Security Directory

The website sabinevankollenburg.nl serves as a personal portfolio for the artist Sabine van Kollenburg, showcasing her artistic philosophy and work through a simple, static HTML site. The business focus is on art creation and illustration, targeting art enthusiasts and collectors. The site is modest in scale and scope, reflecting a small individual artist operation with a long domain history dating back to 2004. Technically, the website employs basic HTML, CSS, and JavaScript without any modern CMS or frameworks. The site lacks HTTPS, security headers, and mobile optimization, indicating a low level of digital maturity. Navigation is straightforward but limited, and no analytics or tracking technologies are present. From a security perspective, the absence of HTTPS is a critical vulnerability, exposing visitors to potential interception risks. No privacy or cookie policies are present, which is a compliance gap under GDPR. The site does not collect user data via forms or tracking, reducing some risk but also limiting engagement capabilities. Overall, the website presents a low-risk profile due to minimal data collection but requires urgent improvements in security and privacy compliance to enhance trust and protect visitors. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, improving mobile responsiveness, and enhancing security headers.

A

ABLV Bank, AS

ablv.com

59

ABLV Bank, AS is a Latvian financial institution currently undergoing a self-liquidation process initiated in 2018 following regulatory actions by the US FinCEN and Latvian authorities. The bank's website provides detailed information about the liquidation process, creditor claims, and official documentation. The site targets clients, creditors, and stakeholders seeking updates on the bank's status. Technically, the website employs standard web technologies including JavaScript and CSS, with Google Analytics and Google Tag Manager for tracking. The site is accessible, with basic mobile optimization and cookie consent mechanisms in place. Security posture is moderate, with HTTPS implied but lacking explicit security headers and public security policies. WHOIS data is missing, likely due to domain deregistration or privacy measures post-liquidation, which slightly impacts trust but is consistent with the bank's liquidation status. Overall, the website is professional and trustworthy for its purpose but could improve in security transparency and technical modernization.

H

HOSTING.LV

hosting.lv

58

HOSTING.LV is a Latvian web hosting service provider offering professional and reliable hosting solutions tailored for small to medium businesses and corporate clients. Their service portfolio includes standard shared hosting, dedicated business hosting, and customized hosting solutions for large-scale projects such as media portals and social networks. The website is well-structured, localized in Latvian, and targets the Latvian market specifically. Contact information is clearly provided, enhancing business credibility. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and integrates Google Tag Manager for analytics. The site is mobile-optimized with good SEO practices, but lacks visible advanced security headers and formal privacy or cookie policies. No forms or direct data collection mechanisms are present on the homepage, reducing immediate data exposure risks. Security posture is moderate; HTTPS is implied by canonical URLs, but no explicit security headers or incident response information is provided. The absence of WHOIS data due to query limits restricts full domain legitimacy verification, slightly impacting trust. Overall, the site is functional and professional but would benefit from enhanced security and privacy transparency. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, publishing incident response and vulnerability disclosure information, and improving WHOIS data accessibility to strengthen trust and compliance.

U

Universitäts-Kinderspital beider Basel (UKBB)

ukbb.ch

60

The Universitäts-Kinderspital beider Basel (UKBB) is a leading pediatric university hospital located in Basel, Switzerland. It provides specialized medical care for children and adolescents, alongside active research and educational programs. The website reflects a professional healthcare institution with a clear focus on patient care and academic excellence. The digital infrastructure is based on WordPress with Elementor, delivering a responsive and user-friendly experience. Security posture is solid with HTTPS and standard security headers, though improvements in CSP and vulnerability disclosure are recommended. Privacy compliance is strong, with comprehensive GDPR-aligned policies and cookie consent mechanisms. Overall, the website demonstrates high trustworthiness and professionalism, suitable for its healthcare audience.

W

WESS Auto Grupa

wess.lv

56

WESS Auto Grupa is a major automotive group in Latvia, operating authorized dealerships for Toyota, Lexus, Dongfeng, Honda, and an authorized BMW service center along with Bosch Car service. The group offers new and used car sales, full-cycle auto servicing, car rental, body repair, spare parts sales, and insurance services. With over 200 employees and 30 years of market presence, WESS Auto Grupa holds a strong position in the Latvian automotive sector. The website is built on WordPress and integrates Google Analytics and Tag Manager for visitor tracking. It is multilingual, supporting Latvian, English, and Russian languages, catering to a broad audience in Latvia. The site is well-branded and professionally designed with good navigation and mobile optimization.

SIA „LAK 4” is a Latvian small-sized company specializing in ERP consulting and implementation services, particularly focused on the iScala software suite by Epicor. Founded in 2006, the company offers IT audits, training, system customization, and ongoing support to businesses seeking ERP solutions. The website content clearly communicates the company's services and contact information, targeting Latvian enterprises interested in business management software. Technically, the website is built with basic HTML, CSS, and JavaScript, incorporating Twitter widgets for social media integration. However, it lacks modern security features such as HTTPS and security headers, and no privacy or cookie policies are present, indicating limited compliance with data protection regulations. The absence of WHOIS data due to query limits restricts domain legitimacy verification, but the website content aligns with a legitimate small business profile. Overall, the site demonstrates moderate professionalism but requires significant improvements in security and privacy compliance to enhance trustworthiness and user safety.

V

Volvo Trucks

volvotrucks.lv

72

Volvo Trucks Latvia operates as a regional market site for the global Volvo Trucks brand, providing comprehensive information about their commercial truck offerings, financing, fleet management, training, and related services. The website targets Latvian customers and businesses interested in Volvo's transportation solutions. The site is built on Adobe Experience Manager and integrates Adobe marketing and analytics technologies, indicating a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms in place, though explicit privacy and terms policies are not detected in the provided content. Overall, the site reflects a professional and trustworthy presence consistent with a large enterprise brand.

B

Brian Cray

briancray.com

54

The website briancray.com serves as a personal portfolio for Brian Cray, a front-end software engineer currently working at Apple and previously at Topsy. The site provides minimal content focused on professional background with links to LinkedIn and GitHub profiles, targeting technology professionals and recruiters. The business model is personal branding and showcasing open source contributions, positioning Brian as an individual professional within the technology sector. The domain is well-established since 2006, indicating a stable online presence. Technically, the website is built using Svelte framework with CSS styling and is hosted with Cloudflare DNS services. The site loads quickly and is mobile responsive at a basic level but lacks advanced SEO and accessibility features. No CMS or analytics tools are detected, and the site does not implement privacy or cookie policies. Security is adequate with HTTPS enabled and domain registration protections in place, but DNSSEC is not enabled and no security headers are present. From a security perspective, the site shows a moderate posture with no visible vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies, security headers, and incident response information limits compliance and transparency. The lack of contact information and forms reduces potential attack surfaces but also limits user engagement and trust signals. Overall, the website is functional as a personal portfolio but would benefit from enhanced security practices, privacy compliance, and richer content to improve trustworthiness and professional presentation. Strategic improvements in security headers, DNSSEC, and policy disclosures are recommended to elevate the site's security and compliance posture.

I

Internet Invest, Ltd. dba Imena.ua

goodlift.info

43

GOODLIFT.INFO is a specialized website dedicated to providing official and verified information about powerlifting competitions, events, and athletes affiliated with the International Powerlifting Federation (IPF). The site supports competition management through the GOODLIFT software, which is the official competition management tool for IPF. The target audience includes powerlifting athletes, teams, federations, and enthusiasts seeking authoritative competition data and rankings. The business operates primarily as an information and software support service within the niche sports sector, maintaining a consistent and professional online presence since 2008. Technically, the website employs a straightforward HTML, CSS, and JavaScript stack without reliance on modern CMS or frameworks. Hosting and domain registration are managed by Internet Invest, Ltd. dba Imena.ua, a Ukrainian registrar, consistent with the site's author and content origin. The site demonstrates moderate performance and basic mobile optimization, with good SEO practices evident in meta tags and structured navigation. However, there is room for improvement in accessibility and modern technical enhancements. From a security perspective, the site lacks advanced security headers and DNSSEC, which are recommended to enhance protection against common web threats. The domain is secured with clientTransferProhibited status, and WHOIS data is transparent and consistent, supporting legitimacy. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. No incident response or security policy information is published, which could be improved to strengthen trust. Overall, GOODLIFT.INFO is a credible and authoritative resource within its niche, with a solid business foundation and consistent branding. Security and privacy practices require enhancement to meet modern standards and regulatory requirements. Strategic improvements in security headers, DNSSEC, cookie consent, and published policies would elevate the site's trustworthiness and compliance posture.

N

NRK Super

nrksuper.no

63

NRK Super is a Norwegian public broadcasting platform dedicated to children's programming, offering a wide range of series, films, and entertainment content. The website reflects a well-established media entity with consistent branding and a clear target audience of children in Norway. The technical infrastructure leverages modern web technologies, including JavaScript frameworks and Google Analytics for user tracking, hosted likely on NRK's infrastructure. Security posture is solid with HTTPS enabled and no visible vulnerabilities, although security headers could be enhanced. Privacy compliance is lacking as no explicit privacy or cookie policies are found, which is a gap for GDPR adherence. Overall, the website is professional and trustworthy but would benefit from improved privacy disclosures and contact transparency.

R

Ramirent

ramirent.sk

60

Ramirent is a Slovakia-based company specializing in the rental of tools, machinery, and equipment, supported by professional services and a wide branch network. The website presents a modern, well-structured digital presence built on React and Material-UI, offering good user experience and mobile optimization. However, the site lacks explicit privacy and cookie policies, as well as clear contact information, which impacts its privacy compliance and trustworthiness scores. Security posture is adequate with HTTPS enabled and secure forms, but missing security headers and incident response details suggest room for improvement. Overall, the website is functional and professional but would benefit from enhanced compliance and security transparency.

Sigma Technology Origo is a Sweden-based technology consulting company specializing in connecting business-critical information sources to empower data-driven decision making and personalized experiences. The company offers a range of services including Aftersales Digital Twin, Workshop solutions, Diagnostics, Renderpoint/Topicpack, and a cloud-based CCMS platform called Studio. It operates as part of the Sigma Technology Group, a global technology consulting firm with a presence in multiple countries and owned by Danir AB. The website content is professional and clearly targets businesses seeking advanced technology and digital solutions. Technically, the website uses standard web technologies such as HTML5, CSS, and JavaScript with jQuery, and is moderately optimized for mobile and performance. Security posture is moderate with HTTPS assumed but lacking explicit security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain is well-established and trustworthy, with no blocking or WAF detected.

Airvent Légtechnikai Zrt. is a well-established Hungarian manufacturer specializing in innovative ventilation and air handling products. Founded in 1999, the company offers a broad portfolio of HVAC-related products and services, including design support, customer service, and commissioning. Their market position is solid within Hungary and surrounding regions, targeting professional customers in industrial and residential ventilation sectors. The website reflects a mature digital presence with multilingual support and detailed product information. Technically, the site employs modern tracking and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag, with secure HTTPS and CSRF protections on forms. However, explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is strong, with clear cookie and privacy policies and consent mechanisms. Overall, the site is professional, secure, and trustworthy, supporting the company's credibility and business operations.

G

Global Water Partnership Organisation Gwpo

gwpo-gwp.org

61

The Global Water Partnership Organisation (GWPO) operates as a global action network focused on advancing water governance and climate-resilient investments to promote sustainability and equity. The website presents basic information about the organization's mission and target audience, primarily stakeholders interested in water governance and climate resilience. The business model is that of a non-profit global network with a medium organizational size and a founding year indicated as 2025, which appears inconsistent with the organization's global positioning. Technically, the website is built using the Weblium platform, employing standard web technologies such as HTML5, CSS, and JavaScript. Hosting is provided by Loopia, with no advanced frameworks or analytics tools detected. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. From a security perspective, the site uses HTTPS but lacks DNSSEC and security headers, which are important for enhancing domain and web security. There is no visible security policy, incident response information, or vulnerability disclosure mechanisms. The WHOIS data raises concerns due to a domain creation date set in the future (2025), which is unusual and undermines trust in the domain's legitimacy. Overall, the website provides basic content and functionality but lacks critical privacy, security, and compliance features. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing privacy and cookie policies, and clarifying domain registration details to improve trustworthiness and compliance.

F

Fibes

eatfibes.com

63

Fibes is a small Estonian e-commerce business specializing in functional fruit purees rich in dietary fibers, targeting active individuals seeking digestive health support. The website is built on the Shopify platform, leveraging modern e-commerce technologies and third-party integrations for customer reviews, analytics, and marketing. The site is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS and domain transfer lock, though improvements such as enabling DNSSEC and publishing comprehensive privacy and terms policies are recommended. Overall, the business appears legitimate and digitally mature for its size and market niche.

S

SYNLAB International

synlab-notes.com

57

SYNLAB International's investor website synlab-notes.com serves as a portal for investors and registered users to access company information and conference calls. The site is built on TYPO3 CMS and employs modern web technologies, providing a professional and consistent user experience. The business focus is on healthcare laboratory services with an international presence. Technically, the site is moderately optimized with good mobile responsiveness and basic SEO features. Security posture is adequate with HTTPS and secure login forms, but lacks explicit security headers and published incident response policies. Privacy compliance is supported by clear privacy and cookie policies with consent mechanisms. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Overall, the site is functional and professional but would benefit from enhanced transparency and security disclosures.

S

SYNLAB AG

synlab.ag

58

SYNLAB AG is a leading European medical diagnostics and specialty testing company providing a comprehensive range of innovative and reliable diagnostic services to patients, healthcare providers, governments, and corporates. The company positions itself as a partner of choice for routine and specialty diagnostics, emphasizing customer-centric medical excellence. The website reflects a mature corporate presence with detailed financial reporting, corporate governance disclosures, and investor relations information. Technically, the site is built on TYPO3 CMS, uses modern web technologies, and includes privacy and cookie consent mechanisms aligned with GDPR requirements. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. Overall, the domain and website present a trustworthy and professional image consistent with a large healthcare enterprise.

The website www.norway-hei.com is a personal informational site focused on Norwegian culture, history, food, and language, created by a native author. It serves a niche audience interested in authentic Norwegian experiences and provides rich content including stories, recipes, and cultural insights. The business model appears to be primarily advertising-based, leveraging Google Adsense and related ad networks. Technically, the site is built on the SBI! CMS platform with standard HTML, CSS, and JavaScript, but lacks advanced frameworks or modern infrastructure. Performance and mobile optimization are basic, with room for improvement in accessibility and SEO. Security posture is moderate with HTTPS enabled but missing important security headers and policies. No privacy, cookie, or terms of service policies are present, and no contact information is provided, which impacts privacy compliance and business credibility. Critically, WHOIS data for the domain is missing or unavailable, raising concerns about domain legitimacy and trustworthiness. Overall, the site is functional and content-rich but requires significant improvements in security, compliance, and transparency to enhance trust and professionalism.

C

Chiller Oy

chiller.eu

74

Chiller Oy is a Finnish company specializing in innovative cooling, heating, and energy solutions tailored to various applications. The company aims to provide thermal comfort and optimal indoor air quality, positioning itself as a specialized B2B provider in the energy sector. The website reflects a medium-sized enterprise with a professional digital presence, leveraging WordPress CMS and modern SEO and analytics tools. The technical infrastructure is sound, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though improvements in security headers and incident response transparency are recommended. Overall, the website presents a trustworthy and professional image consistent with its business claims.

I

Itero – Digitālā marketinga aģentūra

itero.lv

24

The website www.itero.lv appears to be a small business site hosted on WordPress with minimal content and limited digital maturity. The site lacks essential legal documents such as privacy policy, cookie policy, and terms of service, which are critical for compliance and user trust. Contact information and social media presence are not evident, reducing accessibility and credibility. Technically, the site uses standard web technologies but lacks advanced security headers and optimization features. The security posture is basic with no visible incident response or vulnerability disclosure mechanisms. Overall, the site presents a low-risk profile but requires significant improvements in compliance, security, and content quality to enhance trust and professionalism.

Ü

Ühendus Sport Kõigile

sportkoigile.ee

41

Ühendus Sport Kõigile is an Estonian sports association dedicated to promoting sports activities and events across multiple disciplines. The website serves as an informational portal providing event calendars, organizational details, sports facilities, and coaching resources primarily targeting Estonian sports enthusiasts and organizations. The domain is well-established since 2010 and hosted under a reputable Estonian registrar, indicating a stable online presence. Technically, the website employs a traditional web stack with jQuery, Owl Carousel, Fancybox, and AOS for animations. While the technology is somewhat dated, it remains functional and provides a moderate performance experience. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. However, there is room for improvement in SEO and accessibility. From a security perspective, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies. No analytics or tracking scripts were detected, suggesting minimal user tracking. The absence of GDPR compliance indicators and consent mechanisms is a notable gap given the European context. No forms collecting sensitive personal data were found except a basic search form. Overall, the website presents a moderate risk profile with no critical vulnerabilities detected but with compliance and security best practices needing enhancement. Strategic improvements in privacy policy publication, cookie consent, security headers, and GDPR compliance would strengthen the site's trustworthiness and security posture.

The website esbl.ee serves as an Estonian sports biographical lexicon, providing historical data and biographies of Estonian sports figures. It is operated by Spin TEK AS, a company registered since 2013, which aligns with the domain age and content maturity. The site targets sports enthusiasts and researchers interested in Estonian sports history. The business model is informational, focusing on archival and reference content rather than commercial services. Technically, the website is built on static HTML enhanced with JavaScript, notably using an outdated jQuery version (1.7.2). There is no evidence of a modern CMS or frameworks, and the site shows basic performance and accessibility features. Mobile optimization is poor, and SEO practices are minimal. Hosting appears to be managed by Spin TEK AS, consistent with the WHOIS data. From a security perspective, the site lacks modern security headers and uses outdated libraries, which could expose it to vulnerabilities. HTTPS usage and SSL configuration details are not explicitly provided but should be verified. The site implements a cookie consent mechanism and provides a privacy policy document, indicating some compliance with GDPR. However, no terms of service, security policies, incident response contacts, or vulnerability disclosure mechanisms are present. Overall, the website is functional and moderately credible but requires technical and security improvements to enhance trust and protect user data. Strategic recommendations include updating JavaScript libraries, implementing security headers, improving SSL configuration, and publishing comprehensive security and contact policies.

Z

Zone Media OÜ

eestitoit.ee

50

Eestitoit.ee is a government-affiliated website focused on promoting Estonian food culture, local food products, and sustainable food practices. It serves as an informational and educational platform targeting Estonian residents, food enthusiasts, and culinary tourists. The site is well-branded and consistent with official government initiatives, featuring rich content about food events, traditions, and sustainability projects. Technically, the website is built on Drupal CMS and uses modern analytics tools such as Google Analytics and Matomo. It is mobile-optimized and accessible, with good SEO practices. Security-wise, the site implements cookie consent with an opt-in mechanism but lacks visible advanced security headers and a published privacy policy or terms of service. WHOIS data confirms the domain's legitimacy and long-standing registration since 2010. Overall, the website is professional, trustworthy, and serves its informational purpose effectively.

P

Perearst24

perearst24.ee

63

Perearst24.ee is a healthcare-focused digital platform serving family doctor centers in Estonia by providing a secure environment for patients to submit electronic health inquiries. The platform enhances health data security and facilitates better patient-doctor communication by allowing 24/7 submission of health concerns, which are processed during the centers' operational hours. The website is professionally designed with a clear focus on its target audience, patients of Estonian family doctor centers. Technically, the site employs modern frontend technologies such as Vue.js and Vuetify, ensuring a responsive and user-friendly experience. Security is well-handled with HTTPS enforced and cookie consent mechanisms in place, although some security headers and explicit security policies are absent. Overall, the site demonstrates a good security posture and compliance with privacy regulations, including GDPR, supported by clear privacy and cookie policies. However, contact information and incident response details are not directly available, which could be improved to enhance trust and transparency.

E

Eesti Korvpalliliit

basket.ee

43

Eesti Korvpalliliit is the official governing body for basketball in Estonia, managing national teams, leagues, coaching, refereeing, and basketball development programs. The organization holds a strong market position as the primary basketball authority in Estonia, supported by sponsorship from Swedbank. The website provides comprehensive content including news, events, galleries, and contact information, targeting basketball players, coaches, referees, and fans within Estonia. Technically, the site uses a custom CMS with jQuery, Owl Carousel, and Google Tag Manager, offering good mobile optimization and moderate performance. Security posture is solid with HTTPS and cookie consent mechanisms, though some improvements like updated libraries and security headers are recommended. Overall, the site is professional, trustworthy, and well-aligned with its business purpose.

V

Visit Jõgeva | Avasta Jõgevamaa

visitjogeva.com

47

Visit Jõgeva is a regional tourism website dedicated to promoting the Jõgevamaa region in Estonia. It provides comprehensive information on local events, attractions, accommodation, food, active holidays, and local products, targeting tourists and visitors interested in exploring this area. The website is multilingual, supporting Estonian, English, German, Finnish, and Latvian languages, enhancing accessibility for international visitors. The business model focuses on informational and promotional services to boost regional tourism.

E

Erasmus+ ja Euroopa Solidaarsuskorpuse agentuur

euroopanoored.eu

46

The website represents the Erasmus+ and European Solidarity Corps national agency in Estonia, providing comprehensive information, resources, and support for youth, youth workers, and organizations involved in European youth programs. It serves as a government-funded platform facilitating access to program opportunities, project guidance, and community engagement. The site is well-positioned as the authoritative national agency for these programs, targeting youth and professionals in the youth sector. Technically, the website is built on WordPress with modern performance and SEO optimizations, including WP Rocket and The SEO Framework. It employs Google Site Kit for analytics and consent management, ensuring GDPR compliance with a robust cookie consent mechanism. The site is mobile-optimized, accessible, and fast-loading, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and employs consent mode to restrict tracking and personalization. While explicit security headers and incident response policies are not evident, no vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the agency's Estonian identity, registered through a reputable local registrar without privacy protection, appropriate for a government entity. Overall, the website demonstrates a strong security posture, excellent content quality, and good privacy compliance, making it a trustworthy and professional platform for its audience.

E

Eliis Tarkvara

eliis.eu

55

ELIIS is a specialized online information system designed for pre-school organizations, including kindergartens, local governments, teachers, and parents. It offers a comprehensive suite of features such as curriculum planning, child development analysis, digital diaries, communication tools, and document management. The platform is positioned as a trusted solution across the EU, with over 15,000 teachers and 1,000 institutions relying on it. The business model is subscription-based, charging local governments per child, while teachers and parents have free access. The website is professionally designed, multilingual, and emphasizes GDPR compliance.

P

Peatus

peatus.ee

51

Peatus.ee is a digital journey planning user interface focused on public transportation in Estonia, leveraging the Digitransit platform. The website targets public transport users seeking route planning and transit information. Technically, it employs modern web technologies including React, JavaScript, and integrates analytics tools such as Matomo and Google Tag Manager. The site demonstrates good security practices with HTTPS and security headers, but lacks explicit privacy and cookie policies, as well as contact information, which impacts privacy compliance and user trust. Overall, the domain registration data aligns well with the website's purpose, indicating legitimacy. Strategic improvements in privacy disclosures and user contact options would enhance compliance and trust.

The website kalmistud.ee serves as the official Estonian cemetery portal, providing information and e-services related to cemeteries, burial places, and related administrative functions. It targets Estonian residents, municipalities, and cemetery administrators, offering a centralized platform for searching burial information and managing burial plots. The site is operated by Spin TEK AS, a registrar and hosting provider consistent with the domain registration data. Technically, the site uses modern web technologies including JavaScript and CKEditor, with a responsive and accessible design. Security posture is moderate with HTTPS enabled and CSRF protection on forms, but lacks visible security headers and comprehensive privacy compliance documentation. Overall, the site is functional and trustworthy but would benefit from enhanced privacy policies and security disclosures.

O

OÜ Oesel

huviregister.ee

41

Huviregister.ee is a specialized Estonian platform designed to manage hobby groups and their participants, primarily serving municipalities, hobby education providers, and parents. The service facilitates data collection, subsidy calculations, billing, and reporting related to hobby activities, supporting both public and private sector hobby schools. The platform is operated by OÜ Oesel, a small Estonian company founded in 2020. The website content is clear and relevant, though it lacks comprehensive legal and privacy documentation. Technically, the site uses a simple stack with HTML, CSS, and jQuery, hosted under a domain registered with Zone Media OÜ. Security posture is moderate but could be improved by enabling DNSSEC and adding security headers. No blocking or WAF mechanisms were detected, allowing full content access.

D

DROUOT IMMOBILIER

drouot.immo

62

Drouot.immo operates as an online real estate auction platform primarily serving the French market. It leverages the expertise of the Drouot Group to provide a transparent, secure, and efficient digital auction experience for buyers and sellers of real estate. The platform targets individual buyers, sellers, and real estate agencies, offering services such as property listings, buyer registration, and real-time bidding. The business model centers on facilitating competitive bidding to achieve fair market prices quickly and transparently. Technically, the website is built using modern web technologies including React and Next.js, hosted by OVH SAS. The site demonstrates good mobile optimization and SEO practices, with a moderate performance profile. The infrastructure is professionally implemented but could benefit from enhanced security headers and DNSSEC activation to strengthen domain security. From a security perspective, the site enforces HTTPS and employs domain status protections to prevent unauthorized transfers or deletions. However, it lacks advanced security headers and a formal security policy or incident response contact information. Privacy compliance is addressed with comprehensive privacy and terms of service pages, though a cookie consent mechanism is absent. Analytics are implemented via Google Analytics and Google Tag Manager, with moderate user tracking. Overall, Drouot.immo presents a credible and professional online presence with a solid business foundation and technical implementation. Security and privacy practices are adequate but could be improved to meet higher compliance and trust standards. The domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

EC1 Łódź - Miasto Kultury is a well-established cultural and educational institution based in Łódź, Poland, offering a broad range of services including exhibitions, workshops, film screenings, and educational programs. The website serves as a comprehensive portal for visitors, schools, and cultural enthusiasts, providing detailed information about events, offers, and the institution's mission. The site is built on TYPO3 CMS and integrates modern tracking and consent management tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and incident response transparency. The domain is long-standing and registered with a reputable registrar, supporting the legitimacy of the institution. Overall, the website demonstrates good content quality, technical implementation, and privacy compliance, positioning EC1 Łódź as a credible and trusted cultural hub.

R

Rīgas lidosta

riga-airport.com

58

Rīgas lidosta operates as the official website for Riga International Airport, providing comprehensive information about flights, passenger services, baggage handling, transport options, and business partnerships. The site targets passengers, visitors, and business partners, positioning itself as the primary gateway for air travel in Latvia. The website is built on Drupal CMS with modern web technologies, offering good mobile optimization and accessibility features. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks visible security headers and explicit privacy policies. The absence of WHOIS data for the domain is a notable concern, potentially impacting trustworthiness despite the professional and consistent branding. Strategic recommendations include verifying domain registration details, publishing privacy and security policies, and enhancing security headers to improve overall trust and compliance.

M

MEMX LLC

memxtrading.com

58

MEMX Trading operates as a member-owned stock exchange focused on US equities and options markets. The website presents a professional and well-structured portal offering onboarding, connectivity, regulatory information, and technical documentation to its members and investors. The company positions itself as a fair and transparent alternative in the financial exchange sector, targeting institutional and retail investors. Technically, the site leverages modern web technologies including React and secure WebSocket connections, with strong security headers and HTTPS enforcement ensuring a robust security posture. However, the absence of WHOIS registration data introduces some uncertainty about domain ownership transparency. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the site demonstrates a mature digital presence with room for improvement in privacy and contact transparency.

O

Online Solution Int Ltd.

rabuser.info

54

The website rabuser.info represents a small German IT service provider, Online Solution Int Ltd., specializing in web development, programming, consulting, and related services. The business targets individuals and companies seeking affordable and comprehensive web solutions including design, SEO, server administration, and software development. The company has a long-standing domain registration since 2008, indicating established operations. Technically, the website employs standard web technologies such as HTML, CSS, JavaScript, and server-side languages including PHP, Perl, and ASP.net. Hosting is via Cloudflare, providing basic HTTPS security. The site is functional with moderate performance and basic mobile optimization but lacks advanced security headers and DNSSEC, which could improve its security posture. Security-wise, the site uses HTTPS but does not publish privacy, cookie, or terms of service policies, nor does it provide explicit contact emails or phone numbers, limiting transparency and compliance with GDPR. Google Analytics is used without visible consent mechanisms, indicating privacy compliance gaps. No incident response or vulnerability disclosure information is available. Overall, the website is moderately trustworthy and functional but requires improvements in privacy compliance, security best practices, and transparency to enhance user trust and regulatory adherence.

S

SMEunited

smeunited.eu

72

SMEunited is a prominent non-profit association representing crafts and small and medium-sized enterprises (SMEs) across Europe, with a membership base spanning over 30 countries and encompassing more than 12 million enterprises. The organization focuses on advocacy, policy representation, and providing a unified voice for SMEs at the European level. Their website reflects a professional and consistent brand image, offering comprehensive information about their activities, publications, news, and events. Technically, the website employs modern tools such as Google Analytics, Google Tag Manager, and Cookiebot for consent management, indicating a mature digital infrastructure. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, though it lacks explicit security policy disclosures and incident response contacts. Overall, the website is accessible, well-structured, and compliant with privacy regulations, presenting a trustworthy digital presence for the organization.

K

Kalastaja

kalastaja.ee

54

Kalastaja.ee is a well-established Estonian online media platform dedicated to fishing enthusiasts, providing news, articles, and interactive content since 1996. The website targets anglers and fishing hobbyists, offering specialized content to enhance their fishing experience. Technically, the site leverages modern web technologies such as React and Next.js, ensuring a responsive and moderately performant user experience. Security posture is adequate with HTTPS enforced, but lacks explicit security headers and formal privacy or cookie policies, which are areas for improvement. Overall, the site is credible and professionally maintained, though it would benefit from enhanced privacy compliance and clearer contact information for users and security incidents.

A

AS Äripäev

laanevirumaauudised.ee

55

Lääne-Virumaa Uudised is a regional digital news platform serving the Lääne-Virumaa area in Estonia, operated by AS Äripäev. The website provides independent and fearless local news coverage, targeting residents and stakeholders of the region. It operates on a subscription and advertising business model, offering digital subscriptions, newsletters, and advertising services. The site is well-branded and consistent with its parent company’s media presence. Technically, the site is built using modern web technologies including React and Next.js, delivering a responsive and user-friendly experience with good SEO and accessibility basics. Security posture is strong with HTTPS and multiple security headers implemented, though no explicit security policy or incident response contacts are published. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-positioned in its regional media market.

A

AS Äripäev

palgauudised.ee

55

Palgauudised.ee is a specialized Estonian media portal operated by AS Äripäev, focusing on payroll, labor law, taxation, and work organization topics. It serves professionals seeking up-to-date information, practical tools, and educational resources such as webinars and conferences. The website employs a subscription-based business model with tiered access to content and services. Technically, the site is built on modern web frameworks including Next.js and React, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance via a consent management SDK. Contact information and legal policies are clearly presented, enhancing trust and transparency. Overall, Palgauudised.ee demonstrates a mature digital presence with a solid market position in the Estonian media landscape.

A

AS Äripäev

kaubandus.ee

55

Kaubandus.ee is a leading Estonian media platform specializing in trade sector news, including retail, wholesale, and e-commerce. Operated by AS Äripäev, it offers news articles, industry reports, podcasts, and organizes conferences and training events. The website targets professionals and stakeholders in the Estonian trade industry, maintaining a strong market position as a trusted source of sector-specific information. Technically, the site is built on modern web technologies including React and Next.js, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies are not publicly disclosed. Privacy compliance is well addressed with comprehensive privacy and cookie policies aligned with GDPR. Overall, the site demonstrates a professional and credible digital presence with clear contact information and active social media engagement.

O

Online Solution 360 GmbH

cdn-solution.net

51

Online Solution 360 GmbH operates the website cdn-solution.net, providing full service hosting, cyber security, and content delivery network solutions with a focus on eco-friendly data centers. The company targets businesses requiring advanced hosting and CDN services, emphasizing sustainability and innovative technologies such as GeoDNS, load balancing, and AI-driven energy efficiency. The website is professionally designed using WordPress CMS, hosted on Linode infrastructure, and includes a cookie consent mechanism compliant with GDPR. Contact information and company registration details are clearly presented, enhancing business credibility. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though DNSSEC is not enabled and security headers are missing, representing areas for improvement. No WAF or blocking mechanisms were detected, allowing full content access and analysis.

E

Eesti Ajaloomuuseum SA

ajaloomuuseum.ee

41

Eesti Ajaloomuuseum SA operates as a leading historical museum in Estonia, providing cultural and educational services through multiple exhibition venues including the Film Museum, Theatre and Music Museum, Great Guild Hall, and Maarjamäe Castle. The website targets museum visitors, families, and cultural tourists, offering detailed information on exhibitions, events, and visitor planning. The business model is public/governmental, focusing on cultural preservation and education with a medium organizational size and established presence since 2010. Technically, the website is built on the Voog CMS platform, hosted by Zone Media OÜ, and employs modern web standards with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and cookie consent implemented, though lacking advanced security headers and explicit incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, though improvements in security policies and vulnerability disclosure would enhance trust further.

B

Bizberg Themes

bizbergthemes.com

58

Bizberg Themes is a small technology business specializing in the development and distribution of free and premium WordPress themes tailored for various sectors including education, NGOs, business, and eco-friendly organizations. The company emphasizes fast loading, SEO optimization, and user-friendly design, supported by dedicated customer service. Technically, the website is built on WordPress CMS, hosted behind Cloudflare CDN, and employs modern web technologies ensuring good performance and mobile optimization. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks comprehensive security headers and cookie consent mechanisms, which are areas for improvement. Overall, the website is professional and trustworthy with clear business focus, though privacy compliance could be enhanced.

A

AS Tallink Grupp

tallink.com

65

AS Tallink Grupp operates the Tallink Silja Line ferry and cruise services across the Baltic Sea, connecting major cities such as Helsinki, Stockholm, Tallinn, Turku, and the Åland Islands. The company offers passenger transportation, cargo services, onboard entertainment, tax-free shopping, and hotel accommodations, positioning itself as a leading maritime transport provider in the Baltic region. The website reflects a mature digital presence with a modern tech stack based on Next.js and React, delivering fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly disclosed. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. The absence of WHOIS data reduces domain registration transparency but does not detract significantly from the overall trustworthiness given the professional branding and extensive external references. Strategic recommendations include publishing a security policy, incident response contacts, and vulnerability disclosure information to enhance trust and compliance.

I

INHUS Prefab, UAB

inhusprefab.eu

45

INHUS Prefab, UAB is a medium-sized manufacturing company specializing in prefabricated reinforced concrete structures and architectural concrete facade elements. Operating primarily in Lithuania with projects extending to Nordic countries and the UK, the company positions itself as a reliable regional player in the construction sector. Their website reflects a professional digital presence with clear navigation, multilingual support, and a portfolio of completed projects. Technically, the site uses modern web technologies including HTML5, CSS, JavaScript, and integrates Google Analytics for user tracking. The site is mobile optimized and performs moderately well. Security posture is adequate with HTTPS enforced but lacks advanced security headers and public security policies. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, aligning with GDPR requirements. Contact information is transparent and includes company email, phone, and physical address. Overall, the website demonstrates good business credibility and digital maturity with room for security enhancements.

I

INHUS Engineering

inhusengineering.eu

18

INHUS Engineering is a medium-sized engineering firm specializing in structural design services for various building types, primarily serving clients in Lithuania and Scandinavian countries. The company employs over 100 engineers and utilizes advanced 3D modeling and calculation software to deliver precise and reliable project outcomes. Their website reflects a professional and consistent brand image, showcasing a broad portfolio of projects and maintaining active social media channels. Technically, the website uses modern web standards and integrates Google Analytics for visitor tracking. Security-wise, the site enforces HTTPS and implements a cookie consent mechanism, though it lacks advanced security headers and explicit security policies. Overall, the domain registration aligns well with the business claims, indicating legitimacy and trustworthiness.

P

Palmako UK

palmako.co.uk

65

Palmako UK operates as a specialized e-commerce retailer focused on quality garden rooms, log cabins, saunas, and greenhouses within the United Kingdom. Established in 2008, the company has a solid market presence supported by a well-structured Shopify-based website that targets consumers and businesses seeking outdoor living solutions. The website features consistent branding, clear contact information, and utilizes structured data to enhance search engine visibility. The business model centers on direct online sales with a focus on quality and customer service.

P

Põhjala Brewery

pohjalabeer.com

46

Põhjala Brewery is an established Estonian craft beer producer with a diverse portfolio of beers including lagers, IPAs, porters, and non-alcoholic options. The company leverages its heritage and local nature inspirations to create unique beer flavors, targeting craft beer enthusiasts and event attendees. The website reflects a medium-sized hospitality business with a professional and consistent brand presence. Technically, the website uses modern web technologies including jQuery, Google Tag Manager, and Facebook Pixel, with good mobile optimization and SEO practices. However, it lacks explicit privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enforced but missing DNSSEC and security headers. The domain registration is consistent and trustworthy, supporting the legitimacy of the business. Overall, the website is functional and professional but could improve privacy compliance and security hardening.

U

U.S. Agency for International Development

usaid.gov

71

The U.S. Agency for International Development (USAID) operates as a U.S. government agency focused on international development and humanitarian assistance worldwide. The website content reflects official communications, such as administrative leave notifications for personnel, underscoring its role in managing overseas and domestic operations. The agency serves government personnel, international partners, and the public interested in foreign aid programs. The business model is government-funded, with a strong emphasis on mission-critical functions and overseas program management. Technically, the website employs a simple and clean infrastructure using standard HTML5, CSS, and Google Fonts. There is no evidence of advanced frameworks or CMS platforms in the provided content. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. No analytics or tracking scripts were detected, indicating a minimalistic approach to user data collection. From a security perspective, the site appears to use HTTPS (implied by the .gov domain), but no security headers or explicit SSL configuration details were found in the provided data. The absence of privacy and cookie policies, as well as contact information, represents compliance gaps. The WHOIS data is incomplete but consistent with government domain privacy practices, supporting the legitimacy of the domain. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the website demonstrates a high level of business credibility due to its official government status and consistent branding. However, technical and privacy compliance aspects could be improved to enhance security posture and user trust. Strategic recommendations include implementing security headers, publishing privacy and cookie policies, and providing clear contact and incident response information.