and SEO practices, though accessibility features could be improved. Performance is moderate, with no major technical issues detected. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and a cookie consent mechanism, which are recommended for enhanced protection and compliance. The WHOIS data is privacy protected by the registry, which is common for .sport domains, and does not raise immediate trust concerns given the professional nature of the site and its affiliations. Overall, the IPF website is a professional, trustworthy platform with solid content and technical implementation. Strategic improvements in privacy compliance and security headers would further strengthen its posture.

Belz & Rupp Internetmanagement Saarbrücken is a small digital agency based in Germany specializing in web design, TYPO3 CMS implementation, online marketing, logo development, and print services. The company targets businesses and organizations seeking affordable and professional digital and print solutions. Their market position appears local to Saarbrücken with a focus on quality service delivery. Technically, the website is built on the TYPO3 CMS platform, enhanced with jQuery and Lightbox for UI components, and uses Matomo for analytics alongside Usercentrics for GDPR-compliant consent management. The site is well-structured, mobile-optimized, and employs HTTPS with good privacy practices, although some security headers are missing. From a security perspective, the site demonstrates a moderate security posture with HTTPS and consent management but lacks explicit security policies and vulnerability disclosure mechanisms. The absence of WHOIS domain registration data is a notable anomaly that impacts trust and legitimacy assessments. Overall, the website is professional and functional with good privacy compliance but requires verification of domain registration and enhancement of security headers and policies to improve trustworthiness and security posture.

R

RTV Slovenija

rtvslo.si

61

RTV Slovenija operates the website rtvslo.si as a comprehensive multimedia news portal serving the Slovenian public. It provides a wide range of services including news articles, live TV and radio streaming, podcasts, and video on demand. The site is a leading national public broadcaster platform with a strong market position and a large audience. The technical infrastructure leverages modern web technologies such as Bootstrap, Matomo analytics, and supports mobile and PWA features, ensuring good performance and accessibility. Security posture is strong with HTTPS enforced, secure cookie practices, and cookie consent mechanisms, although some security headers could be improved. The website is well-branded, professionally designed, and offers a consistent user experience with clear navigation and extensive content. No blocking or WAF challenges were detected, and the domain registration data aligns well with the public broadcaster's identity, supporting high legitimacy.

The European Powerlifting Federation (EPF) operates as a recognized sports federation governing powerlifting activities across Europe. The website serves as a comprehensive portal for event information, news, anti-doping policies, and member federation resources. It targets athletes, coaches, referees, and enthusiasts within the European powerlifting community. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and includes privacy-conscious analytics via Matomo and a consent management platform (Usercentrics). Security posture is solid with HTTPS and privacy policies in place, though some security headers could be improved. The absence of WHOIS data limits domain registration insights, but the site’s content and partnerships strongly indicate legitimacy. Overall, the site is professional, well-structured, and trustworthy.

H

HundrED

hundred.org

68

HundrED is a mission-driven non-profit organization dedicated to transforming K12 education globally by curating, amplifying, and implementing impactful and scalable education innovations. It holds a leading market position as a global curator and partner in the education sector, serving a broad audience including educators, innovators, and youth. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content focused on education innovation and community engagement. Technically, the site employs modern JavaScript frameworks, analytics tools like Matomo and Google Analytics, and follows good practices such as HTTPS enforcement and cookie consent mechanisms. Security posture is solid with room for improvement in security headers and explicit security policies. The domain is longstanding and privacy-protected, consistent with a reputable global non-profit. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

M

Monaco Info

monacoinfo.com

57

Monaco Info is a small media company focused on delivering news, video content, and live streaming services centered around Monaco. The website is well-structured, professionally designed, and targets residents and visitors interested in local news and events. The technical infrastructure is based on WordPress with modern web technologies, providing a good user experience and mobile responsiveness. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and DNSSEC. No explicit privacy or security policies are published, which is a compliance gap. The domain is long-established and consistent with the business claims, enhancing trustworthiness.

The website kaitsealad.ee serves as the official online presence for Matsalu National Park, managed by the Estonian Environmental Board (Keskkonnaamet). It provides comprehensive information about the park's natural features, cultural heritage, and international recognitions, positioning itself as a key governmental resource for environmental conservation and sustainable tourism in Estonia. The site targets nature enthusiasts, researchers, tourists, and local communities, offering detailed visitor information and educational resources. Technically, the site is built on Drupal 10 with modern web technologies, ensuring good mobile optimization, accessibility, and user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the site is trustworthy, professional, and well-aligned with its governmental mission.

O

Overcode.bg

affiliatly.com

64

Affiliatly is a SaaS provider specializing in affiliate marketing program management software tailored for e-commerce businesses. The platform offers a comprehensive suite of features including multiple affiliate tracking methods, affiliate management, payment integrations, marketing asset management, and performance analytics. With over 11 years of experience and more than 2500 registered clients, Affiliatly positions itself as a reliable and established player in the affiliate marketing technology space. The website targets e-commerce store owners and affiliate marketers seeking to launch and manage affiliate programs efficiently. Technically, the website employs modern frontend technologies such as Bootstrap, jQuery, and various JavaScript libraries for UI enhancements and analytics. It integrates with a broad range of popular e-commerce platforms, demonstrating a mature and flexible technical infrastructure. The site is mobile-optimized and uses Matomo for privacy-conscious analytics tracking. Performance is moderate with good SEO and basic accessibility features. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms, privacy policies, and incident response documentation, reflecting a solid security posture. However, the absence of WHOIS data and lack of explicit security headers indicate areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the security maturity is good but could benefit from enhanced header configurations and clearer security contact information. The overall risk assessment is moderate with a trustable business presence but some transparency concerns due to missing WHOIS data. Strategic recommendations include improving security headers, providing explicit security contact channels, enhancing accessibility, and maintaining regular audits of third-party scripts to sustain security and compliance standards.

S

Siemens

siemens.ee

56

Siemens Estonia operates as a regional branch of the global Siemens AG, delivering advanced electrification, automation, and digitalization solutions tailored for industrial clients in Estonia and the Baltic region. The website reflects a mature digital presence with a focus on B2B partnerships and technology innovation. The company leverages modern web technologies including Vue.js and Apollo GraphQL, supported by robust analytics and marketing tools such as Matomo and Adobe Launch. Security posture is strong with HTTPS enforcement and comprehensive security headers, although explicit security policies and incident response details are not publicly disclosed on this site. Privacy compliance is well addressed through global Siemens privacy and cookie policies, including consent management. Overall, the website is professional, trustworthy, and well-optimized for performance and accessibility.

S

SYNLAB International GmbH

synlab.com

64

SYNLAB International GmbH operates as a leading European provider of medical laboratory diagnostic services, offering a broad range of routine and specialty testing solutions. The company targets healthcare providers, clinics, doctors, and patients, emphasizing fast and reliable test results and innovative diagnostic technologies. Their market position is strong, supported by a large network across more than 20 countries and a significant employee base including medical experts. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to their audience. Technically, the site is built on TYPO3 CMS with Bootstrap and integrates Matomo analytics and conditional Google Maps functionality, indicating a modern and privacy-conscious infrastructure. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms in place, though explicit incident response and vulnerability disclosure policies are not publicly visible. The absence of WHOIS data for the domain is notable but does not detract from the overall legitimacy and professionalism of the site. Strategic recommendations include enhancing transparency around security incident response and publishing a security.txt file to facilitate vulnerability reporting.

S

Sisekaitseakadeemia

sisekaitse.ee

58

Sisekaitseakadeemia is a key Estonian governmental educational institution specializing in internal security education, research, and professional training. It serves students, professionals, and government officials with a broad portfolio of academic programs, seminars, and research activities. The website reflects a well-established institution with a clear focus on internal security sectors including police, rescue, prison, finance, and security studies. The institution holds a strong market position as the national authority in its domain. Technically, the website is built on Drupal 9 with modern web technologies such as Bootstrap, jQuery, and lazy loading for images. It integrates analytics tools like Matomo and Google Tag Manager, indicating a mature digital infrastructure. The site is mobile optimized, accessible, and SEO friendly, providing a good user experience. From a security perspective, the site uses HTTPS and employs some best practices like Do Not Track in analytics. However, explicit security headers and incident response policies are not evident. Privacy compliance is partially addressed with privacy and cookie policies present, though lacking a consent mechanism. Contact information is clearly provided, enhancing trust. Overall, the website is professional, trustworthy, and serves its educational and governmental purpose effectively. Strategic improvements in security headers, incident response transparency, and cookie consent would further strengthen its posture.

Z

Zone Media OÜ

eestitoit.ee

50

Eestitoit.ee is a government-affiliated website focused on promoting Estonian food culture, local food products, and sustainable food practices. It serves as an informational and educational platform targeting Estonian residents, food enthusiasts, and culinary tourists. The site is well-branded and consistent with official government initiatives, featuring rich content about food events, traditions, and sustainability projects. Technically, the website is built on Drupal CMS and uses modern analytics tools such as Google Analytics and Matomo. It is mobile-optimized and accessible, with good SEO practices. Security-wise, the site implements cookie consent with an opt-in mechanism but lacks visible advanced security headers and a published privacy policy or terms of service. WHOIS data confirms the domain's legitimacy and long-standing registration since 2010. Overall, the website is professional, trustworthy, and serves its informational purpose effectively.

P

Peatus

peatus.ee

51

Peatus.ee is a digital journey planning user interface focused on public transportation in Estonia, leveraging the Digitransit platform. The website targets public transport users seeking route planning and transit information. Technically, it employs modern web technologies including React, JavaScript, and integrates analytics tools such as Matomo and Google Tag Manager. The site demonstrates good security practices with HTTPS and security headers, but lacks explicit privacy and cookie policies, as well as contact information, which impacts privacy compliance and user trust. Overall, the domain registration data aligns well with the website's purpose, indicating legitimacy. Strategic improvements in privacy disclosures and user contact options would enhance compliance and trust.

K

Keskkonnaagentuur

loodusveeb.ee

55

Loodusveeb is an official Estonian governmental environmental information portal managed by the Estonian Environment Agency (Keskkonnaagentuur). It provides comprehensive information on Estonia's nature, biodiversity, ecological themes, citizen science projects, and environmental education. The website targets Estonian residents, environmental enthusiasts, researchers, and volunteers, serving as a trusted source for nature-related data and public engagement. Technically, the site is built on Drupal 10 with modern libraries and includes a cookie consent mechanism compliant with EU regulations. The site is mobile optimized and accessible, with good SEO practices. Security posture is solid with HTTPS and cookie consent, but lacks explicit security headers and published security policies. WHOIS data confirms domain legitimacy and consistency with the governmental nature of the site. Overall, the website is professional, trustworthy, and well-positioned as a governmental environmental resource.

The website 'Maardu 45' serves as a dedicated platform for celebrating the 45th anniversary of Maardu city in Estonia. It provides residents and visitors with information about the city's history, culture, events, and local government contacts. The site is positioned as a local government information portal aimed at community engagement and city promotion. Technically, the site leverages a modern tech stack including Alpine.js, jQuery, Leaflet for maps, and multiple analytics tools such as Google Analytics and Matomo, hosted likely by Telia Eesti AS. The website is mobile optimized and offers a good user experience with clear navigation and consistent branding. Security-wise, the site uses HTTPS and does not expose sensitive data, but lacks some security headers and formal policies such as privacy and cookie policies, which are important for GDPR compliance. The domain is very recently registered, which is somewhat unusual for a city site but may reflect a new dedicated event domain. Overall, the site is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices.

The website kaitsealad.ee is an official Estonian government-related portal managed by Keskkonnaamet (Environmental Board) providing comprehensive information about Estonia's protected areas. It serves as an educational and informational resource for the public, nature enthusiasts, landowners, and youth conservation groups. The site offers news, events, maps, and educational content related to nature conservation and sustainable tourism. Technically, the site is built on Drupal 10 CMS with modern frontend libraries and is hosted via Zone Media OÜ. It features a cookie consent mechanism compliant with EU regulations and uses Matomo for analytics. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies could be improved. Contact information is clearly provided, enhancing trust and credibility. However, privacy policy and terms of service pages are not explicitly found, which is a gap in compliance. Overall, the site is professional, accessible, and trustworthy, supporting its government mission effectively.

K

Koigi Kool

koigikool.ee

49

Koigi Kool is a small educational institution located in Koigi village, Estonia, providing primary and kindergarten education services. The website serves as an information portal for students, parents, and staff, offering news, event updates, school life details, and contact information. The site is built on Drupal 10 and incorporates modern web technologies and accessibility features, reflecting a moderate to good level of digital maturity. The presence of Matomo analytics indicates a privacy-conscious approach to user tracking. Security posture is adequate but could be improved by enabling DNSSEC and implementing security headers. No privacy policy or explicit security policies are published, which is a gap in compliance. Overall, the domain is legitimate and stable, with clear contact details and partner affiliations.

J

Järva-Jaani Gümnaasium

jjaanikool.ee

47

Järva-Jaani Gümnaasium is a public secondary educational institution located in Estonia, providing comprehensive educational services and community engagement. The website serves as an information portal for students, parents, and staff, offering details on school life, teaching schedules, admissions, and extracurricular activities. The institution maintains a strong local presence with partnerships and certifications that enhance its educational offerings. Technically, the website is built on Drupal 10, leveraging modern web technologies such as Swiper.js for interactive elements and Matomo for privacy-conscious analytics. The site demonstrates good mobile optimization and accessibility features, including adjustable font sizes and contrast settings, supporting inclusive access. From a security perspective, the site uses HTTPS and respects Do Not Track signals in analytics, but lacks advanced security headers and published security policies. The domain registration is consistent with the Estonian Ministry of Education, reinforcing legitimacy. No blocking or WAF interference was detected, allowing full content access. Overall, the website presents a professional and trustworthy digital presence for the school, with room for improvement in security policy transparency and enhanced security headers to further protect users and data.

O

Olevalmis.ee

olevalmis.ee

63

Olevalmis.ee is a government-affiliated Estonian crisis preparedness information portal operated under the auspices of the Estonian Rescue Board (Päästeamet). The website provides practical guidance on handling various crises, behavioral instructions, emergency contact information, and news updates relevant to public safety. It targets Estonian residents seeking reliable and official information on crisis readiness. The business model is informational and public service oriented, positioning itself as a trusted government resource in the emergency preparedness sector. Technically, the website is built on modern web technologies including Nuxt.js and Vue.js frameworks, leveraging Cloudinary for media delivery and Matomo for analytics. The site demonstrates good mobile optimization, accessibility at a basic level, and solid SEO practices. Performance is moderate with no critical technical issues detected. The infrastructure reflects a mature digital presence suitable for a government service. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes important security headers. No exposed sensitive data or vulnerable libraries were found. However, the site lacks explicit cookie consent mechanisms and does not publish dedicated security or incident response policies, which are areas for improvement. The WHOIS data confirms the domain's legitimacy and consistency with the website's government affiliation. Overall, Olevalmis.ee presents a trustworthy, professional, and well-maintained platform for crisis information in Estonia. Strategic recommendations include implementing explicit cookie consent, publishing security and incident response policies, enhancing accessibility, and adding vulnerability disclosure information to further strengthen trust and compliance.

O

Opinion System

opinionsystem.fr

53

Opinion System is a French independent survey organization specializing in verified customer reviews, positioning itself as a trusted third party between professionals and consumers, primarily in the service and real estate sectors. The company holds multiple ISO certifications, reinforcing its commitment to quality and transparency. The website reflects a professional and consistent brand image, targeting both consumers seeking trustworthy professionals and businesses looking to leverage customer feedback. Technically, the site uses modern JavaScript frameworks, Matomo analytics for tracking, and HubSpot forms for lead capture, hosted on AWS infrastructure. Security posture is good with HTTPS enforced and secure login forms, though explicit security headers and privacy policies are lacking. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

E

Eesti Puuetega Inimeste Koda

epikoda.ee

48

Eesti Puuetega Inimeste Koda (EPIK) is a well-established Estonian non-profit organization founded in 2010, dedicated to improving the quality of life, social inclusion, and self-realization opportunities for people with disabilities and chronic illnesses. The organization operates primarily in Estonia and targets disabled individuals, their families, and professionals working in related fields. Their key services include advocacy, counseling, accessibility initiatives, publications, international cooperation, podcasts, and newsletters. The website reflects a professional and accessible digital presence with multi-language support and clear navigation.

AdForum is a well-established global platform serving the advertising and marketing industry by providing a comprehensive directory of agencies, production companies, and talent, alongside a creative library of campaigns and ads. The website demonstrates a strong market position with extensive content and a large user base, targeting marketers and advertising professionals worldwide. Technically, the site uses modern JavaScript libraries, Google advertising services, and Matomo analytics, with a responsive design and good SEO practices. Security posture is solid with HTTPS and CSRF protections, though additional security headers and explicit privacy consent mechanisms could enhance compliance and trust. The absence of WHOIS data introduces some uncertainty about domain registration legitimacy, but the professional presentation and industry presence mitigate concerns. Overall, the site is a credible and valuable resource for its target audience.

V

Verband der Zoologischen Gärten (VdZ) e.V.

zoosciencelibrary.org

51

The Zoo Science Library is a specialized online platform documenting peer-reviewed scientific publications involving modern zoological gardens and aquaria. It serves as a knowledge transfer and networking tool for the zoological research community, supported by reputable organizations such as the Verband der Zoologischen Gärten (VdZ) e.V. and the European Association of Zoos and Aquaria (EAZA). The website is professionally designed, bilingual (German and English), and provides a searchable database of over 1400 publications from 2018 to 2022. Technically, the site is built on TYPO3 CMS with modern frontend frameworks like Bootstrap and jQuery, and it uses Matomo for privacy-conscious analytics. Security posture is strong with HTTPS enforced and cookie consent implemented, though some HTTP security headers are missing and no explicit security or incident response policies are published. WHOIS data is unavailable due to malformed query responses, which slightly reduces domain trust but is mitigated by the site's affiliations and content quality. Overall, the site is a credible, niche scientific resource with good technical and security standards.

O

Oikeusministeriö/Oikeushallinnon tietotekniikkakeskus

demokratia.fi

25

Demokratia.fi is an official Finnish government web portal managed by the Ministry of Justice, providing citizens with comprehensive information and tools to participate in democratic processes locally, nationally, and at the EU level. The site aggregates links to various government-maintained participation platforms and legislative tracking services, targeting Finnish citizens interested in civic engagement. Technically, the site is built on WordPress with modern JavaScript libraries and uses Matomo analytics configured for privacy. Security posture is solid with HTTPS and no exposed sensitive data, though DNSSEC and additional security headers could enhance protection. Privacy compliance is good with a clear privacy policy, but lacks a cookie consent mechanism. Overall, the site is trustworthy, professionally maintained, and serves as a key government resource for democratic participation.

D

Digi- ja väestötietovirasto

avoindata.fi

58

The website avoindata.fi serves as the official Finnish government open data portal managed by Digi- ja väestötietovirasto. It consolidates all open data published in Finland, providing datasets, APIs, producer information, and showcases of applications leveraging open data. The portal targets developers, public sector entities, and citizens interested in accessing and utilizing open data. Its business model is that of a public service, offering free and centralized access to government data resources. Technically, the site is built on Drupal 10 with Bootstrap and FontAwesome for UI components, and it integrates Matomo for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Hosting appears to be government-managed with external analytics hosted on suomi.matomo.cloud. From a security perspective, the site enforces HTTPS and employs secure form handling with CSRF tokens. However, it lacks explicit security headers and does not publicly disclose a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Contact information is limited to email and contact forms, with no phone or physical address listed. Overall, avoindata.fi is a trustworthy, well-maintained government portal with good technical and privacy standards. Strategic improvements include publishing a security policy, adding security headers, and providing incident response contacts to enhance transparency and security posture.

D

Drouot

drouot.com

72

Drouot is a historic and leading auction marketplace established since 1852, specializing in art, luxury items, and real estate auctions. It operates both physical auctions at Hôtel Drouot and a comprehensive online platform, serving collectors and buyers worldwide. The website demonstrates a mature digital infrastructure using modern technologies such as SvelteKit and Cloudflare DNS, with a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement, security headers, and domain protections, though DNSSEC is not enabled. Privacy and cookie policies are present and GDPR compliant, supporting user trust. However, explicit security policies and incident response contacts are not publicly disclosed, representing an area for improvement.

S

Sotsiaalkindlustusamet

tarkvanem.ee

46

Tarkvanem.ee is a government-affiliated Estonian website operated by Sotsiaalkindlustusamet, providing comprehensive parenting information and resources targeted at parents of children of all ages. The site offers educational content on child development, parenting styles, health, and safety, supported by tests, videos, and expert advice. It holds a strong market position as a trusted public information portal in Estonia. Technically, the website is built on WordPress and leverages modern analytics and marketing tools such as Google Analytics, Matomo, Hotjar, and Facebook Pixel, alongside SEO optimization via Yoast. The site is mobile-optimized and accessible with good navigation and professional design. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Contact information is limited but includes a verified company email and a contact form. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy and security disclosures.

Lemonway is a French licensed payment institution specializing in providing modular and compliant payment solutions tailored for marketplaces and crowdfunding platforms. Established since 2012 and trusted by over 400 marketplaces including major clients like Decathlon and SNCF Connect & Tech, Lemonway offers a comprehensive suite of services including Pay-In, Identification (KYC), Wallet management, Pay-Out, and an intuitive Dashboard. Their API-centric approach enables seamless integration and control over payment flows, supporting multiple currencies and payment methods. The company emphasizes security, compliance, and user experience, backed by ACPR licensing and PCI DSS compliance. Technically, the website leverages modern frameworks such as Next.js and React, with robust analytics and tracking tools implemented responsibly with user consent. Security posture is strong with HTTPS, security headers, and secure forms, although explicit security policies and incident response details are not publicly disclosed. WHOIS data is missing or obscured, likely due to privacy protection, which slightly impacts trust but is common in regulated financial sectors. Overall, Lemonway presents a professional, secure, and mature digital presence aligned with its business objectives.

R

Ragnar Sellbergs stiftelse

ragnarsellbergsstiftelse.se

61

Ragnar Sellbergs stiftelse is a Swedish foundation supporting research projects at Swedish universities and institutes focused on waste and recycling. The website presents a professional and consistent brand image with good content quality tailored to its target audience of academic and research institutions. Technically, the site uses modern JavaScript frameworks, Episerver CMS, and is hosted on Microsoft Azure, with integrated analytics and monitoring tools such as Matomo, Piwik Pro, New Relic, and Microsoft Application Insights. Security posture is solid with HTTPS enforced and a comprehensive cookie consent mechanism, although explicit security headers and incident response information are absent. The absence of WHOIS data for the domain raises some concerns about domain registration legitimacy, which should be further investigated. Overall, the site is functional, privacy compliant, and trustworthy but could improve transparency and contact availability.