Security Directory

S

SA Saare Arenduskeskus

sasak.ee

40

SA Saare Arenduskeskus is a regional development foundation based in Estonia, focused on supporting local municipalities, entrepreneurs, and civic organizations in Saare County. The organization provides professional consulting, project management, and training services aimed at fostering regional growth and community development. The website reflects a small-sized, government/non-profit entity with a clear regional focus and a business model centered on service provision rather than commercial sales. Technically, the website is built on the concrete5 CMS platform and utilizes modern web technologies including Bootstrap, jQuery, FontAwesome, and AOS for animations. It integrates Google Analytics and Facebook SDK for tracking and social media functionalities. The site is mobile-optimized and demonstrates good design and navigation clarity, though accessibility features are basic. Hosting appears to be managed by Zone Media OÜ, an Estonian registrar and hosting provider. From a security perspective, the site enforces HTTPS and includes minimal security headers such as X-Content-Type-Options. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of comprehensive security headers and lack of published security or incident response policies indicate room for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible consent mechanisms, which could pose regulatory risks under GDPR. Overall, the website is functional, professional, and trustworthy with moderate digital maturity. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, enhancing security headers, and publishing incident response contacts to improve compliance and security posture.

Global Water Partnership (GWP) is an established international organization focused on water resource management and investment initiatives. The website serves primarily as a landing page announcing a transition to a new phase called the Global Transformation Agenda On Water Investments and directs users to a new website (gwpo-gwp.org). The organization appears to be a non-profit or partnership entity with a global focus on water-related projects. The domain has a long history dating back to 1996, supporting its legitimacy and established presence. Technically, the website uses common web technologies including Google Analytics, Google Tag Manager, and Facebook SDK for tracking and marketing purposes. The hosting provider appears to be Loopia based on DNS nameservers. The site is moderately optimized for performance and mobile use but lacks advanced accessibility and SEO features. No CMS or major frameworks are detected from the provided data. From a security perspective, HTTPS is enabled, but no DNSSEC or security headers are present, which reduces the overall security posture. There are no visible forms or data collection points on the landing page, limiting attack surface but also limiting user engagement. Privacy and cookie policies are absent, indicating poor privacy compliance. No contact information or incident response details are provided, which may impact user trust and compliance. Overall, the website is functional but minimalistic, with room for improvement in privacy compliance, security hardening, and content richness. The domain registration data aligns well with the organization's identity, supporting trustworthiness. Strategic improvements in security headers, privacy policies, and user engagement features are recommended to enhance the website's credibility and compliance.

A

AS FEB

feb.ee

54

AS FEB is a leading Estonian company specializing in the sale of sanitary technology, electrical systems, heating, tools, and ventilation products. The company operates a comprehensive e-commerce platform complemented by multiple physical stores across Estonia, targeting both retail consumers and business clients. Their market position is strong within Estonia, supported by a broad product range and a dedicated B2B portal. The website is professionally designed, mobile-optimized, and integrates modern e-commerce technologies such as Magento 2, Google Tag Manager, and Facebook SDK for marketing and analytics purposes. Security measures include HTTPS enforcement and Google reCAPTCHA on login forms, ensuring a secure user experience. However, the absence of explicit privacy and terms of service pages indicates room for improvement in compliance and transparency. Overall, the website demonstrates a mature digital presence with good business credibility and technical implementation.

I

International Paralympic Committee

paralympic.org

75

The International Paralympic Committee (IPC) operates the official website www.paralympic.org, serving as the global authority for Paralympic sports. The site provides comprehensive news, event results, and multimedia content targeted at athletes, fans, and stakeholders worldwide. The organization is positioned as a non-profit international sports governing body headquartered in Germany. Technically, the website is built on Drupal 8 CMS, integrating modern analytics and cookie consent tools such as Google Tag Manager and Cookiebot, ensuring GDPR compliance through explicit cookie consent mechanisms. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Security posture is strong with HTTPS enforced and anonymized IP tracking, although explicit security headers and incident response information are absent. The lack of WHOIS data limits domain registration transparency but is typical for such international organizations. Overall, the site is professional, trustworthy, and well-maintained, with minor gaps in privacy policy visibility and security disclosures.

L

Liikumisharrastuse kompetentsikeskus

liikumisaasta.ee

49

Liikumisharrastuse kompetentsikeskus is a government-affiliated non-profit organization established by the Estonian Olympic Committee in 2022 to promote physical activity and healthy lifestyles across Estonia. The website serves as a central hub for information, resources, and events related to physical movement, targeting a broad audience including youth, adults, seniors, and partners in the health and sports sectors. The organization positions itself as a leader in driving a national movement towards increased physical activity and wellness.

E

Eesti Jalgpalli Liit

jalgpall.ee

44

Eesti Jalgpalli Liit is the official governing body for football in Estonia, managing national teams, leagues, and grassroots football development. The website serves as a comprehensive portal for football news, events, and organizational information targeted at players, fans, and stakeholders within Estonia's football community. The site integrates multimedia content including live scores, videos, and social media feeds, reflecting a mature digital presence. Technically, the website employs a custom CMS with modern JavaScript libraries and asynchronous loading of third-party SDKs such as Facebook and Google Analytics, ensuring moderate performance and good mobile optimization. Security posture is strong with enforced HTTPS and no visible vulnerabilities, though security headers could be improved. Privacy compliance is basic but includes cookie consent and a privacy policy in Estonian. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the organization.

L

Lääne-Virumaa Kossuliiga

virukorvpall.ee

39

Lääne-Virumaa Kossuliiga operates a regional basketball league website serving the Lääne-Virumaa community in Estonia. The site provides schedules, results, team information, and news updates related to basketball events. The business model focuses on sports event promotion and community engagement within the regional sports sector. The website is built on WordPress with SportsPress Pro plugin, indicating a moderate level of digital maturity and technical infrastructure. Hosting is provided by Zone Media OÜ, a known Estonian hosting provider. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure; however, the absence of security headers and privacy policies indicates room for improvement. The site uses common analytics and marketing tools such as Google Analytics and AddThis, but lacks explicit privacy compliance mechanisms. Overall, the website is functional and professional but would benefit from enhanced privacy and security practices to improve trust and compliance.

F

Flavors of Livonia

flavoursoflivonia.com

45

Flavors of Livonia is a regional culinary tourism website focused on promoting the food heritage and cultural experiences of the historical Livonia region, covering Estonia and Latvia. The platform provides curated culinary routes, listings of local food producers, and information on traditional recipes and food heritage. The target audience includes tourists and culinary enthusiasts interested in exploring regional cuisine and culture. The business operates as a niche tourism promotion entity with a small-scale footprint and a focus on cultural preservation. Technically, the website uses a combination of jQuery, social media SDKs (Facebook and Twitter), Google Fonts, and various JavaScript libraries for UI and parallax effects. The site is mobile-optimized with a moderate performance profile. However, no explicit CMS or hosting provider information is evident. SEO and accessibility are basic but functional. From a security perspective, the site enforces HTTPS and includes a CSRF token, but lacks visible security headers and published privacy or cookie policies. No contact information or incident response channels are provided, which limits transparency and user trust. The WHOIS data indicates a stable domain registration with no privacy protection, consistent with the website's age and purpose. Overall, the site is professionally designed and serves its niche well but would benefit from enhanced privacy compliance, security hardening, and clearer contact and policy disclosures to improve trust and regulatory adherence.

V

Visit Harju

visitharju.ee

50

Visit Harju is the official tourism portal for Harju County, Estonia, providing comprehensive information on the region's natural beauty, cultural heritage, and leisure activities. The website targets tourists and visitors seeking to explore Harju's attractions, travel routes, and experiences. Managed by SA Harju Ettevõtlus- ja Arenduskeskus, it serves as a trusted regional resource with consistent branding and a clear focus on hospitality and cultural tourism. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, ensuring good SEO and user experience. The site is mobile-optimized and accessible, with moderate performance and integration of analytics tools like Google Analytics and Plausible. Security posture is solid with HTTPS, reCAPTCHA on forms, and no exposed sensitive data, though explicit security headers and policies are not fully documented. Privacy compliance is a notable gap, lacking visible privacy and cookie policies or consent mechanisms. Overall, the domain registration is consistent and legitimate, supporting the site's credibility as an official tourism portal.

S

Sõnumitooja

sonumitooja.ee

52

Sõnumitooja is a regional weekly newspaper serving the Ida-Harju region in Estonia, established in 1994 and operating under the Eesti Meediaettevõtete Liit association. The website provides news articles, opinion pieces, and local event coverage, targeting residents and readers interested in regional news. The business model is primarily based on advertising and subscriptions, with a consistent brand presence and good content quality. Technically, the site is built on WordPress with popular plugins such as WPBakery Page Builder and Yoast SEO, hosted by Virtuaal.com OÜ, and demonstrates moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and secure login forms, but lacks explicit security policies, headers, and vulnerability disclosure mechanisms. Privacy compliance is basic, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the site is professional and trustworthy, though improvements in security transparency and privacy documentation are recommended.

V

Viimsi vald

viimsi.ee

47

Viimsi vald is the official local government authority for the Viimsi municipality in Estonia, providing a wide range of public services including administration, education, social care, culture, and environmental management. The website serves residents and businesses in the region with comprehensive information, news, and access to municipal services. The site is well-structured and professionally designed, reflecting its role as a government portal. Technically, the site is built on Drupal 9 CMS and integrates modern analytics and tracking tools such as Google Analytics, Microsoft Clarity, and Facebook SDK, while maintaining GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though formal security policies and incident response contacts are not published. Overall, the site demonstrates a mature digital presence suitable for a government entity, with clear contact information and consistent branding.

P

Põltsamaa vald

poltsamaa.ee

54

Põltsamaa vald operates a comprehensive local government website serving the residents of Põltsamaa municipality in Estonia. The site provides a broad range of services including news updates, contact information for municipal departments, public service details, event calendars, and project information. The website is positioned as an essential government portal facilitating communication and service delivery to its local community. The business model is focused on public service and community engagement, with a clear target audience of local residents and stakeholders. Technically, the website is built on the Liferay CMS platform, utilizing technologies such as jQuery, Bootstrap, Font Awesome, and Google Fonts. It integrates external services like Facebook SDK and Google Analytics for social media and analytics purposes. The site demonstrates moderate performance and good mobile optimization, although some accessibility features could be improved. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the website enforces HTTPS and includes a cookie consent banner, indicating awareness of privacy compliance. However, the use of an outdated jQuery version introduces potential vulnerabilities, and the absence of explicit security headers reduces the overall security posture. No public security policies or incident response contacts are available, which could be improved to enhance trust and compliance. Overall, the website is professional, trustworthy, and functional, serving its purpose as a government information portal effectively. Strategic improvements in updating third-party libraries, enhancing security headers, and publishing privacy and security policies would strengthen its security and compliance stance.

V

Viimsi vald

viimsivald.ee

47

Viimsi vald is the official municipal government entity for the Viimsi region in Estonia, providing a broad range of public services including planning, social welfare, education, culture, and infrastructure management. The website serves as a comprehensive portal for residents and stakeholders, offering news, event information, service guides, and contact details. It maintains a strong local government presence with clear communication channels and social media integration. Technically, the website is built on Drupal 9 CMS, leveraging modern JavaScript libraries and analytics tools such as Google Analytics and Microsoft Clarity. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some accessibility features could be enhanced. Hosting and domain registration are consistent with a reputable Estonian registrar, Elkdata OÜ, supporting the site's legitimacy. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms aligned with GDPR requirements. However, it lacks explicit security policies, incident response contacts, and some recommended security headers, which could be improved to strengthen its security posture. No critical vulnerabilities or exposed sensitive data were detected. Overall, Viimsi vald's website is a trustworthy, well-structured government portal with good content quality and technical implementation. Strategic improvements in security headers, incident response transparency, and accessibility would further enhance its robustness and user trust.

Maardu Linnavalitsus operates as the municipal government portal for the city of Maardu, Estonia, providing residents and visitors with information about city services, news, events, and contact details. The website serves as an essential communication channel for local government functions and citizen engagement. It targets local residents, visitors, and stakeholders seeking municipal information and services. The business model is that of a government entity offering public services and information dissemination.

J

Jõelähtme Vallavalitsus

joelahtme.ee

53

Jõelähtme Vallavalitsus operates as the official municipal government portal for the Jõelähtme vald region in Estonia, providing residents and stakeholders with comprehensive information on local governance, services, events, and community resources. The website serves as a critical communication channel for the municipality, offering structured navigation and regularly updated news content. The target audience includes local residents, businesses, visitors, and public sector partners. The business model is that of a governmental public service provider with a focus on transparency and community engagement. Technically, the website is built on the Liferay CMS platform, utilizing technologies such as jQuery, Bootstrap, Font Awesome, and Google Fonts. It integrates social media via Facebook and uses Google Tag Manager for analytics. The site is hosted likely by Telia Eesti AS, consistent with the domain registrar information. The website demonstrates good mobile optimization and moderate performance, though some technologies like jQuery are outdated. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and a cookie consent mechanism, which are important for compliance and security hardening. No vulnerability disclosure or incident response policies are published, representing an area for improvement. Overall, the security posture is solid but could benefit from enhanced compliance and transparency. The overall risk assessment is low, with the site appearing trustworthy and professionally maintained. Strategic recommendations include implementing cookie consent, adding security headers, updating legacy libraries, and publishing security policies to enhance compliance and user trust.

K

KOKO architects

koko.ee

43

KOKO architects is an established Estonian architectural firm founded in 2010, specializing in architecture, interior design, urban planning, and restoration projects. The company emphasizes contextual design that respects history, environment, and culture, targeting clients seeking unique and culturally sensitive architectural solutions. Their website showcases a professional portfolio of projects and maintains an active presence on major social media platforms, supporting their market position as a reputable small-sized architecture firm in Estonia. Technically, the website is built on Concrete CMS with modern frontend technologies like Bootstrap 5 and jQuery, and integrates analytics tools such as Google Analytics and Facebook SDK. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security-wise, the website enforces HTTPS and avoids exposing sensitive data but lacks visible security headers and formal privacy or cookie policies, indicating room for compliance and security improvements. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security best practices to strengthen trust and regulatory adherence.

A

ACE Logistics Latvia SIA

ace.lv

44

ACE Logistics Latvia SIA is a medium-sized logistics and freight transportation company based in Latvia, operating as part of the ACE Logistics Group with subsidiaries in Estonia, Lithuania, and Ukraine. The company offers a broad range of transportation services including road, air, sea, and rail freight, complemented by customs documentation, warehousing, and cargo insurance. Their market position is that of an established regional player with international reach, supported by ISO 9001 and ISO 14001 certifications that demonstrate commitment to quality and environmental standards. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive service information. Technically, the website is built on WordPress using popular plugins such as WPBakery Page Builder and Slider Revolution. It integrates Google Analytics and Facebook SDK for tracking and marketing purposes. The site performs moderately well with good SEO practices and basic accessibility features. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though security headers could be enhanced and legacy jQuery usage updated to reduce risk. No explicit incident response or vulnerability disclosure mechanisms are present, which could be improved to enhance security transparency. Contact information is clearly provided, including phone numbers, email, and physical address, supporting business credibility. Overall, the site reflects a trustworthy and professional logistics provider with room for security and compliance enhancements. Strategic recommendations include implementing stronger security headers, updating legacy scripts, publishing incident response contacts and vulnerability disclosure policies, and continuing to enhance privacy compliance and user trust through transparent communication.

T

Tervise Arengu Instituut

toitumine.ee

40

The website toitumine.ee is an official Estonian government health information portal managed by the Tervise Arengu Instituut under the Haridus- ja Teadusministeerium (EENet). It provides comprehensive nutrition guidelines, health advice, and tools such as a BMI calculator targeted at Estonian residents across various life stages and health conditions. The site is well-structured with rich content and expert contributions, positioning it as a trusted national resource for healthy eating information. Technically, the site is built on WordPress with modern libraries like jQuery, Bootstrap, and integrates Google Analytics and Facebook SDK for tracking. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and explicit incident response or vulnerability disclosure information. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the site is credible and trustworthy but would benefit from enhanced privacy and security practices.

Z

Zone Media OÜ

alkoinfo.ee

42

Alkoinfo.ee is a well-established Estonian public health informational website focused on reducing alcohol consumption and providing support and education to individuals and their families. Operated by Zone Media OÜ and affiliated with the Estonian Health Development Institute (Tervise Arengu Instituut), it offers a range of services including educational content, self-assessment tests, and a Q&A advice section. The site targets Estonian and Russian speaking audiences concerned about alcohol use. Technically, the site is built on WordPress using the Understrap theme and integrates modern web technologies such as Google Analytics and Facebook Pixel for tracking. Security posture is good with HTTPS and CAPTCHA on forms, but lacks some security headers and explicit privacy and cookie policies. The domain is legitimate, registered since 2010, and consistent with the business identity.

R

RIGA COMM

rigacomm.com

50

RIGA COMM is a well-established Baltic business technology event organizer hosting annual exhibitions and multiple conferences in Riga, Latvia. The platform targets business and technology professionals, entrepreneurs, and institutional leaders, offering a comprehensive event experience with specialized conferences covering cybersecurity, fintech, e-commerce, and more. The website reflects a mature digital presence with a WordPress CMS, modern marketing and analytics tools, and a cookie consent mechanism, indicating awareness of privacy compliance requirements. However, explicit privacy policies and terms of service are missing, which could be improved to enhance compliance and user trust. Security posture is generally good with HTTPS and reCAPTCHA usage, but could benefit from enhanced security headers and DNSSEC implementation. Overall, the site is professional, content-rich, and well-positioned in its market niche.

E

Eesti kaevandusmuuseum

kaevandusmuuseum.ee

44

Eesti Kaevandusmuuseum is a specialized museum and adventure tourism business located in Estonia, offering unique underground mining experiences, safaris, educational programs, and event hosting. The website is professionally designed using WordPress with WooCommerce and booking plugins, supporting multiple languages and providing rich content about their services and events. The technical infrastructure is modern and includes integration with Google Tag Manager and Facebook SDK for marketing and analytics, although Google Analytics is not fully configured. Security posture is solid with HTTPS enforced and cookie consent implemented, but could be improved with additional security headers and explicit incident response policies. Overall, the website reflects a credible and trustworthy business with a good digital presence.

M

Meelis Lilbok, Deltmar OÜ

raamatukogud.ee

43

The website www.raamatukogud.ee offers a specialized real-time service that tracks library borrowings across Estonia, providing live updates on checkouts, returns, and renewals. It targets library users and professionals interested in library activity data, positioning itself as a niche information service within the Estonian education sector. The business is operated by Deltmar OÜ, with clear branding and consistent content focused on library statistics and mapping. Technically, the site employs a modern JavaScript stack including jQuery, Google Maps API, Google Charts, and integrates social media and analytics tools. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is good with HTTPS enforced and no exposed sensitive data, but lacks security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is legitimate and trustworthy but would benefit from enhanced compliance and security practices.

O

OÜ Kultuurinet

kultuurikava.ee

40

Kultuurikava.ee is an Estonian cultural event listing platform operated by OÜ Kultuurinet, established in 2012. It serves as a guide to cultural happenings in Estonia, targeting local residents and visitors interested in arts and events. The platform offers event search and filtering capabilities and maintains a consistent brand presence with a professional website design. The business operates in the media sector with a niche focus on cultural events. Technically, the website leverages modern web technologies including React, Font Awesome, Leaflet.js for mapping, and integrates analytics tools such as Google Analytics and Facebook SDK. The hosting is provided by Zone Media OÜ, a known Estonian hosting provider. The site is mobile-optimized with good user experience and basic SEO and accessibility features. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and a cookie consent mechanism despite using tracking scripts, which indicates room for improvement in privacy compliance and security best practices. No critical vulnerabilities or suspicious indicators were found. Overall, Kultuurikava.ee presents a moderate risk profile with good business credibility and technical implementation. Strategic improvements in privacy compliance and security headers would enhance trust and regulatory adherence.

M

Ma Armastan Aidata

armastanaidata.ee

54

Ma Armastan Aidata is a well-established Estonian donation platform founded in 2008, operating in partnership with Swedbank and Heateo Sihtasutus. It aggregates trustworthy Estonian charitable organizations and facilitates donations through secure login methods including national ID card, Mobile-ID, and bank links. The platform offers categorized projects for donations and maintains active communication channels including news and social media. Technically, the website uses a modern tech stack with jQuery, Bootstrap, Tailwind CSS, and integrates cookie consent and reCAPTCHA for privacy and security. Security posture is strong with HTTPS, secure login, and cookie consent, though it lacks published security policies and incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR, serving a medium-sized non-profit sector audience in Estonia.

CAACI Iberoamérica is a regional international organization specializing in audiovisual and cinematographic matters across Ibero-America. It serves as a collaborative platform for audiovisual authorities and stakeholders in 21 member countries, promoting cooperation, regulatory frameworks, and cultural exchange. The website reflects a professional presence with good content quality and consistent branding, targeting industry professionals and governmental bodies. Technically, the site is built on WordPress with common plugins and frameworks, hosted on SiteGround, and shows moderate performance with good mobile optimization. Security posture is adequate with HTTPS and domain protection, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Contact is available via a web form but lacks direct email or phone contacts. Overall, the site is trustworthy and credible within its niche, though improvements in security and privacy documentation are recommended.

P

Polish-Estonian Chamber of Commerce (POLESTCC)

polestcc.org

53

The Polish-Estonian Chamber of Commerce (POLESTCC) is a small, specialized business association established in 2020 to foster economic exchange and cooperation between Poland and Estonia. It serves entrepreneurs and companies operating or planning to operate in these countries by providing networking opportunities, business representation, and support for international development. The website reflects a professional and consistent brand image with clear business descriptions and active social media engagement. Technically, the site is built on WordPress with a modern theme and plugins, offering good SEO and mobile optimization. Security posture is solid with HTTPS, CAPTCHA on contact forms, and GDPR-compliant consent mechanisms, though DNSSEC is not enabled and some security headers are missing. Overall, the domain registration details align well with the business identity, supporting legitimacy. The site is accessible without WAF or blocking mechanisms, enabling full analysis.

E

Eesti Maanteemuuseum

maanteemuuseum.ee

53

Eesti Maanteemuuseum is a specialized museum dedicated to the history and culture of roads and transportation in Estonia. It operates as a cultural and educational institution affiliated with the Estonian Transport Administration, offering exhibitions, educational programs, and events targeted at the general public, families, and students. The website is built on Drupal 9 and incorporates modern web technologies, providing a good user experience with accessibility features and multilingual support. Social media integration and active content updates enhance engagement. Security posture is solid with HTTPS and privacy-conscious analytics, though the site lacks explicit privacy and security policies. Overall, the site is professional and trustworthy, reflecting the museum's established presence and public service role.

H

HiMedik

himedik.com

56

HiMedik.com is an Indonesian online media portal specializing in health news and lifestyle content. It operates under the umbrella of Arkadia Digital Media, a known media group with multiple sister sites. The website targets Indonesian readers interested in health-related information, offering articles on traditional and modern medicine, healthy living, and related topics. The site is professionally designed with consistent branding and good content quality, positioning it as a reputable health news source within its market segment. Technically, the website employs a modern technology stack including Google Tag Manager, Google Analytics, Facebook SDK, and AMP for mobile optimization. It uses HTTPS with a valid SSL certificate, ensuring secure communications. The site integrates multiple advertising networks and tracking services, indicating a monetization model based on advertising revenue. Performance is moderate with good mobile responsiveness and basic accessibility features. From a security perspective, the site enforces HTTPS but lacks visible security headers and explicit vulnerability disclosure mechanisms. No security.txt or incident response contacts are provided, and cookie consent mechanisms are absent despite privacy policy presence. The WHOIS data is missing or inaccessible, raising concerns about domain registration legitimacy, although the active and professional website presence mitigates some risk. Overall, HiMedik.com presents a solid online media presence with good content and technical implementation but would benefit from enhanced security practices, improved privacy compliance, and resolution of WHOIS data inconsistencies to strengthen trust and compliance posture.

G

GuideKu

guideku.com

56

GuideKu.com is an Indonesian online media portal specializing in travel, food, events, and lifestyle news. It operates under the Arkadia Group umbrella, which manages multiple related media portals. The website offers a rich content experience with articles, photos, and videos targeting Indonesian audiences interested in tourism and lifestyle. The business model is primarily advertising-driven, leveraging multiple ad networks and tracking technologies. Technically, the site uses modern web technologies including Google Tag Manager, Google Analytics, and Facebook SDK, with good SEO and mobile optimization. Security posture is solid with HTTPS enforced, but lacks some security headers and a vulnerability disclosure mechanism. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. WHOIS data is unavailable, raising questions about domain registration legitimacy, though the site branding and content suggest a legitimate media entity. Overall, the site is functional, content-rich, and moderately secure but could improve privacy and security practices.

M

MobiMoto

mobimoto.com

54

MobiMoto.com is an Indonesian automotive news portal providing up-to-date information, articles, tips, and event coverage related to cars and motorcycles. It operates under the Arkadia Digital Media group, which manages several sister media sites. The website targets Indonesian automotive enthusiasts and general readers interested in automotive news. The business model is primarily online media with advertising revenue streams. Technically, the site uses modern web technologies including jQuery, Google Tag Manager, Google Analytics, Facebook SDK, and AMP for mobile optimization. The site is served over HTTPS with good SSL configuration and uses multiple ad networks and tracking services. Security posture is generally good with no visible vulnerabilities, but some security headers are missing. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or terms of service pages clearly found. WHOIS data for the domain is missing, which raises some concerns about domain registration legitimacy, though the website content and affiliation with Arkadia Digital Media suggest a legitimate operation. Overall, the site is professional and functional but could improve privacy compliance and security header implementation.

H

HiTekno

hitekno.com

65

HiTekno.com is a well-established Indonesian technology news portal founded in 2014 and operated under the Arkadia Digital Media group. The site provides comprehensive coverage of technology topics including internet, gadgets, games, science, and geek culture, targeting Indonesian technology enthusiasts. The business model is primarily online media publishing supported by advertising revenue, with a strong market position as part of a larger media group with multiple sister portals. Technically, the website employs modern tracking and advertising technologies such as Google Analytics, Microsoft Clarity, Google Tag Manager, and multiple ad networks including Google Adsense and MGID. The site is hosted behind Cloudflare DNS and uses HTTPS with domain locking for security. However, DNSSEC is not enabled, and explicit security headers beyond domain locking are not observed. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms on the homepage. Contact information is limited to a phone number provided in structured data, and no contact emails or physical addresses are found. Overall, the website demonstrates good content quality, technical implementation, and business credibility but requires improvements in privacy compliance and security best practices.

M

MataMata

matamata.com

61

MataMata.com is a well-established Indonesian news portal founded in 1999, operating under the Arkadia Corp group. It offers a broad range of news content including politics, law, economy, entertainment, and viral topics, targeting Indonesian news consumers. The website maintains a strong market position with multiple sister sites and a comprehensive advertising model. Technically, the site uses modern analytics and advertising technologies such as Google Analytics, Microsoft Clarity, Google Adsense, and Facebook SDK, hosted behind Cloudflare for CDN and DNS services. The site is mobile-optimized with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and domain locking, though DNSSEC is not enabled and some advanced security headers are missing. Privacy and cookie policies are present and linked, but GDPR compliance is limited. Contact information includes a verified phone number and social media presence. Overall, the site is professional, trustworthy, and technically mature, with room for security enhancements and formal security policy publication.

Viva.ua is a Ukrainian online media publication focused on show business, celebrity news, culture, and entertainment. It targets Ukrainian-speaking audiences interested in the latest news and exclusive content about stars and cultural events. The website features a variety of content including news articles, interviews, event coverage, and fashion and beauty topics. It operates primarily on an advertising revenue model, leveraging multiple ad networks and tracking services. Technically, the site uses modern web technologies including Google Analytics, Google Tag Manager, Facebook SDK, and header bidding for ads. The site is served over HTTPS with a good security posture, including CSRF tokens and asynchronous script loading. However, it lacks explicit privacy and cookie policies and does not provide clear contact information for business or security inquiries, which impacts its privacy compliance score. Overall, the site is professionally designed with good navigation and content quality, but could improve transparency and compliance aspects.

I

iSport.ua

isport.ua

59

iSport.ua is a Ukrainian sports news website providing fresh updates on football, boxing, basketball, hockey, tennis, and other sports. It targets Ukrainian sports fans with news, match schedules, results, online broadcasts, and videos. The site is moderately sized and well-established since 2017, with a consistent brand and good content quality. Technically, it uses a modern tech stack including Bootstrap, jQuery, Google Adsense, and various analytics and advertising platforms. The site is mobile optimized and SEO friendly with structured data and Open Graph tags. Security posture is adequate with HTTPS and CSRF tokens, but could improve by updating libraries and adding security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is legitimate and trustworthy but should enhance privacy and security transparency.

C

CostPocket

costpocket.com

70

CostPocket is a Finnish technology company specializing in AI-powered expense management and document digitization solutions for businesses and accounting firms. The company offers a SaaS platform that automates receipt and invoice processing, integrates with numerous accounting software, and provides mobile applications for ease of use. With over 13,000 companies using their service and more than 40 integrations, CostPocket holds a strong market position in the Nordic and Baltic regions. The website demonstrates a modern technical infrastructure leveraging Vue.js, cloud hosting, and multiple analytics and marketing tools. Security posture is solid with HTTPS enforcement and access controls, though improvements such as DNSSEC and published security policies could enhance trust. Privacy compliance is basic, with cookie consent implemented but no visible privacy or terms of service pages. Overall, CostPocket presents a professional and trustworthy digital presence aligned with its business goals.

P

Peaasi.ee

peaasi.ee

48

Peaasi.ee is a well-established Estonian non-profit organization dedicated to supporting youth mental health through a comprehensive online portal. The website offers extensive mental health information, e-counseling services, first aid tools, and training programs aimed at improving mental wellbeing among Estonian youth and those working with them. The organization maintains a strong market position as a leading mental health resource in Estonia, supported by multiple partnerships and funding sources. Technically, the site is built on WordPress with a modern tech stack including WooCommerce, Bootstrap, and various analytics and marketing tools, demonstrating a mature digital infrastructure. The website is multilingual and optimized for mobile devices, providing a good user experience and accessibility. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and explicit cookie consent mechanisms are missing, representing areas for improvement. Overall, the site is professional, trustworthy, and compliant with GDPR, though enhancing privacy compliance and security policies would strengthen its risk profile.

V

Váš Hosting s.r.o.

hlidam.to

66

Hlídám.to is a Czech-based professional server monitoring service operated by Váš Hosting s.r.o. The company offers uptime and performance monitoring, outage alerts, email server monitoring, and API access, targeting website owners and IT administrators in the Czech market. The website is well-structured, with clear navigation and legal compliance including privacy and cookie policies. Technically, the site uses a custom CMS with common JavaScript libraries and frameworks such as jQuery and Bootstrap, and integrates third-party analytics and advertising tools with user consent. Security posture is solid with HTTPS enforced and secure login forms, though explicit security headers are not detected. No direct company contact emails or phone numbers are publicly listed, with contact primarily via a web form. Overall, the site demonstrates a good balance of business professionalism, technical implementation, and privacy compliance.

ČSOP Tilia is a small Czech non-profit organization dedicated to ecological education and youth engagement, focusing on renewable energy and environmental projects. The website provides information about their activities, projects, and contact details, targeting children, youth, and educators in the Ústecký region. The organization appears to be supported by regional and EU funding, as indicated by logos and project descriptions. Technically, the website is built on the eStránky.cz platform using older JavaScript libraries and includes basic social media integration via Facebook SDK. Security posture is limited with no visible security headers and unknown SSL configuration. Privacy and cookie policies are absent, indicating compliance gaps. WHOIS data is unavailable, which reduces domain trust but does not necessarily indicate malicious intent given the nature of the organization. Overall, the website is functional but basic in design and security, suitable for a small non-profit but requiring improvements in security and compliance.

B

BNI

bnipodcast.com

64

The Official BNI Podcast website serves as a professional content platform delivering weekly audio discussions led by Dr. Ivan Misner, founder of BNI, the world's largest business networking organization. The site targets business professionals seeking networking education and referral strategies, positioning itself as an authoritative media outlet within the business networking niche. The business model revolves around content publishing, podcast distribution, and educational sponsorships, supported by partnerships with related training and audio program providers. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, Google Analytics, and various social sharing and marketing plugins. The site demonstrates good mobile optimization and SEO practices, though performance is moderate and accessibility features are basic. Security posture is solid with HTTPS enforced and some security best practices observed, but lacks advanced security headers and a formal vulnerability disclosure mechanism. From a security and compliance perspective, the site includes a cookie consent mechanism indicating GDPR awareness, but lacks a clearly linked privacy policy and terms of service pages. Contact information is limited to forms and subscription emails, with no explicit company emails or phone numbers found. The absence of WHOIS registration data for the domain is a notable concern, potentially indicating domain registration issues or privacy protection, which impacts trustworthiness. Overall, the website is professionally maintained with high-quality content and strong brand association with BNI. However, the missing WHOIS data and incomplete privacy documentation suggest areas for improvement in transparency and compliance. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and terms policies, verifying domain registration legitimacy, and improving accessibility features to strengthen trust and compliance.

A

Artis Zelmenis

artiszelmenis.lv

33

Artis Zelmenis operates a small Latvian-based business website offering a variety of services including web development, SEO, legal assistance, photography, advertising, and educational content. The site targets local SMEs, individuals, and students, providing multilingual content in English, Latvian, and Russian. The business appears niche-focused with a stable presence since 2012. Technically, the website uses standard JavaScript libraries and social media SDKs for Facebook, Twitter, VK, and Draugiem.lv, alongside Google Analytics for traffic monitoring. The site shows moderate performance and basic mobile optimization but lacks modern frameworks or CMS indications. SEO is reasonably addressed with meta tags and multilingual support. Security posture is moderate but with notable gaps: no visible HTTPS enforcement, absence of security headers, and use of some HTTP resources that may cause mixed content issues. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is limited to a contact form without explicit emails or phone numbers. Overall, the website is functional and professional but requires improvements in security, privacy compliance, and technical modernization to enhance trust and user safety.

A

ADOL Monitor s.r.o.

adol.cz

53

ADOL Monitor s.r.o. is a Czech Republic-based company specializing in providing monitoring services for real estate investment opportunities, particularly focusing on distressed properties such as auctions, executions, and insolvencies. The company has been operating for over 10 years and offers a suite of services including data monitoring, cadastral data access, and educational seminars. Their market position is that of a niche, trusted provider with a strong local presence and a loyal customer base. Technically, the website is built on WordPress with a modern tech stack including Bootstrap and various plugins, supporting good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced and cookie consent implemented, though some security headers are not explicitly detected and could be improved. The absence of WHOIS data limits domain trust assessment but the website content and business information suggest legitimacy. Overall, the site is professional, content-rich, and compliant with GDPR requirements.

N

Nadace OKD

nadaceokd.cz

44

Nadace OKD is a Czech non-profit foundation dedicated to supporting social, environmental, and community projects primarily through grant programs. The foundation targets non-profit organizations and local communities, aiming to improve social care, leisure activities, and environmental conditions. The website reflects a medium-sized organization with a consistent brand presence and active social media engagement. Technically, the site uses a custom CMS with older JavaScript libraries and Bootstrap for styling, indicating moderate digital maturity. While the site is accessible and well-structured, it lacks modern security headers and explicit privacy or cookie policies, which are critical for compliance and user trust. The absence of WHOIS data reduces domain trustworthiness, though partner and donor links support legitimacy. Overall, the security posture is moderate but can be improved by updating libraries, adding security headers, and enhancing privacy compliance.

C

Cult Pens

cultpens.com

71

Cult Pens is a well-established UK-based e-commerce retailer specializing in pens and pencils, boasting a wide product range of over 24,000 items. The website positions itself as a trusted online pen shop offering secure ordering, expert knowledge, and excellent customer service with free UK delivery and worldwide shipping. Technically, the site is built on the Shopify platform, leveraging modern JavaScript libraries such as jQuery and Owl Carousel, and integrates third-party services including Klevu for search, Trustpilot for reviews, and OneTrust for cookie consent management. The site demonstrates good digital maturity with mobile optimization and SEO best practices. Security-wise, the site uses HTTPS with a domain status of clientTransferProhibited, indicating domain transfer protection. However, explicit security headers are not fully implemented, and no public security or incident response policies are found. Privacy compliance is partially addressed through cookie consent mechanisms, but no explicit privacy or terms of service pages were detected in the provided content. Overall, the website is professional and trustworthy but could improve transparency around privacy and security policies.

D

DRL OÜ

drl.ee

42

DRL OÜ is a specialized Estonian company providing professional data recovery services from various storage devices including hard drives, SSDs, RAID arrays, and NAS systems. Established in 2010, the company operates a local dust-free laboratory and offers free diagnostics and consultations, positioning itself as a trusted local expert with over 15 years of experience and a strong customer base. The website is well-structured, targeting individuals and businesses in need of data recovery solutions, with clear contact information and customer testimonials enhancing trust. Technically, the website is built on WordPress using the Enfold theme, leveraging modern web technologies such as jQuery, Google Analytics via MonsterInsights, Facebook SDK, and Google reCAPTCHA for form security. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and security headers. Hosting and domain registration are consistent with the business location and claims, enhancing legitimacy. From a security perspective, the site uses HTTPS and implements reCAPTCHA to protect forms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is basic, with a cookie consent mechanism present but no visible privacy policy or terms of service on the homepage. Overall, DRL OÜ presents a credible and professional online presence with a solid business foundation. Strategic improvements in security policy transparency, privacy documentation, and security header implementation would enhance trust and compliance, supporting long-term business resilience.

E

Eesti Kirjandusmuuseum

kirmus.ee

55

Eesti Kirjandusmuuseum is a well-established Estonian national scientific and cultural institution focused on managing important archives related to cultural history and folklore. The website serves a diverse audience including researchers, students, cultural enthusiasts, and the general public by providing access to archives, scientific projects, educational programs, exhibitions, and an online store. The institution holds a strong market position as a central cultural memory organization in Estonia. Technically, the website is built on Drupal 8 with modern libraries and tools, offering good mobile optimization, accessibility, and SEO. Security posture is solid with HTTPS and anonymized analytics, though security headers and explicit security policies could be improved. Overall, the site is professional, trustworthy, and content-rich, supporting the institution's mission effectively.

Evex.ge is the official website of Evex Clinics, a large healthcare network in Georgia established in 2014. The company provides a wide range of medical services including state healthcare programs, private insurance, and specialist consultations. The website is professionally designed, mobile-optimized, and offers clear navigation to services, doctors, clinics, and booking options. The business holds ISO 9001:2015 and TÜV AUSTRIA certifications, indicating a commitment to quality standards. Technically, the site uses modern JavaScript libraries and analytics tools, with HTTPS enabled and good SSL configuration. However, it lacks visible privacy and cookie policies, which impacts privacy compliance scores. Security headers are not detected, suggesting room for improvement in security posture. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

C

CostPocket

tsekk.ee

62

CostPocket is a medium-sized Estonian SaaS company specializing in digital expense management solutions for businesses and accounting professionals. Their platform offers AI-powered tools to digitize receipts, automate expense reporting, and integrate seamlessly with popular accounting software, positioning them as a key player in the Baltic financial technology sector. The website demonstrates a modern technical infrastructure using Vue.js and integrates multiple analytics and marketing tools, reflecting a mature digital presence. Security posture is strong with HTTPS, security headers, and Cloudflare DNS, though some improvements in DNSSEC and explicit security policies are recommended. Privacy compliance is basic, with cookie consent implemented but lacking explicit privacy and terms of service pages. Overall, the site is professional, trustworthy, and well-optimized, supporting a strong market position.

K

KaminaKeskus

kaminakeskus.ee

42

KaminaKeskus is an established Estonian retailer specializing in fireplaces, stoves, ovens, sauna stoves, chimneys, and boilers, operating since 1997. The company offers a wide selection of heating appliances with a focus on quality, competitive pricing, and customer convenience including free home delivery. Their market position is strong within Estonia, supported by multiple physical stores and an active online presence. Technically, the website is built on WordPress with the Avada theme, utilizing modern SEO and multilingual plugins, and integrates Google Analytics and Facebook SDK for tracking. Security posture is adequate with HTTPS and basic security headers, but lacks advanced headers like CSP and HSTS, and is missing privacy and cookie policies, which are critical for GDPR compliance. Overall, the site is professional and user-friendly but should improve privacy compliance and security policies to enhance trust and regulatory adherence.

H

Hedgehog OÜ

hedgehog.ee

47

Hedgehog OÜ is a specialized Estonian electronics engineering bureau established in 2011, focusing on economical and reliable system design, prototyping, and manufacturing. Their expertise spans analog and digital circuit design, PCB layout, and embedded software development, serving startups, IT, and electronics companies as well as academic institutions. The website reflects a professional and consistent brand image with detailed team contacts and service descriptions. Technically, the site uses a CMS (Voog), jQuery, Google reCAPTCHA for form security, and Facebook SDK for social integration. While HTTPS is enabled and forms are protected with reCAPTCHA, the site lacks explicit privacy and cookie policies and security headers, which are areas for improvement. WHOIS data confirms domain legitimacy and consistency with the business history and location. Overall, the site is functional, trustworthy, and professionally presented but could enhance compliance and security posture.