Security Directory

I

INHUS

inhus.eu

48

INHUS is a Lithuanian-based construction and manufacturing company specializing in precast reinforced concrete building structures, operating primarily in Lithuania and Northern Europe. The company follows a design-build business model integrating design, production, and construction services. Their website presents a professional portfolio of projects and maintains a consistent brand image across multiple subsidiary domains. Technically, the website uses modern web technologies including Google Tag Manager and Google Analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and formal policies are missing. Overall, the site is trustworthy and well-maintained, supporting INHUS's market position as a regional player in the construction sector.

Nevercode Ltd. operates Codemagic, a specialized SaaS platform providing continuous integration and delivery (CI/CD) services tailored for mobile app development across multiple frameworks including Flutter, React Native, native Android/iOS, Unity, Ionic, and MAUI. The company targets mobile development teams seeking to automate and accelerate their build, test, and release pipelines. With over 150,000 developers trusting the platform and notable clients showcased, Codemagic holds a strong market position as a focused mobile CI/CD solution. Technically, the website is modern, fast, and mobile-optimized, leveraging cloud hosting on AWS and integrating analytics tools such as Google Tag Manager and Plausible Analytics. Security posture is robust, with HTTPS enforced, SOC 2 type 2 and ISO 27001 certifications, and GDPR/CCPA compliance clearly stated. However, DNSSEC is not enabled and no public security.txt or incident response contacts were found, representing areas for improvement. Overall, the platform demonstrates a mature digital presence with strong trust signals and compliance adherence.

I

Interactive Advisors

interactiveadvisors.com

76

Interactive Advisors is a well-established robo-advisor platform affiliated with Interactive Brokers Group, offering low-cost, diversified investment portfolios with a focus on transparency and ease of use. The platform targets retail investors seeking automated portfolio management and self-directed trading options. The website demonstrates a high level of professionalism, with comprehensive content, clear navigation, and strong trust signals including SEC registration and SIPC protection. Technically, the site uses modern web technologies, is mobile-optimized, and performs well. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies could be improved. Privacy compliance is robust with clear cookie consent and privacy policies. Overall, the site reflects a credible and mature financial service provider with a solid digital presence.

S

Beste Online Casino Österreich | 50+ Seriöse Online Casinos

spielautomatcasinos.at

71

The website spielautomatcasinos.at serves as an informational platform focused on online casinos in Austria, particularly slot machine casinos. It provides reviews, comparisons, and guides aimed at Austrian online gambling enthusiasts. The business model appears to be affiliate marketing and content provision within the gambling niche. Technically, the site employs Cloudflare for DNS and CDN services and likely uses WordPress as its CMS. The site implements lazy loading scripts to optimize performance and is mobile-friendly, though accessibility features are basic. Security posture is moderate with HTTPS likely enabled but lacks visible security headers and formal privacy or cookie policies, which are critical for GDPR compliance. Contact and incident response information are absent, limiting user trust and compliance transparency. Overall, the site is functional and professionally designed but requires improvements in privacy compliance and security best practices to enhance trustworthiness and regulatory adherence.

K

オンラインカジノ日本 ⚡️ 日本のベストカジノオンライン

kajinojapan10.com

56

KajinoJapan10.com is a Japanese language online casino affiliate and informational website targeting Japanese players interested in legal and reputable online casinos. The site provides detailed casino reviews, bonus offers, payment method guides, and legal context about gambling in Japan. The business model is primarily affiliate marketing, promoting various international online casinos accessible to Japanese users, often via VPN. Technically, the site is built on WordPress with common performance and user experience optimizations, including mobile responsiveness and SEO best practices. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and visible security headers. Privacy compliance is weak due to missing privacy and cookie policies. No direct contact or incident response information is provided, which limits transparency. Overall, the domain registration is consistent and supports legitimacy. Strategic improvements in privacy, security headers, and contact transparency would enhance trust and compliance.

E

Einwohnergemeinde Cham

cham.ch

54

The Einwohnergemeinde Cham website serves as the official digital presence for the municipality of Cham, Switzerland. It provides comprehensive information and services related to local governance, community life, infrastructure, environment, education, and events. The site targets residents and visitors seeking municipal services and information. The business model is that of a government entity providing public services and information digitally. The website is well-branded, consistent, and includes trust indicators such as official contact details and certifications like Energiestadt GOLD. Technically, the site uses a modern CMS platform (i-web.ch) with Bootstrap for responsive design, ensuring good mobile optimization and accessibility. The performance is moderate with proper SEO and meta tags. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers and incident response policies could be improved. Privacy compliance is good, with clear privacy and cookie policies and user consent mechanisms. Overall, the site is trustworthy and professional, with clear contact information and partner links to regional and cantonal entities. No WAF or blocking mechanisms interfere with content access, allowing full analysis. Recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen security posture.

Fleximed as operates the Fleximoover.no website, offering a specialized mobility aid designed for patients with Huntington's disease. The company is positioned in the healthcare sector in Norway, targeting a niche patient group with a unique product. The website provides basic information about the product concept, features, and accessories, with clear contact details and some language options for international visitors. Technically, the site is built using Adobe Muse with standard web technologies including HTML5, CSS, JavaScript, and jQuery 1.8.3, and integrates Google Analytics for visitor tracking. The site is moderately optimized for mobile devices and has basic SEO and accessibility features. Security posture is average; HTTPS is used, but no advanced security headers are detected, and the use of an outdated jQuery version presents potential vulnerabilities. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms. Business credibility is supported by consistent WHOIS data, domain age, and clear contact information. Overall, the site is functional but would benefit from enhanced security, privacy compliance, and modernization of its technical stack.

A

Actual Reports OÜ

pdfmake.com

59

PDFMake.com is a specialized online platform offering a suite of PDF editing tools including watermarking, encryption, decryption, and optimization. The service targets users and businesses needing straightforward PDF manipulation capabilities, supported by an API for scalable integration. The website is professionally designed with consistent branding and clear navigation, hosted on AWS infrastructure with HTTPS enabled. However, it lacks published privacy, cookie, and terms of service policies, which impacts compliance and user trust. Security posture is moderate with HTTPS and domain transfer protection but missing key security headers and incident response disclosures. Analytics are implemented via Google Tag Manager, indicating moderate user tracking without clear privacy compliance disclosures. Overall, the domain registration is consistent and legitimate, supporting the business claims.

P

Puratos

puratos.in

74

Puratos India operates as a dedicated supplier of bakery, pastry, and chocolate ingredients targeting professional bakers, pastry chefs, and chocolatiers. The website reflects a global brand presence with localized content and multiple language versions, indicating a mature international business model focused on B2B manufacturing and ingredient supply. The technical infrastructure is built on Adobe Experience Manager CMS, leveraging modern web technologies and analytics tools such as Visual Website Optimizer and Google Tag Manager. The site demonstrates good design quality, mobile optimization, and SEO practices, although accessibility features are basic. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks comprehensive security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the website is professional and credible but would benefit from enhanced privacy and security transparency.

P

Puratos

puratos.it

74

Puratos is an established enterprise-level manufacturer specializing in ingredients for professional bakery, pastry, and chocolate sectors. The company targets B2B customers in the food manufacturing industry, offering a broad range of innovative ingredients and semi-finished products. The website reflects a consistent and professional brand presence with good content quality and clear navigation, supporting its global market position. Technically, the site employs modern technologies including Google Tag Manager and Visual Website Optimizer for analytics and A/B testing, hosted on Adobe Experience Manager CMS, ensuring a moderate to good performance and mobile optimization. Security posture is strong with HTTPS and security headers implemented, though explicit privacy and cookie policies are absent, indicating room for compliance improvement. Overall, the site is trustworthy and legitimate, with domain registration data consistent with business claims.

P

Puratos

puratos.us

70

Puratos is a global leader in the manufacturing and supply of bakery, patisserie, and chocolate ingredients, catering primarily to professional bakers, pastry chefs, and chocolatiers. The company maintains a strong market presence with a comprehensive product portfolio and a well-structured multilingual website targeting a broad international audience. The website demonstrates a mature digital infrastructure, leveraging advanced tools such as Google Tag Manager and Visual Website Optimizer for analytics and optimization, and is built on Adobe Experience Manager CMS, indicating a robust enterprise-grade platform. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response information are not publicly disclosed. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy practices. Overall, the website and business present a trustworthy and professional image with moderate to high digital maturity.

A

AS Emor

mediafacts.com

64

Mediafacts.com is an established online platform operated by AS Emor, specializing in providing market research reports and consumer insights focused on the Baltic countries of Estonia, Latvia, and Lithuania. The website serves business professionals and organizations seeking detailed market data and analysis to inform strategic decisions. The business model is based on e-commerce sales of research reports, leveraging the Shopify platform for digital storefront management. The company has a consistent brand presence and offers a range of reports covering various sectors and consumer trends in the region. Technically, the website is built on Shopify using the Debut theme, employing modern web technologies including JavaScript, CSS, and HTML5. The site is hosted on Shopify's CDN infrastructure, ensuring moderate to good performance and mobile responsiveness. SEO and accessibility features are well implemented, with proper meta tags, structured data, and ARIA roles enhancing user experience and search engine visibility. From a security perspective, the site enforces HTTPS and includes basic security headers such as Referrer-Policy. There is no DNSSEC enabled, which is a recommended improvement. Forms include CAPTCHA mechanisms to prevent abuse. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is addressed with a visible cookie consent banner and a privacy policy page indicating GDPR adherence. However, explicit security policies and incident response contacts are not published. Overall, Mediafacts.com presents a trustworthy and professional online presence with a mature domain and consistent business information. The site is suitable for its target audience and maintains a good security posture with room for enhancements in DNS security and published security policies.

1

14.no - Domain for sale

14.no

52

The website 14.no is a minimalistic domain-for-sale landing page created in 2022. It offers the domain 14.no for purchase and targets potential domain buyers or investors. The business model is straightforward domain resale with no additional services or content. The site uses a Vue.js framework with Google Fonts and includes basic meta tags and Open Graph data for social media sharing. However, it lacks comprehensive business information, privacy policies, or terms of service, limiting its professional presence. Technically, the site is built with modern JavaScript frameworks but lacks advanced security headers and does not provide evidence of HTTPS enforcement. Performance and mobile optimization are basic but functional. No analytics or tracking scripts are present, indicating minimal user data collection. The site includes a single contact email but no phone numbers or physical addresses. From a security perspective, the site shows limited security posture with no detected security policies, incident response contacts, or vulnerability disclosures. The absence of privacy and cookie policies indicates non-compliance with GDPR and related regulations. The WHOIS data shows the domain was registered in 2022, consistent with its current use as a domain sale page, with no suspicious registration patterns. Overall, the website scores low on content quality, privacy compliance, and security posture due to minimal content and lack of policies. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, enhancing security headers, and providing clearer business and contact information to improve trust and compliance.

The website object.center currently serves as a placeholder with minimal content, indicating it is not yet operational or publicly launched. The domain is registered since 2018 with privacy protection enabled, but the website lacks any business-related content, contact information, or policies. The only visible content is a 'Coming Soon' message and a link to the VESTA control panel, suggesting the site is hosted on a VESTA-managed server behind Cloudflare DNS. Technically, the site uses HTTPS but lacks DNSSEC and security headers, which are important for enhancing security posture. No forms, analytics, or tracking mechanisms are present, indicating minimal digital maturity. The absence of privacy, cookie, or terms of service policies and contact details reflects poor privacy compliance and business credibility. Overall, the site scores low on content quality, security, and compliance, representing a high-risk profile for trust and professionalism.

AVCO Productions Ltd is a London-based creative technology studio specializing in delivering digital projects for educational institutions, cultural organizations, architectural practices, and artists. The company positions itself as a niche provider focusing on creative technology solutions, editorial systems for storytelling, and live event delivery. Their website showcases a portfolio of projects emphasizing design efficiency and meaningful digital experiences. Technically, the website is built using modern frameworks such as Gatsby and React, leveraging a headless CMS (Sanity) and Google Tag Manager for analytics. The site is mobile-optimized with good design quality and user experience, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and incident response contact information. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

Farmwell operates as a specialized e-commerce platform targeting food hubs, farms, and online grocery stores, focusing on food box delivery and recurring order management. The platform is built on the Shoperb CMS and offers tailored features such as box customization, delivery, and inventory management. The website is professionally designed with good user experience and mobile optimization, though accessibility and SEO could be improved. Security posture is moderate with HTTPS usage but lacks explicit security headers and policies. The absence of WHOIS data for the domain raises concerns about domain legitimacy and trustworthiness. Privacy and cookie policies are missing, which impacts compliance and user trust. Overall, the site presents a niche e-commerce solution with room for improvement in security and compliance.

O

ooogo LLC.

ad110.com

26

AD110 is a non-profit project operated by ooogo LLC., focusing on art, design, creativity, and lifestyle content primarily targeted at design professionals and enthusiasts. The website offers curated articles, design resources, event coverage, and job listings within the creative industry. The platform positions itself as a niche media outlet with a long-standing presence since 2004, emphasizing open content sharing under Creative Commons licensing. Technically, the site is built using modern JavaScript frameworks such as Vue.js, with a custom CMS or proprietary platform, and includes advertising via Google Adsense. While the design and user experience are good, the site lacks HTTPS, security headers, and formal privacy or cookie policies, which impacts its security posture and privacy compliance. The domain is registered with GoDaddy and shows no suspicious WHOIS patterns, supporting its legitimacy. Overall, the site is functional and professional but requires significant improvements in security and privacy to meet modern standards.

E

Eesti Lauatenniseliit

eltl.ee

50

Eesti Lauatenniseliit is a national sports organization dedicated to table tennis in Estonia, providing news, event calendars, club information, player rankings, and regulatory details. The website serves as an information hub for players, clubs, and enthusiasts within the Estonian table tennis community. Technically, the site uses modern web technologies including JavaScript modules and CSS, hosted on DigitalOcean with DNS managed by the same provider. The site appears to be built on WordPress, indicating a standard CMS approach. Security posture is moderate with HTTPS likely enabled but lacking visible security headers and formal security policies. Privacy compliance is minimal, with no visible privacy or cookie policies or consent mechanisms. Business credibility is supported by consistent WHOIS data showing local Estonian registration and a new domain appropriate for the organization's recent founding. Overall, the site is functional and professional but would benefit from enhanced privacy, security, and contact transparency.

S

STIGA Sports

stigasports.se

67

STIGA Sports operates an e-commerce platform specializing in sports and leisure products, including table tennis equipment, scooters, and hockey games. The website targets consumers interested in sports gadgets and leisure activities, positioning itself as a recognized brand in the retail sports sector primarily in Sweden. The business model focuses on direct online sales with a moderate company size and consistent branding. Technically, the website is built using modern frameworks such as Next.js and integrates multiple third-party services for analytics, marketing, and user engagement, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is partial, with a cookie consent banner present but no explicit privacy policy or terms of service detected in the provided content. The absence of WHOIS data raises concerns about domain registration legitimacy, which impacts overall trustworthiness. Strategic recommendations include enhancing privacy disclosures, improving security headers, and verifying domain registration details to strengthen business credibility and compliance.

N

Nameshift.com

weglot.eu

49

The website weglot.eu currently serves as a domain sales landing page operated by Nameshift.com, a domain brokerage and escrow service based in the Netherlands. The platform offers domain purchase services with an emphasis on safe, fast, and fee-free domain transfers for buyers. The business model focuses on domain resale with escrow facilitation to ensure secure transactions. The target audience includes domain investors and buyers seeking a trusted intermediary for domain acquisitions. The website content is minimal and primarily transactional, reflecting its purpose as a domain sales portal rather than a full business site. Technically, the site is built using modern web technologies including SvelteKit and JavaScript, hosted on a CDN associated with Nameshift.com. The site demonstrates moderate performance and basic mobile optimization. However, SEO and accessibility features are basic, and there is no evidence of a CMS or extensive platform integrations. The site uses external scripts for analytics and Trustpilot reviews, indicating some level of marketing and trust-building efforts. From a security perspective, the site uses HTTPS and does not expose sensitive data in the HTML. However, it lacks explicit security headers such as Content Security Policy or HSTS, and no privacy or cookie policies are present, which are critical for GDPR compliance. There is no visible incident response or security contact information. The domain registration data is consistent with the business purpose, registered via a known registrar without privacy protection, supporting legitimacy. Overall, the site presents a low-risk profile but has significant gaps in privacy compliance and security best practices. Strategic improvements in policy disclosures, security headers, and contact transparency would enhance trust and compliance. The site’s limited content and basic design reflect its narrow business focus but also limit user engagement and SEO potential.

R

Rodinné zápolení | Další web používající WordPress

rodinnezapoleni.cz

50

Rodinnezapoleni.cz is a Czech language website created in 2011, built on WordPress using the Divi theme. The site appears to be a small-scale or personal project with limited content and minimal business information. The technical infrastructure is standard for WordPress sites, utilizing common libraries such as jQuery and Google Fonts. Hosting is provided by REG-ZONER, a Czech domain registrar and hosting provider, consistent with the website's regional focus. Security posture is basic with HTTPS enabled but lacking important security headers and policies. No privacy or cookie policies are present, indicating potential compliance gaps. Contact information and social media presence are not evident, limiting business credibility and user trust. Overall, the site is functional but lacks comprehensive security, privacy, and business transparency features.

R

Restaurace Tiskárna

restauracetiskarna.cz

38

Restaurace Tiskárna is a small hospitality business operating multiple restaurant locations in Prague, Czech Republic, specializing in modern Czech cuisine and quality draft Pilsner beer. The website provides clear contact information and basic business descriptions but lacks advanced digital maturity features such as privacy policies, cookie consent, and security disclosures. Technically, the site uses standard HTML and CSS with Google Fonts, hosted likely via REG-WEBGLOBE, but lacks modern CMS or frameworks. Security posture is weak due to missing security headers, unclear SSL status, and absence of vulnerability disclosures. Overall, the site is functional and professional but requires significant improvements in privacy compliance and security to reduce risk and enhance trust.

The Lindner Group website presents a comprehensive portfolio of interior fit-out and custom system products targeting construction and architectural professionals. The company positions itself as a strong partner in the manufacturing sector, focusing on acoustics, fire protection, sustainability, and design. The website is professionally designed with clear navigation and a broad product catalog, indicating a mature digital presence. Technically, the site employs modern JavaScript libraries and tracking tools such as Matomo and Google Tag Manager, reflecting a moderate level of digital maturity. Security posture is generally good with HTTPS enforced, but lacks visible security headers and explicit security policies. The absence of WHOIS registration data is a notable concern, potentially impacting trust and legitimacy perceptions. Privacy compliance is minimal, with no clear privacy or cookie policies detected. Overall, the site is functional and professional but would benefit from enhanced transparency and security disclosures.

K

Online Kasino Česko ⚡️ Nejlepší Kasina v České Republice

kasinoczech10.com

49

The website kasinoczech10.cz is a Czech-language online casino affiliate and review platform focused on providing detailed information about online casinos available to Czech players. It offers curated casino reviews, bonus offers, payment method guides, and game type information to help users make informed decisions. The site targets adult Czech players interested in online gambling and operates primarily through affiliate marketing partnerships with various casinos. Technically, the site is built on WordPress, uses Cloudflare DNS, and integrates Google Analytics, Google Tag Manager, and OneSignal for analytics and notifications. The site is mobile-optimized with a good user experience and clear navigation. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, but lacks explicit security headers and formal privacy or cookie policies. The domain is relatively new (created in 2023) but consistent with the business age and model. Overall, the site is professional and trustworthy within its niche but would benefit from enhanced privacy compliance and security policy disclosures.

A

A-B help s.r.o.

abhelp.cz

58

A-B help s.r.o. is a Czech non-profit organization established in 2006 that focuses on improving the lives of disadvantaged children, seniors, and handicapped individuals by providing minibuses to social institutions. The organization partners with socially responsible companies that sponsor these vehicles, which are branded with sponsor logos to enhance corporate social responsibility visibility. The website is built on WordPress and presents a professional, content-rich platform primarily in Czech. It provides clear contact information and testimonials that enhance trustworthiness. However, the absence of privacy and cookie policies and the lack of WHOIS data reduce transparency and privacy compliance. Technically, the site is well-structured, mobile-optimized, and secure with HTTPS, but could benefit from enhanced security headers and privacy mechanisms.

H

HERVIS Österreich

hervis.cz

72

HERVIS Österreich operates a professional e-commerce platform specializing in sports apparel, shoes, and equipment targeted primarily at customers in Austria and neighboring regions. The website presents a consistent brand image with good content quality and clear navigation, supporting a positive user experience. Technically, the site leverages modern frameworks such as Angular and integrates marketing and identity management tools like Adobe Launch and Gigya, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and incident response information suggests room for improvement. The lack of WHOIS data limits domain trust verification, but the overall professionalism and content quality support a moderate to high trust level. Privacy and cookie policies are not explicitly found, which impacts compliance scoring. Strategic recommendations include enhancing privacy compliance, adding security headers, and publishing vulnerability disclosure information to strengthen security and trust further.

G

GUN PRODUCTIONS

gutterdammerung.com

54

Gutterdämmerung.com is the official website for a niche entertainment project combining rock music, film, and live immersive experiences. The site promotes the Gutterdämmerung concept created by visual artist Bjorn Tagemose, featuring legendary rock artists. The business operates primarily in the media sector, targeting rock music fans and live event attendees. The website content is rich with artist information, multimedia, and event details, supporting fan engagement through newsletters and contests. Technically, the site uses standard web technologies including jQuery, Google Analytics, YouTube API, and MailChimp for marketing. Hosting is provided by One.com, with a domain registered since 2014, consistent with the business timeline. Security posture is moderate with HTTPS implied but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and professional but could improve in privacy and security practices.

P

ProFuturo

profuturo.education

56

ProFuturo is a well-established global digital education program supported by Fundación Telefónica and Fundación la Caixa, focused on reducing educational inequality by providing quality digital education to children and teachers in vulnerable environments. The website reflects a mature digital presence with multilingual support, a proprietary educational platform, and extensive educational content. Technically, the site is built on WordPress with modern tracking and consent tools, showing good performance and mobile optimization. Security posture is solid with HTTPS and bot protection, though improvements in DNS security and security headers are recommended. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness, suitable for its non-profit educational mission.

N

Nordic Symphony Orchestra

nordicsymphony.com

45

Nordic Symphony Orchestra is a small cultural organization based in Estonia, specializing in classical symphony performances with a focus on Nordic composers and artists. The website serves primarily as an informational portal providing concert schedules, streaming links, and contact details for management and artistic leadership. The business operates in the media sector, targeting classical music audiences in Estonia and the Nordic region. The domain age of nearly two decades supports the legitimacy and established presence of the organization. Technically, the website is built with basic HTML and CSS without modern frameworks or CMS platforms. It lacks mobile optimization and accessibility features, which limits user experience on diverse devices. There is no evidence of advanced analytics, tracking, or advertising technologies, indicating a minimalistic digital footprint. Hosting and DNS are managed through EuroDNS and elkdata name servers, but DNSSEC is not enabled, and no security headers are detected. From a security perspective, the site does not demonstrate strong security practices. There is no visible HTTPS confirmation in the provided data, no privacy or cookie policies, and no incident response or security contact information. These gaps represent compliance and security risks, especially under GDPR regulations. However, the domain registration is consistent and transparent, with no privacy protection or suspicious WHOIS patterns, which supports trustworthiness. Overall, the website is functional but basic, with significant room for improvement in security, privacy compliance, and technical modernization. Strategic recommendations include implementing HTTPS, publishing privacy and cookie policies, enabling DNSSEC, adding security headers, and improving mobile and accessibility standards to enhance user trust and regulatory compliance.

F

Funky Pigeon

funkypigeon.com

70

Funky Pigeon is a UK-based e-commerce retailer specializing in personalized greeting cards, gifts, and flowers. The company operates under the parent company WH Smith PLC, positioning itself as a significant player in the UK retail market for personalized gifting solutions. The website offers a broad range of products tailored for various occasions, targeting consumers seeking unique and personal gift options. Technically, the site is built using modern web technologies including React and Next.js, with integrations for customer data platforms and marketing analytics, reflecting a mature digital infrastructure. Security-wise, the website enforces HTTPS, employs standard security headers, and provides comprehensive privacy and cookie policies with consent mechanisms, indicating a strong commitment to user data protection. However, the absence of WHOIS registration data is a notable anomaly, though the overall site professionalism and parent company association mitigate concerns. Strategic recommendations include publishing explicit security policies and incident response contacts, enhancing accessibility, and maintaining vigilance on third-party scripts to sustain security posture.

E

Estonian Maritime Cluster

maritimecluster.ee

40

Estonian Maritime Cluster is a newly established (2024) non-profit organization focused on fostering collaboration, innovation, and growth within Estonia's maritime sector. It serves as a network for maritime professionals, companies, and organizations, aiming to position Estonia as a leading maritime hub in the Baltic Sea region. The website presents a professional and well-structured digital presence built on WordPress, featuring comprehensive contact information and a broad membership base. Technically, the site uses modern web technologies and includes security measures such as HTTPS and Cloudflare Turnstile captcha on forms. However, it lacks critical compliance documents like privacy and cookie policies, and security headers are not implemented, which are areas for improvement. Overall, the domain registration is consistent with the business claims, indicating legitimacy.

B

Baltic Legal

baltic-legal.com

44

Baltic Legal is a specialized corporate law office providing company formation, legal, accounting, and immigration services focused on the Baltic states of Latvia, Estonia, and Lithuania. The company targets entrepreneurs and businesses seeking to establish operations in these countries, offering a one-stop solution for business registration, tax management, and residence permits through investment. The website content is professionally structured and provides detailed service descriptions, although it lacks explicit contact information and privacy policies. Technically, the website employs standard web technologies including HTML5, CSS, JavaScript, Font Awesome icons, and integrates Google Analytics and Google Tag Manager for visitor tracking. The site is moderately optimized for mobile devices and SEO, but lacks advanced accessibility features and security headers. The absence of HTTPS status information and security headers suggests room for improvement in security posture. From a security perspective, the site does not expose sensitive data and uses no known vulnerable libraries. However, the lack of privacy and cookie policies, absence of contact details for incident response, and missing WHOIS registration data reduce trustworthiness and compliance with data protection regulations. The WHOIS query returned no registration data, which is inconsistent with the active website presence and raises concerns about domain legitimacy. Overall, Baltic Legal presents a credible business offering with good content quality and technical implementation but requires significant improvements in security, privacy compliance, and transparency to enhance trust and regulatory adherence.

Trade House Co. LLC is a medium-sized, established company founded in 1975 and headquartered in Sharjah, UAE. It operates as a manufacturer, importer, and distributor of building materials such as steel, cement, timber, and plywood, serving the construction industry primarily in the UAE and globally. The company positions itself as one of the oldest and largest distributors of high tensile steel bars in the region, emphasizing operational excellence and product quality. The website content is basic but relevant, providing essential business information and navigation.

M

Mellow

mellow.ee

43

Mellow is a small creative company based in Estonia specializing in video production, photography, animation, visual effects, and graphic design. The website presents a minimalistic portfolio and contact information, targeting clients seeking creative media services. The business appears to be a small niche player with a straightforward service offering and a modest online presence. Technically, the website is built with basic HTML and CSS without any detected CMS or advanced frameworks. Hosting is provided by Zone Media OÜ, an Estonian registrar and hosting provider. The site lacks HTTPS on some assets, and no security headers or modern web technologies are detected. Mobile optimization and accessibility are basic, and SEO features are minimal. From a security perspective, the site shows limited maturity. There is no evidence of privacy or cookie policies, no incident response or security policies, and no vulnerability disclosure mechanisms. The absence of HTTPS on all content and lack of security headers represent notable risks. The WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, the website scores moderately low on security and privacy compliance but maintains basic business credibility and content relevance. Strategic improvements in security posture, privacy compliance, and technical modernization are recommended to enhance trust and user experience.

N

Nameshift.com

heyday.eu

50

Nameshift.com operates as a domain name marketplace specializing in secure and efficient domain transfers using an escrow service. The platform targets individuals and businesses seeking to purchase domain names with minimal risk, offering free assistance and VAT invoicing. The business model relies on seller commissions, providing a fee-free experience for buyers. The website content is minimal but consistent with the business purpose, emphasizing safety, speed, and no additional fees. Technically, the website is built using modern web technologies, notably the SvelteKit framework, and leverages CDN-hosted assets for performance. The site is mobile-optimized with basic accessibility and SEO features. However, it lacks advanced security headers and visible privacy or cookie policies, which are important for compliance and user trust. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. No vulnerabilities or malicious scripts were detected. The WHOIS data is consistent and transparent, with no privacy protection masking the registrant, enhancing trustworthiness. However, the absence of privacy and cookie policies, as well as incident response contacts, indicates room for improvement in compliance and security posture. Overall, the website presents a moderate risk profile with a solid business foundation but requires enhancements in privacy compliance, security headers, and contact transparency to improve trust and regulatory adherence.

Bolt Technology OÜ operates a leading European mobility superservice platform offering ride-hailing, food and grocery delivery, car and scooter rentals, and business travel solutions. The company is well-positioned in the transportation and technology sectors with a large global footprint across 600+ cities and 50+ countries. Their digital presence is robust, leveraging modern web technologies such as Next.js and React, with strong SEO, mobile optimization, and accessibility features. The website demonstrates a high level of professionalism and branding consistency, supported by comprehensive privacy and cookie policies aligned with GDPR requirements. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response contacts are not publicly detailed, representing an area for improvement. Overall, Bolt's website and digital infrastructure reflect a mature and trustworthy business with a strong market presence and good compliance practices.

Adaltum.ee is a small Estonian translation service provider operated by Elkdata OÜ, founded in 2022. The website offers professional translation and localization services targeting businesses and organizations requiring multilingual content adaptation. The site is built on WordPress and uses standard themes and scripts, providing a moderate level of technical maturity with good mobile optimization and basic SEO. Security posture is adequate with HTTPS enabled but lacks important security headers and formal privacy or cookie policies, which impacts compliance and trust. No direct contact information or incident response policies are published, limiting transparency. Overall, the website is functional and professional but would benefit from enhanced security practices and compliance documentation to improve trust and legal adherence.

E

Elektrum Eesti OÜ

elektrum.ee

61

Elektrum Eesti OÜ is a well-established energy company operating in Estonia, offering a range of electricity packages, insurance, renewable energy solutions, and electric vehicle charging services. As part of the Latvenergo group, it holds a strong market position in the Baltic energy sector, serving both private and business customers with a focus on reliability and environmental sustainability. The website reflects a professional digital presence with clear navigation, multi-language support, and comprehensive service information. Technically, the site employs modern web technologies including JavaScript, CSS, and integrates third-party services such as Google Tag Manager and Usercentrics for cookie consent management. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. Overall, the site demonstrates good privacy compliance and business credibility, supported by consistent WHOIS data and transparent contact information.

Meidron is a small Estonian company founded in 2011, offering IT support and consulting services, EU funding project management, and environmental consulting. The company targets businesses and organizations requiring specialized consulting and support services. The website is simple and functional, providing basic business information and contact details, including email, phone, and LinkedIn profile. The market position appears niche and regional with a focus on professional service delivery. Technically, the website uses basic HTML, CSS, and JavaScript with Google Analytics for tracking. Hosting appears to be on Oracle Cloud infrastructure. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. No CMS or frameworks are detected, indicating a custom or static site. From a security perspective, the domain is well-registered with a long history and transfer protection. However, the site lacks DNSSEC, visible HTTPS enforcement, and security headers. No privacy or cookie policies are present, and no consent mechanisms are implemented, indicating GDPR compliance gaps. The use of Google Analytics without cookie consent further impacts privacy compliance. No incident response or vulnerability disclosure information is provided. Overall, the website presents a moderate risk profile with good business credibility but requires improvements in security posture and privacy compliance to enhance trust and regulatory adherence.

H

Hauser's Jewelers

hausersjewelers.com

60

Hauser's Jewelers is a long-established retail and e-commerce business specializing in high-end jewelry and watches, with a heritage dating back to 1898. The website serves as a professional online storefront built on the Shopify platform, showcasing various jewelry collections and brands. The business targets consumers seeking luxury jewelry and watch products, offering both sales and repair services. The site demonstrates consistent branding and good content quality, reflecting its market position as a reputable jeweler. Technically, the website leverages modern web technologies including Shopify's Expression theme, web fonts, and JavaScript libraries. It is hosted on Shopify's infrastructure with Network Solutions as the domain registrar. The site is mobile-optimized and provides a good user experience with clear navigation and product presentation. Performance is moderate, with standard Shopify CDN usage. From a security perspective, the site uses HTTPS and has domain transfer protections in place. However, DNSSEC is not enabled, and no explicit security headers were detected in the provided data. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms. Contact information is limited to contact forms without explicit emails or phone numbers. No vulnerability disclosure or incident response information is provided. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy compliance and security header implementation to improve its security posture and regulatory adherence.

R-Systems is an Estonian software development company specializing in hydrography and spatial data software solutions, founded in 1989. The company offers services including hydrographic survey software, spatial data processing, and sensor integration, targeting sectors such as military, air surveillance, logistics, and GIS. The website reflects a small, niche technology business with a long operational history but limited online presence and content depth. Technically, the website uses basic HTML, CSS, and JavaScript with Google Analytics for tracking. The site lacks modern frameworks or CMS and shows basic performance and SEO optimization. Mobile optimization and accessibility are minimal, indicating room for improvement in digital maturity. From a security perspective, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies, which are critical for GDPR compliance. No contact information or incident response details are provided, limiting transparency and trust. The use of Google Analytics without a consent mechanism further impacts privacy compliance. Overall, the website presents a moderate risk profile with no critical security issues detected but several compliance and usability gaps. Strategic improvements in privacy policies, security headers, mobile optimization, and contact transparency are recommended to enhance trust and compliance.

The website cityntel.com represents a small Chinese company specializing in the rental, leasing, sales, and recycling of diesel generators ranging from 30KW to 2000KW, focusing on imported brands such as Cummins, Mitsubishi, and Caterpillar. The target audience includes infrastructure sectors such as railway, transportation, municipal engineering, real estate, factories, hotels, and construction sites. The business model is primarily service-oriented, providing equipment solutions tailored to client needs. The website content is primarily in Simplified Chinese and provides product listings, case studies, team introductions, and news updates related to diesel generators. Technically, the website is built on the EmpireCMS platform, utilizing standard web technologies including HTML5, CSS, JavaScript, and libraries such as Blazy for lazy loading and WOW.js for animations. The site has basic mobile optimization and moderate performance but lacks advanced SEO and accessibility features. There is no evidence of modern frameworks or advanced hosting details. The WHOIS data shows inconsistencies, including a domain creation date in the future and minimal registrant information, which raises legitimacy concerns. From a security perspective, the website lacks critical security headers, DNSSEC is not enabled, and there is no visible HTTPS enforcement information. Privacy and cookie policies are absent, and no incident response or vulnerability disclosure information is provided. These gaps indicate a low security maturity level and potential compliance issues with data protection regulations such as GDPR. Overall, the website presents a functional but basic online presence for a niche diesel generator rental business. The main risks relate to domain legitimacy concerns and insufficient security and privacy practices. Strategic improvements in security posture, compliance documentation, and WHOIS transparency are recommended to enhance trust and reduce operational risks.

E

Eklips Digital

eklips.se

57

Eklips Digital is a specialized provider of subscription-based corporate websites, targeting listed and non-listed companies primarily in the Nordic region. Founded in 2011, the company offers a Corporate Website as a Service (CWaaS) platform that includes web development, design, branding, hosting, maintenance, security, and support services. Their market position is strengthened by serving 10% of Nasdaq Stockholm Main Market companies and delivering over 300 websites with a 99.9% uptime guarantee. The website is professionally designed using modern technologies such as Next.js and React, reflecting a mature digital infrastructure. However, the absence of WHOIS data for the domain www.eklips.se raises concerns about domain registration legitimacy, which should be verified. Security posture is moderate with no visible vulnerabilities but lacks explicit security headers and incident response information. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website presents a trustworthy and professional business presence but requires improvements in compliance and domain legitimacy verification.

A

Afternic (GoDaddy Operating Company, LLC)

ryapolov.com

70

The website ryapolov.com is a domain sales landing page hosted on the Afternic platform, a domain aftermarket service owned by GoDaddy Operating Company, LLC. It offers the domain ryapolov.com for sale with options to buy outright or lease to own. The site targets domain buyers including businesses and individuals seeking premium domain names. The business model is focused on domain brokerage and sales, leveraging GoDaddy's extensive infrastructure and brand recognition. The platform provides contact forms and phone support to facilitate domain price inquiries and transactions. Technically, the site is built using modern web technologies including React and Next.js, hosted on Amazon AWS infrastructure. It employs HTTPS with strong security headers and integrates third-party services such as Klarna for payments and Trustpilot for reputation. The site is optimized for performance and mobile responsiveness, with good SEO and basic accessibility features. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature digital presence. From a security perspective, the website demonstrates strong posture with enforced HTTPS, secure forms protected by reCAPTCHA, and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policy documentation and incident response contact information, which are recommended for enhanced trust and compliance. The absence of WHOIS data for the domain reduces transparency but is likely due to privacy protection or query limitations. Overall, the site is legitimate, professional, and secure, suitable for its domain sales purpose. The overall risk assessment is low, with recommendations to improve transparency by publishing security policies and incident response details, enhancing accessibility, and maintaining regular audits of third-party scripts. These steps will further strengthen trust and compliance in the competitive domain aftermarket space.

N

Nord Property Ltd

nordproperty.com

43

Nord Property Ltd is a medium-sized real estate company based in Estonia, specializing in international real estate services including brokering, property management, consulting, appraisal, investment counseling, and development sales. The company targets property buyers, sellers, and investors primarily in Estonia and Spain, offering multilingual support and a professional service portfolio. The website is well-structured with clear navigation and relevant content, supporting a good user experience and moderate mobile optimization. Technically, the site uses common analytics and tracking tools such as Google Analytics and Google Tag Manager, along with Google Maps API for location services. However, no CMS or hosting provider details were identified, and performance is moderate.

C

For Sale Page

copterline.com

51

The website copterline.com currently serves as a domain parking and sales page hosted by the Spaceship.com marketplace platform. It does not represent an active business but offers the domain for sale with a fixed price and option to make an offer. The site targets domain investors and buyers, providing secure payment options and transaction support. The branding is consistent with the Spaceship marketplace, and the site includes a contact form for potential buyers to submit their information. Technically, the site uses standard HTML, CSS, and JavaScript, hosted on Spaceship's CDN infrastructure, with moderate performance and good mobile optimization. However, the site lacks advanced SEO, accessibility features, and security headers. The WHOIS data shows inconsistencies such as a future creation date and missing registrant details, which lowers trustworthiness. No privacy, cookie, or terms of service policies are present, and no direct company contact emails or phone numbers are provided. Overall, the site is functional for domain sales but lacks comprehensive business and security information.

I

interUX Usability Engineering Studio OÜ

interux.com

47

interUX Usability Engineering Studio OÜ is a small, Estonia-based consultancy specializing in user experience and usability engineering services across Estonia, Latvia, and Russia. With over 20 years of professional expertise, the company offers a comprehensive suite of UX services including user interface design, expert evaluations, field studies, usability testing, and eye tracking. Their client base spans multiple industries such as retail, insurance, travel, and telecommunications, positioning them as a trusted usability partner in the region. Technically, the website employs a basic but functional technology stack consisting of HTML, CSS, JavaScript, and Google Analytics for visitor tracking. The site is moderately optimized for performance and SEO, with basic mobile responsiveness and accessibility features. However, there is no evidence of a CMS or advanced frameworks, indicating a relatively simple infrastructure. From a security perspective, the domain is well-established with a consistent WHOIS record and domain status protections. However, the website lacks critical security headers, DNSSEC is not enabled, and there is no visible HTTPS enforcement or privacy compliance mechanisms such as privacy or cookie policies. Google Analytics is used without a cookie consent banner, which may raise GDPR compliance concerns. Overall, the website presents a professional and credible business front but requires improvements in privacy compliance and security best practices to reduce risk and enhance trust. Strategic recommendations include implementing privacy and cookie policies, enabling DNSSEC, adding security headers, enforcing HTTPS, and providing incident response information.

A

Ambient Sound Investments

asi.ee

46

Ambient Sound Investments (ASI) is a private asset management firm established in 2003 by four founding engineers of Skype. The company operates as a family office with a focus on investments across venture capital, private equity, listed equity, and real assets, with assets geographically located in Europe, the US, and Asia. The website presents a professional image with clear navigation and relevant business content, targeting investors and professionals interested in diversified asset management. The business model is niche and specialized, leveraging the founders' technology and finance backgrounds. Technically, the website is built on the Voog CMS platform, utilizing standard web technologies such as JavaScript, CSS, and HTML5. The site is mobile optimized and performs moderately well, though accessibility features are basic. The hosting and domain registration are consistent with the business location in Estonia, with no signs of privacy protection or suspicious WHOIS data. External scripts are limited and primarily related to the CMS platform. From a security perspective, the website benefits from HTTPS with a valid SSL certificate, but lacks important security headers and visible security policies. There are no privacy or cookie policies, nor contact information for security incidents or data protection officers. No vulnerabilities or exposed sensitive data were detected, but the absence of key compliance documents and security headers represents a moderate risk. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, improved security headers, and clearer contact information to strengthen trust and regulatory adherence.

S

Sviiter Studio

sviiter.ee

56

Sviiter Studio is a small, independent full-service design-oriented studio based in Estonia, specializing in branding, digital, and print design services. The company positions itself as innovative and client-focused, targeting businesses and organizations seeking comprehensive design solutions. The website is professionally designed using the Squarespace platform, featuring clear navigation, responsive design, and integration with social media channels such as Instagram, Facebook, and Behance. Technical infrastructure leverages modern web technologies and content delivery networks to ensure moderate performance and good user experience across devices. Security posture is strong with HTTPS enforced, HSTS enabled, and a cookie consent mechanism in place, although explicit privacy policies and incident response information are absent. Overall, the website reflects a trustworthy and credible business presence with room for improvement in privacy compliance and security transparency.

E

Eton

etonshirts.com

72

Eton is a well-established Swedish brand specializing in premium men's shirts and accessories, with a history dating back to 1928. The company operates a sophisticated e-commerce platform targeting men seeking quality and style in shirts and related apparel. Their market position is strong within the premium retail segment, supported by a comprehensive product range including custom-made options and a membership club offering exclusive benefits. Technically, the website is built on modern frameworks such as Next.js and React, leveraging Contentful CMS and integrating analytics tools like Google Tag Manager and Voyado. The site demonstrates excellent design quality, mobile optimization, and accessibility, providing a seamless user experience. Security posture is robust with HTTPS enforcement, security headers, and no visible vulnerabilities, although the absence of explicit security policy or incident response information is noted. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. However, the WHOIS data for the domain is missing, which raises concerns about domain registration transparency despite the site's legitimacy and professional appearance. Overall, the website is secure, professional, and user-friendly but would benefit from improved domain registration transparency and explicit security disclosures.