Security Directory

K

Kalendersystem | Komplet bookingsystem til udlejning

kalendersystem.dk

43

Kalendersystem.dk is a Danish website offering a complete booking system tailored for rental services, including smart lock integration. The website is built on WordPress using the Divi theme and employs jQuery and Google Fonts for styling and interactivity. The technical infrastructure is standard for small to medium-sized businesses, with moderate performance and good mobile optimization. Security posture is basic, with HTTPS enabled but lacking DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is functional and professional but would benefit from improved security and privacy practices to enhance trust and compliance.

E

Elfag

elfag.no

49

Elfag is a Norwegian electrical service provider targeting both private and business customers. The company offers a range of electrical services including smart home solutions, electrical safety checks, and electric vehicle charging installations. The website positions Elfag as a trusted local electrician chain with a 5-year warranty and partnerships with reputable Norwegian companies such as Lampehuset and Huseiernes landsforbund. Technically, the website is built on WordPress with modern SEO and analytics tools, including Yoast SEO and Google Analytics. The site is well-structured, mobile-optimized, and uses HTTPS with a valid SSL certificate, indicating a good security baseline. However, explicit security headers and detailed security policies are not present. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy page, though more comprehensive GDPR documentation could improve compliance. Overall, the website demonstrates a professional and trustworthy online presence with moderate technical sophistication and a solid security posture.

W

Webmarked

webmarked.net

52

Webmarked is a small e-commerce application development company specializing in Shopify apps such as Smart Wishlist and Smart RSS Feed. Their offerings target Shopify store owners aiming to increase sales and improve customer engagement. The website is built on WordPress using the OnePress theme and integrates common plugins like Contact Form 7 and Google reCAPTCHA for form security. The technical infrastructure is standard and moderately optimized for performance and mobile use. Security posture is good with HTTPS enforced and spam protection mechanisms in place, though the absence of security headers and explicit privacy policies indicates room for improvement. The lack of WHOIS data for the domain is a notable concern, potentially impacting trustworthiness. Overall, the site presents a professional business presence with moderate risk due to incomplete transparency in domain registration and privacy compliance.

CAACI Iberoamérica is a regional international organization specializing in audiovisual and cinematographic matters across Ibero-America. It serves as a collaborative platform for audiovisual authorities and stakeholders in 21 member countries, promoting cooperation, regulatory frameworks, and cultural exchange. The website reflects a professional presence with good content quality and consistent branding, targeting industry professionals and governmental bodies. Technically, the site is built on WordPress with common plugins and frameworks, hosted on SiteGround, and shows moderate performance with good mobile optimization. Security posture is adequate with HTTPS and domain protection, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Contact is available via a web form but lacks direct email or phone contacts. Overall, the site is trustworthy and credible within its niche, though improvements in security and privacy documentation are recommended.

F

Finlandia Cheese

finlandiacheese.com

70

Finlandia Cheese is a well-established brand specializing in the production and retail of high-quality Nordic cheeses and butter. The company emphasizes its Finnish heritage and commitment to natural ingredients, positioning itself as a premium dairy product provider. The website reflects a mature digital presence with professional design, clear navigation, and SEO optimization, targeting consumers interested in Nordic dairy products. Technically, the site is built on WordPress with modern plugins and integrates Google Tag Manager and CookiePro for analytics and consent management. Security posture is adequate with HTTPS enabled and cookie consent implemented; however, the absence of explicit security headers and privacy policy pages indicates room for improvement. The lack of WHOIS data for the domain raises concerns about domain registration legitimacy, warranting further investigation. Overall, the site demonstrates a solid business and technical foundation but should enhance transparency and security compliance to strengthen trust and regulatory adherence.

M

Maidonjalostajien ja meijeritukkukauppiaiden liitto ry

maidonjalostajat.fi

62

Maidonjalostajien ja meijeritukkukauppiaiden liitto ry (M2L) is a Finnish dairy industry association founded in 2011, dedicated to promoting the business interests of milk producers and the dairy industry. The website serves as an informational platform targeting dairy producers, processors, and wholesale traders, providing industry news, contact information, and organizational details. The association holds a clear market position as a representative body within Finland's dairy sector, offering advocacy and business development support to its members. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Valio custom components, ensuring good SEO, mobile responsiveness, and accessibility. The use of Google Tag Manager and Adobe Typekit fonts indicates a mature digital infrastructure. Performance is moderate with good mobile optimization and clear navigation. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes essential security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust, with comprehensive privacy and cookie policies and an active consent mechanism. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance, with minor recommendations to enhance security transparency and incident readiness.

V

Valio

valio.com

69

Valio is a well-established Finnish dairy company with over 120 years of history, specializing in innovative dairy ingredient solutions for the global food industry. Their product portfolio includes lactose-free, protein-enriched, sugar-reduced, and specialized nutrition products, supported by a strong commitment to sustainability and quality. The website reflects a mature digital presence with professional design, comprehensive content, and clear navigation targeting food industry professionals and manufacturers. Technically, the site is built on WordPress with modern plugins and analytics tools, optimized for mobile and SEO. Security posture is good with HTTPS and consent management, though some security headers and explicit policies could be improved. The WHOIS data is unavailable, which slightly reduces trust but is mitigated by strong branding and content. Overall, the site demonstrates a high level of professionalism and business credibility.

O

Oddlygood

oddlygood.com

69

Oddlygood is a plant-based food and beverage brand focused on delivering non-dairy, gluten-free products such as drinks, yogurts, desserts, cheese alternatives, and cooking essentials. The brand positions itself as a taste-revolutionary player in the retail sector, targeting consumers seeking delicious and daring plant-based options. The website is professionally designed, mobile-optimized, and SEO-friendly, leveraging WordPress and various Valio custom plugins. The technical infrastructure includes Google Tag Manager and Adobe Typekit fonts, hosted likely on Valio's CDN. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response policies are absent. The lack of WHOIS registration data is a notable concern, potentially indicating an unregistered domain or privacy-protected registration, which slightly impacts trustworthiness. Overall, the site is credible, user-friendly, and compliant with privacy regulations, but domain registration verification is recommended.

V

Valio Eesti AS

karjaarvalios.ee

40

Valio Eesti AS operates as a significant player in the Estonian dairy manufacturing sector, providing fresh dairy products and employment opportunities. The website serves as a career portal inviting potential employees to join their team, emphasizing training, fair pay, and a safe work environment. The company is part of the international Valio group, known for its innovative and sustainable food solutions. Technically, the website is built on WordPress with Elementor, offering a modern and responsive user experience. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy compliance mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security policies to meet compliance standards.

S

Scoro

scoro.ee

73

Scoro is a professional services automation software company founded in 2013, targeting agencies, consultancies, and professional services businesses. Their SaaS platform offers comprehensive work management solutions including project, financial, and resource management to improve profitability and operational efficiency. The company maintains a strong market position with positive user reviews and a consistent brand presence. Technically, the website is built on WordPress CMS and integrates multiple modern marketing and analytics tools such as Google Tag Manager, Hotjar, HubSpot, and Visual Website Optimizer. The site is well-optimized for SEO and mobile use, with good content quality and user experience. Security-wise, the site enforces HTTPS and cookie consent mechanisms but lacks explicit security headers and documented security policies. WHOIS data is unavailable, which slightly impacts trust but the overall digital footprint suggests a legitimate and professional business. Strategic recommendations include enhancing security headers, formalizing security and incident response policies, and maintaining transparency in domain registration data.

C

Chudovo

chudovo.de

56

Chudovo is a medium-sized German-based software development company with over 15 years of market presence, specializing in custom software solutions, dedicated development teams, and IT consulting services. The company targets businesses seeking scalable, high-quality software development and maintenance, leveraging modern technologies and AI tools to enhance delivery and performance. Their market position is supported by a professional website, client testimonials, and a presence on reputable platforms like Clutch. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and SEO optimization via Yoast. Hosting and DNS are managed through Cloudflare, providing CDN and security benefits. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. From a security perspective, the site enforces HTTPS and uses Cloudflare for protection but lacks explicit security headers and formal security policies or incident response disclosures. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent mechanism, and GDPR adherence. Overall, the website and business demonstrate a solid risk posture with minor areas for improvement in security policy transparency and accessibility. The domain WHOIS data aligns well with the business claims, supporting legitimacy and trustworthiness.

S

Sisustuskoda OÜ

sisuko.ee

42

Sisustuskoda OÜ is a small Estonian company specializing in custom furniture manufacturing, particularly kitchen furniture. Established in 2014, it serves local consumers seeking high-quality, tailor-made interior solutions. The website reflects a niche retail business model with a focus on craftsmanship and design. The company maintains an active online presence with social media integration and a WooCommerce-based e-commerce platform. Technically, the website is built on WordPress using Elementor and Astra theme, leveraging modern web technologies and Google services such as reCAPTCHA and Tag Manager. Security posture is adequate with HTTPS enabled and basic protections, but lacks explicit security headers and formal privacy or cookie policies. Overall, the site is professional and functional, though privacy compliance and security best practices could be enhanced to improve trust and regulatory adherence.

Eesti Arst is a well-established Estonian medical journal operated by Celsius Healthcare OÜ, providing professional healthcare news, research, and clinical guidelines primarily for medical professionals in Estonia. The website is built on WordPress and integrates common analytics and marketing tools such as Google Analytics and Facebook Pixel. The technical infrastructure is solid with HTTPS and a mature domain, but lacks some compliance elements such as privacy and cookie policies. Security posture is moderate with room for improvement in security headers and incident response transparency. Overall, the site presents a professional and trustworthy front for its target audience.

Bole is a small manufacturing company specializing in innovative flooring products that follow the natural growth of trees, positioning itself as a sustainable and design-focused brand. The website is built on WordPress and incorporates modern web technologies including jQuery, Select2, Google Analytics, and Facebook Pixel for marketing and analytics purposes. The site features a catalog download form with user consent mechanisms, indicating attention to privacy compliance. Security posture is adequate with HTTPS enabled and basic form validation, but lacks explicit security headers and detailed security policies. The domain WHOIS data is privacy protected, which is common for small businesses, and no suspicious indicators were found. Overall, the website presents a professional and trustworthy front for a niche manufacturing business.

N

NEVERHACK

neverhack.ee

68

NEVERHACK Estonia is a leading cybersecurity company providing comprehensive cyber defense solutions to both private and public sector clients primarily in Estonia and nearby markets. Founded recently in 2023, the company offers a broad range of services including cyber operations centers (SOC), offensive security testing, advisory services, and cybersecurity solutions such as managed security infrastructure and cyber insurance. The website reflects a professional and modern digital presence built on WordPress with Bootstrap and integrates multiple analytics and marketing tools. The company holds ISO 27001 and ISO 9001 certifications, enhancing its credibility and trustworthiness. Technically, the website is well-structured with good mobile optimization and SEO practices. It uses Cloudflare DNS and CDN services, ensuring reliable hosting and performance. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms in place. Overall, NEVERHACK Estonia demonstrates a mature cybersecurity business with a solid market position in Estonia, targeting organizations requiring advanced cyber defense capabilities. The website supports this with clear service descriptions, contact options, and trust signals. There are no critical security issues detected, but recommendations include enhancing security headers and publishing incident response and vulnerability disclosure information to further strengthen security transparency and compliance.

W

Workforce Software

workforcesoftware.com

62

Workforce Software is an established enterprise SaaS provider specializing in cloud-based workforce management solutions, including time and attendance, scheduling, absence management, and labor forecasting. As part of ADP, it holds a strong market position as a leading and #1 rated workforce management software provider. The website reflects a mature digital presence with professional design, rich content, and clear navigation targeting large enterprises globally. The technical infrastructure is based on WordPress with Elementor and optimized for performance and mobile responsiveness. Security posture is solid with HTTPS and domain transfer protections, though improvements are recommended in security headers and published policies. Privacy compliance is currently weak due to missing privacy and cookie policies. Overall, the site demonstrates high business credibility and technical maturity but should enhance privacy and security transparency to meet enterprise standards.

GDF is a newly established company (2024) operating in the transportation and technology sectors, specializing in GPS tracking devices and solutions for vehicles and machinery in Africa. The website presents a professional and consistent brand image with clear contact information, targeting businesses and individuals requiring GPS tracking services. The technical infrastructure is based on WordPress with Elementor and Astra theme, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and credible but requires improvements in privacy and security disclosures to enhance trust and compliance.

E

Euribor.ee

euribor.ee

57

Euribor.ee is a specialized financial information website focused on providing current Euribor interest rates, historical data, and related financial tools such as loan and mortgage calculators. The site targets individuals and businesses primarily in Estonia and the Baltic region who require up-to-date Euribor data for financial decision-making. The website is built on a WordPress platform using modern technologies including Bootstrap for responsive design and Highcharts for interactive data visualization. It leverages Cloudflare DNS services and Google tools for analytics and advertising. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure, but lacks explicit security headers and formal privacy or cookie policies, indicating room for compliance improvement. The domain registration is consistent with the business focus and regional presence, enhancing trustworthiness. Overall, Euribor.ee presents a professional and functional digital presence with moderate risk due to privacy and security policy gaps.

E

eHost OÜ

hoius.ee

37

Hoius.ee is a newly launched Estonian informational website focused on educating visitors about financial deposits and savings products. The site provides content in Estonian language explaining what deposits are, their types, and their benefits. The business model appears to be an informational platform targeting individuals interested in saving money securely. The website is built on WordPress and hosted by eHost OÜ, a known Estonian hosting provider. The technical infrastructure is standard for small informational sites, using PHP 7.4 and common SEO plugins. The site is mobile optimized and has a moderate performance profile. Security posture is basic with HTTPS enabled but lacks security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. No contact or incident response information is provided, which limits trust and compliance. Overall, the site is functional and professional but requires improvements in privacy, security, and contact transparency to enhance credibility and compliance.

L

LEI suomalaisille yrityksille

lei.fi

55

The website lei.fi provides a specialized online service for Finnish companies to apply for and renew Legal Entity Identifiers (LEI) quickly and reliably. The business is positioned as a niche provider focusing on the Finnish market with value-added services such as multi-year discounts and fast processing times. The company behind the domain is Computernik OÜ, an Estonian-registered entity, which aligns with the domain registration data and registrar information. The website content is professionally presented in Finnish, targeting local businesses needing LEI codes for financial transactions. Technically, the site is built on WordPress using a modern theme (GeneratePress) and common plugins for forms, social sharing, and table of contents. It leverages Cloudflare for DNS and uses Google Analytics for visitor tracking. The site is mobile-optimized and has good SEO practices with proper meta tags and structured data. However, some accessibility features are basic, and security headers are not explicitly detected. From a security perspective, the site uses HTTPS with a good SSL configuration and follows best practices such as opening external links with noopener. No critical vulnerabilities or exposed sensitive data were found. However, the absence of security headers and cookie consent mechanisms indicates room for improvement in compliance and security posture. No incident response or security policy pages are published, which could enhance trust. Overall, the website is legitimate, transparent, and well-aligned with its business purpose. The domain is newly registered but consistent with the business launch timeline. Recommendations include implementing cookie consent, adding security headers, publishing security policies, and enhancing contact options to improve user trust and compliance.

The website laen.eu operates as a loan information and comparison portal primarily targeting Estonian consumers seeking various loan products such as quick loans, small loans, and secured loans. It provides detailed loan comparisons, affiliate links to loan providers, and educational content about loan types and borrowing in Estonia. The site leverages WordPress CMS with plugins for loan comparison, table of contents, and Google services for analytics and CAPTCHA protection. The technical infrastructure is modern and supports mobile responsiveness with moderate performance. Security posture is good with HTTPS enforced and use of Google reCAPTCHA, though it lacks explicit security headers and formal privacy or cookie policies. Contact information is limited to a contact form without direct emails or phone numbers, which may impact user trust. Overall, the site is functional, professional, and serves its niche well but would benefit from enhanced privacy compliance and security best practices.

K

Kiirlaen.ee

kiirlaen.ee

53

Kiirlaen.ee is an Estonian loan comparison platform specializing in quick loans up to €10,000. It provides users with detailed comparisons of loan offers from multiple providers, educational content about loan types, and referral links to loan applications. The platform targets Estonian consumers seeking fast, short-term financing solutions without collateral. Technically, the website is built on WordPress, uses modern web technologies including JavaScript and FontAwesome, and integrates Weglot for multilingual support. It is hosted with eHost OÜ and uses Cloudflare DNS services. Security posture is solid with HTTPS enforced and no exposed sensitive data, though explicit security headers and incident response policies are absent. Privacy compliance is partial, with a comprehensive privacy policy but lacking cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-optimized for SEO and mobile use, serving as a reliable resource for loan seekers in Estonia.

C

College of Saint Benedict and Saint John’s University

csbsju.edu

74

The College of Saint Benedict and Saint John’s University is a well-established higher education institution in the United States, offering a broad range of undergraduate academic programs and fostering a vibrant campus community. The website reflects a strong market position as a liberal arts college with a shared vision between two campuses, targeting prospective and current students, faculty, and staff. The business model centers on providing quality education and community engagement. Technically, the website is built on WordPress with a custom Skeletor theme, leveraging modern SEO tools like Yoast and analytics platforms such as Google Analytics and Microsoft Clarity. The site is mobile-optimized, accessible, and performs moderately well. Security posture is strong with HTTPS, security headers, and reCAPTCHA integration, although explicit security policies and incident response information are not published. The absence of WHOIS data is notable but likely due to .edu domain registration policies, which do not diminish the website's legitimacy. Overall, the site demonstrates professionalism, trustworthiness, and compliance with privacy regulations.

Drama Queen Communications is a Nordic marketing and communications agency founded in 2018, specializing in creative business advantage through marketing, advertising, technology, and communications services. The company positions itself as an award-winning agency with a strong presence in the Nordic market, targeting businesses seeking innovative and creative marketing solutions. Their website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the site is built on WordPress with modern tools such as Gravity Forms, Yoast SEO, and Google Tag Manager, hosted behind Cloudflare DNS. Security measures include HTTPS enforcement and Google reCAPTCHA on forms, with a comprehensive cookie consent mechanism supporting GDPR compliance. However, explicit security policies and incident response information are not published, representing an area for improvement. Overall, the website and domain registration data indicate a legitimate and credible business with a strong digital presence.

Inission Group is a Swedish company specializing in contract manufacturing and innovative power systems, targeting investors and business partners. The company maintains a professional web presence with comprehensive investor relations content including financial reports, press releases, and corporate governance information. The website is built on WordPress with modern technologies such as jQuery and Yoast SEO, and includes multilingual support via GTranslate. Security posture is solid with HTTPS enabled and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit incident response policies. WHOIS data is unavailable, which slightly impacts trust but the overall business credibility remains high based on website content and transparency. The site is accessible without WAF or security challenges, indicating good operational stability.

N

Nordic Science Investments Oy

nordscience.fi

46

Nordic Science Investments Oy is a Finnish venture capital firm specializing in transforming scientific research into successful startups, focusing on deeptech, healthtech, and life sciences sectors within the Nordic region. The company acts as an anchor investor and incubator, supporting university spinouts and early-stage innovations. The website reflects a professional and consistent brand image with clear messaging targeting founders and investors in science-based startups. Technically, the site is built on WordPress with Elementor, uses modern web technologies, and includes Google Analytics for tracking. Security posture is good with HTTPS and reCAPTCHA implemented, though additional security headers could enhance protection. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. Overall, the domain registration data aligns well with the business identity, indicating legitimacy and trustworthiness.

N

Net Group

netgroup.com

65

Net Group is a well-established digital transformation and software development company founded in 2004, offering a broad range of services including cybersecurity, CTO as a service, business model innovation, product development, AI-powered solutions, and software development. The company targets businesses seeking to innovate and grow through technology, positioning itself as a strategic partner with a strong portfolio of success stories and reputable clients. Technically, the website is built on WordPress and integrates modern marketing and analytics tools such as HubSpot, Google Tag Manager, and Facebook Pixel. The site is mobile-optimized and designed with a professional user experience. Security posture is good with HTTPS enforced and domain transfer protection, but lacks some security headers and DNSSEC. Privacy compliance is strong with clear cookie and privacy policies and consent mechanisms. Overall, the website reflects a credible and professional business with moderate to high digital maturity.

E

Energex OÜ

energex.ee

45

Energex OÜ is an Estonian consulting company specializing in energy audits, digitalization, sustainability, and funding support services. Established in 2015, the company serves over 250 organizations across private and public sectors, positioning itself as a trusted partner in the energy sector. Their key offerings include energy and resource audits, green audits, digitalization roadmaps, funding application assistance, procurement management, and ESG analyses. The website reflects a professional and consistent brand image with comprehensive service descriptions and client trust indicators such as certifications and client logos. Technically, the website is built on WordPress with performance optimizations via WP Rocket and integrates Google Analytics and Tag Manager for analytics. Cookie consent is managed through CookieYes, ensuring compliance with privacy regulations. The site is mobile-optimized, fast-loading, and SEO-friendly, demonstrating a mature digital infrastructure. From a security perspective, the site enforces HTTPS and employs some security headers, though there is room for improvement in publishing explicit security policies and incident response information. No critical vulnerabilities or blocking mechanisms were detected, indicating a solid security posture. WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, Energex presents a credible, professional, and trustworthy online presence with strong business credibility and good technical implementation. Strategic recommendations include enhancing security transparency and formalizing vulnerability disclosure mechanisms to further strengthen trust and compliance.

B

Baltic Innovation Agency

bia.ee

40

Baltic Innovation Agency is a small Estonian innovation management company established in 2010, focused on connecting ideas, people, and funding to foster innovation in the Baltic region. Their key services include innovation consulting, analysis, management, and funding support, targeting startups, clusters, smart cities, and green deal initiatives. The website is built on WordPress with modern plugins and SEO tools, showing good digital maturity and mobile optimization. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks explicit security headers and formal privacy/cookie policies, indicating room for compliance improvement. Overall, the site is professional and trustworthy, with clear contact information and partner affiliations, but should enhance privacy compliance and security transparency to reduce risk.

T

The FinTechers

thefintechers.com

53

The FinTechers is a fintech accelerator focused on supporting Central and Eastern European fintech founders to grow rapidly and build impactful companies. The website presents a clear value proposition emphasizing mentorship, regulatory support, investment opportunities, and access to a collaborative ecosystem. The business is positioned as a specialized accelerator backed by StartupYard and DEPO Ventures, with strong trust signals from industry testimonials. Technically, the site is built on WordPress using the Enfold theme and related plugins, delivering a good user experience with mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled but lacks advanced security headers and cookie consent mechanisms, which are recommended for compliance and protection. WHOIS data indicates a very new domain consistent with the startup's founding year, though the creation date appears to be in the future, likely a data anomaly. Overall, the website is professional, credible, and well-targeted but could improve privacy and security practices.

Giras Tech is a Chile-based small business specializing in organizing immersive group travel experiences focused on technology and innovation sectors. Their website presents a professional and modern WordPress-based platform using the Kadence theme and blocks, featuring multimedia content and partner logos to build trust. The business targets technology enthusiasts and professionals seeking unique networking and learning opportunities through curated trips. Technically, the site is hosted on GreenGeeks, uses HTTPS with a valid SSL certificate, and incorporates modern web technologies such as HTML5 video backgrounds and carousel galleries. However, the site lacks explicit privacy and cookie policies, and no direct contact emails or phone numbers are provided, relying solely on a contact form. Security posture is generally good with no obvious vulnerabilities or exposed sensitive data, but DNSSEC is not enabled and security headers are missing. WHOIS data shows privacy protection consistent with a new business domain registered in 2023. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security best practices.

S

Skaala

skaala.org

56

Skaala is a small Estonian investment company focused on creating meaningful, long-term value through private equity, real assets, and impact-driven projects. The company has roots dating back to 2005 with founders experienced in successful tech ventures and operates with a professional team led by four partners. The website reflects a modern, well-structured digital presence built on WordPress with advanced SVG animations and integration of Google Analytics for user insights. Security posture is adequate with HTTPS and domain transfer protection, but lacks explicit security headers and privacy compliance documentation such as privacy and cookie policies. Contact information is clearly provided, enhancing business credibility. Overall, Skaala presents as a legitimate and professional investment firm with room for improvement in privacy and security transparency.

V

Valencia Innovation Capital

valenciainnovationcapital.com

46

Valencia Innovation Capital is a municipal platform launched by the Innovation Department of the Valencia City Council to foster a dynamic, diverse, and creative city ecosystem. It aims to unite all stakeholders in Valencia's innovation and technological entrepreneurship ecosystem to collaboratively drive political and economic transformation towards a sustainable and technologically advanced future. The website is built on WordPress using modern plugins and frameworks, featuring multilingual support and active event programming. Security posture is solid with HTTPS, reCAPTCHA on forms, and cookie consent mechanisms, though DNSSEC is not enabled and security headers are not evident. The domain is newly registered in 2024, consistent with the initiative's launch. Overall, the site demonstrates good technical maturity, privacy compliance, and business credibility.

N

Nucleate Bio, Inc.

nucleate.org

56

Nucleate Bio, Inc. operates a globally recognized, student-led organization dedicated to empowering biotech leaders and innovators. The organization offers educational programs, venture acceleration through its Activator program, and fosters a global community of bio-entrepreneurs. Supported by leading biotech companies and world-class advisors, Nucleate positions itself as a key player in the biotech innovation ecosystem. Technically, the website is built on WordPress with modern SEO and analytics tools, delivering a professional and responsive user experience. Security posture is solid with HTTPS and no evident vulnerabilities, though it lacks some advanced security headers and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site reflects a credible and trustworthy organization with room for improvement in privacy and security transparency.

P

Polish-Estonian Chamber of Commerce (POLESTCC)

polestcc.org

53

The Polish-Estonian Chamber of Commerce (POLESTCC) is a small, specialized business association established in 2020 to foster economic exchange and cooperation between Poland and Estonia. It serves entrepreneurs and companies operating or planning to operate in these countries by providing networking opportunities, business representation, and support for international development. The website reflects a professional and consistent brand image with clear business descriptions and active social media engagement. Technically, the site is built on WordPress with a modern theme and plugins, offering good SEO and mobile optimization. Security posture is solid with HTTPS, CAPTCHA on contact forms, and GDPR-compliant consent mechanisms, though DNSSEC is not enabled and some security headers are missing. Overall, the domain registration details align well with the business identity, supporting legitimacy. The site is accessible without WAF or blocking mechanisms, enabling full analysis.

T

Thinking in Billions – 21 May 2025

thinkinginbillions.eu

43

Thinking in Billions is a specialized event focused on fostering innovation through government-led regulatory sandboxes and legal experimentation frameworks. The event is closely tied to Estonian government entities and Latitude59, positioning it as a niche but credible platform for collaboration between public and private sectors in technology and defense innovation. The website is built on a modern WordPress platform using Elementor, with integration of Google Analytics and Tag Manager for tracking. While the site is professionally designed and mobile-optimized, it lacks critical privacy and cookie policies, which impacts compliance and user trust. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but security headers and incident response information are missing. Overall, the site is legitimate and consistent with its stated purpose but would benefit from enhanced privacy compliance and security transparency.

W

Workflows OÜ

workflows.ee

35

Workflows OÜ, operating under the ADM Workflows brand, is a medium-sized Estonian technology company specializing in the sales, implementation, and hosting of Atlassian products. They provide comprehensive services including consultation, license sales, cloud hosting, and user support, targeting businesses seeking to optimize their project management and IT workflows. The company holds recognized certifications such as Atlassian Gold Solution Partner and AWS hosting capabilities, positioning them strongly in the Atlassian ecosystem. Technically, the website is built on WordPress with modern SEO and analytics tools like Yoast SEO and Google Analytics. The site is mobile-optimized with good navigation and content quality, although some accessibility features are basic. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and published security policies. From a security and compliance perspective, the site does not display privacy or cookie policies, nor incident response or security policy documentation, which are areas for improvement. Contact information is clearly provided, enhancing business credibility. The WHOIS data aligns well with the website content, confirming legitimacy. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency to improve user trust and regulatory adherence.

T

The Hackett Group®

thehackettgroup.com

75

The Hackett Group® is an enterprise-level consulting firm specializing in generative AI (Gen AI) solutions and digital transformation services. The company positions itself as a market leader with proprietary platforms such as AI XPLR™ and strategic acquisitions including LeewayHertz, Spend Matters™, and ZBrain™. Their services span business benchmarking, executive advisory, market intelligence, and technology implementation, targeting businesses aiming to leverage AI for breakthrough performance. The website reflects a mature digital presence with rich content, multimedia integration, and comprehensive navigation, indicating a high level of digital maturity. Technically, the website is built on WordPress with modern SEO and analytics tools including Yoast SEO, Google Tag Manager, Hotjar, Microsoft Clarity, and Zoominfo. The site is mobile-optimized and performs moderately well, with good accessibility and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and policies are not fully documented. Privacy compliance is basic, with cookie consent but no visible privacy policy or terms of service in the provided content. Overall, the security posture is good but could be improved by adding explicit security policies, incident response information, and vulnerability disclosure mechanisms. The absence of WHOIS data for the domain is a notable concern, suggesting either privacy protection or data unavailability, which impacts domain legitimacy assessment. Despite this, the professional website content and business information support a credible business presence. Strategic recommendations include enhancing transparency on privacy and security policies, implementing additional security headers, publishing incident response and vulnerability disclosure information, and verifying domain registration details to improve trust and compliance.

V

Visionest Institute

visionest.institute

47

Visionest Institute is an Estonian education and training organization formed by the merger of Marketingi Instituut, Invicta, and Director. It offers a variety of training courses and development programs targeting both businesses and individual learners, positioning itself as a reputable provider in the Estonian market. The website is professionally designed, mobile-optimized, and uses modern marketing and analytics tools such as HubSpot, Google Tag Manager, and Facebook Pixel to engage and track visitors. The technical infrastructure is based on WordPress with WooCommerce, supported by performance optimization via WP Rocket. Security posture is solid with HTTPS enabled and domain transfer protection, though some security headers and DNSSEC are missing. Privacy compliance is strong with a clear cookie consent mechanism and a comprehensive privacy policy in Estonian. No explicit security policy or incident response contacts were found, indicating room for improvement in transparency. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

V

Virtuaal.com

virtuaal.com

54

Virtuaal.com is an Estonian-based web hosting and domain registration company operating since 2003/2004, offering a comprehensive range of services including virtual servers, VPS cloud servers, domain registration, and SSL certificates. Positioned as a reliable local provider, it emphasizes quality, speed, and security, leveraging advanced technologies and hosting in a premium Tallinn data center. The website reflects a mature digital presence with professional design, good user experience, and clear business information. However, the absence of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy. Technically, the site uses WordPress with Materialize CSS and integrates Google Analytics and Tag Manager for tracking. Security posture is generally good with HTTPS enforced and secure form handling, but lacks some security headers and a cookie consent mechanism, which are recommended for enhanced compliance and protection.

N

NEVERHACK

cybers.eu

68

NEVERHACK Estonia is a leading cybersecurity company providing comprehensive cyber defense services to both private and public sector clients in Estonia and the surrounding region. The company offers a broad range of services including cyber operations centers (SOC), offensive security testing such as penetration testing and red team exercises, advisory services including virtual CISO and risk assessments, as well as cybersecurity solutions like managed security infrastructure and cyber insurance. The website reflects a professional and modern digital presence with clear branding, good content quality, and strong trust signals including ISO certifications and media coverage. Technically, the site is built on WordPress with Bootstrap and integrates multiple analytics and marketing tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit incident response contacts could improve the posture further. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, NEVERHACK Estonia presents a credible and trustworthy cybersecurity service provider with a solid market position and growing digital maturity.

D

Smart Hem & Tekniktrender – Din Guide till Innovation

datastugan.se

54

Datastugan.se is a Swedish-language blog focused on smart home technology, energy saving, and technological innovations. The website provides news, product reviews, and guides aimed at consumers interested in modern home technology solutions. The business operates as a content publisher with a niche focus on technology trends in Sweden, targeting tech-savvy individuals and homeowners seeking advice on smart home devices and energy efficiency. The site is relatively new, with domain registration in late 2024 and content updated through early 2025. The business model centers on content marketing and possibly affiliate partnerships, although no explicit affiliate programs were detected. Technically, the website is built on WordPress using a modern tech stack including Bootstrap 4, jQuery, and Owl Carousel for UI components. SEO is enhanced with the Yoast SEO plugin, and analytics are handled via Matomo, a privacy-conscious analytics platform. The site is mobile-optimized and demonstrates good navigation and content structure. Hosting details are not explicit but DNS is managed via Cloudflare, providing some performance and security benefits. From a security perspective, the site uses HTTPS with a valid SSL certificate, but lacks DNSSEC and security headers such as Content-Security-Policy or X-Frame-Options. No privacy or cookie policies are present, which is a compliance gap under GDPR. Contact information is limited to a contact form with no direct emails or phone numbers. No incident response or vulnerability disclosure information is provided, which could be improved to enhance trust and security posture. Overall, the website presents a professional and trustworthy front for a small technology blog but would benefit from enhanced privacy compliance, security hardening, and clearer business contact information to improve credibility and user trust.

N

Nordic Aviation Group

xfly.ee

44

Nordic Aviation Group is a medium-sized airline organization based in Estonia, operating multiple airline brands including Nordica and Xfly. The company provides aviation services primarily in the transportation sector, targeting airline passengers and industry stakeholders. The website content focuses on a recent bankruptcy filing, indicating significant financial distress. The company maintains a professional online presence with consistent branding and structured data, but lacks some privacy and security policy disclosures. Technically, the website is built on WordPress with modern technologies such as Bootstrap and Google Tag Manager. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but could be improved with additional security headers and incident response information. Overall, the website is trustworthy and professionally maintained, but the lack of cookie consent and explicit privacy compliance mechanisms represents a compliance gap. The absence of contact emails and phone numbers on the analyzed page limits direct communication channels. Strategic improvements in privacy compliance and security transparency are recommended to enhance trust and regulatory adherence.

N

Nordic Aviation Group

nagroup.ee

44

Nordic Aviation Group is a regional airline group based in Estonia, operating under brands such as Nordica and Xfly. The company provides passenger air transport services primarily in the Nordic and Baltic regions. The website presents official press releases and corporate information targeting passengers, industry stakeholders, and potential employees. The business is positioned as an important regional player with a medium-sized operational scale. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates SEO and analytics tools such as Rank Math and Google Tag Manager. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and follows some best practices but lacks explicit security headers and a published security policy. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the domain registration data aligns well with the business identity, supporting legitimacy and trustworthiness.

M

Meriton Property Services Pty Ltd

meritonsuites.com.au

53

Meriton Suites is a leading Australian hospitality company specializing in serviced apartment-style hotel accommodation. Founded in 2003 and owned by Meriton Property Services Pty Ltd, it operates over 6,200 suites across 23 prime locations in Australia, positioning itself as the largest operator in this niche. The company targets business travelers, families, and extended stay guests, offering spacious suites with home-like amenities and a loyalty program called Eminence. The website reflects a mature digital presence with comprehensive content, clear navigation, and a professional design that supports direct bookings and customer engagement. Technically, the website is built on WordPress and leverages modern JavaScript libraries and frameworks such as UIkit, Owl Carousel, and Slick Carousel. It integrates multiple marketing and analytics tools including Google Analytics, Facebook Pixel, Hotjar, Klaviyo, and Campaign Monitor, indicating a sophisticated approach to user tracking and marketing automation. Hosting and DNS are managed through Cloudflare, ensuring robust performance and security. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. From a security perspective, the site uses HTTPS with strong SSL configuration and employs Cloudflare DNS, but lacks explicit security headers and visible incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is partial; while a comprehensive privacy policy and terms of service are present, there is no cookie consent mechanism, which may affect GDPR compliance. Contact information is available, but no dedicated security or incident response contacts were found. Overall, Meriton Suites' website demonstrates a high level of professionalism and business credibility with a strong market position in the Australian hospitality sector. Security posture is good but could be improved with enhanced privacy compliance and security policies. Strategic recommendations include implementing cookie consent, adding security headers, and publishing incident response information to strengthen trust and compliance.

G

G.E.O Grupp OÜ

geogrupp.ee

39

G.E.O Grupp OÜ is an Estonian company specializing in geodesy and infrastructure design services, including construction marking, street design, and 3D modeling. Established in 2010, it serves primarily the Pärnu region and other Estonian cities such as Tartu, Narva, and Tallinn. The company positions itself as a local expert in geodetic and infrastructure project services, targeting construction firms and municipal clients. The website reflects a professional small business with clear service offerings and business registration transparency. Technically, the website is built on WordPress using the Enfold theme and several plugins including Yoast SEO and W3 Total Cache, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly but lacks advanced accessibility features. Security posture is adequate with HTTPS enforced and Wordfence plugin presence, but lacks visible security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security transparency.

S

SIA ReālProjekts

realprojekts.lv

38

SIA ReālProjekts is a Latvian project design organization specializing in transport infrastructure, geodesy, and water supply and sewage systems. With over 20 years of experience and a team comprising experts from Latvia and neighboring countries, the company has successfully completed over 1100 projects serving more than 1000 satisfied clients. The website reflects a professional and consistent brand presence targeting organizations requiring engineering design services in the Baltic region. Technically, the site is built on WordPress with standard plugins and Google Analytics integration, offering good mobile responsiveness and SEO optimization. Security posture is adequate with HTTPS and cookie consent mechanisms but lacks advanced security headers and explicit security policies. Overall, the website is trustworthy and well-maintained, supporting the company's market position as a reliable engineering partner.

A

AS TREV-2 Grupp

trev2.ee

52

AS TREV-2 Grupp is a well-established Estonian company specializing in infrastructure construction and maintenance, including road building, traffic management, and natural resource mining. The company positions itself as a market leader in Estonia with a focus on sustainable and smart solutions to improve quality of life and safety. Their website reflects a professional and modern digital presence, leveraging WordPress CMS with SEO and cookie compliance plugins, and integrates Google Analytics for performance tracking. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site demonstrates a mature business with good technical infrastructure and compliance awareness.

H

Hendrikson & Ko OÜ

hendrikson.ee

33

Hendrikson & Ko OÜ operates the Hendrikson DGE website, a professional environmental consulting firm based in Estonia and part of the larger DGE Group. The company offers a broad range of services including planning, environmental management, impact assessments, industrial risk analysis, infrastructure, biodiversity, sustainability, GIS, and spatial solutions. The website reflects a medium-sized enterprise with a clear market position as a leader in environmental consulting within the Nordic and Baltic regions. The company targets both private and public sector clients seeking sustainable and innovative environmental solutions. Technically, the website is built on WordPress using the Avada theme and employs modern SEO and performance optimization tools such as Yoast SEO and WP Rocket. Analytics are implemented via Google Tag Manager and Analytify, indicating a moderate level of digital maturity. Security posture is good with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and explicit privacy/cookie policies indicates room for improvement. Overall, the website is professional, trustworthy, and well-structured, but could enhance compliance and security transparency.

E

EveryPay

every-pay.eu

46

EveryPay operates a multilingual merchant support website providing comprehensive resources and tools for merchants using their payment gateway services. The site offers detailed documentation, integration guides, and customer support contact information, targeting e-commerce businesses primarily in the Baltic region. The business is positioned as a regional payment service provider with a medium-sized operation and a focus on merchant risk management and payment processing solutions. Technically, the website is built on WordPress with common SEO and multilingual plugins, and it integrates tracking tools such as Google Analytics. The site is well-structured, mobile-optimized, and provides a good user experience. Security posture is solid with HTTPS enforced and secure form handling, though it lacks explicit security headers and formal privacy or cookie policies. WHOIS data for the subdomain is unavailable as expected, but the overall domain legitimacy is supported by consistent branding and contact details. Recommendations include adding privacy and cookie policies, implementing security headers, and publishing incident response information to enhance trust and compliance.