Security Directory

The website kaitsealad.ee serves as the official online presence for Matsalu National Park, managed by the Estonian Environmental Board (Keskkonnaamet). It provides comprehensive information about the park's natural features, cultural heritage, and international recognitions, positioning itself as a key governmental resource for environmental conservation and sustainable tourism in Estonia. The site targets nature enthusiasts, researchers, tourists, and local communities, offering detailed visitor information and educational resources. Technically, the site is built on Drupal 10 with modern web technologies, ensuring good mobile optimization, accessibility, and user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the site is trustworthy, professional, and well-aligned with its governmental mission.

T

TraceParts

traceparts.com

77

TraceParts operates as a leading global provider of 3D digital content for engineering professionals, offering free access to an extensive library of CAD models and supplier catalogs. The website is professionally designed with excellent content quality, targeting CAD users and engineers worldwide. The business model focuses on providing valuable digital assets to the engineering community, supporting product design and manufacturing processes. Technically, the site employs modern JavaScript libraries, analytics platforms like Piano Analytics and HubSpot, and a consent management platform (Didomi) to manage user privacy preferences. The website is accessible, mobile-optimized, and SEO-friendly, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS and uses consent management but lacks visible security headers and explicit security policies, which are recommended for enhancement. The absence of WHOIS data raises some concerns about domain registration transparency, though the website content and branding suggest a legitimate and established business. Overall, the site presents a strong digital presence with room for improvement in privacy compliance and security best practices.

Sodecawebapps.com is a web portal primarily designed for authenticated users to manage purchasing orders, likely serving internal staff or clients of Sodeca, a manufacturing company. The website features a login form with email and password fields, leveraging common web technologies such as Bootstrap, jQuery, and jsGrid for UI and data presentation. The domain is relatively new, registered in 2020, and aligns with the business branding and operations. However, the public-facing content is minimal, focusing on user authentication and order management functionality. From a technical perspective, the site uses a standard technology stack with Bootstrap and jQuery libraries, but lacks advanced SEO, accessibility, and mobile optimization features. The performance is moderate, and no CMS or hosting provider details are explicitly identified beyond the registrar. Security posture shows room for improvement: no HTTPS enforcement or security headers are visible, and the login AJAX endpoint lacks visible CSRF protection or bot mitigation mechanisms. Security-wise, the domain status clientTransferProhibited is a positive indicator against unauthorized domain transfers, but DNSSEC is not enabled, which could improve DNS security. No privacy, cookie, or terms of service policies are found, indicating low privacy compliance. No contact information or social media presence is provided, limiting transparency and user trust signals. Overall, the website serves its functional purpose but requires enhancements in security, privacy compliance, and user trust features to improve its risk profile and professional standing. Strategic improvements in HTTPS enforcement, security headers, privacy policies, and contact transparency are recommended to elevate the site's security and compliance posture.

Riga Hockey Cup is a youth ice hockey tournament organizer based in Latvia, providing a platform for various age groups to compete in a well-structured European championship. The website offers multilingual support and comprehensive event information, targeting youth hockey teams, coaches, and fans. The digital infrastructure leverages common web technologies such as jQuery, Fancybox, and social media integrations, with moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though security headers and explicit incident response policies are absent. Privacy compliance is basic with a privacy policy and cookie consent implemented, reflecting GDPR awareness. The absence of WHOIS data limits domain legitimacy verification, but the site appears professional and trustworthy overall.

B

Baltic Sea Culinary Routes

balticseaculinary.com

44

Baltic Sea Culinary Routes is a regional cultural project website dedicated to promoting the culinary heritage and traditions of countries surrounding the Baltic Sea. The site offers rich content including country-specific culinary descriptions, recipes, chef testimonials, and project documentation aimed at strengthening regional identity and supporting rural vitality through culinary tourism. The target audience includes tourists, culinary enthusiasts, chefs, and cultural stakeholders interested in Baltic Sea cuisine. Technically, the website employs a traditional tech stack with jQuery 1.8.1, jQuery UI, and several JavaScript libraries for UI components and sliders. The site is mobile responsive and has a clear navigation structure, but uses outdated JavaScript libraries that pose security risks. SEO and accessibility are basic but functional. No CMS or hosting provider details are explicitly detected. From a security perspective, the site uses HTTPS and has domain transfer protections, but lacks DNSSEC and security headers such as Content-Security-Policy or X-Frame-Options. The use of outdated jQuery versions introduces potential vulnerabilities. No privacy or cookie policies are present, indicating compliance gaps with GDPR. No contact emails or incident response information is provided, limiting transparency and user trust. Overall, the website is functional and content-rich with moderate business credibility but has notable security and privacy compliance shortcomings. Strategic improvements in security headers, library updates, and privacy policy implementation are recommended to enhance trust and compliance.

Eesti Toidutee is a well-established platform dedicated to promoting Estonian local food culture and tourism. It connects food producers, restaurants, and consumers by offering curated food routes, event information, and educational workshops. The website targets consumers interested in authentic Estonian food experiences, tourists, and local food businesses. It holds a recognized position in the local hospitality and tourism sector, emphasizing regional food specialties and seasonal offerings. Technically, the website employs a traditional tech stack with jQuery and jQuery UI libraries, Google Analytics, and Google Tag Manager for tracking. While the site is mobile-optimized and offers good user experience with clear navigation and rich content, it uses outdated JavaScript libraries that pose potential security risks. The site lacks modern security headers and explicit privacy or cookie policies, indicating areas for compliance improvement. From a security perspective, HTTPS is enabled, and no sensitive data is exposed in the HTML. However, the absence of security headers and use of outdated libraries reduce the overall security posture. There is no visible incident response or security policy information, which could impact trustworthiness. The WHOIS data aligns well with the website's Estonian focus, showing consistent and transparent registration details. Overall, the website is functional, content-rich, and professionally presented but requires enhancements in privacy compliance and security best practices to improve trust and reduce risk. Strategic updates to technology and policy transparency will strengthen its position as a trusted promoter of Estonian local food culture.

S

Spordikoolituse ja -Teabe Sihtasutus

spordiraamat.ee

39

Spordiraamat.ee is an Estonian e-commerce platform specializing in the sale of sports-related books, including annual sports yearbooks and training manuals. The business is operated by Spordikoolituse ja -Teabe Sihtasutus, targeting sports professionals, coaches, and enthusiasts primarily within Estonia. The website offers a focused catalog of sports literature with some partner integrations for purchasing select titles. Technically, the site uses a traditional frontend stack including jQuery, Bootstrap 3.3.7, and Selectize.js, with basic mobile responsiveness and moderate performance. Security measures include HTTPS, CSRF tokens, and a cookie consent mechanism, but lack advanced security headers and vulnerability disclosure policies. The WHOIS data aligns well with the business claims, indicating a legitimate and consistent registration. Overall, the site presents a professional and trustworthy e-commerce experience within its niche, though improvements in privacy policy presence and security hardening are recommended.

T

The Hertz Corporation

thrifty.lu

67

Thrifty Car Rental, a brand under The Hertz Corporation, operates a comprehensive car rental service across Europe with over 400 locations. The website offers a user-friendly booking platform, extensive fleet options including electric vehicles, and promotional offers targeting cost-conscious travelers. The company leverages its strong brand recognition and parent company backing to maintain a competitive market position. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Google Tag Manager, ensuring a responsive and functional user experience. Privacy and cookie consent mechanisms are well implemented, reflecting compliance with GDPR and related regulations. Security posture is solid with HTTPS enforcement and CSRF protections, though some security headers and explicit vulnerability disclosures are absent. Overall, the site presents a professional and trustworthy digital presence aligned with an established transportation business.

T

The Hertz Corporation

thrifty.be

67

Thrifty Belgium is a car rental service website operated under The Hertz Corporation, a well-established global transportation company founded in 1958. The website offers a comprehensive range of rental vehicles targeting cost-conscious travelers and business clients in Belgium and Europe. The business model focuses on providing flexible, affordable car rental options with a strong online booking platform and physical locations across Europe. The site is well-branded, consistent, and provides clear service offerings with multiple language and location options. Technically, the website uses modern web technologies including Bootstrap 5, jQuery, and Google Tag Manager, with a cookie consent mechanism powered by Securiti.ai. The site is mobile-optimized and SEO-friendly, though some accessibility features could be enhanced. Performance is moderate with a good user experience and clear navigation. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and a published security.txt file. The WHOIS data is restricted due to DNS Belgium policies, limiting domain registration transparency, which slightly impacts trust. However, the overall digital maturity and security practices align with industry standards for a large transportation company. Overall, the website presents a trustworthy and professional front for Thrifty Car Rental in Belgium, with recommendations to improve security headers, publish vulnerability disclosure information, and enhance accessibility to further strengthen its security and compliance posture.

T

The Hertz Corporation

thrifty.it

66

Thrifty, operated by The Hertz Corporation, is a well-established car rental service provider founded in 1958, targeting cost-conscious travelers primarily in Italy and Europe. The website offers a comprehensive range of rental vehicles including electric and hybrid options, supported by a network of over 1000 locations. The digital platform is modern, mobile-optimized, and integrates advanced tracking and consent management tools, reflecting a mature technical infrastructure. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and CSRF protections, though some security headers could be enhanced. Privacy compliance is robust with clear policies and GDPR adherence. Overall, the site projects a professional and trustworthy image aligned with its parent company's reputation.

T

The Hertz Corporation

thrifty.de

64

Thrifty.de is the German localized website of Thrifty Car Rental, a well-established car rental brand founded in 1958 and a subsidiary of The Hertz Corporation. The website offers comprehensive car rental services across Germany and Europe, targeting price-conscious business and leisure travelers. It provides a user-friendly booking interface, detailed fleet information, and multiple language and country options, reflecting a mature digital presence. The technical infrastructure leverages modern frontend technologies such as Bootstrap, jQuery, and slick-carousel, combined with a robust cookie consent mechanism powered by securiti.ai and Google Tag Manager for analytics and marketing. Security posture is strong with HTTPS enforcement and CSRF protections, though explicit security headers and a dedicated security policy page are absent. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR adherence. The domain registration aligns with the brand's legitimacy and history, reinforcing trust. Overall, the website demonstrates a professional, secure, and user-centric platform suitable for an enterprise-level transportation service provider.

T

The Hertz Corporation

thrifty.es

67

Thrifty.es is the Spanish localized website for Thrifty Car Rental, a well-established car rental brand operating under The Hertz Corporation. The website offers comprehensive car rental services across Spain and Europe, targeting travelers seeking affordable and flexible vehicle rentals. The site is professionally designed with a clear focus on user experience, featuring booking forms, promotional offers, and multilingual support. Technically, the website employs modern web technologies including jQuery, Bootstrap 5, and Google Tag Manager, ensuring a responsive and functional user interface. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR requirements, although some security headers could be improved. The WHOIS data is unavailable due to .es domain restrictions but the domain and branding strongly align with the parent company, indicating legitimacy. Overall, the site demonstrates a mature digital presence with good privacy and security practices, suitable for its large-scale commercial operations.

T

Thrifty Car Rental

thrifty.ie

69

Thrifty Car Rental operates a professional and user-friendly website focused on providing car rental services primarily in Ireland with global reach. The company offers a broad range of vehicles and emphasizes competitive pricing and convenience. The website integrates modern technologies such as jQuery, Bootstrap, and Google Tag Manager, supporting a responsive and accessible user experience. Privacy and cookie policies are clearly presented with a consent mechanism, reflecting compliance with GDPR standards. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy. Security practices are generally sound with HTTPS and CSRF protections, though additional security headers could enhance the posture. Overall, the site represents a credible and established business in the transportation sector with room for technical and security improvements.

T

The Hertz Corporation

thrifty.fr

70

Thrifty.fr is the French localized website of Thrifty Car Rental, a brand under The Hertz Corporation, a major player in the global car rental industry. The website offers car rental services primarily in France and Europe, targeting both leisure and business travelers. It provides a comprehensive booking system, special offers, and a diverse fleet including electric vehicles. The site is well-branded, consistent with corporate identity, and includes multilingual support and regional targeting. Technically, the site uses modern frontend frameworks such as Bootstrap and jQuery, integrates Google Tag Manager and Visual Website Optimizer for analytics and marketing, and implements cookie consent mechanisms compliant with GDPR. Security posture is solid with HTTPS, CSRF tokens, and no visible vulnerabilities, though security headers could be improved. WHOIS data is unavailable, which slightly impacts trust but is mitigated by strong brand presence and content quality. Overall, the site is professional, user-friendly, and compliant with privacy regulations.

K

Keskkonnaagentuur

loodusveeb.ee

55

Loodusveeb is an official Estonian governmental environmental information portal managed by the Estonian Environment Agency (Keskkonnaagentuur). It provides comprehensive information on Estonia's nature, biodiversity, ecological themes, citizen science projects, and environmental education. The website targets Estonian residents, environmental enthusiasts, researchers, and volunteers, serving as a trusted source for nature-related data and public engagement. Technically, the site is built on Drupal 10 with modern libraries and includes a cookie consent mechanism compliant with EU regulations. The site is mobile optimized and accessible, with good SEO practices. Security posture is solid with HTTPS and cookie consent, but lacks explicit security headers and published security policies. WHOIS data confirms domain legitimacy and consistency with the governmental nature of the site. Overall, the website is professional, trustworthy, and well-positioned as a governmental environmental resource.

N

Novian Eesti OÜ

volis.ee

49

VOLIS is a specialized electronic meeting and voting platform serving Estonian local governments, enabling virtual meetings, electronic voting, and public participation in municipal decision-making. The platform is supported by the Estonian Association of Cities and Municipalities and developed by Novian Eesti OÜ. The website presents a professional and consistent brand image with clear navigation and relevant content tailored to its government audience. Technically, the site uses legacy JavaScript libraries and Grails-based server-side rendering, with moderate performance and basic mobile optimization. Security posture is strengthened by ISKE certification and audit references, but outdated libraries and lack of modern security headers present risks. Privacy compliance is partial, with no cookie consent mechanism and limited GDPR indicators. Overall, the site is trustworthy and credible but would benefit from technical and compliance improvements.

The website kaitsealad.ee is an official Estonian government-related portal managed by Keskkonnaamet (Environmental Board) providing comprehensive information about Estonia's protected areas. It serves as an educational and informational resource for the public, nature enthusiasts, landowners, and youth conservation groups. The site offers news, events, maps, and educational content related to nature conservation and sustainable tourism. Technically, the site is built on Drupal 10 CMS with modern frontend libraries and is hosted via Zone Media OÜ. It features a cookie consent mechanism compliant with EU regulations and uses Matomo for analytics. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies could be improved. Contact information is clearly provided, enhancing trust and credibility. However, privacy policy and terms of service pages are not explicitly found, which is a gap in compliance. Overall, the site is professional, accessible, and trustworthy, supporting its government mission effectively.

S

Spordikoolituse ja -Teabe SA

spordiregister.ee

58

Eesti Spordiregister, operated by Spordikoolituse ja -Teabe SA under the Estonian Ministry of Culture, serves as the official national registry and information portal for sports organizations, schools, facilities, and coaches in Estonia. It provides comprehensive data services including statistics, data submission portals, and public access to sports-related information, targeting sports entities and the general public. The platform is well-positioned as a trusted governmental resource in the Estonian sports sector. Technically, the website employs a mature technology stack including jQuery, Bootstrap, Highcharts, Leaflet, and other modern JavaScript libraries, ensuring a responsive and accessible user experience. The site is mobile-optimized and implements basic SEO and accessibility features. The infrastructure appears custom-built without reliance on popular CMS platforms, indicating tailored development for specific governmental needs. From a security perspective, the site enforces HTTPS and uses secure form inputs, but lacks some advanced security headers and does not publicly disclose a security policy or incident response contacts. No vulnerabilities or malware were detected, and cookie consent mechanisms are in place, supporting GDPR compliance. The WHOIS data aligns well with the website's governmental nature, reinforcing legitimacy. Overall, the website demonstrates a solid security posture and technical maturity suitable for its governmental role, with room for improvement in security header implementation and transparency around security policies. The business credibility is high given its official status and clear contact information.

V

Virumaa Rannakalurite Ühing MTÜ

vrky.ee

38

Virumaa Rannakalurite Ühing MTÜ is a regional non-profit association established in 2007 in Estonia, serving fisheries sector stakeholders in Ida- and Lääne-Virumaa. The organization supports local fisheries businesses, non-profits, and municipalities through project coordination and information dissemination. The website reflects a focused regional presence with clear business objectives and a target audience within the local fisheries community. Technically, the site is built on WordPress with modern libraries such as jQuery, Swiper.js, and Google Fonts, providing a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks some security headers and formal security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates good business credibility and technical maturity appropriate for a small non-profit organization.

G

Goldcar

goldcarhelp.com

54

Goldcar is a well-established car rental company operating primarily in Spain with a strong presence in major tourist destinations. The company offers a variety of car rental services, including innovative features like the Key'n Go automatic key pickup system and a loyalty program called GO Club. The website serves as a comprehensive help center supporting customers with FAQs, booking assistance, and contact options. Technically, the website uses modern frontend technologies such as Bootstrap, jQuery, and Google Tag Manager, hosted on a CDN likely provided by Akamai, ensuring moderate performance and good mobile optimization. Security posture is generally good with HTTPS enforced and secure forms, but lacks some security headers and explicit cookie consent mechanisms. The absence of WHOIS registration data is a notable concern, impacting trust and legitimacy assessments. Overall, the site is professional and functional but would benefit from enhanced security and privacy compliance measures.

D

Dollar Car Rental

dollar.com

66

Dollar Car Rental operates a professional and user-friendly website offering car rental services across Europe with over 400 locations. The company targets budget-conscious travelers and provides flexible rental options with an emphasis on ease of booking and management. The website demonstrates a mature digital presence with modern technologies and compliance mechanisms such as cookie consent and privacy policies. However, the domain WHOIS data is missing, which raises concerns about domain registration legitimacy despite the professional branding and content. The site uses HTTPS and includes CSRF tokens in forms, but lacks explicit security headers and published incident response policies. Overall, the website is functional and trustworthy from a user perspective but would benefit from improved transparency on domain registration and enhanced security practices.

T

Thrifty Car Rental

thrifty.com

66

Thrifty Car Rental operates a professional and user-friendly website offering car rental services primarily across Europe. The company targets both business and leisure travelers with a broad fleet including electric and economy vehicles. The website demonstrates a mature digital presence with responsive design, clear navigation, and integration of modern technologies such as Google Tag Manager and cookie consent management via Securiti.ai. However, the absence of WHOIS registration data for the domain www.thriftycars4rent.com raises concerns about domain legitimacy, despite the website's strong branding alignment with the parent company Hertz. Security posture is generally good with HTTPS enforced and CSRF tokens in forms, but lacks explicit security headers and published security policies. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is functional and trustworthy from a user perspective but requires verification of domain registration and enhancement of security transparency.

E

Eesti Puuetega Inimeste Koda

epikoda.ee

48

Eesti Puuetega Inimeste Koda (EPIK) is a well-established Estonian non-profit organization founded in 2010, dedicated to improving the quality of life, social inclusion, and self-realization opportunities for people with disabilities and chronic illnesses. The organization operates primarily in Estonia and targets disabled individuals, their families, and professionals working in related fields. Their key services include advocacy, counseling, accessibility initiatives, publications, international cooperation, podcasts, and newsletters. The website reflects a professional and accessible digital presence with multi-language support and clear navigation.

The Journal of Zoo and Aquarium Research (JZAR) is an open access academic journal affiliated with the European Association of Zoos and Aquaria, focusing on publishing peer-reviewed research related to zoos and aquaria. The journal operates on an open access model without publication fees, targeting researchers, academics, and professionals in the zoological and aquarium fields. The website is professionally designed and uses the Open Journal Systems platform, supported by modern web technologies such as jQuery and Bootstrap, hosted by Greenhost in the Netherlands. From a technical perspective, the site demonstrates good performance, mobile optimization, and accessibility. However, there is room for improvement in security practices, notably the absence of DNSSEC and security headers. The site enforces HTTPS and has domain transfer protections, which are positive indicators. Privacy compliance is lacking due to missing privacy and cookie policies, which should be addressed to meet GDPR and other regulations. Overall, the security posture is moderate with no critical vulnerabilities detected, but enhancements in security headers and explicit policies would strengthen trust. The domain WHOIS data aligns well with the business, showing a consistent and legitimate registration. The site maintains a minimal user tracking footprint and does not employ advertising or tracking scripts, supporting user privacy. Strategically, the journal should prioritize publishing privacy and cookie policies, enable DNSSEC, and implement security headers to improve compliance and security posture. These steps will enhance trust and align with best practices for academic publishing platforms.

M

Międzynarodowy Festiwal Komiksu i Gier w Łodzi

komiksfestiwal.com

67

The Międzynarodowy Festiwal Komiksu i Gier w Łodzi website represents a well-established cultural event focused on comics and games, primarily targeting creators and enthusiasts in Poland and Central-Eastern Europe. The festival is the largest of its kind in the region, with a history dating back to 2006 for the domain and earlier for the event itself. The site offers multilingual support, event information, contests, and partner links, reflecting a mature digital presence. Technically, the site is built on WordPress with common plugins and tracking tools such as Google Analytics and Facebook Pixel, indicating a standard but effective infrastructure. Security posture is adequate with HTTPS enabled but could be improved by adding DNSSEC and security headers. Privacy compliance is basic but present, with cookie and privacy policies accessible and a consent mechanism implemented. Business credibility is strong due to the festival's reputation, social media presence, and consistent branding. Overall, the site is professional and trustworthy with room for security enhancements.

K

KiVa / Tenz

kivaschool.be

48

The website www.kivaschool.be represents the KiVa anti-bullying program operated by Tenz in Belgium, supported by recognized educational institutions. It provides comprehensive information about the program, resources for schools, parents, and educators, and includes a webshop and training offerings. The site is well-structured with consistent branding and clear navigation, targeting educational stakeholders in Flanders. Technically, the site uses a custom CMS (Ambacht CMS) with common web technologies such as jQuery, Bootstrap 3, and Select2, and integrates Google Analytics and ReadSpeaker for accessibility. Security posture is moderate with no visible security headers and unknown SSL configuration, but it implements a detailed cookie consent mechanism. WHOIS data is unavailable due to registry restrictions, which reduces transparency but the site content and contact details support legitimacy. Overall, the site is professional and functional with room for improvement in security and privacy policy disclosures.

T

Tervise Arengu Instituut

toitumine.ee

40

The website toitumine.ee is an official Estonian government health information portal managed by the Tervise Arengu Instituut under the Haridus- ja Teadusministeerium (EENet). It provides comprehensive nutrition guidelines, health advice, and tools such as a BMI calculator targeted at Estonian residents across various life stages and health conditions. The site is well-structured with rich content and expert contributions, positioning it as a trusted national resource for healthy eating information. Technically, the site is built on WordPress with modern libraries like jQuery, Bootstrap, and integrates Google Analytics and Facebook SDK for tracking. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and explicit incident response or vulnerability disclosure information. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the site is credible and trustworthy but would benefit from enhanced privacy and security practices.

M

Ma Armastan Aidata

armastanaidata.ee

54

Ma Armastan Aidata is a well-established Estonian donation platform founded in 2008, operating in partnership with Swedbank and Heateo Sihtasutus. It aggregates trustworthy Estonian charitable organizations and facilitates donations through secure login methods including national ID card, Mobile-ID, and bank links. The platform offers categorized projects for donations and maintains active communication channels including news and social media. Technically, the website uses a modern tech stack with jQuery, Bootstrap, Tailwind CSS, and integrates cookie consent and reCAPTCHA for privacy and security. Security posture is strong with HTTPS, secure login, and cookie consent, though it lacks published security policies and incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR, serving a medium-sized non-profit sector audience in Estonia.

P

Placet Group OÜ

placetgroup.com

55

Placet Group OÜ is a financial services company established in 2005, specializing in secured and unsecured loans, credit cards, and related financial products. Operating primarily in Estonia and Lithuania, with additional brands in Poland, the company serves private individuals and legal entities, emphasizing fast, convenient, and reliable financing solutions. Their market position is supported by a broad customer base and multiple subsidiaries, with a focus on individual customer approach and quality service. Technically, the website employs a modern JavaScript stack including jQuery, Google Analytics, and various carousel libraries, hosted under a domain registered since 2010. The site is mobile optimized and presents a professional design with clear navigation. However, some accessibility features are basic, and no CMS or advanced frameworks are detected. From a security perspective, the site uses HTTPS and Google reCAPTCHA on its contact form, but lacks DNSSEC, security headers, and published security or privacy policies. The WHOIS data is consistent with the business claims, indicating legitimacy. No WAF or blocking mechanisms are detected, allowing full content access. Overall, the website demonstrates a moderate to good security posture and business credibility but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

T

Telia Eesti AS

kaustik.ee

58

Kaustik.ee is an Estonian information system platform primarily serving the education sector, offering document register services and secure user authentication including Estonian electronic ID methods. The platform is operated under the domain registered by Telia Eesti AS, a reputable telecom provider in Estonia, indicating a legitimate and regionally focused service. The website content is basic but functional, with a focus on user login and document access. Technically, the site uses a proprietary WebDesktop system with modern JavaScript libraries such as jQuery and Bootstrap, providing a moderate level of digital maturity. However, SEO and accessibility features are minimal, and no advanced analytics or marketing tools are detected. Security posture is adequate with HTTPS and secure login options but lacks important security headers and privacy policies, which are critical for GDPR compliance and user trust. Overall, the site is moderately trustworthy but would benefit from enhanced security and privacy measures.

О

ООО «Мега Сервис»

mega-service.org

45

ООО «Мега Сервис» is a Russian service provider specializing in maintenance, repair, and recycling of digital satellite, cable, and terrestrial receivers. The company operates a large network of over 300 authorized service centers across Russia and owns facilities for electronic waste processing in Tula and Gusev. Their business model focuses on providing professional servicing and environmentally compliant recycling solutions, targeting both end-users and partner organizations. The website content is well-structured, professionally designed, and consistent with the company's market position as a medium-sized technology service provider founded in 2009. Technically, the website employs standard web technologies including HTML5, CSS3, and jQuery libraries. It is hosted under a reputable Russian registrar with HTTPS enabled, though it lacks advanced security headers and DNSSEC. The site performs moderately well with good mobile optimization but basic accessibility and SEO features. No major technical debt or outdated technologies were detected. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks DNSSEC and security headers that could mitigate common web threats. There is no visible privacy or cookie policy, nor incident response contacts, which indicates compliance gaps especially regarding GDPR or similar regulations. No forms or user data collection mechanisms were found on the main page, reducing immediate data exposure risks but also limiting user engagement features. Overall, the website presents a moderate risk profile with good business credibility but needs improvements in privacy compliance and security best practices. Strategic recommendations include implementing DNSSEC, adding security headers, publishing privacy and cookie policies, and providing clear contact information for security incidents to enhance trust and regulatory compliance.

P

premium.pl Sp. z o.o.

time.pl

61

premium.pl Sp. z o.o. operates a well-established Polish domain marketplace platform, offering domain registration, transfer, auctions, leasing, and SSL certificates. The website time.pl is a premium domain listing within this marketplace. The company has a strong market position in Poland with a focus on domain-related services for businesses and individuals. The platform is professionally designed with good navigation and mobile optimization, supporting a positive user experience. Technically, the site uses modern JavaScript libraries, Google Tag Manager for analytics, and consent management for privacy compliance. Hosting is provided by home.pl, a known Polish hosting provider. Security posture is solid with HTTPS enforced and secure forms, though there is room for improvement in security headers and published policies. WHOIS data confirms the legitimacy and long-standing registration of the domain, matching the business entity. Overall, the website is trustworthy and professionally maintained.

T

Topfinanses

topfinanses.lv

41

Topfinanses.lv is a Latvian online platform specializing in loan comparison and facilitation services, primarily focusing on quick loans, consumer loans, auto loans, and credit lines. The website aggregates loan offers from multiple Latvian financial institutions, providing users with detailed information and direct links to apply for loans. The platform targets Latvian consumers seeking fast and convenient credit solutions, positioning itself as a trusted intermediary in the Latvian finance market. Technically, the website is built on WordPress, utilizing common web technologies such as jQuery, FontAwesome, and Google Fonts, and integrates analytics tools like Google Analytics and Yandex Metrika. The site enforces HTTPS and includes affiliate marketing links to loan providers. However, it lacks explicit privacy, cookie, and terms of service policies, and does not provide direct contact information or security incident channels, which are critical for compliance and trust. Security posture is moderate with HTTPS enforced but missing security headers and formal policies. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security best practices.

S

Sinulaen

sinulaen.ee

47

Sinulaen.ee is an Estonian loan comparison portal providing consumers with independent and up-to-date information on various loan products including quick loans, small loans, auto loans, and refinancing options. The website serves as a platform to compare loan offers from multiple providers, facilitating informed financial decisions for its users. The business operates primarily in the Estonian market and targets individuals seeking consumer loans with a user-friendly online experience. Technically, the site is built on WordPress with common plugins for SEO, multilingual support, and loan comparison functionalities. It integrates multiple third-party analytics and advertising services, including Google Analytics, Yandex Metrika, and Google Adsense, and uses affiliate links to monetize loan referrals. Security posture is adequate with HTTPS enforced and cookie consent implemented, though some security headers and explicit security policies are missing. Overall, the site is professional, content-rich, and trustworthy, with room for improvement in security best practices and privacy policy comprehensiveness.

F

Firmstudio Limited

firmstudio.com

64

FirmStudio Limited is a well-established creative digital agency based in Hong Kong, specializing in web design, UX/UI, branding, and digital marketing services. With over 18 years of experience and a portfolio of 250+ projects and 130+ awards, the company holds a strong market position as a leading agency in its region. The website reflects a professional and polished digital presence, showcasing their expertise and client work effectively. Technically, the site employs modern JavaScript libraries such as jQuery and integrates multiple analytics and advertising tools including Google Analytics, Google Tag Manager, and Baidu Analytics, indicating a mature digital marketing infrastructure. The site is mobile-optimized and accessible, with good SEO practices evident in metadata and structured navigation. Security-wise, the site uses HTTPS and secure form handling but lacks visible security headers and a formal security policy or incident response contact, which are areas for improvement. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, although the website content and contact details appear legitimate. Overall, the site scores well in content quality, technical implementation, and business credibility but could enhance privacy compliance and security posture.

Strantum OÜ is a small Estonian company providing essential municipal services such as water supply, heating energy, and maintenance for the Harku vald community. The company operates with a clear local focus, serving residents and property owners with utility and infrastructure services. The website reflects this local service orientation with content in Estonian and clear contact information. Technically, the site uses legacy JavaScript libraries and Cloudflare DNS/CDN services, with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS and cookie consent implemented, but outdated libraries and lack of explicit security policies present moderate risks. Overall, the domain registration and website content are consistent and legitimate, supporting a trustworthy business presence.

M

MTÜ Noorteühing Tugiõpilaste Oma Ring Eestis

tore.ee

42

MTÜ Noorteühing Tugiõpilaste Oma Ring Eestis (TORE) is a well-established Estonian non-profit organization focused on youth peer support, mentoring, and training programs. The organization operates nationally with a history of nearly three decades, offering structured events such as summer and autumn schools, conferences, and supervision sessions. Their target audience includes Estonian students and their mentors, aiming to empower youth through systematic engagement and education. The website reflects this mission with relevant content, event announcements, and training information. Technically, the website is built on WordPress 6.8.1 with popular plugins like Yoast SEO and Modern Events Calendar Lite, indicating a mature digital infrastructure. The site uses HTTPS with a good SSL configuration, Google Fonts, and jQuery libraries. Performance is moderate with good mobile optimization and basic accessibility features. SEO is well addressed through meta tags and structured data. From a security perspective, the site enforces HTTPS and includes a cookie consent banner, demonstrating awareness of privacy compliance. However, it lacks explicit privacy and terms of service pages, security headers, and incident response contacts, which are areas for improvement. No WAF or blocking mechanisms were detected, and no vulnerabilities were apparent in the HTML content. Overall, the website is credible and professional, with strong business legitimacy and consistent branding. The main risks relate to privacy compliance and security best practices, which can be addressed to enhance trust and regulatory adherence.

A

admin

ajkerbarta.com

51

Ajkerbarta.com is a small Indonesian media website focused on delivering news and tips related to online gambling, specifically togel and slot games. The site uses WordPress CMS with common plugins such as Yoast SEO and jQuery libraries, hosted behind Cloudflare DNS and registered via GoDaddy. The content is primarily in Indonesian and targets the local gambling community. The website lacks critical compliance documents such as privacy and cookie policies, and no contact information is provided, which impacts its trustworthiness and compliance posture. Technically, the site is moderately optimized with basic mobile responsiveness and SEO but lacks advanced security headers and DNSSEC, which are recommended for improved security. The site links to multiple external domains, some of which appear suspicious or unrelated, raising concerns about advertising and affiliate practices. Overall, the security posture is basic with room for improvement in policy transparency and technical safeguards.

Run Japan is an online platform dedicated to providing international runners with comprehensive information and registration services for marathons and running events across Japan. The website positions itself as a gateway to Japan's best running events, offering race listings, travel planning assistance, and event registration. The target audience primarily consists of international and domestic runners interested in participating in Japanese marathons. The business operates in the niche sports and events sector, with a small company size and a recent founding date in 2024. Technically, the website employs a modern JavaScript stack including jQuery, Modernizr, and Slick Carousel, hosted on Amazon AWS infrastructure. It uses Google Tag Manager for analytics and tracking. The site is mobile optimized with good SEO practices and a consistent branding approach. However, some accessibility features are basic, and performance is moderate. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks several important security headers such as Content-Security-Policy and X-Frame-Options. There is no visible privacy policy or cookie consent mechanism, which impacts privacy compliance. No vulnerability disclosure or incident response information is provided. The WHOIS data shows privacy protection but is consistent with the business location in Japan, and the domain age aligns with the business launch. Overall, Run Japan presents a professional and functional platform with moderate security and privacy compliance. Strategic improvements in privacy disclosures, security headers, and user data protection would enhance trust and compliance, supporting its growth in the international running community.

R

RSJ

rsj.com

56

RSJ is a financial group operating primarily in the Czech Republic with a strong presence in global derivative markets including London, Chicago, New York, Frankfurt, and Tokyo. The company manages a diversified portfolio of investments spanning financial derivatives trading, real estate development, private equity, and emerging sectors such as biotechnology and healthy food production. The website clearly communicates its business scope and warns investors about fraudulent schemes misusing its brand. Technically, the site employs modern web technologies including Google Analytics and Tag Manager, with a cookie consent mechanism supporting GDPR compliance. Security posture is solid with HTTPS enforced, but lacks published security policies or incident response contacts. WHOIS data is missing, which raises concerns about domain registration legitimacy despite the professional website presence. Overall, RSJ presents as a credible financial entity with room for improvement in transparency and security disclosures.

T

Tallinna Kontserdimaja AS

kontserdimaja.ee

38

Alexela Kontserdimaja is a prominent concert hall located in Tallinn, Estonia, recognized as the largest in the Baltic region with seating for up to 1829 visitors. The venue offers a variety of services including event hosting, ticket sales, and catering options such as pre-ordered coffee tables and private champagne salon rentals. The website reflects a well-established business with a domain registered since 2010, consistent with its market presence. The target audience includes cultural event attendees and event organizers in the region. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Fonts, and multilingual support via WPML. SEO is well-implemented using Yoast SEO, and analytics are managed through Google Analytics and Facebook Pixel. The site is mobile-optimized and provides a good user experience with clear navigation and event information. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect forms, indicating a baseline security posture. However, there is a lack of explicit security headers and no visible incident response or security policy pages, which could be improved. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected, which may pose GDPR compliance risks. Overall, the website is professional, trustworthy, and functional, serving its business purpose effectively. Strategic improvements in privacy compliance and security transparency would enhance its security posture and regulatory adherence.

E

Eesti Kirjandusmuuseum

kirmus.ee

55

Eesti Kirjandusmuuseum is a well-established Estonian national scientific and cultural institution focused on managing important archives related to cultural history and folklore. The website serves a diverse audience including researchers, students, cultural enthusiasts, and the general public by providing access to archives, scientific projects, educational programs, exhibitions, and an online store. The institution holds a strong market position as a central cultural memory organization in Estonia. Technically, the website is built on Drupal 8 with modern libraries and tools, offering good mobile optimization, accessibility, and SEO. Security posture is solid with HTTPS and anonymized analytics, though security headers and explicit security policies could be improved. Overall, the site is professional, trustworthy, and content-rich, supporting the institution's mission effectively.

C

Casa de Baile

tantsukeskus.ee

40

Casa de Baile is Estonia's largest and most recognized salsa school based in Tallinn, offering salsa, bachata, kizomba, and other Latin American social dance courses primarily targeting beginners and dance enthusiasts. The website reflects a well-established business with a domain age since 2010, consistent with its market presence. The technical infrastructure uses modern web technologies including jQuery, Vue.js, Bootstrap, and integrates Google Analytics and Facebook Pixel for marketing and analytics purposes. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and cookie consent implemented, though some security headers and incident response information are missing. Overall, the website demonstrates a solid business credibility and compliance with GDPR through privacy and cookie policies. Strategic improvements in security headers and incident response readiness would enhance the security maturity further.

T

TJO Konsultatsioonid

tjo.ee

52

TJO Konsultatsioonid is a leading Estonian consulting firm specializing in management systems development, strategic management, and production efficiency enhancement. The company offers a range of consulting services and training programs targeted at businesses seeking to improve operational effectiveness and comply with international standards. Their market position is strong within Estonia, supported by multiple ISO certifications and a robust client base. The website infrastructure is built on WordPress, utilizing modern plugins such as Yoast SEO and Ninja Forms, integrated with Google Analytics and Google Tag Manager for performance and user behavior tracking. The site is mobile-optimized and demonstrates good SEO practices, contributing to a positive digital maturity profile. Security posture is solid with HTTPS enforced, use of Google reCAPTCHA on forms, and indications of security plugins like Wordfence. However, some security headers are not explicitly confirmed and could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the website and business present a trustworthy and professional image with no critical security issues detected. Strategic recommendations include enhancing security headers, maintaining up-to-date software, and considering a formal incident response policy to further strengthen security and compliance.

D

Dispak

dispak.ee

45

Dispak is an Estonian retail business specializing in the sale of paper and fabric bags, primarily targeting customers seeking packaging solutions for gifts and corporate gifts. The company claims over two decades of experience and offers custom logo printing services with a minimum order quantity. The website is primarily in Estonian and serves the local market with a product-focused approach. Technically, the site uses jQuery and jQuery UI libraries along with Google Analytics and Tag Manager for tracking. The hosting and domain registration are consistent with an Estonian business identity. However, the website lacks explicit privacy, cookie, and terms of service policies, which impacts its compliance posture. Security headers and advanced security practices are not evident, and no incident response or vulnerability disclosure information is provided. Overall, the site is functional with moderate technical implementation but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

S

SandFox OÜ

sandfox.ee

42

SandFox OÜ is a small Estonian company founded in 2016 specializing in integrated energy storage solutions, smart battery management, solar panel integration, and Linux-based IT infrastructure services. The company targets industrial clients and businesses in the energy sector, offering critical IT and industrial automation solutions. Their market position is supported by partnerships with major technology vendors such as RedHat, IBM, Huawei, and SUSE, and they emphasize business-critical IT solutions and energy management. Technically, the website uses a basic but functional stack including jQuery, Google Analytics, and Google Translate, hosted likely by Zone Media OÜ. The site is accessible and moderately optimized but lacks advanced mobile responsiveness and accessibility features. Security posture is adequate with HTTPS enabled but lacks important security headers and visible privacy compliance mechanisms. Overall, the company presents a credible and trustworthy business presence with room for improvement in privacy compliance and technical modernization.

W

Wageningen University & Research

wur.nl

69

Wageningen University & Research is a prominent educational and research institution based in the Netherlands, specializing in life sciences, food production, environment, and health. The website serves as a comprehensive portal for academic programs including bachelor, master, and professional courses, targeting students, researchers, and professionals in related fields. The institution holds a strong market position as a leading global university in its sector. Technically, the website employs a modern technology stack including GX WebManager CMS, JavaScript libraries such as jQuery, and integrates advanced analytics and marketing tools like Google Tag Manager, Google Analytics, and Visual Website Optimizer. The site demonstrates good performance, mobile optimization, and accessibility features, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS and implements several best practices such as opening external links in new tabs and asynchronous script loading. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are important for transparency and trust. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the website is professional, trustworthy, and technically sound but would benefit from enhanced privacy compliance and explicit security governance disclosures to improve user trust and regulatory adherence.

K

Kiirlugemiskool OÜ

kiirlugemine.ee

39

Kiirlugemiskool OÜ is an Estonian education company specializing in speed reading, memory training, concentration, and self-management courses. Established since 2000, it offers both public and in-house training services targeting individuals and organizations seeking cognitive and personal development. The website presents a professional and user-friendly interface with clear navigation and relevant content about their services and trainers. Technically, the site uses legacy JavaScript libraries and standard web technologies but lacks modern security headers and privacy policies, indicating room for improvement in security and compliance. Contact information is clearly provided, including phone numbers, email, and physical address, enhancing business credibility. Overall, the site is functional and trustworthy but would benefit from updated security practices and privacy compliance enhancements.

A

AS Orient Office

kontorikaubad.ee

46

AS Orient Office operates a professional e-commerce website offering a broad range of office supplies, paper goods, household items, food products, and electronics primarily targeting Estonian businesses and consumers. The company has an established market presence since 2011 and provides a comprehensive product catalog with clear navigation and a consistent brand presentation. The website is built on Drupal CMS and leverages common web technologies including jQuery, Bootstrap, and Google Analytics for tracking and marketing purposes. The technical infrastructure is moderate in performance with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure; however, the absence of security headers and incident response contacts indicates room for improvement. Privacy compliance is weak due to missing privacy and cookie policies, which poses a compliance risk under GDPR. Overall, the website is trustworthy and credible but would benefit from enhanced privacy and security practices to strengthen user trust and regulatory compliance.

Tallinna Tervishoiu Kõrgkool is a nationally recognized public higher education institution in Estonia specializing in health and wellbeing education. It offers a wide range of applied higher education and vocational programs in nursing, midwifery, optometry, pharmacy, and other health-related fields. The institution is one of only two healthcare higher education providers in Estonia, positioning it as a key player in the national healthcare education sector. The website reflects a professional and comprehensive digital presence, supporting both prospective and current students with detailed program information, news, and multimedia content. Technically, the website is built on Drupal 11, utilizing modern JavaScript libraries and APIs such as Google Maps and ManyChat for enhanced user engagement. The site is mobile-optimized, accessible, and SEO-friendly, with clear navigation and multilingual support (Estonian and English). Analytics and tracking are implemented via Google Analytics and ManyChat, though a cookie consent mechanism is notably absent. From a security perspective, the site enforces HTTPS and uses secure Drupal forms with CSRF protection. However, it lacks explicit security policies, incident response information, and advanced security headers. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the institution's identity, confirming legitimacy and consistent registration details. Overall, the website demonstrates a strong business credibility and technical foundation with room for improvement in privacy compliance and security transparency. Strategic enhancements in cookie consent and security policy publication would further strengthen trust and regulatory adherence.