Security Directory

H

Holstre Külaselts

holstre.ee

40

Holstre Külaselts is a local community association representing the village of Holstre in Viljandi County, Estonia. The website serves as an informational portal providing news, cultural heritage trail details, local projects, and community events. The organization appears to be a small non-profit entity focused on promoting local culture and community engagement. The website is built on WordPress using the Astra theme and Elementor page builder, incorporating modern web technologies and plugins such as Google Analytics and 360-degree image viewers. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content for its target audience. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal security policies. Privacy compliance is minimal, with no visible privacy or cookie policies, which is a gap for GDPR compliance. Overall, the website is trustworthy and professionally maintained but could improve in privacy and security transparency.

Netbox Finland Oy is a Finnish technology company specializing in electronic invoicing, banking connection services, EDI, and company data solutions. The company positions itself as a customer-centric digital services provider offering comprehensive integration and data management services through a single interface. Their market focus includes both private and public sector organizations seeking efficient digital transaction and data solutions. The website reflects a professional and consistent brand image with clear service offerings and customer testimonials. Technically, the website is built on WordPress with modern web technologies including Google Fonts, Libre Form plugin for contact forms, and tracking scripts such as Leadfeeder and Google Tag Manager. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security best practices are observed with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent banner. The WHOIS data confirms the legitimacy of the domain and its alignment with the business entity. Overall, the website demonstrates a mature digital presence with good security and privacy practices. Strategically, the company should consider publishing explicit security policies and incident response information, implementing security.txt for vulnerability disclosures, and enhancing security headers to further strengthen their security posture and trustworthiness.

D

Directo äritarkvara

directo.ee

53

Directo äritarkvara is a well-established Estonian business software provider specializing in ERP, accounting, financial management, warehouse, production, and CRM solutions. The company holds a strong market position in Estonia with the largest user base for web-based business software. Their business model is SaaS, targeting Estonian and regional businesses, supported by multilingual websites for neighboring countries. Technically, the website is built on WordPress with modern integrations such as Google Tag Manager, Facebook Pixel, and Cookiebot for consent management. The site is mobile-optimized and SEO-friendly, though some accessibility features are basic. Security posture is good with HTTPS and cookie consent mechanisms, but there are gaps such as missing advanced security headers and a misconfiguration in Cookiebot domain group authorization. No privacy policy or terms of service pages were detected, which impacts compliance and trust. WHOIS data confirms domain legitimacy with consistent registration since 2010. Overall, the website is professional and credible but would benefit from enhanced privacy and security disclosures.

I

Inodia

inodia.fr

49

Inodia is a small regional digital agency based in Brittany, France, specializing in web design, SEO, and digital marketing services. The company targets local businesses and professionals in Lamballe, Rennes, and surrounding areas, offering tailored digital solutions to enhance online presence. The website is built on WordPress using Elementor and optimized with WPRocket, reflecting a modern and performant technical infrastructure. Privacy and cookie policies are well implemented with GDPR compliance and user consent mechanisms. Security posture is solid with HTTPS enforced and security headers present, though no explicit security policy or incident response information is published. The absence of WHOIS data limits domain trust assessment but the professional website and clear contact information support legitimacy. Overall, Inodia presents a credible and professional digital presence with room for improvement in transparency around security policies and domain registration details.

H

Harju Elekter

harjuelekter.se

39

Harju Elekter Sverige is a medium-sized business specializing in electrical distribution and electrification solutions, serving energy companies, industrial sectors, infrastructure projects, and large properties primarily in Sweden and the Nordic-Baltic region. The company is part of the larger Harju Elekter group headquartered in Estonia, with a well-established market presence since 2010. Their website reflects a professional and consistent brand image, showcasing key services such as prefabricated distribution stations, transformers, SCADA systems, and fiber cabinets. Technically, the site is built on WordPress using the Avada theme and incorporates modern SEO and marketing tools, including Google Tag Manager and Facebook Pixel. Security posture is adequate with HTTPS enforced and reCAPTCHA protecting forms, though improvements like DNSSEC and security headers are recommended. Privacy compliance is addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a solid business credibility and digital maturity appropriate for its sector and size.

U

UPGREAT

upgreat.ee

53

UPGREAT is an Estonian-based e-commerce retailer specializing in used and guaranteed Apple devices such as iPhones, MacBooks, iPads, and Apple Watches. The company positions itself as the largest provider of checked used Apple products in Estonia, offering a two-year warranty to customers. The website is built on WordPress with WooCommerce, leveraging modern marketing and analytics tools including Google Tag Manager, TikTok Pixel, Hotjar, and Klaviyo, indicating a mature digital marketing infrastructure. Cookie consent is managed via Cookiebot, ensuring compliance with cookie regulations. However, explicit privacy and terms of service policies are not detected in the provided content, which may impact compliance and user trust.

PixaHive is a small, donation-supported media platform providing free stock photos under the Creative Commons CC0 public domain license. It targets photographers, content creators, and marketers seeking unrestricted image use. The platform operates on WordPress, leveraging common web technologies and Cloudflare DNS for performance and security. The website is well-structured with good SEO and mobile optimization, offering a positive user experience. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and explicit security policies. Privacy compliance is basic, with no cookie consent despite tracking pixels. Overall, the site is legitimate and trustworthy but could improve in privacy and security transparency.

S

Suomen Hostingpalvelu Oy

hostingpalvelu.fi

63

Suomen Hostingpalvelu Oy is a Finnish technology company specializing in domain registration, web hosting, and website building services. Established in 2008, it has positioned itself as a trusted local provider with a strong emphasis on customer service and technical reliability. The company offers a range of hosting packages, including AI-assisted WordPress hosting, targeting both individual and business customers in Finland. Their partnership with Suomen Yrittäjät further strengthens their market credibility. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and jQuery, and integrates multiple analytics and marketing tools like Google Analytics, Hotjar, and Trustmary. The site is well-optimized for SEO, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Hosting servers are located in Finland, ensuring good performance and compliance with local data regulations. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. It employs cookie consent mechanisms compliant with GDPR. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. No critical vulnerabilities or suspicious patterns were detected. Overall, Suomen Hostingpalvelu Oy demonstrates a high level of professionalism, trustworthiness, and compliance, making it a reliable service provider in the Finnish hosting market. Strategic enhancements in security transparency and incident response readiness would further strengthen their security posture.

I

Infobuild Oy

infobuild.fi

57

Infobuild Oy is a Finnish technology company specializing in business intelligence, data integration, and software solutions. Established in 1998, the company offers a range of services including technical consulting, BI and data support, training, and SAP-related services. Their market position is supported by a long-standing domain registration and a focused product portfolio including TIBCO and SAP solutions. The website reflects a professional and consistent brand image targeting businesses seeking advanced data solutions. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Elementor, hosted by Hostingpalvelu. Performance and mobile optimization are good, though accessibility could be improved. Security posture is solid with HTTPS and security headers, but lacks DNSSEC and published security policies. Privacy compliance is partial with cookie consent but no dedicated privacy policy page. Overall, the site is trustworthy and credible with room for improvement in privacy and security transparency.

V

Vanalinna Ehitus

vlrestaurering.se

40

Vanalinna Ehitus is a specialized restoration company focusing on the renovation of plastered facades and restoration of wooden windows and doors, particularly for culturally protected and historically valuable buildings. The company operates primarily in Sweden and emphasizes quality craftsmanship, flexibility, and preservation of architectural heritage. Their market position is that of a niche specialist serving clients who require expert restoration services for heritage properties. Technically, the website is built on WordPress with modern front-end technologies such as Bootstrap and jQuery, optimized for performance and mobile responsiveness. SEO practices are well implemented, and the site uses structured data to enhance search engine understanding. Hosting details are not explicit, but the domain is registered with Ascio and uses European name servers. From a security perspective, the site uses HTTPS with good SSL configuration but lacks DNSSEC and some recommended security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a privacy policy and cookie consent mechanism present, but no terms of service or explicit security policies. Contact information is clear and professional, enhancing business credibility. Overall, the website presents a professional and trustworthy image with a solid technical foundation and good content quality. The main areas for improvement include enhancing security headers, publishing a security policy, and improving privacy compliance details to align better with GDPR requirements.

D

DIELINE

thedieline.com

63

DIELINE is a well-established media platform founded in 2007, specializing in packaging innovation and design insights. It serves a niche audience of packaging professionals, designers, and brand managers by providing news, interviews, award programs, and a job board. The website operates on a WordPress CMS with WooCommerce for memberships and advertising revenue streams. The technical infrastructure includes modern tracking and marketing tools such as Google Analytics, TikTok Pixel, LinkedIn Insight, and Sendinblue for email marketing. The domain is registered with GoDaddy and uses Cloudflare DNS, with multiple domain lock statuses enhancing domain security. However, DNSSEC is not enabled, and no explicit security or incident response policies are published. Privacy compliance is basic, with no visible cookie consent mechanism or detailed privacy policy. Overall, the website is professional, content-rich, and credible but could improve in privacy and security transparency.

E

Etapes :

etapes.com

49

Étapes is a well-established French media company specializing in design, image, and visual communication since 1994. The website serves as a digital magazine platform offering editorial content, subscription services, event agendas, and job listings targeted at design professionals and enthusiasts. The company maintains a consistent brand presence across multiple social media platforms, reinforcing its market position as a reference media in its sector. Technically, the website is built on WordPress with WooCommerce integration for e-commerce capabilities, leveraging modern web technologies and SEO plugins to optimize content delivery and user experience. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but lacks visible security headers and explicit privacy and cookie policies, which are critical for compliance and trust. The absence of WHOIS registration data raises concerns about domain legitimacy, warranting further verification. Overall, the site is professional and functional but would benefit from enhanced transparency and security practices.

P

Proact IT NL | #thepoweroftogether

proact.nl

75

Proact IT NL is a well-established European IT service and managed service provider specializing in cloud and data center solutions. With a strong presence in 12 countries across Europe and North America, the company targets enterprise clients seeking advanced IT infrastructure and managed services. Their business model focuses on delivering tailored cloud transformation, security, storage, and professional consulting services. The website reflects a mature digital presence with comprehensive investor relations and corporate governance information, underscoring their market position and transparency. Technically, the website is built on WordPress with Elementor and Yoast SEO, leveraging modern web technologies and third-party tools like Google Tag Manager and Cookiebot for analytics and compliance. The site is mobile-optimized, accessible, and SEO-friendly, indicating a high level of digital maturity. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. Overall, Proact IT NL demonstrates a high level of professionalism, security awareness, and compliance, making it a trustworthy and credible IT service provider. The domain registration details align well with the company's history and business claims, further reinforcing legitimacy. Strategic recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure information to enhance transparency and security readiness.

P

Proact DE

proact.de

75

Proact Deutschland is a large, established IT service provider specializing in data and information management, cloud services, and data center solutions. Positioned as a leading European specialist, the company targets businesses seeking comprehensive IT strategy consulting, implementation, and operational support. The website reflects a professional digital presence with clear branding and consistent messaging aligned with its market position. Technically, the website is built on WordPress using modern plugins such as Yoast SEO Premium and Elementor, supported by SiteGround hosting inferred from optimization plugins. The site employs HTTPS with strong SSL configuration and integrates Cookiebot for GDPR-compliant cookie consent management. Google Tag Manager and reCAPTCHA are used for analytics and bot protection respectively, indicating a mature digital infrastructure. From a security perspective, the site demonstrates good practices including HTTPS enforcement and consent management. However, it lacks explicit security headers, published security policies, and incident response contacts, which are recommended for enhanced security posture. No vulnerabilities or suspicious activities were detected in the analysis. Overall, the website is trustworthy and professionally maintained, with moderate to good scores in content quality, technical implementation, security, privacy compliance, and business credibility. Strategic improvements include publishing privacy and security policies, adding security headers, and providing clear contact information for incident response to further strengthen trust and compliance.

A

Andevis

virosoft.ee

42

Andevis is an Estonian software development company specializing in integrated HR and payroll management solutions, including their flagship Virosoft HR system. The company targets businesses seeking tailored personnel accounting, work time tracking, payroll, training, and self-service portals. The website is professionally designed using WordPress and includes multiple contact forms secured with Google reCAPTCHA v2. The technical infrastructure is modern but lacks some advanced security headers. The domain is well-established since 2010 and registered with an Estonian registrar consistent with the business location. However, the site lacks visible privacy and cookie policies, which impacts compliance scores. Overall, the website presents a credible and professional business presence with room for improvement in privacy and security practices.

A

AccountInsight

accountinsight.ai

53

AccountInsight operates as a specialized B2B Demand Side Platform (DSP) focusing on cookieless display advertising and intent-based marketing. The platform targets B2B marketers aiming to reach companies with account-based advertising and live intent data. The website presents a professional and consistent brand image with clear messaging about its services and value proposition. Technically, the site is built on WordPress with Elementor and employs modern SEO and analytics tools, including Google Tag Manager, Matomo, and Microsoft Clarity, indicating a mature digital infrastructure. Security measures include HTTPS, Google reCAPTCHA Enterprise, and a comprehensive cookie consent mechanism, reflecting a strong commitment to user privacy and compliance. However, the absence of publicly available WHOIS data due to privacy protection limits domain registration transparency. Overall, the website demonstrates a solid security posture and good privacy compliance, with room for improvement in publishing explicit privacy policies and contact information.

A

A Million Ads

amillionads.com

56

A Million Ads (AMA) is a technology-driven company specializing in dynamic creative advertising for audio platforms. They position themselves as a leader in delivering customized, data-driven audio ads across major platforms, serving notable clients such as Target, Starbucks, and American Express. The website reflects a mature digital presence with professional design, strong branding, and extensive client showcases. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools including Google Analytics, HubSpot, and LinkedIn Insight Tag. Security posture is generally good with HTTPS enforced and use of reCAPTCHA, though some security headers are not explicitly detected and no dedicated security or incident response policies are published. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, the WHOIS data is missing or indicates the domain is unregistered or privacy protected, which conflicts with the professional image and client portfolio, raising legitimacy concerns. Overall, the site is functional, professional, and compliant but would benefit from improved transparency on domain registration and security policies.

9

9Dots

9dotsmedia.com

57

9Dots is a Mediatech service provider specializing in advanced monetization solutions for publishers and app developers. Their offerings include header bidding, video and audio monetization, and app distribution services aimed at maximizing ad revenue and audience engagement. The company positions itself as an industry connector with innovative native monetization technologies. Technically, the website is built on WordPress using Elementor, with modern libraries such as jQuery and FontAwesome, and integrates Google Analytics and reCAPTCHA for analytics and security. The site is well-designed, mobile-optimized, and provides a good user experience. Security posture is moderate with HTTPS enabled and use of reCAPTCHA, but lacks explicit security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. WHOIS data is missing or unavailable, raising concerns about domain legitimacy. Overall, the website is functional and professional but requires improvements in transparency and security documentation.

A

Aarki, Inc.

aarki.com

62

Aarki, Inc. operates as an AI-enabled mobile marketing platform specializing in user acquisition and re-engagement services for mobile publishers and brands. The company leverages AI technology combined with privacy-first engagement and unified creative strategies to optimize mobile advertising campaigns and drive revenue growth. Positioned as a full-service marketing platform, Aarki emphasizes privacy compliance and advanced programmatic advertising techniques to deliver measurable ROI for clients. Technically, the website is built on WordPress with modern SEO and marketing integrations including Yoast SEO, HubSpot, Google Tag Manager, and Vimeo for multimedia content. The site is mobile-optimized, accessible, and employs cookie consent mechanisms aligned with GDPR requirements. The technical infrastructure reflects a mature digital presence with moderate performance and good SEO practices. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS registration data reduces transparency but the professional presentation and privacy compliance measures support a positive security posture. Overall, Aarki presents a credible and professional business with strong digital marketing capabilities and privacy awareness. Strategic improvements in security transparency and direct contact information would enhance trust and compliance further.

I

iPromote

ipromote.com

65

iPromote is a mature and established company specializing in programmatic digital advertising solutions. Their platform offers automated, scalable, and white-labeled advertising services across multiple channels including display, paid search, CTV/OTT, social media, native, video, and Yelp ads. The company positions itself as an industry leader with award-winning technology and a strong partner ecosystem. The website reflects a professional and modern digital presence with excellent content quality and user experience. Technically, the site is built on WordPress with advanced SEO and performance optimizations, integrating tools like Google Tag Manager, HubSpot, and Jetpack for analytics and marketing. Security posture is solid with HTTPS enforced and domain protections in place, though some security headers and explicit policies could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. Overall, the business credibility is high, supported by consistent branding and social media presence.

1

1plusX

1plusx.com

73

1plusX is a technology company specializing in AI-powered first-party data management solutions for publishers and advertisers. Positioned as an award-winning data management platform, it offers services such as audience management, data clean rooms, connected TV solutions, and privacy-first data strategies. The company is a subsidiary of TripleLift, enhancing its market credibility and reach. The website demonstrates a professional digital presence with clear branding, client testimonials, and a focus on privacy compliance. Technically, the site is built on WordPress with modern SEO and cookie consent tools, ensuring good performance and user experience. Security posture is solid with HTTPS and privacy mechanisms, though some security headers and policies could be improved. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy. Strategic recommendations include enhancing security headers, publishing explicit security policies, and improving accessibility features to further strengthen trust and compliance.

1

10dencehispahard, S.L.

014on.com

65

014 ON is a Spanish media company specializing in premium omnichannel data management and advertising solutions. They leverage proprietary technology to detect users in physical environments via wifi and Bluetooth signals, enabling highly precise audience targeting and activation through online campaigns. Their business model centers on a Data Management Platform (DMP) combined with an in-house Trading Desk to operate cross-device advertising campaigns. The company positions itself as a leader in exclusive advertising supports in specific environments, focusing on affinity and precision rather than broad coverage. The website content is professionally presented, targeting brands and advertisers seeking advanced omnichannel marketing solutions.

E

Eesti Õpilasesinduste Liit

escu.ee

37

Eesti Õpilasesinduste Liit is the largest youth organization in Estonia representing approximately 90,000 students through its member schools. The organization focuses on advocating for student interests, organizing events, and providing resources to member schools. The website is built on WordPress using the Avada theme and integrates Gravity Forms for contact and application forms. It demonstrates a moderate level of digital maturity with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and spam prevention in forms, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of explicit privacy and cookie policies. Overall, the website is professional and trustworthy, serving an essential role in the Estonian education sector.

P

Peaasi.ee

peaasi.ee

48

Peaasi.ee is a well-established Estonian non-profit organization dedicated to supporting youth mental health through a comprehensive online portal. The website offers extensive mental health information, e-counseling services, first aid tools, and training programs aimed at improving mental wellbeing among Estonian youth and those working with them. The organization maintains a strong market position as a leading mental health resource in Estonia, supported by multiple partnerships and funding sources. Technically, the site is built on WordPress with a modern tech stack including WooCommerce, Bootstrap, and various analytics and marketing tools, demonstrating a mature digital infrastructure. The website is multilingual and optimized for mobile devices, providing a good user experience and accessibility. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and explicit cookie consent mechanisms are missing, representing areas for improvement. Overall, the site is professional, trustworthy, and compliant with GDPR, though enhancing privacy compliance and security policies would strengthen its risk profile.

L

Lastekaitse Liit

kiusamisestvabaks.ee

42

Kiusamisest vabaks is a non-profit educational platform operated by Lastekaitse Liit, focused on bullying prevention in Estonia. The website offers multilingual educational materials and awareness content targeting nurseries, kindergartens, and grade schools. It collaborates with reputable partners including the Estonian Ministry of Education and Research and international child protection organizations. The platform is well-positioned within its niche, serving educators, parents, and children with relevant resources. Technically, the website is built on WordPress with modern technologies such as Bootstrap, jQuery, and Google services for analytics and tag management. It employs multilingual support via WPML and uses SEO best practices including structured data and Open Graph metadata. The site is mobile-optimized and performs moderately well, with a consistent and professional design. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA for form protection. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no visible cookie consent mechanism. Overall, the website demonstrates a solid business credibility and technical foundation with room for improvement in privacy compliance and security transparency. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

E

Eesti Maksumaksjate Liit

maksumaksjad.ee

49

Eesti Maksumaksjate Liit (EML) is a well-established Estonian non-profit organization founded in 1995, dedicated to protecting taxpayers' interests, providing tax consultation, education, and advocacy. The website serves as a portal offering news, training, legal advice, and publications related to taxation in Estonia. The organization targets Estonian taxpayers and businesses seeking reliable tax information and support. Technically, the website is built on WordPress, utilizing modern libraries such as jQuery and Slick Slider, with Google Analytics and CookieYes for tracking and consent management. The site is hosted by Radicenter OÜ and uses HTTPS with a good security posture, including a comprehensive cookie consent mechanism. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the website is professional, accessible, and trustworthy, with good SEO and privacy compliance, supporting EML's role as a credible tax advocacy entity.

E

ETKA Andras

andras.ee

44

ETKA Andras is a well-established Estonian non-profit organization dedicated to adult education and lifelong learning. The website serves as a hub for adult learners and educators, providing information on training, certification, and community events. The organization partners with the Estonian Ministry of Education and Research and benefits from European Social Fund programs, reinforcing its credibility and national importance. The site is multilingual, primarily in Estonian, with English and Russian options, enhancing accessibility for diverse audiences. Technically, the website is built on WordPress with modern plugins and frameworks, offering a good user experience and moderate performance. Security measures include HTTPS and reCAPTCHA integration, though additional security headers and explicit privacy policies are recommended to enhance compliance and trust. Overall, the site reflects a professional, trustworthy educational entity with a clear mission and stable digital presence.

L

Luwi OÜ

luwi.ee

45

Luwi OÜ operates as a specialized training center in Estonia, providing a broad range of educational services including group and individual training courses, psychological and addiction counseling, and supervision services. The company is recognized as a partner of the Estonian Unemployment Insurance Fund's training card program, which enhances its credibility and market position. The website is professionally designed, multilingual, and offers clear navigation to various training categories and services, targeting individuals and organizations seeking professional development in Estonia. Technically, the website is built on WordPress with a modern technology stack including Bootstrap, jQuery, and several optimization and security plugins. It employs Google reCAPTCHA v3 for form protection and uses cookie consent mechanisms to comply with privacy regulations. The site is hosted by Zone Media OÜ, a known Estonian hosting provider, and demonstrates moderate performance and good mobile optimization. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, but lacks explicit security headers and published security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic but present, with a privacy policy and cookie consent banner. Business credibility is strong with clear contact information, company registration details, and trust signals such as partnerships and certifications. Overall, Luwi OÜ's website presents a trustworthy and professional online presence with room for improvement in security header implementation and formal security policies. The risk level is moderate with no critical issues detected, making it a reliable platform for its users.

L

Liquid Instruments

liquidinstruments.com

68

Liquid Instruments is a technology company specializing in innovative software-reconfigurable hardware platforms designed for scientists, engineers, students, and professionals in test and measurement fields. Their flagship product, Moku, offers multi-instrument modes and cloud compilation services, positioning them as a niche leader in scientific instrumentation. The website reflects a professional and modern digital presence, leveraging WordPress with advanced marketing and analytics integrations such as HubSpot, Google Analytics, and Hotjar. The technical infrastructure is robust, hosted on DreamHost with a secure HTTPS configuration and a consistent branding approach. Security posture is strong with enforced HTTPS, cookie consent mechanisms, and no detected vulnerabilities, although some security headers could be enhanced. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent banner. Overall, the website demonstrates a mature digital footprint with good business credibility and technical implementation.

P

Propine

propine.com

72

Propine is a Singapore-based enterprise-grade digital asset custodian specializing in custody, tokenization, trading, and DeFi solutions for institutional clients. The company holds a Capital Markets Services (CMS) license from the Monetary Authority of Singapore (MAS), positioning it as a trusted and regulated player in the digital asset custody market in Asia. Their platform targets banks, family offices, asset managers, corporates, exchanges, and protocol foundations, offering services such as Digital Custody ProTect™, Tokenization DASH™, and white label custody solutions. The website reflects a professional and consistent brand image with clear service offerings and a focus on institutional clientele. Technically, the website is built on WordPress using Elementor and several modern plugins like Yoast SEO and WP Rocket, hosted on AWS infrastructure. The site demonstrates good mobile optimization, SEO practices, and moderate performance. However, there is room for improvement in accessibility and security headers. The domain is mature, registered since 2001, and shows consistency with the business claims, enhancing trustworthiness. Security posture is solid with HTTPS enabled and domain transfer protections, but lacks DNSSEC and explicit security policies or incident response information. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Contact information is primarily via forms, with no direct emails or phone numbers publicly listed. Overall, Propine presents as a credible and professional digital asset custody provider with a strong market position in Asia. Enhancing privacy compliance, security transparency, and adding direct contact channels would further strengthen trust and regulatory adherence.

A

Alma Career

careerexpo.cz

59

Career Expo is a major career opportunities festival organized by Alma Career Czechia s.r.o., targeting job seekers and employers primarily in the Czech Republic. The website presents a professional and content-rich platform promoting the event, workshops, and networking opportunities. The company positions itself as a leading organizer in the career event space with partnerships including Jobs.cz and Prace.cz. Technically, the site is built on WordPress with modern libraries and frameworks, ensuring a good user experience and mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA usage, though lacks some security headers and formal security policies. Privacy compliance is partial, with cookie consent implemented but no clear privacy or terms pages. WHOIS data is unavailable, which slightly impacts trust but the overall digital presence is consistent and professional.

The website 'Spordin puhtalt!' is an Estonian e-learning platform dedicated to educating amateur athletes about antidoping rules, prohibited substances, and healthy sports practices. It is operated by SA Eesti Antidoping and supported by notable Estonian sports figures and international partners such as UNESCO. The platform offers educational content, exercises, videos, and testimonials to promote clean sports. Technically, the site is built on WordPress with common plugins and uses HTTPS with a moderate performance profile. However, it lacks visible privacy and cookie policies and security headers, which are areas for improvement. The absence of explicit contact emails or phone numbers limits direct communication channels, though a contact form is present. Overall, the site is trustworthy and professionally presented but could enhance its privacy compliance and security posture.

E

Ettevõtja infovärav Aktiva

aktiva.ee

40

Aktiva.ee is an Estonian business information portal focused on supporting entrepreneurs at various stages, including startups, operating companies, and those expanding internationally. The platform offers practical guidance, resources, and insights to help businesses succeed, with content tailored to the Estonian market and language. The website is positioned as a trusted resource for business knowledge and development in Estonia, with a clear focus on entrepreneurship and business growth.

F

FCI Levadia

fcilevadia.ee

31

FCI Levadia is an Estonian football club with an online presence primarily focused on providing football-related content and engaging with local sports fans. The website is built on WordPress and utilizes common plugins such as Yoast SEO and WP Rocket to enhance SEO and performance. The technical infrastructure is moderate, hosted by Zone Media OÜ, a known Estonian registrar and hosting provider. The site is accessible without any WAF or security challenge blocking content. However, the website lacks critical privacy and cookie policies, contact information, and published security or incident response policies, which are important for compliance and trust. Security posture is basic with no advanced headers or vulnerability disclosures evident. Overall, the site is functional but would benefit from improvements in privacy compliance, security best practices, and business transparency.

M

Molongui

molongui.com

63

Molongui is a specialized WordPress plugin provider focusing on authorship management tools such as author boxes, guest authors, and co-authors. The company targets WordPress site owners and publishers who require advanced authorship features to credit content creators properly. The website is professionally designed, mobile-optimized, and provides comprehensive documentation and support resources. Technically, the site leverages WordPress with Elementor and several performance and privacy plugins, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and security headers present, though explicit security policies and incident response information are absent. The lack of WHOIS data is a notable gap, slightly impacting trust but not detracting from the overall professionalism. Strategic recommendations include publishing security policies and incident response contacts to enhance trust and compliance.

S

Sustinere

sustinere.eu

60

Sustinere is a medium-sized advisory firm specializing in ESG and sustainability transformation services primarily in the Baltic region. Founded in 2016, the company offers a blend of expert consulting and digital solutions to help clients navigate ESG regulations, develop sustainability strategies, and assess climate impact. Their market position is supported by a team of over 25 experts and a client base spanning 11 sectors, including energy, banking, manufacturing, and retail. The website reflects a professional and consistent brand image with good content quality and clear navigation.

B

BNI

bnipodcast.com

64

The Official BNI Podcast website serves as a professional content platform delivering weekly audio discussions led by Dr. Ivan Misner, founder of BNI, the world's largest business networking organization. The site targets business professionals seeking networking education and referral strategies, positioning itself as an authoritative media outlet within the business networking niche. The business model revolves around content publishing, podcast distribution, and educational sponsorships, supported by partnerships with related training and audio program providers. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, Google Analytics, and various social sharing and marketing plugins. The site demonstrates good mobile optimization and SEO practices, though performance is moderate and accessibility features are basic. Security posture is solid with HTTPS enforced and some security best practices observed, but lacks advanced security headers and a formal vulnerability disclosure mechanism. From a security and compliance perspective, the site includes a cookie consent mechanism indicating GDPR awareness, but lacks a clearly linked privacy policy and terms of service pages. Contact information is limited to forms and subscription emails, with no explicit company emails or phone numbers found. The absence of WHOIS registration data for the domain is a notable concern, potentially indicating domain registration issues or privacy protection, which impacts trustworthiness. Overall, the website is professionally maintained with high-quality content and strong brand association with BNI. However, the missing WHOIS data and incomplete privacy documentation suggest areas for improvement in transparency and compliance. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and terms policies, verifying domain registration legitimacy, and improving accessibility features to strengthen trust and compliance.

R

Rollmer OÜ

rollmer.ee

41

Rollmer OÜ is an established Estonian company specializing in the sale of industrial accessories including bearings, seals, and power transmission products. The company operates both retail and wholesale channels with physical stores located in Tallinn and Tartu, targeting industrial, agricultural, forestry, service, and retail businesses. The website reflects a professional presence with clear product categories and consistent branding, supporting its market position as a regional supplier. Technically, the site is built on WordPress using the Enfold theme and Yoast SEO plugin, indicating moderate digital maturity. However, the absence of HTTPS enforcement and security headers represents a significant security gap. Privacy compliance is weak, with no visible privacy or cookie policies and no consent mechanisms. The site lacks active analytics tracking despite plugin presence, suggesting limited user data collection. Overall, the security posture is moderate but requires improvements to meet modern standards. Strategic recommendations include implementing HTTPS, adding security headers, establishing privacy and cookie policies, and enhancing incident response capabilities to strengthen trust and compliance.

I

International Table Tennis Federation

ittf.com

62

The International Table Tennis Federation (ITTF) operates as the global governing body for the sport of table tennis, providing comprehensive event management, rankings, anti-doping enforcement, and governance services. The website serves as the official platform for news, event calendars, and educational resources targeting players, officials, fans, and stakeholders worldwide. The organization maintains a professional digital presence with consistent branding and structured data to enhance search visibility. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and various plugins for social media integration and video embedding. The site is mobile optimized and demonstrates good SEO practices, though performance is moderate. Analytics and marketing tools such as Google Analytics and AddThis are used for user tracking and engagement. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data or vulnerable libraries. However, it lacks some security headers and explicit incident response contacts. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism, which may affect GDPR compliance. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for such organizations. Overall, the ITTF website is a credible, well-maintained platform with good content quality and technical implementation. Strategic improvements in security headers, privacy compliance, and transparency around incident response would enhance its security posture and trustworthiness.

T

TIBHAR

tibhar.info

52

TIBHAR is a well-established German company specializing in the design and production of high-quality table tennis equipment since 1969. The website serves as a retail and promotional platform targeting ambitious table tennis players worldwide. It features multilingual support and integrates modern web technologies such as WordPress, WooCommerce, and Elementor, reflecting a mature digital infrastructure. The site includes embedded video content and social media integration, enhancing user engagement and brand presence. From a security perspective, the website employs HTTPS and domain transfer protections but lacks DNSSEC and visible security headers, indicating room for improvement in hardening its security posture. Privacy compliance is well addressed with GDPR cookie consent mechanisms and a comprehensive privacy policy. Overall, the website demonstrates good professionalism, trustworthiness, and technical implementation, supporting the company's market position in the sports retail sector.

E

Eesti Antidopingu ja Spordieetika Sihtasutus

eadse.ee

43

Eesti Antidopingu ja Spordieetika Sihtasutus is a government-affiliated non-profit organization dedicated to promoting fair play, anti-doping measures, and ethical conduct in sports within Estonia. The organization provides education, prevention, and regulatory oversight services to athletes, sports organizations, and the public. The website serves as an informational and educational platform with resources, news, and training offerings related to sports ethics and anti-doping. Technically, the website is built on WordPress using the Avada theme and integrates modern plugins such as Yoast SEO and Revolution Slider. It employs Google Analytics for visitor tracking but lacks visible cookie consent mechanisms and privacy policy disclosures, which are critical for GDPR compliance. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but security headers and incident response information are absent. Overall, the website is professional, well-branded, and trustworthy, though it would benefit from enhanced privacy compliance and explicit contact details.

P

PD Instore

neoinstore.com

43

NEO Retail Displayware is a specialized retail merchandising company offering innovative pegboard hardware and signage solutions under the patented neoPEGS™ brand. Their products target retail businesses seeking modern, customizable, and cost-effective displayware. The website is built on WordPress using WPBakery Page Builder and includes standard web technologies such as jQuery and FontAwesome. The technical infrastructure is moderate in performance with good mobile optimization but basic accessibility and SEO features. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional and trustworthy but would benefit from improved privacy and security practices.

R

Restaurace Mincovna

restauracemincovna.cz

45

Restaurace Mincovna is a well-established restaurant located in the prestigious Staroměstské náměstí in Prague, offering traditional Czech cuisine with a modern twist and a selection of wines and Pilsner tank beer. The business targets both tourists and local patrons, leveraging its historic ambiance and prime location to maintain a strong market position in the hospitality sector. The website reflects a professional digital presence with clear branding and comprehensive business information. Technically, the website is built on WordPress with modern analytics and marketing tools integrated, including Google Analytics 4 and Google Tag Manager. The site implements a robust cookie consent mechanism aligned with GDPR requirements, enhancing privacy compliance. Performance and mobile optimization are good, though accessibility features are basic. No significant technical vulnerabilities were detected, but security headers could be improved. From a security perspective, the site uses HTTPS and employs cookie consent management, but lacks visible security headers and a public security or incident response policy. The absence of WHOIS data limits domain trust verification, though the website content and business details appear legitimate. Overall, the site demonstrates a moderate to good security posture with room for enhancement in transparency and technical security controls. Strategically, the business should focus on improving security headers, publishing incident response and vulnerability disclosure policies, and obtaining verifiable WHOIS data to enhance trust. Continued investment in privacy compliance and user experience will support sustained market credibility and customer trust.

V

VeKaPa s.r.o.

utelleru.cz

48

Restaurant U Tellerů is a small hospitality business located in Prague, Czech Republic, specializing in modern Czech cuisine and charcoal-grilled steaks. The restaurant emphasizes quality dining experiences with a focus on local specialties and beverages such as Pilsner Urquell beer. The website supports reservations and offers gift vouchers, targeting local and tourist diners seeking authentic Czech culinary experiences. The business maintains an active presence on social media platforms including Facebook, Instagram, Pinterest, and TripAdvisor, enhancing its market visibility and customer engagement. Technically, the website is built on WordPress CMS, utilizing common plugins for analytics, cookie consent, and responsive design. It integrates Google Analytics 4, Facebook Pixel, and Google Tag Manager for marketing and tracking purposes, with a compliant cookie consent mechanism in place. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Performance is moderate, with room for improvement in loading speed and security headers. From a security perspective, the site enforces HTTPS and employs cookie consent with opt-in features, reflecting a good privacy posture. However, the absence of security headers and a published privacy policy or incident response information indicates areas for enhancement. The WHOIS data is unavailable, which raises concerns about domain registration transparency but does not directly impact the website's operational legitimacy. Overall, the website presents a professional and trustworthy front for the restaurant business, with recommendations to improve security practices, publish comprehensive privacy and security policies, and verify domain registration details to strengthen trust and compliance.

The website 'angkatogel2d.top' operates as a small niche WordPress blog focused on online lottery (togel) and gambling content primarily targeting Indonesian-speaking users. It provides informational blog posts, links to various gambling-related external sites, and data resources related to lottery results. The business model appears to be content-driven without direct e-commerce or transactional services on the site. The domain is registered through Dynadot LLC with privacy protection, consistent with typical gambling-related sites seeking anonymity. Technically, the site uses WordPress with Yoast SEO plugin and Cloudflare DNS, delivering moderate performance and basic mobile optimization. However, it lacks advanced security headers and does not provide privacy or cookie policies, which are critical for compliance and user trust. No contact or incident response information is available, limiting transparency and security posture. Overall, the site is functional but basic, with moderate SEO but poor privacy and security compliance.

The website plaquenilhcl.com operates as a small-scale WordPress blog focused on providing news and tips related to online gambling, specifically Togel and slot games, targeting Indonesian-speaking audiences. The site leverages common WordPress technologies and plugins such as Yoast SEO, Bootstrap, and jQuery, hosted behind Cloudflare DNS with domain registration via Dynadot Inc. The technical infrastructure is standard for a content blog, with moderate performance and good mobile optimization but lacks advanced security configurations such as DNSSEC and security headers. From a security perspective, the site uses HTTPS but does not implement additional security headers or DNSSEC, which could improve its security posture. There are no visible privacy, cookie, or terms of service policies, nor any contact or incident response information, which indicates low privacy compliance and limited business credibility. The absence of contact emails and phone numbers further reduces trustworthiness. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the website presents basic content quality and technical implementation suitable for a small niche blog but falls short in privacy compliance and security best practices. Strategic improvements in policy transparency, security headers, and contact information would enhance trust and compliance.

Togelninjaku.org is a small-scale Indonesian language website focused on providing information and recommendations related to online togel (lottery) gambling. The site operates as a WordPress blog featuring articles about betting tips, transaction methods, and trusted agents. The business model appears to be content-driven, targeting online lottery players seeking guidance and agent referrals. The domain is relatively new, registered in 2021, and uses privacy protection services common in gambling-related websites. Technically, the website is built on WordPress with Yoast SEO and FontAwesome, hosted behind Cloudflare DNS but without DNSSEC enabled. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. However, there is a lack of advanced security headers and no visible analytics or tracking services. From a security perspective, the site uses HTTPS and has domain-level protections such as clientDeleteProhibited status, but lacks DNSSEC and security policies. No privacy, cookie, or terms of service policies are present, and no contact information is provided, which reduces transparency and trustworthiness. No WAF or blocking mechanisms were detected, indicating full accessibility. Overall, the site scores moderately on content and technical implementation but poorly on privacy compliance and business credibility due to missing policies and contact details. The domain's use of privacy protection is typical for gambling sites but adds to the uncertainty about legitimacy. Strategic improvements in security policies, transparency, and contact availability are recommended to enhance trust and compliance.

The website awaunipa.org operates as a niche content platform focused on Indonesian online gambling, specifically togel (lottery) and slot games. It provides informational articles, tips, and predictions aimed at Indonesian players interested in these gambling activities. The business model appears to be content-driven with potential affiliate marketing links to gambling sites. The domain is registered in the US with Dynadot since 2020, which aligns with the site's operational timeline but shows some mismatch with the target Indonesian audience. Technically, the site is built on WordPress with common plugins like Yoast SEO and jQuery, hosted behind Cloudflare DNS but without advanced security headers or DNSSEC enabled. The site is accessible with no WAF or blocking detected, and it shows moderate SEO optimization and mobile responsiveness. However, it lacks critical privacy, cookie, and terms of service policies, as well as contact or incident response information, which impacts its trustworthiness and compliance posture. The external links include many IP-based domains related to gambling, some of which may be suspicious. Overall, the site scores moderately on content quality and technical implementation but poorly on privacy compliance and business credibility.

The website galewooduniversity.com operates as a small-scale Indonesian content site focused on providing information and predictions related to online togel (lottery) gambling and slot games. It targets Indonesian-speaking users interested in online gambling. The site is built on WordPress, leveraging common web technologies such as jQuery and Font Awesome, and is hosted behind Cloudflare DNS with a domain registered since 2020. The content quality is basic, primarily consisting of blog posts about gambling topics, with limited professional branding or trust signals. Technically, the site is functional with moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. Security posture is moderate due to HTTPS usage but lacks important security headers and policies. No privacy, cookie, or terms of service policies are present, and no contact or incident response information is provided, which impacts compliance and trust. Overall, the site is accessible without WAF or blocking mechanisms but exhibits several gaps in security and privacy best practices.

A

admin

pgn-u23.com

50

The website pgn-u23.com operates as an Indonesian online gambling content platform primarily focused on togel (lottery) and slot games. It provides articles, tips, and guides related to online gambling, targeting Indonesian players interested in these games. The business model appears to be content-driven with potential affiliate marketing links to gambling services. The site is relatively small and was founded in 2021, with content in the Indonesian language and a moderate level of content quality and branding consistency. Technically, the site is built on WordPress with common libraries such as jQuery and FontAwesome, and uses Yoast SEO for optimization. Hosting is supported by Cloudflare DNS and the domain is registered via NameCheap. The site is moderately performant and mobile-optimized but lacks advanced accessibility features. SEO is adequately implemented with proper meta tags and structured data. From a security perspective, the site uses HTTPS but lacks DNSSEC and important security headers, which lowers its security posture. There are no visible privacy or cookie policies, incident response plans, or vulnerability disclosure mechanisms, which raises compliance and trust concerns. Contact information is minimal, limited to a phone number and a search form, with no verified company emails or physical addresses. The domain registration is transparent and consistent with the website's business focus, but the overall trustworthiness is reduced by the lack of security and privacy best practices. Overall, the site is functional and content-rich for its niche but requires significant improvements in privacy compliance, security hardening, and business credibility to enhance user trust and regulatory adherence.