Security Directory

M

Marché des Objets Graphiques

marche-objets-graphiques.com

55

The website 'Marché des Objets Graphiques' serves as an online presence for a recurring event organized by étapes magazine, focusing on graphic and artisanal objects. It targets creative professionals and enthusiasts in France, particularly in Paris, providing a platform for showcasing and selling unique graphic works and crafts. The site is well-structured, visually consistent, and uses modern web technologies including WordPress and Google Analytics for tracking visitor engagement. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the content and branding align with a known magazine entity. Security posture is adequate with HTTPS and spam protection, but lacks comprehensive security headers and visible privacy compliance documentation. Overall, the site is functional and professional but would benefit from improved compliance and transparency measures.

J

Jill Arcaro

jillarcaro.com

30

Jill Arcaro operates a specialized wellness and educational business focused on holistic therapies such as Thai Massage, Reiki, and Access Bars, complemented by educational travel experiences and an artisan retail store. The website is professionally designed using WordPress and WooCommerce, offering a good user experience with clear navigation and mobile optimization. Privacy and cookie policies are well implemented, indicating GDPR compliance. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and ownership transparency. Security posture is moderate with HTTPS enabled but lacks advanced security headers and incident response information. Overall, the site presents a credible business front but requires domain registration verification and enhanced security measures.

W

WhosOn

whoson.com

41

WhosOn is a UK-based technology company specializing in advanced live chat and AI-driven chatbot solutions tailored for enterprise businesses. Established in 2003, the company offers a comprehensive suite of services including live chat software, AI chatbots, help desk integration, analytics, and flexible deployment options such as on-premises and cloud hosting. Their market position is strong within the UK, supported by long-term operation and recognized certifications. The website reflects a professional and consistent brand image targeting large-scale, regulated industries requiring secure and scalable communication tools. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Blazor WebAssembly, and FontAwesome, hosted on AWS infrastructure. The site is mobile-optimized with good SEO and accessibility basics, though some improvements could be made in accessibility and cookie consent mechanisms. Analytics are implemented via Statcounter and Google Tag Manager, indicating moderate user tracking. From a security perspective, the company demonstrates a solid posture with HTTPS enforcement, encryption, intrusion prevention, and data masking. Certifications such as Cyber Essentials and FSQS further reinforce trust. However, DNSSEC is not enabled, and security headers are not explicitly detected, suggesting room for enhancement. Incident response contact details and vulnerability disclosure policies are not publicly visible, which could be improved to strengthen transparency and readiness. Overall, WhosOn presents a credible, secure, and professional online presence with minor gaps in privacy compliance and security transparency. Strategic recommendations include enabling DNSSEC, implementing a visible cookie consent mechanism, publishing incident response contacts, and enhancing security headers to elevate trust and compliance.

PixaHive is a small, donation-supported media platform providing free stock photos under the Creative Commons CC0 public domain license. It targets photographers, content creators, and marketers seeking unrestricted image use. The platform operates on WordPress, leveraging common web technologies and Cloudflare DNS for performance and security. The website is well-structured with good SEO and mobile optimization, offering a positive user experience. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and explicit security policies. Privacy compliance is basic, with no cookie consent despite tracking pixels. Overall, the site is legitimate and trustworthy but could improve in privacy and security transparency.

E

Eesti Kirjandusmuuseum

er500.ee

55

The website www.er500.ee is an educational and cultural platform managed by the Estonian Literary Museum (Eesti Kirjandusmuuseum). It focuses on presenting the 500-year history of Estonian books, including important publications, literary works, and historical events. The platform offers thematic content, timelines, and allows users to create and share stories, targeting literature enthusiasts, researchers, and the general public interested in Estonian cultural heritage. Technically, the site is built on Drupal 10 CMS, utilizing modern JavaScript libraries such as Zoomist and FontAwesome, and integrates Google Analytics for user tracking. The site is mobile-optimized with a clear navigation structure and professional design. Security-wise, the site uses HTTPS and asynchronous script loading but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. Overall, the domain registration aligns well with the website's cultural mission, indicating legitimacy and trustworthiness.

9

9Dots

9dotsmedia.com

57

9Dots is a Mediatech service provider specializing in advanced monetization solutions for publishers and app developers. Their offerings include header bidding, video and audio monetization, and app distribution services aimed at maximizing ad revenue and audience engagement. The company positions itself as an industry connector with innovative native monetization technologies. Technically, the website is built on WordPress using Elementor, with modern libraries such as jQuery and FontAwesome, and integrates Google Analytics and reCAPTCHA for analytics and security. The site is well-designed, mobile-optimized, and provides a good user experience. Security posture is moderate with HTTPS enabled and use of reCAPTCHA, but lacks explicit security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. WHOIS data is missing or unavailable, raising concerns about domain legitimacy. Overall, the website is functional and professional but requires improvements in transparency and security documentation.

A

Accorp Sp. z o.o.

instytut-pollster.pl

72

Instytut Badań Pollster, operated by Accorp Sp. z o.o., is a well-established Polish market research institute founded in 2012. The company specializes in various research methodologies including CAWI, CAPI, CATI, and qualitative studies, holding a strong market position as the second largest CAWI research provider in Poland in 2022. Their services target businesses and institutions requiring reliable market and opinion data to support business growth and societal development. The website reflects a professional and modern digital presence with comprehensive content and clear navigation.

A

Aarki, Inc.

aarki.com

62

Aarki, Inc. operates as an AI-enabled mobile marketing platform specializing in user acquisition and re-engagement services for mobile publishers and brands. The company leverages AI technology combined with privacy-first engagement and unified creative strategies to optimize mobile advertising campaigns and drive revenue growth. Positioned as a full-service marketing platform, Aarki emphasizes privacy compliance and advanced programmatic advertising techniques to deliver measurable ROI for clients. Technically, the website is built on WordPress with modern SEO and marketing integrations including Yoast SEO, HubSpot, Google Tag Manager, and Vimeo for multimedia content. The site is mobile-optimized, accessible, and employs cookie consent mechanisms aligned with GDPR requirements. The technical infrastructure reflects a mature digital presence with moderate performance and good SEO practices. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS registration data reduces transparency but the professional presentation and privacy compliance measures support a positive security posture. Overall, Aarki presents a credible and professional business with strong digital marketing capabilities and privacy awareness. Strategic improvements in security transparency and direct contact information would enhance trust and compliance further.

M

MTÜ Noorteühing Tugiõpilaste Oma Ring Eestis

tore.ee

42

MTÜ Noorteühing Tugiõpilaste Oma Ring Eestis (TORE) is a well-established Estonian non-profit organization focused on youth peer support, mentoring, and training programs. The organization operates nationally with a history of nearly three decades, offering structured events such as summer and autumn schools, conferences, and supervision sessions. Their target audience includes Estonian students and their mentors, aiming to empower youth through systematic engagement and education. The website reflects this mission with relevant content, event announcements, and training information. Technically, the website is built on WordPress 6.8.1 with popular plugins like Yoast SEO and Modern Events Calendar Lite, indicating a mature digital infrastructure. The site uses HTTPS with a good SSL configuration, Google Fonts, and jQuery libraries. Performance is moderate with good mobile optimization and basic accessibility features. SEO is well addressed through meta tags and structured data. From a security perspective, the site enforces HTTPS and includes a cookie consent banner, demonstrating awareness of privacy compliance. However, it lacks explicit privacy and terms of service pages, security headers, and incident response contacts, which are areas for improvement. No WAF or blocking mechanisms were detected, and no vulnerabilities were apparent in the HTML content. Overall, the website is credible and professional, with strong business legitimacy and consistent branding. The main risks relate to privacy compliance and security best practices, which can be addressed to enhance trust and regulatory adherence.

L

Lastekaitse Liit

kiusamisestvabaks.ee

42

Kiusamisest vabaks is a non-profit educational platform operated by Lastekaitse Liit, focused on bullying prevention in Estonia. The website offers multilingual educational materials and awareness content targeting nurseries, kindergartens, and grade schools. It collaborates with reputable partners including the Estonian Ministry of Education and Research and international child protection organizations. The platform is well-positioned within its niche, serving educators, parents, and children with relevant resources. Technically, the website is built on WordPress with modern technologies such as Bootstrap, jQuery, and Google services for analytics and tag management. It employs multilingual support via WPML and uses SEO best practices including structured data and Open Graph metadata. The site is mobile-optimized and performs moderately well, with a consistent and professional design. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA for form protection. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no visible cookie consent mechanism. Overall, the website demonstrates a solid business credibility and technical foundation with room for improvement in privacy compliance and security transparency. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

I

Iliad

iliad.ai

60

Iliad is a small technology company founded in 2022, offering an expressive AI art generation platform focused on creating custom textures, images, and 3D models with granular creative control. The business operates on a freemium SaaS model, providing a free tier with limited daily access and a paid subscription for full features. The website is professionally designed with a modern tech stack including SvelteKit, FontAwesome, and analytics tools like PostHog, hosted behind Cloudflare DNS services. From a security perspective, the site enforces HTTPS and uses WHOIS privacy protection, which is appropriate for a small startup. However, it lacks DNSSEC, explicit security headers, and a cookie consent mechanism, which are areas for improvement. No contact emails or phone numbers are publicly available, and there is no published security policy or incident response information, which may impact trust and compliance. Overall, the website is accessible, well-structured, and technically modern, but could enhance its privacy compliance and security posture by implementing cookie consent, security headers, and publishing relevant policies. The domain registration is consistent with the business profile and shows no suspicious indicators. Strategic improvements in security and transparency would strengthen trust and compliance.

H

Hukot.net

hukot.net

56

Hukot.net is a small Czech Republic-based hosting service provider offering a comprehensive range of hosting solutions including domain registration, webhosting, VPS, dedicated servers, and storage services. The company positions itself as a reliable and experienced player with over 17 years of hosting experience and a strong focus on performance, availability, and customer support. Their target audience includes individuals and businesses seeking scalable and GDPR-compliant hosting solutions. Technically, the website is built on modern frameworks such as Bootstrap and uses Google Tag Manager for analytics, indicating a mature digital infrastructure with good mobile optimization and SEO practices. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but the absence of explicit security headers and incident response information suggests room for improvement. The lack of WHOIS domain registration data raises concerns about domain legitimacy and trustworthiness, which impacts the overall risk assessment. Strategic recommendations include improving transparency around domain registration, implementing cookie consent mechanisms, enhancing security headers, and publishing incident response contacts to strengthen compliance and trust.

M

Molongui

molongui.com

63

Molongui is a specialized WordPress plugin provider focusing on authorship management tools such as author boxes, guest authors, and co-authors. The company targets WordPress site owners and publishers who require advanced authorship features to credit content creators properly. The website is professionally designed, mobile-optimized, and provides comprehensive documentation and support resources. Technically, the site leverages WordPress with Elementor and several performance and privacy plugins, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and security headers present, though explicit security policies and incident response information are absent. The lack of WHOIS data is a notable gap, slightly impacting trust but not detracting from the overall professionalism. Strategic recommendations include publishing security policies and incident response contacts to enhance trust and compliance.

F

Fabricca

btsaf.com

46

Fabricca is an international, award-winning creative design and branding agency founded in 2013 and based primarily in North Macedonia with presence in Munich and Vienna. The agency offers a broad range of creative services including design, branding, web development, motion graphics, digital marketing, copywriting, video production, and photography. With a team of about 20 professionals and over 1000 clients served globally, Fabricca positions itself as a multi-disciplinary agency focused on delivering high-quality creative solutions. The website reflects a mature digital presence built on WordPress with modern frontend technologies and SEO optimizations. Hosting is provided by DreamHost, and the domain is registered via NameCheap with a consistent registration history. Security posture is good with HTTPS enforced and domain transfer protection, but lacks some security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional, trustworthy, and well-structured, but could improve compliance and security transparency.

M

Miltton Latvia

miltton.lv

51

Miltton Latvia is a creative and dynamic agency focused on providing communication consulting and branding services to clients in Latvia and the Baltic region. The company positions itself as a bold and innovative partner helping clients to be visible in a changing world. The website is professionally designed, multilingual, and optimized for SEO, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Cookiebot for GDPR compliance, and integrates Google Analytics for traffic analysis. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and headers could be improved. Overall, the site demonstrates a good balance of business professionalism, technical implementation, and privacy compliance, suitable for a medium-sized agency in the media sector.

P

PD Instore

neoinstore.com

43

NEO Retail Displayware is a specialized retail merchandising company offering innovative pegboard hardware and signage solutions under the patented neoPEGS™ brand. Their products target retail businesses seeking modern, customizable, and cost-effective displayware. The website is built on WordPress using WPBakery Page Builder and includes standard web technologies such as jQuery and FontAwesome. The technical infrastructure is moderate in performance with good mobile optimization but basic accessibility and SEO features. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional and trustworthy but would benefit from improved privacy and security practices.

Togelninjaku.org is a small-scale Indonesian language website focused on providing information and recommendations related to online togel (lottery) gambling. The site operates as a WordPress blog featuring articles about betting tips, transaction methods, and trusted agents. The business model appears to be content-driven, targeting online lottery players seeking guidance and agent referrals. The domain is relatively new, registered in 2021, and uses privacy protection services common in gambling-related websites. Technically, the website is built on WordPress with Yoast SEO and FontAwesome, hosted behind Cloudflare DNS but without DNSSEC enabled. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. However, there is a lack of advanced security headers and no visible analytics or tracking services. From a security perspective, the site uses HTTPS and has domain-level protections such as clientDeleteProhibited status, but lacks DNSSEC and security policies. No privacy, cookie, or terms of service policies are present, and no contact information is provided, which reduces transparency and trustworthiness. No WAF or blocking mechanisms were detected, indicating full accessibility. Overall, the site scores moderately on content and technical implementation but poorly on privacy compliance and business credibility due to missing policies and contact details. The domain's use of privacy protection is typical for gambling sites but adds to the uncertainty about legitimacy. Strategic improvements in security policies, transparency, and contact availability are recommended to enhance trust and compliance.

A

admin

101situsjudi.net

50

The website 101situsjudi.net is an Indonesian language online gambling information and affiliate platform primarily focused on togel (lottery) and slot games. It provides articles, tips, and links to trusted gambling sites, targeting Indonesian online betting enthusiasts. The business operates as a small-scale affiliate or informational site founded in 2020, with a moderate market presence in its niche. Technically, the site runs on WordPress CMS with common plugins such as Yoast SEO and jQuery, hosted behind Cloudflare DNS but without active WAF challenges. The site is mobile-optimized and has basic SEO and accessibility features. Security posture is moderate with HTTPS enabled and domain-level protections, but lacks advanced security headers and incident response information. Privacy compliance is poor due to the absence of privacy and cookie policies. Contact information is limited to a phone number and search forms, with no email or physical address provided. Overall, the site has basic content quality and design, suitable for its niche but with room for improvement in security and compliance.

A

admin

pgn-u23.com

50

The website pgn-u23.com operates as an Indonesian online gambling content platform primarily focused on togel (lottery) and slot games. It provides articles, tips, and guides related to online gambling, targeting Indonesian players interested in these games. The business model appears to be content-driven with potential affiliate marketing links to gambling services. The site is relatively small and was founded in 2021, with content in the Indonesian language and a moderate level of content quality and branding consistency. Technically, the site is built on WordPress with common libraries such as jQuery and FontAwesome, and uses Yoast SEO for optimization. Hosting is supported by Cloudflare DNS and the domain is registered via NameCheap. The site is moderately performant and mobile-optimized but lacks advanced accessibility features. SEO is adequately implemented with proper meta tags and structured data. From a security perspective, the site uses HTTPS but lacks DNSSEC and important security headers, which lowers its security posture. There are no visible privacy or cookie policies, incident response plans, or vulnerability disclosure mechanisms, which raises compliance and trust concerns. Contact information is minimal, limited to a phone number and a search form, with no verified company emails or physical addresses. The domain registration is transparent and consistent with the website's business focus, but the overall trustworthiness is reduced by the lack of security and privacy best practices. Overall, the site is functional and content-rich for its niche but requires significant improvements in privacy compliance, security hardening, and business credibility to enhance user trust and regulatory adherence.

A

admin

danzat.org

52

The website danzat.org operates as a small-scale Indonesian language blog focused on providing tips, tricks, and information related to online gambling, specifically togel and slot games. It targets Indonesian online gambling enthusiasts and functions primarily as a content publishing platform with affiliate marketing elements. The site is built on WordPress, utilizing common plugins such as Yoast SEO and jQuery, hosted behind Cloudflare DNS with domain registration via NameCheap using privacy protection services. The technical infrastructure is moderate in performance and mobile optimization, with basic accessibility and SEO implementations. Security posture is basic with HTTPS enabled but lacking DNSSEC and security headers, and no visible incident response or security policies. Privacy compliance is poor, with no privacy or cookie policies found, which is a significant gap given the gambling-related content. Overall, the site presents as a niche content provider with moderate technical maturity but with notable gaps in security and privacy compliance.

The website princegeorges.org is a small-scale online gambling content platform primarily focused on providing tips, promotions, and information related to togel and slot games. The site targets Indonesian-speaking audiences interested in online gambling. It operates on a WordPress CMS with common plugins such as Yoast SEO and uses Cloudflare for DNS. The technical infrastructure is moderate with basic mobile optimization and SEO practices. Security posture is average with HTTPS enabled but lacks advanced security headers and DNSSEC. The domain is privacy protected, which is common in gambling sites but reduces transparency and trust. No privacy or cookie policies are present, and contact information is limited to a phone number and search forms. Overall, the site shows basic professionalism but lacks comprehensive compliance and security maturity.

A

admin

svenskapen.org

51

The website svenskapen.org is a small-scale WordPress-based blog focused on Indonesian online gambling, specifically togel and slot games. It provides content such as tips, strategies, and affiliate recommendations targeting Indonesian-speaking gambling enthusiasts. The site uses common WordPress plugins including Yoast SEO and EasyMega, and is hosted behind Cloudflare DNS services. The technical infrastructure is moderate with basic mobile optimization and SEO practices but lacks advanced security configurations such as DNSSEC and security headers. The security posture is basic with HTTPS enabled but no visible incident response or privacy policies, which limits trust and compliance. The domain is privacy protected with registrant information withheld, which is common in gambling niches but reduces transparency. Overall, the site presents basic content quality and limited business credibility, with no direct contact or compliance information.

H

Hukot.net

hukot.cz

60

Hukot.net is a Czech Republic-based hosting service provider with over 21 years of market presence, offering a comprehensive range of services including domain registration, webhosting, VPS, dedicated servers, and storage solutions. The company targets both individual users and businesses requiring reliable and scalable hosting infrastructure. Their business model focuses on providing high-performance hosting backed by 24/7 human customer support and GDPR compliance. The website reflects a professional and consistent brand image, supported by a parent company, SecurityNet.cz s.r.o. Technically, the website employs modern web technologies such as Bootstrap, FontAwesome, and Google Tag Manager, ensuring good performance, mobile responsiveness, and SEO optimization. Security-wise, the site enforces HTTPS and provides a detailed cookie consent mechanism, though it lacks explicit published security policies or incident response information. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts overall trustworthiness. Strategic recommendations include publishing security and incident response policies, enhancing security headers, and clarifying domain registration details to improve credibility and compliance.

A

Web-Stat | Website Analytics | Full Visitor Details | Free Stats

ardalio.net

60

Ardalio.net operates the Web-Stat service, providing free real-time website analytics focused on detailed visitor monitoring and traffic growth insights. The service targets website owners and administrators seeking to optimize their sites through clear, live visitor data. The website presents a professional and consistent brand image with good design quality and user experience, although it lacks explicit privacy and terms of service documentation. Technically, the site uses modern JavaScript libraries and fonts, is mobile optimized, and is hosted with reputable providers including GoDaddy and Cloudflare DNS. However, DNSSEC is not enabled and no explicit security headers are detected, indicating room for security improvements. The cookie consent mechanism demonstrates some GDPR compliance awareness, but no privacy policy or incident response information is publicly available. Overall, the domain registration is consistent and legitimate for a small technology service founded in 2022.

W

Web Tracking Services, LLC

web-stat.com

68

Web-Stat is a small technology company providing real-time web analytics services primarily targeting website owners and webmasters. The company offers a free analytics platform with upgrade options and an affiliate program, positioning itself as an established player since 1996. The website is professionally designed with good content quality and clear navigation, optimized for mobile users. Technically, it employs modern JavaScript libraries and standard web technologies, delivering moderate performance and basic accessibility features. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and dedicated security policies are absent. The lack of WHOIS registration data for the domain introduces uncertainty in domain legitimacy, though the business identity is strongly supported by structured data and trust indicators. Overall, the website is trustworthy and functional but would benefit from enhanced transparency and security documentation.

SPWeb s.r.o. is a well-established Czech technology company specializing in custom web development, e-commerce solutions, SEO, PPC marketing, and IT infrastructure services primarily serving the Brno region. The company has a strong market position supported by over a decade of experience, positive client testimonials, and Google Partner certification. Their website reflects a professional and modern digital presence with comprehensive service offerings and clear contact information. Technically, the website employs a modern technology stack including Bootstrap, jQuery, Google Fonts, and multiple analytics and marketing tools such as Google Tag Manager, Facebook Pixel, Microsoft Clarity, and Smartlook. The site is mobile-optimized, fast-loading, and SEO-friendly, demonstrating a mature digital infrastructure. Hosting and DNS services are managed via Cloudflare, enhancing performance and security. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, it lacks explicit security policies, incident response contacts, and security headers, which are recommended to enhance its security posture. No vulnerabilities or exposed sensitive data were detected, indicating a generally secure environment. Overall, SPWeb s.r.o. presents a credible, trustworthy, and professional business with a strong online presence. The website scores highly on content quality, technical implementation, security, privacy compliance, and business credibility, making it a reliable partner for clients seeking web and IT services.

R

Race for the Cure | Home

raceforthecure.eu

52

Race for the Cure is a European event organization focused on hosting the largest run and walk events across Europe, primarily aimed at charity participation. The website presents a professional and consistent brand image with clear navigation and a focus on participant engagement. Technically, the site is built on ASP.NET WebForms with Telerik UI components and integrates Google Analytics and Tag Manager for tracking. The site is mobile optimized and uses modern web fonts and libraries, though accessibility features are basic. Security posture is moderate with HTTPS enabled and IP anonymization in analytics, but lacks explicit security headers and visible incident response or security policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Business credibility is moderate with good content quality but no explicit contact or company information disclosed. Overall, the site is functional and professional but would benefit from enhanced privacy, security, and transparency measures.

F

Fromi GmbH

fromi.com

58

Fromi GmbH is an established German company specializing in the wholesale and distribution of cheese specialities and fine foods, with over 50 years of experience and an international reputation. The company targets cheese retailers, food service professionals, and gourmet consumers, offering a wide range of products and services including cheese selections, fine food offerings, and customer support. The website reflects a professional and consistent brand image with multilingual support and comprehensive product information. Technically, the site is built on WordPress with modern plugins and libraries, optimized for mobile and SEO, and includes cookie consent mechanisms. Security posture is strong with HTTPS, obfuscated emails, and no visible vulnerabilities, though security headers could be improved. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts overall trust. Strategic recommendations include enhancing security headers, publishing incident response policies, and clarifying domain registration details to improve trust and compliance.

A

Always Advancing Promotions & Manufacturing

alwaysadvancing.net

61

Always Advancing Promotions & Manufacturing operates as a specialized manufacturer of custom finisher medals, awards, apparel, and promotional products primarily serving endurance events and businesses globally. Established in 2008, the company emphasizes custom design and quality, targeting event directors and business owners who require personalized products. The website reflects a medium-sized enterprise with a professional digital presence built on the Duda platform, leveraging modern web technologies and analytics tools. While the site is well-designed, mobile-optimized, and accessible, it lacks explicit privacy and cookie policies, which are critical for compliance and user trust. Security posture is strong with HTTPS and CAPTCHA protections, but security headers and incident response policies are absent. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration consistency, which should be addressed to enhance trust. Overall, the company demonstrates a solid market position with room for improvement in privacy compliance and domain registration transparency.

T

Think Pink Europe

thinkpinkeurope.org

59

Think Pink Europe is a non-profit organization dedicated to raising awareness and funds to combat breast cancer across Europe. The organization runs major campaigns such as Race for the Cure and Pink@Work, engaging the public and corporate sectors to support breast cancer research and patient care. Their website reflects a well-structured, content-rich platform with clear calls to action for donations and participation in events. Technically, the site is built on a mature ASP.NET framework with modern front-end libraries and integrates Google Analytics and Tag Manager for tracking. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers are missing and no incident response information is published. Overall, the site demonstrates a professional and trustworthy presence suitable for its non-profit mission.

S

SPHosting s.r.o.

sphosting.cz

46

SPHosting s.r.o. is a Czech Republic-based hosting service provider established in 2014, specializing in virtual private servers, dedicated servers, managed servers, and cloud/network services. The company targets small to medium businesses requiring tailored hosting solutions with professional management and 24/7 support. Their market position is supported by positive client testimonials and a perfect aggregate rating, indicating strong customer satisfaction and trust. Technically, the website employs a modern technology stack including Bootstrap, jQuery, FontAwesome, and slick carousel for UI, alongside Google Tag Manager, Facebook Pixel, and Yandex Metrika for analytics and marketing. The site is hosted behind Cloudflare DNS and uses HTTPS with excellent SSL configuration. The cookie consent mechanism is comprehensive and GDPR compliant, reflecting good digital maturity. From a security perspective, the site enforces HTTPS, uses reCAPTCHA v2 for form protection, and provides granular cookie consent options. However, it lacks explicit security policies, incident response information, and a security.txt file, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected, and security headers could be enhanced. Overall, the website presents a professional, trustworthy, and well-maintained digital presence with moderate to good security posture. Strategic improvements in security transparency and header implementation would further strengthen their risk profile and compliance stance.

MAXPROGRES, s.r.o. is a Czech Republic based company founded in 1996 specializing in technical security systems and system integration services. The company holds multiple ISO certifications and a national security certification (NBÚ T-level), positioning itself as a leader in the Czech security technology market. Their services include comprehensive security system design, installation, proactive monitoring, and 24/7 maintenance support. The website reflects a professional and consistent brand image with clear contact information and GDPR-compliant privacy and cookie policies. Technically, the site uses modern frontend technologies such as Bootstrap, jQuery, and Leaflet for mapping, and integrates Google Analytics and reCAPTCHA for analytics and security respectively. Security posture is moderate with HTTPS and CAPTCHA implemented, but lacks advanced security headers and a formal incident response or vulnerability disclosure mechanism. Overall, the site is accessible, well-structured, and trustworthy, supporting the company's market position and business credibility.

R

Rotary Club Prague International

rotarypragueinternational.org

66

Rotary Club Prague International is a well-established non-profit organization serving the English-speaking community in Prague with a focus on charitable activities, community service, and cultural exchange. The club maintains a professional and content-rich website that highlights its events, membership information, and community projects. The site leverages modern web technologies and is hosted on a reputable platform with Azure DNS services. Privacy and cookie policies are clearly presented with an active consent mechanism, reflecting good compliance with GDPR standards. Security posture is solid with HTTPS enforced and no visible critical vulnerabilities, although improvements in security headers and DNSSEC could enhance protection. Overall, the website presents a trustworthy and professional image suitable for its non-profit mission.

R

Rostlinně

rostlinne.cz

53

Rostlinne.cz is a Czech project dedicated to promoting plant-based cuisine, supporting restaurants and producers in integrating new plant-based products and dishes within the Czech Republic. The website serves as an educational and promotional platform offering courses, events, e-books, and active social media engagement. Technically, the site is built on WordPress with modern plugins for SEO, privacy compliance, and social media integration, hosted via WEDOS with Cloudflare DNS. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Contact information is transparent and professional, enhancing business credibility. Overall, the site is well-designed, mobile-optimized, and trustworthy, serving a niche but important market segment in plant-based culinary education and promotion.

F

Futurn nv

futurn.com

54

Futurn nv is a Belgian real estate company specializing in the sustainable redevelopment and transformation of commercial properties in Flanders. The company focuses on converting outdated or underutilized sites into modern, versatile, and environmentally responsible workplaces. Their market position is that of a specialist in sustainable business property development, offering tailored solutions such as KMO units, office buildings, and reconversion projects. The website reflects a professional and consistent brand image targeting business owners and property stakeholders in the region. Technically, the website is built on the Concrete5 CMS platform, utilizing modern frontend technologies including Bootstrap, jQuery, and FontAwesome. It features responsive design, SEO-friendly metadata, and integrates marketing and analytics tools such as Google Tag Manager and social media pixels. The site includes a cookie consent mechanism aligned with GDPR requirements and provides multiple contact channels including phone, email, and a chat widget. From a security perspective, the site enforces HTTPS with a valid SSL certificate and employs secure form practices. However, it lacks explicit security headers and does not provide a published security policy or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data for the domain raises some concerns about domain registration legitimacy, though the website content and contact information appear authentic and consistent with a legitimate business. Overall, the website demonstrates a good level of digital maturity and security hygiene, with room for improvement in security policy transparency and domain registration verification. The risk profile is moderate, with recommendations to enhance security headers, publish incident response contacts, and verify domain registration details to strengthen trust and compliance.

P

P&P Legal

pplegal.sk

46

P&P Legal is a Slovak law firm established in 2018, providing comprehensive legal services across various domains including commercial law, litigation, family law, and constitutional law. The firm targets both individual and corporate clients within Slovakia and offers multilingual services including Slovak, Czech, and English. Their market position is that of a trusted local legal partner with a strong emphasis on professionalism, confidentiality, and security, supported by a substantial liability insurance coverage of 1.5 million euros. Technically, the website is built on WordPress and leverages modern web technologies such as jQuery, Select2, Google reCAPTCHA, and FontAwesome. The site enforces HTTPS and includes a cookie consent mechanism compliant with GDPR, indicating a reasonable level of digital maturity. Performance and mobile optimization are adequate, though accessibility features could be improved. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect its contact form from spam. However, it lacks advanced security headers and does not publicly disclose a security policy or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected, and the domain registration details align well with the business claims, supporting legitimacy. Overall, the website presents a professional and trustworthy front for the law firm, with good privacy compliance and a solid security baseline. Strategic improvements in security headers, incident response transparency, and accessibility would further enhance their posture and client trust.

T

Telema AS

telema.lv

46

Telema AS is a technology company specializing in Electronic Data Interchange (EDI) and supply chain optimization solutions, targeting businesses seeking to automate and improve their trading document workflows. The company holds a strong regional presence in the Baltics with multilingual websites and certified partners, positioning itself as a reliable and trusted provider in its niche. The website demonstrates a mature digital infrastructure built on WordPress with modern front-end libraries and comprehensive marketing and analytics integrations. Security posture is robust, supported by ISO 27001 certification and HTTPS enforcement, with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well managed through Cookiebot and clear privacy policies. Overall, the website reflects a professional, trustworthy, and business-focused digital presence.

Avatud Lahendused OÜ is a medium-sized Estonian company founded in 2015, specializing in Odoo ERP implementations primarily for manufacturing companies. They hold a strong market position as one of the largest Odoo partners in the Baltic region, employing about 20 specialists and serving a diverse client base. Their website reflects a professional and consistent brand image with clear service offerings including ERP implementation, training, and consulting. Technically, the website is built on the Odoo CMS platform, leveraging modern web technologies such as Bootstrap and FontAwesome, and integrates Google Analytics for user tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS with CSRF protections and secure forms but lacks some security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible consent mechanism. Overall, the website is trustworthy and credible but would benefit from enhanced privacy and security disclosures.

E

Eesti Lauatenniseliit

lauatennis.ee

41

Eesti Lauatenniseliit is the official Estonian Table Tennis Federation, serving as the national governing body for table tennis in Estonia. The website provides comprehensive information on competitions, clubs, youth sports, rankings, rules, and contact details, targeting players, clubs, and enthusiasts within the Estonian table tennis community. The business model is that of a non-profit sports federation focused on organizational and informational services. Technically, the website is built on WordPress using the Elementor page builder and OceanWP theme, incorporating modern JavaScript libraries such as jQuery, Swiper.js, and Tippy.js. The site is mobile-optimized with good navigation and content quality, though performance is moderate. Analytics are handled via plausible.io, indicating a privacy-conscious approach but lacking explicit cookie consent mechanisms. From a security perspective, the site uses HTTPS with good SSL configuration but lacks visible security headers and incident response contacts. No privacy or cookie policies are present, representing compliance gaps. The WHOIS data is consistent with the website's identity, showing legitimate registration without privacy protection, appropriate for a public sports federation. Overall, the site is professional and trustworthy but should improve privacy compliance and security best practices to enhance user trust and regulatory adherence.

T

Technology Partners

technologypartners.net

68

Technology Partners is an established IT solutions and staffing company founded in 2003, offering a comprehensive suite of services including Agile Delivery, Application Services, Artificial Intelligence, Cloud Engineering, Data Engineering, and more. Their market position is that of a medium-sized B2B service provider targeting businesses seeking full-stack IT solutions and leadership. The website reflects a professional and consistent brand image with a focus on innovation and industry-specific expertise. Technically, the website is built on the HubSpot CMS platform, utilizing modern web technologies such as jQuery and FontAwesome, and integrates marketing and analytics tools including Google Analytics 4 and Google Tag Manager. The site is mobile-optimized with good SEO practices, though accessibility features are basic. Performance is moderate, suitable for their audience. From a security perspective, the site employs HTTPS with a stable domain registration dating back to 2003, indicating legitimacy. However, DNSSEC is not enabled, and security headers are not detected, suggesting room for improvement. No explicit security policies or incident response contacts are published, which could be a compliance gap. Cookie consent mechanisms are present, but no dedicated privacy or cookie policy pages were found in the provided content. Overall, the website demonstrates a solid business credibility and technical foundation but would benefit from enhanced privacy compliance documentation and improved security header implementation. Strategic recommendations include enabling DNSSEC, publishing comprehensive privacy and security policies, and enhancing accessibility and security posture to align with industry best practices.

L

Lamorinda Tutoring, LLC

lamorindatutoring.com

48

Lamorinda Tutoring, LLC is a small education business specializing in private tutoring services for K-College students. With over 25 years of academic excellence, the company offers personalized tutoring in mathematics, science, foreign languages, and business subjects through in-person, online, and group sessions. The website reflects a professional and trustworthy brand with clear service offerings and positive testimonials. Technically, the site is built on WordPress with modern plugins and frameworks, hosted by GoDaddy, and optimized for mobile users. However, there are gaps in privacy compliance and security best practices, such as the absence of privacy and cookie policies and missing security headers. The domain registration is consistent and legitimate, supporting the business's credibility.

O

Orkla Eesti AS

kalev.eu

46

Kalev is a prominent Estonian confectionery brand operating under Orkla Eesti AS, offering a wide range of chocolates and sweets through retail stores and e-commerce. The website showcases the brand's rich history, product offerings, sustainability initiatives, and retail locations, targeting consumers in Estonia. Technically, the site is built on WordPress with modern plugins and technologies, optimized for SEO and mobile use. Security posture is strong with HTTPS, security headers, and CAPTCHA protections, though formal security policies and incident response information are absent. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting a positive user experience and business credibility.

A

ADM Cloudtech

admcloudtech.com

56

ADM Cloudtech is a technology service provider specializing in cloud management solutions. Their website presents a professional image with clear descriptions of their services including cloud planning, architecture, migration, and ongoing management. The technical infrastructure is based on WordPress CMS with modern plugins and libraries, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and reCAPTCHA implemented, but lacks comprehensive security headers and explicit privacy policies. The absence of WHOIS data raises concerns about domain legitimacy and business credibility, which should be addressed to improve trust. Overall, the website is functional and well-designed but requires enhancements in privacy compliance and transparency.

Y

YIT Eesti

yit.ee

73

YIT Eesti is a prominent real estate and infrastructure development company operating in Estonia, specializing in residential apartments, commercial properties, and complex infrastructure projects. The website reflects a mature digital presence with a professional design, clear business focus, and comprehensive cookie consent management aligned with GDPR requirements. The technical infrastructure leverages modern JavaScript libraries, Google Tag Manager, Cookiebot for consent management, and Azure Application Insights for monitoring, indicating a well-maintained and performance-conscious platform. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are absent. Overall, the site demonstrates a high level of professionalism and compliance, with room for improvement in transparency around terms of service and direct contact information.

L

LenovoArvutid

lenovoarvutid.ee

43

LenovoArvutid is an Estonian e-commerce retailer specializing in business-class Lenovo ThinkPad laptops and related accessories. The website targets business customers and individual buyers seeking high-quality Lenovo laptops, offering products such as the ThinkPad X1 Carbon, T14, and P14 series. The business model focuses on online sales with additional services like leasing and installment payment options. The company has been operating since 2017 and maintains a consistent brand presence with a professional website design and clear navigation.

O

Oribalt Group

oribalt.com

49

Oribalt Group is a regional pharmaceutical logistics and wholesale company operating in the Baltic states of Estonia, Latvia, and Lithuania. Established in 2017 following the acquisition of Baltic operations from Oriola Group, Oribalt continues a legacy dating back to the early 1990s. The company offers a broad range of services including logistics, wholesale, tenders, repackaging, clinical trials, marketing, and pharmacy operations, targeting businesses in the healthcare sector across the Baltics. The website reflects a professional and consistent brand presence with clear navigation and comprehensive contact information for multiple regional offices. Technically, the website employs modern web technologies such as Google Tag Manager, jQuery, and FontAwesome, with good mobile optimization and moderate performance. The site uses HTTPS with a valid SSL configuration and implements CSRF tokens for form security. Cookie consent is managed via an opt-in banner, indicating some level of privacy compliance. However, the absence of a dedicated privacy policy, terms of service, and security policy pages limits full compliance and transparency. From a security perspective, the site shows good practices like HTTPS enforcement and CSRF protection but lacks security headers and explicit incident response contacts. WHOIS data is transparent and consistent with the business claims, enhancing trustworthiness. No WAF or blocking mechanisms were detected, allowing full content accessibility. Overall, Oribalt's digital presence is solid with room for improvement in privacy and security policy disclosures. Strategic enhancements in these areas would strengthen compliance posture and stakeholder trust.

F

FullPowerBet

powerupenergytech.com

52

FullPowerBet is a small-scale online gaming content website focused on providing guides and strategies for various online games such as slots, sportsbook, casino, arcade, and toto. The website is built on WordPress and uses popular SEO plugins like Yoast and Rank Math, indicating an emphasis on search engine optimization. The technical infrastructure includes Cloudflare DNS services but lacks advanced security features such as DNSSEC and security headers. The website content is primarily in Indonesian and targets online gaming enthusiasts. However, there is a notable mismatch between the domain name 'powerupenergytech.com' and the website content, which may confuse users or reduce trust. From a security perspective, the site uses HTTPS but lacks important security headers and does not provide any privacy, cookie, or terms of service policies. No contact information or incident response details are published, which limits transparency and user trust. The WHOIS data shows inconsistencies, including a suspicious future creation date and lack of registrant details, which further impacts the domain's legitimacy score. Overall, the website demonstrates moderate technical implementation and content quality but falls short in privacy compliance and business credibility. Strategic improvements in security policies, transparency, and domain registration information are recommended to enhance trust and compliance.

C

ChangeGroup

changegroup.com

74

ChangeGroup is a well-established global leader in currency exchange and related financial services, operating over 100 bureaus across multiple continents. Owned by Prosegur, a publicly listed company, ChangeGroup offers a broad portfolio including currency exchange, money transfers, tax free refunds, and ATM networks, targeting international travelers and business clients. The website reflects a mature digital presence with a focus on user experience and accessibility. Technically, the site uses modern web technologies and appears to be built on a robust CMS platform, likely Adobe Experience Manager. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security headers and policies could be improved. WHOIS data for the subdomain is unavailable, which is expected and not suspicious. Overall, the site demonstrates professionalism, trustworthiness, and compliance with privacy regulations.

M

MAS Holdings

masholdings.com

67

MAS Holdings is a leading innovative clothing manufacturer specializing in high-quality garments including sportswear, lingerie, sleepwear, swimwear, and medical apparel. Established in 2000, the company operates at an enterprise scale and targets businesses and brands seeking garment manufacturing solutions. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress with modern technologies such as Bootstrap, jQuery, and Google reCAPTCHA, and employs SEO best practices via Yoast SEO Premium. Security posture is solid with HTTPS enabled and reCAPTCHA protecting forms, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is basic with a cookie consent mechanism but no visible privacy policy or terms of service on the main site. Overall, the website is trustworthy and professionally maintained, with room for improvement in security headers and privacy documentation.

A

Aurightec

eolane.ee

54

Aurightec is a professional electronics manufacturing service provider based in Estonia, offering industrial services to support business partners in delivering cutting-edge electronic products. The company holds multiple ISO certifications, indicating a strong commitment to quality and safety standards. Their website is well-designed, SEO-optimized, and compliant with GDPR and cookie regulations, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and security features such as Google reCAPTCHA and cookie consent management. Security posture is solid with HTTPS and bot protection, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, Aurightec presents a trustworthy and professional business front with clear contact information and social media presence.