Security Directory

S

Sponsoring.fr

sponsoring.fr

45

Sponsoring.fr is a French media website specializing in sport-business and sports marketing. It provides news, analysis, and magazine content focused on sponsorship and marketing in the sports sector. The site targets professionals and enthusiasts interested in sports marketing, offering subscription-based premium content alongside advertising revenue streams. Technically, the website is built on WordPress using the jNews theme and WPBakery Page Builder, integrating Google Analytics and advertising scripts from Op­ti-Digital. The site is mobile-optimized with good SEO practices and moderate performance. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though some security headers could be improved. Privacy and cookie policies are present with consent mechanisms, indicating GDPR compliance. However, the absence of WHOIS registration data reduces domain trustworthiness, warranting further verification. Overall, the website is professional and trustworthy from a content and technical perspective but should address domain registration transparency.

G

Groupe Sport.fr SA

sport.fr

59

Sport.fr is a French media company operating an online sports news platform that covers over 100 sports, providing live updates, results, transfer market news, and various sports-related content. The website targets sports enthusiasts primarily in France and French-speaking regions, positioning itself as a comprehensive source for sports news. The company behind the site is Groupe Sport.fr SA, a medium-sized entity with a professional online presence and active social media channels. Technically, the website is built on WordPress using the Blocksy theme and incorporates modern JavaScript libraries and third-party services such as Google Tag Manager, Ezoic, and Taboola for advertising and analytics. The site is mobile-optimized and performs moderately well, with good SEO and basic accessibility features. From a security perspective, the site enforces HTTPS and uses a consent management platform to comply with GDPR cookie requirements. However, it lacks several security headers and does not publicly provide a privacy policy or terms of service page, which are important for compliance and user trust. No WHOIS data is publicly available, indicating privacy protection for the domain registration, which is common for media websites. Overall, Sport.fr presents a professional and credible sports media platform with room for improvement in privacy transparency and security best practices. Strategic recommendations include publishing clear privacy and terms policies, enhancing security headers, and establishing a vulnerability disclosure process to strengthen trust and compliance.

E

eoacomdev

emailonacid.com

76

Email on Acid is a technology company specializing in email pre-deployment solutions, offering a comprehensive SaaS platform that enables marketers and developers to build, test, optimize, and analyze email campaigns. The company holds a strong market position as a leading provider in email testing and analytics, supported by industry certifications such as SOC 2 type 1, ISO 27001, and GDPR compliance. Their platform targets email marketing professionals seeking to improve campaign quality and ROI through advanced testing and analytics tools. Technically, the website is built on WordPress with modern SEO and performance optimizations, including the use of Yoast SEO, WP Rocket, and integrations with Google Analytics, Google Tag Manager, RudderStack, and Qualified for marketing and analytics. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, contributing to a fast and user-friendly experience. From a security perspective, the company emphasizes compliance and certifications, though some security headers are not explicitly detected. The site uses HTTPS and secure forms, and includes cookie consent mechanisms aligned with GDPR. However, the absence of WHOIS registration data introduces some uncertainty regarding domain legitimacy, though the professional presentation and certifications mitigate this concern. Overall, Email on Acid presents a mature and trustworthy digital presence with strong business credibility and technical infrastructure. The main risk lies in the lack of publicly available domain registration data, which should be monitored. Strategic recommendations include enhancing security headers, publishing incident response contacts, and establishing a vulnerability disclosure policy to further strengthen trust and security posture.

S

Sigma Embedded Engineering AB

sigmaembeddedengineering.se

48

Sigma Embedded Engineering AB is a Swedish technology consulting company specializing in embedded engineering, product development, electrification, AI, digitalization, and connectivity solutions. As part of the larger Sigma Group, it benefits from a strong market position with a medium-sized workforce and a broad service offering targeting technology professionals and clients in energy and transport sectors. The website reflects a professional and consistent brand image with clear contact information and active recruitment efforts. Technically, the website is built on WordPress with modern plugins and tools such as Yoast SEO, Google Analytics, and Google Tag Manager. It is hosted by Loopia AB, a reputable registrar and hosting provider. The site is mobile optimized and performs moderately well, with good SEO practices implemented. However, some improvements could be made in accessibility and security headers. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and important security headers. There is no visible privacy policy or incident response information, which are gaps in compliance and security transparency. Cookie consent is implemented properly, indicating some attention to privacy compliance. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security disclosures to improve compliance and user trust. Strategic recommendations include adding a privacy policy, enabling DNSSEC, publishing security policies, and implementing security headers.

D

Danir Group

expectabettertomorrow.com

45

Expect a Better Tomorrow is a Swedish non-profit initiative focused on annual charitable campaigns that promote social and environmental causes, supported and guaranteed by Danir Group. The website presents multiple past and current initiatives aimed at improving lives, such as supporting children in southern Africa and promoting gender equality in technology. The site is built on WordPress and uses common web technologies including Google Analytics and Tag Manager for tracking. While the site is well designed, mobile optimized, and professionally presented, it lacks explicit privacy, cookie, and security policies, which are important for compliance and user trust. The domain registration is consistent and transparent, supporting the legitimacy of the organization.

S

Sigma Software

sigma.software

74

Sigma Software is a well-established global technology consulting and software development company founded in 2002, with a strong market position among the top 100 outsourcing companies worldwide. The company offers a broad range of services including custom software development, IT consulting, dedicated teams, cybersecurity, AI consulting, and legacy system modernization. Their target audience includes enterprises, product houses, and startups seeking reliable technology partners. The website reflects a mature digital presence with professional design, comprehensive content, and multiple global offices, primarily in Ukraine and Europe. Technically, the website is built on WordPress with modern frameworks and integrates Google Tag Manager, Google Analytics, and cookie consent mechanisms, indicating a good level of digital maturity. The site is mobile-optimized, accessible, and SEO-friendly, although performance is moderate. Security posture is solid with HTTPS and cookie consent but lacks explicit security headers and published security policies. No WAF or blocking mechanisms were detected, and the domain registration is privacy-protected but consistent with the business profile. Overall, the security posture is good but could be improved by publishing security policies, incident response contacts, and implementing security headers. Privacy compliance is basic due to the absence of a visible privacy policy and terms of service. Business credibility is high with clear contact information, social proof, and trust indicators. The risk level is moderate with recommendations to enhance transparency and security best practices.

S

Stellis

stellis.co

45

Stellis is a small technology company founded in 2021, specializing in sports technology solutions. Their flagship product, Stellis One, offers an integrated platform for sports organizations. The company positions itself as a trusted tech partner for the digital transformation of sports entities, leveraging a team of executive managers, developers, and consultants with a passion for sports. Their market position is focused on innovation and comprehensive digital tools tailored to sports organizations. Technically, the website is built on WordPress with modern plugins and uses Google Analytics for tracking. The site is mobile optimized and SEO friendly, though performance is moderate. Security posture is good with HTTPS enabled and no obvious vulnerabilities, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but could improve transparency and compliance.

V

Visit Malta

visitmalta.com

69

Visit Malta operates as the official tourism website for Malta, Gozo, and Comino, providing comprehensive travel information, ticket booking, and activity discovery services. The website targets tourists and travelers interested in visiting Malta and offers a well-structured, content-rich platform with excellent design and SEO optimization. Technically, the site is built on WordPress using Elementor and Yoast SEO, integrating multiple third-party analytics and marketing tools such as Google Analytics, TikTok Pixel, and Facebook Pixel. The security posture is good with HTTPS enabled and no visible vulnerabilities, though security headers could be improved. However, the absence of publicly available WHOIS data and missing privacy and cookie policies represent compliance and trust gaps. Overall, the site is professional and functional but would benefit from enhanced transparency and security policy disclosures.

R

Raccoon Media Group Ltd

raccoonevents.com

70

Raccoon Media Group Ltd is a UK-based media and events company founded in 2021, specializing in mobilizing passion-led B2C and B2B communities globally. The company operates multiple specialist brands and events, delivering year-round content and advice to niche audiences. Their market position is that of a dynamic, high-growth media business with a medium-sized operational scale. Technically, the website is built on WordPress with modern SEO and consent management tools, hosted with Cloudflare DNS and registrar services. The site is well-structured, mobile-optimized, and integrates Google Tag Manager for analytics. Security posture is solid with HTTPS enforced and domain transfer protections, though improvements are recommended in security headers and DNSSEC. Privacy compliance is good with clear cookie consent and a privacy policy, but lacks explicit security and incident response policies. Overall, the website is professional, trustworthy, and business credible, with minor technical and security enhancements advised.

R

Raccoon Media Group Ltd

raccoonmediagroup.com

70

Raccoon Media Group Ltd is a UK-based media and events company founded in 2021, specializing in mobilizing passion-led B2C and B2B communities globally. Their business model revolves around organizing events and delivering media content year-round to niche audiences, positioning themselves as a dynamic and high-growth player in the media sector. The website reflects a professional and consistent brand presence with clear navigation and relevant content showcasing their brands and news updates. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and uses Google Tag Manager for analytics and marketing. Hosting and DNS services are provided by Cloudflare, ensuring good performance and security. The site is mobile-optimized and includes cookie consent mechanisms compliant with GDPR, indicating a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses clientTransferProhibited status on the domain, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or suspicious content were detected. Privacy compliance is well addressed with clear privacy and cookie policies and user consent options. Overall, the website is trustworthy and professionally maintained with good business credibility and privacy compliance. Strategic improvements in security headers, incident response transparency, and vulnerability disclosure would enhance the security posture and trust further.

E

European Karate Federation

europeankaratefederation.net

61

The European Karate Federation website serves as the official digital presence for the continental karate governing body in Europe. It provides comprehensive news, event calendars, organizational structure details, and contact information targeted at athletes, coaches, referees, and karate enthusiasts. The site is built on WordPress with modern plugins for SEO, cookie compliance, and user engagement, reflecting a moderate to advanced digital maturity. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though additional security headers could enhance protection. The absence of WHOIS registration data is a notable anomaly that slightly impacts trust but does not detract from the professional presentation and compliance evident on the site. Overall, the website effectively supports the federation's mission and community engagement.

E

European Chess Union

europechess.org

49

The European Chess Union (ECU) operates as the continental governing body for chess in Europe, organizing championships, supporting member federations, and promoting chess education. The website serves as an information hub for news, events, commissions, and official communications. The organization targets chess players, federations, and enthusiasts across Europe, positioning itself as a key non-profit sports federation in the chess domain. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and various plugins for event management and media embedding. The site is mobile-optimized with good navigation and content structure, though accessibility features are basic. Performance is moderate, with room for improvement in SEO and accessibility. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and a public vulnerability disclosure policy. The absence of a privacy policy and WHOIS data reduces compliance and trust scores. No blocking or WAF mechanisms were detected, indicating full content accessibility. Overall, the site is professional and trustworthy from a content and business perspective but would benefit from enhanced privacy disclosures, security headers, and transparent domain registration information to improve compliance and trustworthiness.

S

Sigma Industry West

sigmaindustrywest.se

40

Sigma Industry West is a Swedish consulting company specializing in technical expertise across various industrial sectors including product development, embedded systems, production technology, and energy. As part of the larger Sigma Group owned by Danir, the company has established a strong regional presence since 2014, offering both on-site consultants and project-based services. Their website reflects a professional and consistent brand with detailed service descriptions and contact information for multiple key personnel. Technically, the website is built on WordPress with modern tools such as Yoast SEO, Google Analytics, and slick sliders, providing a good user experience and mobile optimization. However, there is room for improvement in security practices, including the implementation of security headers and explicit privacy and cookie policies. The absence of WHOIS data for the exact domain suggests it is a subdomain or alias, which slightly impacts trust but does not detract from the overall legitimacy given the strong branding and group affiliation. Security posture is moderate with HTTPS usage and no visible sensitive data exposure, but lacks formal security policies and incident response information. Analytics usage is moderate with tracking via Google and Facebook pixels, but privacy compliance indicators are minimal. Overall, the site is professional and credible but would benefit from enhanced transparency and security hardening.

S

Sigma Industry East North AB

sigmaindustryeastnorth.se

43

Sigma Industry East North AB is a Swedish engineering consulting company specializing in product development, production development, project management, validation, and quality assurance. As part of the larger Sigma group owned by Danir AB, it benefits from a global network spanning 17 countries and 66 cities. The company positions itself as a provider of high-quality engineering services with a strong local presence in Sweden and a commitment to sustainable technological advancement. The website reflects a professional and modern digital presence built on WordPress, incorporating SEO best practices and user-friendly design. The technical infrastructure includes common industry tools such as Google Tag Manager and Hotjar for analytics and user behavior tracking. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in DNS security and HTTP security headers. No critical vulnerabilities or blocking WAF mechanisms were detected, indicating stable accessibility and operational maturity.

W

Women Sports – Femmes et Sports – Sport au féminin

womensports.fr

44

Women Sports is a French media platform dedicated to women's sports, offering news, results, interviews, and a magazine subscription service. The website targets French-speaking sports enthusiasts, particularly women interested in female athletes and sports culture. It operates under the Sport & Sponsoring Media Group and maintains a subsidiary focused on African content. Technically, the site is built on WordPress with modern plugins and uses Google Analytics for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, HTTPS is enforced and Google reCAPTCHA is implemented, but the absence of security headers and missing WHOIS data slightly reduce trust. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the site is professional and trustworthy but could improve security posture and transparency.

M

Monaco Info

monacoinfo.com

57

Monaco Info is a small media company focused on delivering news, video content, and live streaming services centered around Monaco. The website is well-structured, professionally designed, and targets residents and visitors interested in local news and events. The technical infrastructure is based on WordPress with modern web technologies, providing a good user experience and mobile responsiveness. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and DNSSEC. No explicit privacy or security policies are published, which is a compliance gap. The domain is long-established and consistent with the business claims, enhancing trustworthiness.

P

Peace and Sport

peace-sport.org

45

Peace and Sport is an established international non-profit organization founded in 2007, dedicated to promoting peaceful, inclusive, and equitable communities through sport. The organization leverages a network of high-profile sports champions and global partnerships to advance peacebuilding initiatives worldwide. Their website reflects a professional and consistent brand image, with clear messaging and active engagement channels including social media and event forums. Technically, the site is built on WordPress with modern plugins and themes, providing good mobile responsiveness and SEO optimization. Security posture is strong with HTTPS and reCAPTCHA integration, though explicit security headers and privacy policies are lacking. The absence of WHOIS data limits domain trust verification but does not detract significantly from the organization's credibility given its public profile and external trust signals. Overall, the website serves as an effective platform for advocacy and stakeholder engagement in the peace through sport sector.

Habaja Viinavabriku is a small Estonian winery and distillery specializing in handcrafted berry and fruit wines, including sparkling varieties, produced primarily from local ingredients. Located 45 km from Tallinn, the business offers wine tastings, guided tours, weekend pizza café services, and event catering, positioning itself as a niche artisanal hospitality provider. The website is built on WordPress with a standard theme and SEO plugin, reflecting a moderate level of digital maturity. While the site is well-structured and content-rich, it lacks formal privacy and cookie policies, which are important for GDPR compliance. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and incident response information. Overall, the business presents a trustworthy and professional image with clear contact details and social media presence.

H

Hindreku talu

hindrekutalu.ee

54

Hindreku talu is a small hospitality business based in Estonia, offering lodging, learning opportunities, and event hosting in a natural and inspiring environment. The website reflects a niche local hospitality provider with a clear focus on providing a unique experience in a rural setting. The business was founded in 2016, consistent with the domain registration date, and operates under Elkdata OÜ as the registrar and hosting provider. The website uses WordPress with the Astra theme and Elementor page builder, integrating modern SEO tools such as Rank Math and analytics services including Google Analytics and Plausible. A cookie consent mechanism is implemented with detailed user preferences, indicating a basic level of privacy compliance.

V

Valgeranna Veinitall

veinitall.ee

43

Valgeranna Veinitall is a small Estonian hospitality business specializing in local wine tasting, event hosting, and wine sales. The website presents a niche local offering with a focus on historic ambiance and quality wine experiences near Pärnu, Estonia. The business appears to be newly established in 2021 and targets local visitors and wine enthusiasts. Technically, the website is built on WordPress using the Divi theme and WooCommerce for e-commerce capabilities. It integrates Google Tag Manager and Facebook Pixel for analytics and marketing purposes, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no WAF blocking detected, but lacks advanced DNS security (no DNSSEC) and security headers. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is functional and professional but would benefit from enhanced security and privacy practices.

V

V360 agency

vvunk.ee

43

V360 Agency OÜ is a small Estonian digital agency specializing in web development, e-commerce solutions, branding, and full digital marketing services. The company positions itself as a creative and professional partner for businesses seeking to elevate their digital presence. Their website showcases a portfolio of projects and client testimonials, indicating a trusted market position within their niche. Technically, the website is built on WordPress with modern JavaScript libraries such as Swiper.js and Tippy.js, and integrates Google Tag Manager and reCAPTCHA for analytics and security. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Security posture is adequate with HTTPS and reCAPTCHA, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Overall, the domain registration is consistent and transparent, supporting the legitimacy of the business.

Z

Zone Media OÜ

wland.ee

48

Wland.ee is a regional hospitality and event platform focused on promoting Läänemaa, Estonia as an ideal destination for team events, seminars, and corporate gatherings. The website aggregates information about seminar rooms, team activities, and leisure options, targeting businesses and organizations seeking venues and experiences in the region. The business is relatively new, founded in 2023, and operated by Zone Media OÜ. The platform positions itself as a comprehensive resource for event planning in a natural and tranquil environment, emphasizing quality services and cultural experiences. Technically, the website is built on WordPress using the Kadence theme and Yoast SEO plugin, with Google Tag Manager integrated for analytics and CookieYes for cookie consent management. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Hosting and domain registration are consistent with the business entity, though DNSSEC is not enabled, and some security headers are missing. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks advanced security headers and explicit security or incident response policies. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, indicating awareness of GDPR requirements. Contact information is primarily via email and web forms, with no phone numbers or physical addresses explicitly provided. Overall, Wland.ee presents a professional and trustworthy platform for its niche market, with room for improvement in security hardening and expanded compliance documentation. The domain registration and website content align well, supporting legitimacy and business credibility.

A

Ask Any Difference

trackduck.com

71

Ask Any Difference is a small technology-focused informational website founded in 2019, providing a broad range of articles, guides, and tutorials related to computer software and technology. The site targets individuals interested in improving their computer skills and understanding software programs. The business model centers on content publishing with monetization likely through affiliate marketing and advertising. Technically, the site is built on WordPress with common performance and SEO optimizations, including caching and structured data markup. The hosting and domain registration are consistent and legitimate, with no privacy protection used, indicating transparency. Security posture is basic with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The site integrates multiple third-party marketing and analytics tools, including Google Tag Manager and JourneyMV scripts. Overall, the website is functional, content-rich, and moderately secure but would benefit from enhanced security practices and privacy compliance improvements.

A

Aermec

aermec.co.uk

49

Aermec UK Ltd. is a well-established company specializing in Heating, Ventilation, and Air Conditioning (HVAC) solutions for industrial and commercial sectors. With over 60 years of market presence in Europe, they position themselves as market leaders in systems engineering, offering a broad range of HVAC products, servicing, repairs, and comprehensive system testing. Their website reflects a professional and detailed presentation of their products and services, targeting industry and commercial enterprises requiring HVAC solutions. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The site is mobile-optimized and includes SEO best practices such as structured data and meta tags. Performance is moderate, with standard use of JavaScript libraries and tracking tools like Google Analytics and Tag Manager. From a security perspective, the site uses HTTPS with good SSL configuration but lacks visible security headers and explicit privacy or cookie policies, which are important for GDPR compliance. No incident response or vulnerability disclosure information is present, which could be improved to enhance trust and security posture. Overall, the website is professional and credible, but the domain WHOIS data is unavailable and flagged as invalid by the registry, which raises concerns about domain legitimacy or configuration. This discrepancy should be addressed to ensure full trustworthiness and compliance.

S

Sigma Technology Group

sigmatechnology.com

62

Sigma Technology Group is a well-established global technology company founded in 1999, specializing in software and embedded systems development, IT infrastructure, cloud services, and digital transformation. The company targets businesses seeking advanced digital and engineering solutions, positioning itself as a trusted partner with a strong presence in Sweden and international offices. Their key services include software development, AI consulting, DevOps, cloud technology, and automotive solutions, supported by a professional and comprehensive online presence. Technically, the website is built on WordPress with modern JavaScript libraries and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enabled and no exposed sensitive data, though improvements can be made by enabling DNSSEC and publishing explicit security policies. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the website reflects a high level of professionalism, trustworthiness, and business credibility.

Elva Sport is a local sports and culture organization serving the Elva municipality in Estonia. The website provides information about sports facilities, training, events, and community engagement, with a focus on children and youth sports as well as outdoor activities. The organization appears to be a public or non-profit entity, founded around 2019, with a clear local community focus. Technically, the website is built on WordPress using common plugins such as MonsterInsights for analytics and GDPR Cookie Compliance for privacy management. The site is moderately performant, mobile-optimized, and uses HTTPS with a good SSL configuration. Security practices are adequate but could be improved by adding security headers and explicit security policies. Privacy compliance is well addressed with a cookie consent mechanism and a privacy policy page in Estonian. Contact information is clearly presented, enhancing business credibility. Overall, the website is professional, trustworthy, and serves its community purpose effectively.

V

Visit Elva

visitelva.com

48

Visit Elva operates as a regional tourism information portal focused on promoting the Elva area in Estonia. The website provides visitors with information on local attractions, events, accommodation, dining, and active leisure opportunities. It targets tourists and visitors seeking authentic experiences in the Elva region, positioning itself as a key resource for regional tourism promotion. The business model centers on providing curated content and event promotion to enhance visitor engagement and regional visibility. Technically, the website is built on WordPress using the Elementor page builder, leveraging modern web technologies such as jQuery, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site demonstrates good mobile optimization, accessibility features, and SEO practices, contributing to a positive user experience. Hosting and domain registration are consistent with the business location and purpose. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, it lacks DNSSEC and advanced security headers, which could enhance its security posture. No explicit security policies or incident response contacts are published, indicating room for improvement in transparency and readiness. Overall, Visit Elva presents a professional and trustworthy online presence with solid content and technical foundations. Strategic enhancements in security policies, DNS security, and incident response disclosures would further strengthen its risk management and compliance posture.

E

Elva Kultuur

elvakultuur.ee

44

Elva Kultuur is a local government cultural portal serving the Elva municipality in Estonia. The website consolidates information about various cultural institutions and events within the municipality, targeting residents and visitors interested in cultural activities. It provides event calendars, news updates, and detailed pages for multiple cultural houses and centers. The site is positioned as an official source for cultural information in the region, supported by local government entities.

A

Aermec S.p.A.

aermec.com

60

Aermec S.p.A. is a well-established international company specializing in air conditioning solutions and green technologies. The company positions itself as a leading global brand with a broad international presence, supported by multiple subsidiaries across Europe, North America, and Latin America. The website reflects a professional corporate identity with multilingual support and clear business information, targeting international customers and partners in the energy and HVAC sectors. Technically, the website is built on WordPress with common plugins and libraries, offering a moderate performance and good mobile optimization. However, there is room for improvement in accessibility and security headers implementation. Security posture is adequate with HTTPS implied, but lacks explicit security policies and headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is credible and functional but would benefit from enhanced security and privacy transparency.

The website linnuriik.ee serves as an informational and promotional platform focused on birdwatching and nature tourism in Matsalu National Park, Estonia. It provides detailed descriptions of bird species, observation towers, hiking trails, and virtual tours, targeting nature enthusiasts and tourists interested in the region. The site is operated by the Foundation of Lääne County and funded by the European Regional Development Fund, indicating a regional public interest focus. Technically, the website is built on WordPress using a modern tech stack including popular plugins like Yoast SEO, WPBakery Page Builder, and Slider Revolution. The site is hosted under the registrar Zone Media OÜ, an Estonian entity, with HTTPS enabled and good SEO practices implemented. Mobile optimization and accessibility are adequate, though some improvements could be made. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks DNSSEC and important security headers, and does not publish explicit security or incident response policies. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms, which is a notable gap given GDPR requirements. Overall, the website is a well-maintained regional informational resource with good business credibility but requires enhancements in privacy compliance and security best practices to improve trust and regulatory adherence.

V

Visit Haapsalu

visithaapsalu.com

45

Visit Haapsalu is a regional tourism promotion website focused on Haapsalu and Läänemaa in Estonia, targeting tourists including families, couples, and health seekers. The site provides comprehensive travel information, event listings, guided tours, and recommendations for accommodation and dining. It positions itself as a key regional tourism information portal with a consistent brand and active social media presence. Technically, the website is built on WordPress using Elementor and Yoast SEO, integrating Google Analytics for visitor tracking. The site is mobile-optimized and offers good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers are missing and no explicit cookie consent mechanism is present. The absence of WHOIS data for the domain is a notable concern, reducing trust in domain legitimacy despite the professional website content. Overall, the site is functional, informative, and trustworthy for visitors but would benefit from enhanced transparency and security practices.

E

Ettevõtlusnädal 2025

ettevotlusnadal.ee

39

Ettevõtlusnädal 2025 is a prominent Estonian nationwide entrepreneurship event organized annually by regional development centers to foster entrepreneurial spirit and support business startups. The website serves as an information hub for event programs, regional trainings, and inspirational content targeting entrepreneurs and aspiring business owners. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and security, including Google Tag Manager and reCAPTCHA. The site is well-optimized for mobile and SEO, with structured data enhancing search visibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were found. Overall, the site reflects a trustworthy and professional digital presence for a non-profit event organization.

P

Peace and Sport

april6.org

58

April6.org is a professionally designed website representing the International Day of Sport for Development and Peace, an initiative by the non-profit organization Peace and Sport based in Monaco. The site serves as a platform to promote awareness, mobilize organizations and individuals, and share impactful stories related to sport's role in peacebuilding and sustainable development. It features multilingual support, partner endorsements, and calls to action including donations and toolkit downloads. Technically, the site is built on WordPress using the Divi theme, integrates Google Analytics for tracking, and uses Mailjet for newsletter subscriptions. The website is well-structured with good SEO practices and mobile optimization, though it lacks explicit privacy and cookie policies, which impacts privacy compliance scoring. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but security headers are not explicitly detected. WHOIS data is unavailable due to privacy protection or query failure, which limits domain trust transparency but is not uncommon for non-profit organizations. Overall, the site is credible, functional, and serves its advocacy purpose effectively.

C

CoreIT

coreit.se

65

CoreIT is a Swedish IT company providing a comprehensive range of IT services targeting businesses and organizations. The website is built on a modern WordPress platform using Elementor, indicating a moderate level of digital maturity. The site features good design quality, mobile responsiveness, and SEO optimization, supporting a positive user experience. However, the absence of WHOIS data for the exact domain queried limits the ability to fully verify domain legitimacy and business registration details. Security posture is moderate with no visible advanced security headers or policies, and privacy compliance is weak due to missing privacy and cookie policies. Tracking technologies such as Facebook Pixel and LinkedIn Insight are used, indicating moderate user tracking. Overall, the website presents a professional front but would benefit from enhanced transparency and security practices.

C

Cleverec AB

cleverec.se

42

Cleverec AB operates a specialized SaaS platform called Cleverservice, designed to streamline referee assignments, digital receipts, payments, and tax reporting for sports associations primarily in Sweden. The company has an established market presence since 2014, focusing on a niche segment with tailored services for associations and referees. The website is built on WordPress with the Divi theme, incorporating modern web technologies and analytics tools such as Google Analytics and Google Tag Manager. The site demonstrates good content quality, clear navigation, and mobile optimization, supporting a positive user experience. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though improvements such as enabling DNSSEC and additional security headers are recommended. Privacy compliance is well addressed with a dedicated GDPR page and cookie policy. Overall, the website reflects a professional and trustworthy digital presence aligned with the company's business objectives.

T

Tervise Paradiis

terviseparadiis.ee

54

Tervise Paradiis is a well-established 4-star spa hotel and water center located in Pärnu, Estonia, offering a comprehensive range of leisure and wellness services including accommodation, water park facilities, sports complex, bowling, and dining options. The business targets spa and wellness tourists, families, and leisure travelers, positioning itself as a leading hospitality provider in the region. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress CMS, leveraging modern SEO tools and cookie consent management, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks some advanced security headers and published security policies. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. Strategic improvements in privacy compliance and security transparency would enhance trust and compliance.

K

Keep.eu

keep.eu

48

Keep.eu is a specialized platform providing aggregated information on Interreg and IPA-IPA cross-border projects, partners, and programmes. It serves governmental and non-profit organizations involved in cross-border cooperation by consolidating operational and financial data in one accessible location. The website leverages a WordPress CMS with modern JavaScript libraries and integrates Google services such as Maps and Analytics, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and reCAPTCHA implemented, but lacks comprehensive privacy and security policies, which are critical for compliance and trust. Overall, the platform is functional and professionally presented but would benefit from enhanced transparency and security documentation.

S

Sport For One Humanity

sportforonehumanity.org

56

Sport For One Humanity is a non-profit initiative launched in 2022 by Turkish Airlines with support from the United Nations Alliance of Civilizations (UNAOC). The initiative focuses on empowering grassroots organizations that use sport as a tool for peace, development, and social inclusion. The website presents a professional and consistent brand image, highlighting capacity-building, mentorship, and visibility services for civil society organizations worldwide. Technically, the site is built on WordPress using the Divi theme and several plugins, hosted on Quadranet servers, and secured with HTTPS. However, it lacks published privacy and cookie policies, security headers, and explicit contact information, which are important for compliance and trust. No WAF or blocking mechanisms were detected, and the site content is fully accessible.

T

The Intercultural Innovation Hub

interculturalinnovation.org

57

The Intercultural Innovation Hub is a non-profit initiative established in 2011, operating as a partnership between UNAOC and the BMW Group. It focuses on supporting innovative grassroots projects that promote intercultural dialogue and cooperation globally. The website presents a professional and consistent brand image with good content quality targeting changemakers and organizations interested in social innovation. Technically, the site is built on WordPress with a modern tech stack including Yoast SEO, Google Analytics, and Facebook Pixel, hosted on Quadranet servers. Mobile optimization and SEO practices are well implemented, though accessibility is basic. Security posture is moderate with HTTPS enabled and domain protection in place, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and credible but would benefit from enhanced privacy and security disclosures.

C

Conviva

conviva.com

65

Conviva operates a leading real-time performance analytics platform focused on digital experience monitoring for media, streaming, and related industries. The company leverages full-census client-side telemetry to provide actionable insights that improve app performance, user engagement, and operational efficiency. Their market position is strong, supported by customer testimonials, industry awards, and extensive use of modern web technologies. The website is professionally designed, mobile optimized, and SEO friendly, reflecting a mature digital presence. However, the absence of WHOIS registration data raises questions about domain registration status, though the active and rich website content suggests legitimate business operations. Security posture is good with HTTPS and no exposed sensitive data, but lacks explicit security policies and vulnerability disclosures. Privacy compliance is basic with cookie consent but no visible privacy policy. Overall, Conviva presents as a credible and professional technology company with room to improve transparency in privacy and security documentation.

C

Coopalsa + Nadal

bus.ad

55

Coopalsa + Nadal operates as a primary public transportation service provider in Andorra, offering regular bus lines and related services. The website serves residents and visitors by providing schedules, ticket sales information, and route details. The company maintains a consistent brand presence and engages users through social media platforms such as Facebook, Twitter, and Instagram. The business model focuses on essential transportation services within the country, positioning itself as a key local operator.

S

Sõeluuring.ee

soeluuring.ee

54

Sõeluuring.ee is a health screening awareness website focused on early detection of cellular changes and pre-cancerous conditions in Estonia. The website provides informational content aimed at encouraging participation in health screenings to improve treatment outcomes. Technically, the site is built on WordPress using the Divi theme, with integrations for Google Analytics and Facebook Pixel for tracking user interactions. The site is hosted with DNS managed by Cloudflare, providing good performance and security benefits. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a significant gap given the use of tracking technologies. Business credibility is moderate, with consistent branding and good content quality, but no explicit contact information or certifications are provided. Overall, the site is functional and professionally designed but would benefit from enhanced privacy compliance and security transparency.

E

Euroheat & Power

ehpcongress.org

50

Euroheat & Power operates the EHP Congress, the largest European event dedicated to district heating and cooling, focusing on the heating transition and decarbonisation. The event attracts over 450 participants, 80+ speakers, and 30+ exhibitors, providing industry insights, networking, and technology showcases. The website is well-branded and professionally designed, targeting industry professionals and stakeholders in the energy sector. Technically, the site is built on WordPress, uses modern JS libraries, and is hosted behind Cloudflare with HTTPS enabled, ensuring good performance and security. However, it lacks explicit privacy and cookie policies, and no security headers were detected, indicating room for improvement in privacy compliance and security hardening. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, enabling DNSSEC, adding security headers, and publishing incident response and vulnerability disclosure information to enhance trust and compliance.

V

Visit Talsi

visittalsi.com

44

Visit Talsi is a regional tourism information center website dedicated to promoting the Talsi region in Latvia. The site provides comprehensive information about local attractions, events, accommodations, and dining options, targeting tourists and visitors interested in exploring the area. The business operates as a small entity focused on hospitality and regional tourism promotion, with a clear market position as a trusted local information source. The website is multilingual, primarily in Latvian, with options for English, German, Estonian, Lithuanian, and French, enhancing accessibility for international visitors. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, Google Maps API, and Google Fonts. It uses common plugins such as MonsterInsights for Google Analytics tracking. The site is mobile-optimized and accessible, with good SEO practices and clear navigation. Hosting is via name servers cloudns1.hostnet.lv and cloudns2.hostnet.lv, though the exact hosting provider is not explicitly identified. From a security perspective, the site uses HTTPS with a valid SSL configuration and has domain transfer protection enabled. However, DNSSEC is not enabled, and no advanced security headers were detected. There is no visible privacy policy, cookie policy, or terms of service, and no consent mechanism for tracking cookies, which poses compliance risks under GDPR. Incident response and security policies are not published, indicating a low maturity in security governance. Overall, the website is professional, trustworthy, and serves its business purpose well but requires improvements in privacy compliance and security best practices to reduce risk and enhance user trust. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, enabling DNSSEC, adding security headers, and publishing incident response contacts.

R

Rebelcreations AG

epeeglobal.org

45

EPEE is a European industry association representing the refrigeration, air conditioning, and heat pump sectors. The organization focuses on policy advocacy, sustainable heating and cooling solutions, and industry representation. The website reflects an established presence with a domain registered since 2000 and hosted by OVH in Germany. Technically, the site is built on WordPress with modern libraries such as Bootstrap and jQuery, providing a good user experience and mobile optimization. However, the site lacks explicit privacy and cookie policies, and no consent mechanisms are detected, which may pose compliance risks. Security posture is moderate with HTTPS enabled but missing security headers and DNSSEC. Overall, the website is professional and credible but would benefit from enhanced privacy compliance and security best practices.

E

Euroopa rändevõrgustiku Eesti kontaktpunkt

emn.ee

44

The website www.emn.ee serves as the official Estonian contact point for the European Migration Network, providing comprehensive migration and asylum policy reports, applied research, and urgent information exchange. It targets policymakers, researchers, and migration professionals, positioning itself as a trusted government-related entity with a focus on migration statistics and policy analysis. The site is well-structured, content-rich, and regularly updated with news, events, and publications relevant to migration topics. Technically, the website is built on WordPress with Yoast SEO and integrates Google Analytics and Tag Manager for tracking. It demonstrates good mobile optimization and moderate performance. The use of HTTPS and cookie consent mechanisms reflects a solid privacy posture, although some security headers and explicit incident response information are missing. Security-wise, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks published security policies and vulnerability disclosure mechanisms, which could enhance trust and compliance. No WAF or blocking mechanisms were detected, indicating full accessibility. Overall, the website scores well on content quality, technical implementation, security posture, privacy compliance, and business credibility, making it a reliable and professional resource in its domain. Strategic improvements in security headers, incident response transparency, and accessibility could further strengthen its position.

Z

Zone Media OÜ

kiiskshooting.ee

52

The website kiiskshooting.ee represents Team KiiskShooting, a small Estonian business focused on sport shooting mental toughness literature and related content. The primary offering is a book titled "Sisekümne Seisund" which addresses mental strength in sport shooting, targeting athletes and enthusiasts in this niche. The site also provides team information and uses social media channels such as Facebook and X (Twitter) for outreach. The business is registered under Zone Media OÜ, consistent with the domain registration data, and the domain age supports the legitimacy of the business. Technically, the website is built on WordPress using the OceanWP theme and Elementor page builder, with SEO enhancements via Yoast SEO and analytics through Jetpack Stats. The site is hosted with a registrar Zone Media OÜ and uses Cloudflare for DNS. Performance and mobile optimization are good, though accessibility is basic. The site uses HTTPS with a valid SSL certificate but lacks advanced security headers and explicit privacy or cookie policies. From a security perspective, the site has a moderate posture with HTTPS enabled and no visible vulnerabilities or exposed sensitive data. However, it lacks security headers and formal security or incident response policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Contact information is limited to a contact form without direct emails or phone numbers, which may impact user trust. Overall, the website is functional and professional for its niche but would benefit from enhanced privacy compliance, security hardening, and clearer contact information to improve trust and regulatory adherence.

O

OÜ Tervise Paradiis

veekeskus.eu

44

OÜ Tervise Paradiis operates the largest water center in Estonia, located in Pärnu, offering a wide range of recreational and sports facilities including pools, saunas, bowling, and fitness services. The website is well designed, multilingual, and provides comprehensive information and booking forms for various customer segments such as families, schools, and groups. Technically, the site is built on WordPress with modern plugins and frameworks, and it integrates Google Analytics and Tag Manager for tracking. Security posture is good with HTTPS and secure form handling, though some security headers could be improved and no explicit security policies are published. Privacy compliance is addressed with a privacy policy and cookie consent mechanism. Overall, the domain registration is consistent with the business location and sector, indicating legitimacy and trustworthiness.

J

Jocs dels Petits Estats d'Europa

gsse-andorra2025.com

49

The website gsse-andorra2025.com serves as the official digital platform for the Games of the Small States of Europe (GSSE) event hosted by Andorra in 2025. It provides comprehensive information about the event, including schedules, venues, media resources, and transport details. The site targets athletes, officials, media, and fans interested in this biennial multi-sport event featuring small European states. The business model focuses on event promotion and information dissemination, positioning itself as the authoritative source for GSSE 2025 in Andorra. Technically, the website is built on WordPress with Elementor page builder, leveraging modern web technologies such as jQuery, Swiper, and SEO tools like Rank Math. The site demonstrates good mobile optimization, SEO practices, and moderate performance. It uses HTTPS and includes a cookie consent mechanism, reflecting a mature digital infrastructure suitable for event promotion. From a security perspective, the site enforces HTTPS and employs domain transfer protection. However, it lacks explicit security headers and dedicated security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies aligned with GDPR requirements. Contact information is limited, with no direct emails or phone numbers found on the main pages. Overall, the website presents a low-risk profile with a professional appearance and solid privacy compliance. Strategic recommendations include enhancing security headers, publishing explicit security policies, and providing clearer contact channels to improve trust and incident response readiness.

U

United Nations Alliance of Civilizations (UNAOC)

unaoc.org

59

The United Nations Alliance of Civilizations (UNAOC) is a United Nations entity dedicated to fostering intercultural dialogue, understanding, and cooperation globally. It serves as a convener and facilitator to promote harmony among diverse cultures and religions, aiming to prevent conflict and enhance social cohesion. UNAOC operates through various programs, global forums, youth engagement initiatives, and campaigns against hate speech and antisemitism, positioning itself as a key player in international peacebuilding and cultural diplomacy. Technically, the UNAOC website is built on the WordPress CMS platform, utilizing a modern tech stack including jQuery, Yoast SEO, and various plugins for enhanced functionality such as responsive sliders, mega menus, and media embedding. The site demonstrates good mobile optimization, accessibility, and SEO practices, supported by structured data markup and social media integration. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS with excellent SSL configuration and avoids exposing sensitive data. However, it lacks explicit security headers and a cookie consent mechanism, which are areas for improvement to enhance compliance and security posture. No vulnerabilities or suspicious activities were detected in the visible content. Overall, UNAOC's digital presence reflects a professional, trustworthy, and authoritative organization aligned with United Nations standards. The domain's WHOIS data is privacy protected, which is typical for UN domains, and the domain age aligns with the organization's history. Strategic recommendations include implementing security headers, adding a cookie consent banner for GDPR compliance, and publishing incident response and vulnerability disclosure policies to further strengthen trust and security.