Security Directory

T

Tervise Arengu Instituut

terviseinfo.ee

38

Terviseinfo.ee is a well-established Estonian health information portal managed by the Tervise Arengu Instituut, a government-affiliated health development institute. The website provides comprehensive health promotion content, news, and educational resources targeted primarily at health promotion specialists and the general public. It covers a broad range of health topics including alcohol, HIV/AIDS, nutrition, mental health, and more, positioning itself as a trusted national resource for health information. Technically, the site is built on Joomla CMS and utilizes common JavaScript libraries such as MooTools and jQuery, along with Google Fonts and Google Analytics for tracking. The site is served over HTTPS, ensuring secure communication, and includes CSRF tokens in forms to protect against cross-site request forgery. However, it lacks explicit security headers like Content-Security-Policy and HSTS, and does not have a visible cookie consent mechanism or privacy policy page, which are important for GDPR compliance. From a security perspective, the website demonstrates a moderate security posture with secure form handling and HTTPS usage but could improve by implementing additional HTTP security headers and publishing clear privacy and cookie policies. No WAF or blocking mechanisms were detected, and the site content is fully accessible. The WHOIS data aligns well with the website's governmental health mission, showing a consistent and legitimate registration since 2011. Overall, the website is professional, trustworthy, and serves its public health mission effectively, but should enhance privacy compliance and security headers to strengthen its security posture and regulatory adherence.

S

Sorglos Design AG

sorglos-design.ch

57

Sorglos Design AG is a Swiss-based company specializing in the retail and exhibition of premium wellness and outdoor living products including solid wood saunas, the Round Cube Sauna, sauna stoves by Huum, hot tubs, the proprietary low-smoke fireplace 'Feuerzunge', glamping accommodations, and garden furniture. The company targets consumers seeking high-quality wellness and outdoor lifestyle products, positioning itself as a niche premium provider in the Swiss market. The website reflects a professional and consistent brand image with a clear product focus and multiple social media channels to engage customers. Technically, the website employs modern web technologies such as Font Awesome 6 Pro, Google Fonts, and the Splide.js slider, likely built on Ruby on Rails given the presence of CSRF tokens and asset pipeline conventions. The site is mobile-optimized with good SEO practices and moderate performance. Google Analytics is integrated for user tracking, though no explicit cookie consent mechanism or privacy policy is present. From a security perspective, the site uses HTTPS with a valid SSL configuration and includes CSRF protection tokens, indicating a baseline security posture. However, it lacks advanced security headers and does not provide a vulnerability disclosure or security.txt file. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data is consistent with the business claims, supporting legitimacy. Overall, the website is functional, professional, and secure at a basic level but would benefit from enhanced privacy compliance and security best practices to improve trust and regulatory adherence.

S

Sentinel Research

sentinel-research.com

59

Sentinel Research is a student-led academic organization dedicated to pioneering innovative counterintelligence solutions to enhance national security. The organization positions itself as a leader in the academic research space with a focus on interdisciplinary approaches and strategic collaborations. Their offerings include research publications, policy recommendations, and educational resources aimed at students, academics, and national security professionals. The website is built on a modern WordPress platform with SEO and analytics integrations, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced transparency and security practices.

N

Nucleate Bio, Inc.

nucleate.org

56

Nucleate Bio, Inc. operates a globally recognized, student-led organization dedicated to empowering biotech leaders and innovators. The organization offers educational programs, venture acceleration through its Activator program, and fosters a global community of bio-entrepreneurs. Supported by leading biotech companies and world-class advisors, Nucleate positions itself as a key player in the biotech innovation ecosystem. Technically, the website is built on WordPress with modern SEO and analytics tools, delivering a professional and responsive user experience. Security posture is solid with HTTPS and no evident vulnerabilities, though it lacks some advanced security headers and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site reflects a credible and trustworthy organization with room for improvement in privacy and security transparency.

Meriton Energy Services operates as an Australian energy retailer focused on providing fairer energy costs and simplified contracts primarily targeting residential customers, including Meriton apartment residents. The company emphasizes transparent pricing, no lock-in contracts, and Australian-based customer support, positioning itself as a customer-friendly alternative in the Australian energy market. The website is professionally designed with clear calls to action and multiple contact forms to facilitate customer engagement. Technically, the site uses a mix of legacy and modern web technologies, including Google Analytics and reCAPTCHA for security and tracking. However, the use of an outdated jQuery version presents a potential security risk. Security posture is generally good with HTTPS enforced and spam protection on forms, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the domain registration and DNS setup are consistent with a legitimate Australian business, enhancing trustworthiness.

C

CORE Indonesia

youtheconomicsummit.org

52

Youth Economic Summit (YES) is a program organized by CORE Indonesia aimed at engaging Indonesian youth in advancing the national economy through digital and green economy initiatives. The website serves as a platform to promote events, programs, publications, and multimedia content related to youth economic empowerment. The target audience includes young professionals, students, and community groups interested in economic innovation and sustainability. Technically, the website employs modern frontend technologies such as Tailwind CSS, Flowbite, and Swiper.js, hosted behind Cloudflare DNS, ensuring good performance and mobile responsiveness. However, the site lacks critical privacy and cookie policies, and no direct contact information is provided, which impacts compliance and trust. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. Overall, the domain registration is recent but consistent with the event timeline and uses privacy protection appropriately.

PT. Arkadia Digital Media Tbk. is a medium-sized Indonesian digital media group operating multiple web portals and offering a range of services including advertising, event production, social media management, and influencer marketing. The company holds a strong market position in Indonesia's digital media landscape with a diversified portfolio and extensive partner network. Technically, the website employs modern frameworks such as Bootstrap and jQuery, integrates Google Analytics, and is hosted with Cloudflare DNS, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies, which are critical for compliance and trust. Overall, the site is accessible, professionally designed, and provides clear contact information, but improvements in privacy compliance and security best practices are recommended.

A

Accorp Sp. z o.o.

pollster.pl

72

Instytut Badań Pollster, operated by Accorp Sp. z o.o., is a well-established Polish market research institute founded in 2012. It specializes in comprehensive market and opinion research services, including CAWI, CAPI, CATI, and qualitative studies. The company holds a strong market position, ranking second in Poland for CAWI interviews in 2022, and targets businesses and institutions seeking data-driven insights to support growth. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the website employs modern web technologies such as Bootstrap, FontAwesome, Google reCAPTCHA, Hotjar, and Google Analytics, with a CMS identified as Bolt. Hosting and domain registration are managed by home.pl S.A. The site is mobile-optimized and demonstrates good SEO practices. Privacy compliance is robust, featuring a consent management platform and detailed privacy and cookie policies, ensuring GDPR adherence. From a security perspective, the site enforces HTTPS, uses reCAPTCHA to protect forms, and integrates a consent management platform. However, it lacks explicit security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business claims, enhancing trustworthiness. Overall, the website presents a low-risk profile with strong compliance and professional business representation. Strategic improvements in security headers and incident response transparency could further enhance its security posture and trust.

V

Vana-Võidu Autokeskus OÜ

vvautokeskus.ee

40

Vana-Võidu Autokeskus OÜ is a small Estonian automotive service company established in 1996, specializing in car repair, maintenance, tire services, and trailer repair and sales. The company operates locally near Viljandi and targets vehicle owners requiring these services. The website is built on the Voog CMS platform, leveraging modern JavaScript libraries and Google Analytics for tracking. The site is mobile-optimized with good design and navigation, providing clear business and contact information. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is functional and professional but could improve in privacy and security transparency.

B

Billetto Sweden

billetto.se

70

Billetto Sweden operates as an established online event ticketing platform primarily serving the Swedish market. Founded in 2010, it offers event discovery and ticket sales services targeting both event attendees and organizers. The website demonstrates a consistent brand presence with localized content and multiple user roles supported, including ticket buyers, organizers, and door staff. The platform integrates modern technologies such as Stripe for payments, Google Analytics for tracking, and OneTrust for cookie consent management. Hosting is provided via Amazon AWS infrastructure, ensuring reliable performance and scalability. Security posture is generally good with HTTPS enforced and CSRF protections in place, though the absence of DNSSEC and security headers suggests room for improvement. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy policy or terms of service detected in the provided content. WHOIS data confirms the domain's legitimacy with consistent registration details and appropriate domain age. Overall, Billetto Sweden presents a professional and trustworthy online presence with moderate technical maturity and security awareness.

U

UA-Футбол ᐉ Новости футбола онлайн • Результаты футбольных матчей сегодня • Все о футболе на сайте UA-football.com

ua-football.com

66

UA-Football.com is a Ukrainian-based online media platform specializing in football news, live match results, tournament tables, and related sports content. The website targets football fans and bettors interested in both Ukrainian and international football. It offers a variety of services including live match centers, betting information, video content, and lifestyle news related to sports. The platform monetizes primarily through advertising and affiliate marketing with bookmakers. Technically, the site employs modern web technologies such as Google Tag Manager, Google Analytics, lazy loading, and a cookie consent management platform, ensuring a good user experience and moderate performance. Security-wise, the site uses HTTPS and has implemented cookie consent mechanisms but lacks visible security headers and explicit privacy or terms of service pages, which are areas for improvement. The WHOIS data for the domain is unavailable, raising concerns about domain registration transparency, although the active and professional nature of the website suggests legitimate operation. Overall, the site presents a solid digital presence with room for enhanced compliance and security practices.

The International Society for Ethnology and Folklore (SIEF) is a well-established academic non-profit organization that fosters collaboration among scholars in European Ethnology, Folklore Studies, and Cultural Anthropology. The website serves as a hub for information on congresses, working groups, publications, and membership, targeting an academic audience. The organization maintains a consistent brand presence and offers comprehensive content relevant to its community. Technically, the site employs a mature technology stack including Bootstrap, jQuery, Google Analytics, and cookie consent mechanisms, hosted likely by NomadIT. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved and the use of an outdated jQuery version presents a minor risk. WHOIS data is unavailable, which slightly impacts domain trust but is not uncommon for non-profits. Overall, the site is professional, accessible, and trustworthy with room for technical and security enhancements.

C

Certia Oy

nefk2025.fi

43

The website nefk2025.fi represents the 36th Nordic Ethnology and Folklore Conference scheduled for June 2025 in Turku, Finland. The event is organized by Certia Oy in partnership with Åbo Akademi University and Turku University, targeting Nordic scholars and researchers interested in ethnology, folklore, and cultural studies. The site provides comprehensive information about the conference theme, programme, important dates, and practical details, supporting a niche academic audience. Technically, the site is built on WordPress using WPBakery Page Builder and integrates standard SEO and analytics tools. It is hosted by Louhi Net Oy with a valid SSL certificate ensuring secure HTTPS access. Security posture is good with cookie consent mechanisms and no visible vulnerabilities, though security headers could be improved. The WHOIS data is transparent and consistent with the business purpose, enhancing trust. Overall, the site is professional, well-structured, and compliant with privacy regulations.

The website folklore.ee is an authoritative academic and cultural platform managed by the Estonian Literary Museum's Folklore Department. It provides extensive resources on Estonian folklore, oral traditions, and related research projects, targeting scholars, students, and the interested public. The site is primarily in Estonian with some multilingual content and serves as a key national repository and dissemination channel for folklore knowledge. Technically, the site uses a stable but basic infrastructure with FreeBSD and PostgreSQL, and includes Google Analytics for visitor tracking. However, it lacks modern CMS features and advanced mobile optimization. Security posture is moderate with HTTPS implied but no explicit security headers or incident response information published. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Business credibility is high given the institutional backing and consistent domain registration. Overall, the site is functional and trustworthy but would benefit from enhanced privacy, security, and technical modernization.

A

A Million Ads

amillionads.com

56

A Million Ads (AMA) is a technology-driven company specializing in dynamic creative advertising for audio platforms. They position themselves as a leader in delivering customized, data-driven audio ads across major platforms, serving notable clients such as Target, Starbucks, and American Express. The website reflects a mature digital presence with professional design, strong branding, and extensive client showcases. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools including Google Analytics, HubSpot, and LinkedIn Insight Tag. Security posture is generally good with HTTPS enforced and use of reCAPTCHA, though some security headers are not explicitly detected and no dedicated security or incident response policies are published. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, the WHOIS data is missing or indicates the domain is unregistered or privacy protected, which conflicts with the professional image and client portfolio, raising legitimacy concerns. Overall, the site is functional, professional, and compliant but would benefit from improved transparency on domain registration and security policies.

Z

Zoomcar

zoomcar.com

58

Zoomcar is a leading self-drive car rental service operating primarily in India, offering a wide range of vehicles with features such as unlimited kilometers, instant booking, and keyless access via their mobile app. The company targets individuals seeking flexible and budget-friendly transportation solutions across multiple Indian cities. The website demonstrates a mature digital presence with modern technologies including Google Analytics, Microsoft Clarity, and RudderStack for analytics and user tracking, alongside performance monitoring tools like Boomerang and Bugsnag. The site is well-optimized for mobile and SEO, with excellent content quality and user experience. Security posture is strong with HTTPS enforced and a Content Security Policy in place, though additional security headers could enhance protection. However, the absence of explicit privacy, cookie, and terms of service policies, as well as missing WHOIS domain registration data, represent gaps in compliance and transparency. Overall, Zoomcar's website reflects a professional and trustworthy business with room for improvement in privacy and security disclosures.

M

Marr Labs

marrlabs.com

64

Marr Labs is a technology company specializing in AI voice agents designed to automate customer interactions such as lead qualification, appointment scheduling, and customer service. The company targets multiple industries including financial services, call centers, real estate, legal, and hospitality. Their business model is based on a managed service approach with a one-time setup fee and usage-based pricing, emphasizing quick deployment and scalability. The website reflects a professional and consistent brand with clear messaging and transparent pricing. Technically, the website is built on the Webflow platform, utilizing modern web technologies including Google Tag Manager, Google Analytics, and Howler.js for audio playback. The site is well-optimized for performance and mobile devices, with good SEO practices and basic accessibility features. Security is enforced through HTTPS and secure form handling, though some security headers are missing and no cookie consent mechanism is present. From a security perspective, Marr Labs demonstrates a moderate security posture with SOC 2 compliance mentioned, indicating a focus on data protection and reliability. However, the absence of WHOIS registration data raises questions about domain legitimacy and age, which should be monitored. No incident response or vulnerability disclosure information is publicly available, and privacy compliance could be improved with explicit cookie consent and GDPR indicators. Overall, Marr Labs presents a credible and professional business with advanced AI offerings, but improvements in transparency, security headers, and privacy compliance are recommended to enhance trust and regulatory adherence.

P

PR-room

pr-room.cz

45

PR-room is a small Czech Republic based business specializing in custom WordPress website development and graphic design services. The company is led by Ing. Kristýna Včeláková, who has extensive experience since 2014 and formal training in web development and graphic design. The website demonstrates a professional service offering with references to client sites and a clear contact section including email, phone, and LinkedIn profile. Technically, the site uses modern WordPress and WooCommerce versions, integrates Google Analytics, and is served over HTTPS, indicating a reasonable digital maturity level. However, the absence of privacy and cookie policies, lack of security headers, and missing WHOIS registration data present compliance and trust concerns. Overall, the security posture is moderate but could be improved with better policy disclosures and security headers.

M

Miltton Latvia

miltton.lv

51

Miltton Latvia is a creative and dynamic agency focused on providing communication consulting and branding services to clients in Latvia and the Baltic region. The company positions itself as a bold and innovative partner helping clients to be visible in a changing world. The website is professionally designed, multilingual, and optimized for SEO, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Cookiebot for GDPR compliance, and integrates Google Analytics for traffic analysis. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and headers could be improved. Overall, the site demonstrates a good balance of business professionalism, technical implementation, and privacy compliance, suitable for a medium-sized agency in the media sector.

E

Eesti Antidopingu ja Spordieetika Sihtasutus

eadse.ee

43

Eesti Antidopingu ja Spordieetika Sihtasutus is a government-affiliated non-profit organization dedicated to promoting fair play, anti-doping measures, and ethical conduct in sports within Estonia. The organization provides education, prevention, and regulatory oversight services to athletes, sports organizations, and the public. The website serves as an informational and educational platform with resources, news, and training offerings related to sports ethics and anti-doping. Technically, the website is built on WordPress using the Avada theme and integrates modern plugins such as Yoast SEO and Revolution Slider. It employs Google Analytics for visitor tracking but lacks visible cookie consent mechanisms and privacy policy disclosures, which are critical for GDPR compliance. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but security headers and incident response information are absent. Overall, the website is professional, well-branded, and trustworthy, though it would benefit from enhanced privacy compliance and explicit contact details.

A

ADOL Monitor s.r.o.

strategickymentoring.cz

18

Strategickymentoring.cz is a Czech Republic based small business operated by ADOL Monitor s.r.o., specializing in strategic mentoring and education for real estate investors. The website offers a comprehensive 3-day mentoring program combined with 20 hours of individual consultations over two years, targeting beginners to intermediate investors and those diversifying from other investment types. The business leverages practical experience and proprietary tools (ADOL Monitor) to provide value. Technically, the website uses modern JavaScript libraries, Google Analytics, and Bootstrap for responsive design, delivering a good user experience with moderate performance. Security posture is solid with HTTPS and cookie consent implemented, though lacks advanced security headers and formal security policies. Privacy compliance is partial due to missing privacy and terms of service pages. Overall, the site is professional, trustworthy, and well-branded, with transparent WHOIS data consistent with the business launch timeline.

A

Always Advancing Promotions & Manufacturing

alwaysadvancing.net

61

Always Advancing Promotions & Manufacturing operates as a specialized manufacturer of custom finisher medals, awards, apparel, and promotional products primarily serving endurance events and businesses globally. Established in 2008, the company emphasizes custom design and quality, targeting event directors and business owners who require personalized products. The website reflects a medium-sized enterprise with a professional digital presence built on the Duda platform, leveraging modern web technologies and analytics tools. While the site is well-designed, mobile-optimized, and accessible, it lacks explicit privacy and cookie policies, which are critical for compliance and user trust. Security posture is strong with HTTPS and CAPTCHA protections, but security headers and incident response policies are absent. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration consistency, which should be addressed to enhance trust. Overall, the company demonstrates a solid market position with room for improvement in privacy compliance and domain registration transparency.

Modrý zub s.r.o. operates an established authentic Thai restaurant business in Prague with multiple branches and catering services. The website presents a professional image with detailed descriptions of their culinary offerings and physical locations, targeting tourists, locals, and expats. The digital infrastructure includes modern analytics and tracking tools, with a cookie consent mechanism supporting privacy compliance. However, the absence of WHOIS registration data raises concerns about domain legitimacy, despite the active and well-maintained website. Security posture is generally good with HTTPS enforced, but lacks some security headers and formal policies such as privacy and terms of service. Overall, the website is functional and credible but would benefit from improved transparency and security documentation.

A

Abalon s.r.o.

abalon.cz

37

Abalon s.r.o. is a small Czech company specializing in graphic design, quality offset printing, and website production services. The company targets businesses and individuals seeking professional design and printing solutions, including specialized products like New Year's cards (novoročenky). Their market position appears niche and local, focused on Prague and surrounding areas. The website is built on WordPress with a moderate technical infrastructure including jQuery and FlexSlider, and uses Google Analytics for visitor tracking. The site is accessible, well-structured, and professionally designed, though mobile optimization and accessibility features are basic. Security posture is generally good with HTTPS enabled and no visible vulnerabilities, but lacks important security headers and formal privacy or cookie policies, which impacts compliance and trust. WHOIS data is missing, which reduces domain legitimacy confidence, though the website content and contact information support a legitimate business presence. Overall, the site scores moderately well but would benefit from enhanced privacy compliance and security best practices.

Č

Česká federace potravinových bank, z.s.

potravinovebanky.cz

47

The Česká federace potravinových bank, z.s. is a Czech non-profit federation overseeing food banks across the Czech Republic. It operates a central warehouse and represents food banks nationally and internationally. The organization collects food from various sources including retailers, producers, and public food drives, and distributes it to charitable organizations serving vulnerable populations such as seniors, families in crisis, and the homeless. The website is professionally designed with clear navigation, multilingual support, and integrates Google Maps to display regional food bank locations. It uses modern web technologies including lazy loading and Google Analytics with consent management, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though security headers are not explicitly detected. The absence of WHOIS data reduces domain trust signals, but the presence of official partnerships, certifications, and comprehensive privacy policies support legitimacy. Overall, the site effectively communicates its mission and services while maintaining a solid technical and privacy compliance foundation.

D

Domains By Proxy, LLC

operose.io

58

Operose is a newly founded blockchain company (2024) focused on creating a peer-to-peer marketplace for commodity-backed tokens aimed at transforming commerce and fostering financial inclusivity. The website presents a professional and consistent brand image targeting investors interested in blockchain financial products. Technically, the site uses modern web technologies including React, Font Awesome, Google Analytics, OpenReplay, and LiveChat, hosted behind Cloudflare DNS. Security posture is moderate with HTTPS enabled and domain status protections, but lacks DNSSEC and security headers. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is accessible and functional with room for improvement in security and compliance.

K

KaminaKeskus

kaminakeskus.ee

42

KaminaKeskus is an established Estonian retailer specializing in fireplaces, stoves, ovens, sauna stoves, chimneys, and boilers, operating since 1997. The company offers a wide selection of heating appliances with a focus on quality, competitive pricing, and customer convenience including free home delivery. Their market position is strong within Estonia, supported by multiple physical stores and an active online presence. Technically, the website is built on WordPress with the Avada theme, utilizing modern SEO and multilingual plugins, and integrates Google Analytics and Facebook SDK for tracking. Security posture is adequate with HTTPS and basic security headers, but lacks advanced headers like CSP and HSTS, and is missing privacy and cookie policies, which are critical for GDPR compliance. Overall, the site is professional and user-friendly but should improve privacy compliance and security policies to enhance trust and regulatory adherence.

S

Studio One

studio-one.am

56

Studio One is a medium-sized Armenian IT consulting and digital services company specializing in web design, development, mobile apps, online marketing, and security audits. The company serves a diverse client base including governmental, financial, e-commerce, manufacturing, consulting, and media sectors. Their website reflects a professional and consistent brand image with clear navigation and relevant content. Technically, the site uses modern JavaScript libraries, Google Analytics, and Google Maps API, but lacks some advanced accessibility and mobile optimization features. Security posture is moderate with HTTPS usage but missing important security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies. WHOIS data aligns well with the business claims, indicating legitimacy. Overall, the website is functional and professional but could improve in privacy and security transparency.

T

SEO Optimeerimine | Teie Ettevõte

taddy.ee

35

The website www.taddy.ee is a small Estonian SEO service provider specializing in both internal and external SEO optimization, competitor analysis, and targeted advertising. The business targets companies seeking to improve their search engine visibility and website traffic. The site presents clear service packages with pricing and showcases client examples, indicating a focused and professional approach. Technically, the site uses modern frontend technologies including Bootstrap, jQuery, and Google Analytics, with a responsive design and good navigation. However, there are gaps in privacy compliance, as no privacy or cookie policies are published, and contact information is limited to a web form without direct emails or phone numbers. Security posture is moderate with HTTPS enabled but lacking explicit security headers and vulnerability disclosures. Overall, the site is functional and professional but would benefit from enhanced privacy and security practices to improve trust and compliance.

R

Register OÜ

ir.ee

62

Register OÜ operates the Inforegister website, a platform providing credit ratings, beneficial ownership information, financial forecasts, and business risk assessments primarily targeting Estonian businesses and individuals. The company positions itself as a trusted local provider of business and financial data services, leveraging a subscription-based model to deliver valuable insights. The website supports multiple languages and offers a user-friendly search interface to access company and individual data. Technically, the site is built on WordPress with modern integrations such as Google Site Kit for analytics and OAuth for authentication, indicating a moderate level of digital maturity. The site is mobile-optimized and employs HTTPS with a valid SSL certificate, ensuring secure communications. Security posture is solid with cookie consent mechanisms and no visible vulnerabilities, although there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website demonstrates a professional and trustworthy online presence with good compliance to privacy regulations and a clear business focus.

W

Wine Library

winelibrary.com

63

Wine Library is a well-established online retailer specializing in wines, spirits, beer, and gourmet products. Founded in 1997, it has built a strong market presence in the United States with a medium-sized operation focused on e-commerce. The website offers a rich user experience with curated wine selections, expert ratings, wine clubs, and educational content, targeting wine enthusiasts and consumers seeking quality alcoholic beverages online. The business model centers on direct online sales complemented by subscription wine clubs and marketing via email and social media channels. Technically, the website leverages a modern technology stack including Ruby on Rails, Google Analytics, Facebook Pixel, and Cloudflare DNS/CDN services. The site is mobile-optimized with good SEO practices and uses several third-party marketing and analytics tools. Performance is moderate, with room for improvement in accessibility and some technical SEO aspects. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and implements secure forms. However, it lacks DNSSEC, explicit security headers, and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR-specific indicators. Overall, Wine Library presents a credible, professional, and secure online retail platform with minor gaps in privacy compliance and security transparency. Strategic improvements in cookie consent, security headers, and incident response disclosure would enhance trust and compliance.

H

Hong Kong Applied Science and Technology Research Institute Company Limited

astri.org

71

Hong Kong Applied Science and Technology Research Institute Company Limited (ASTRI) is a government-founded R&D institute established in 2000 to enhance Hong Kong's competitiveness in technology-based industries through applied research. The organization operates as a large, government-affiliated entity with a strong focus on technology innovation, patenting, and technology transfer to industry. Their website reflects a mature digital presence with comprehensive content, multilingual support, and a professional design. Technically, the site is built on WordPress with modern plugins and Google Analytics integration, offering good performance and mobile optimization. Security posture is solid with HTTPS and hCaptcha usage, though explicit security headers and published security policies are lacking. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website and organization demonstrate high business credibility and trustworthiness, though improvements in security transparency and privacy compliance are recommended.

B

Balti Uuringute Instituut

ibs.ee

45

Balti Uuringute Instituut is an established independent think tank founded in 1996, specializing in political and socio-economic research primarily focused on Estonia, the Baltic Sea region, and Europe. The organization provides high-quality applied research and policy analysis aimed at supporting evidence-based public policymaking. Their target audience includes policymakers, public sector entities, researchers, and international partners. The website reflects a professional and consistent brand image with clear navigation and relevant content showcasing their expertise and projects. Technically, the site is built on WordPress with modern libraries such as Bootstrap and Swiper.js, and integrates Google Analytics and Tag Manager for tracking. The site is mobile-optimized and performs moderately well, though accessibility could be enhanced. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks explicit security policies and headers. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the site demonstrates strong business credibility but requires improvements in privacy and security transparency.

A

Artis

artisllc.com

55

Artis is a specialized technology company focused on developing advanced real-time system solutions that address complex challenges requiring extremely fast distributed sensing, parallel processing, and actuation. Their offerings include active protection systems that neutralize threats and safety systems designed for rapid response beyond human reaction times. The company targets clients in sectors where microsecond-level performance is critical, such as defense and safety industries. The website presents a professional and consistent brand image with clear messaging about their expertise and services. Technically, the site is built on WordPress with the Avada theme, leveraging modern web technologies and Google Analytics for tracking. The site is mobile-optimized and performs moderately well, though accessibility features could be improved. Security posture is generally good with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and explicit security policies. The absence of WHOIS registration data for the domain is a notable concern, impacting trust and legitimacy assessments. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and clearer domain registration transparency.

T

The Catholic University of Eastern Africa

cuea.edu

57

The Catholic University of Eastern Africa (CUEA) is a well-established private international university based in Kenya, offering a wide range of academic programs including certificates, diplomas, undergraduate, postgraduate, and professional certifications. The institution positions itself as a premier university focused on producing morally upright and transformative leaders for the Church and society. The website reflects a mature digital presence with comprehensive academic and administrative content targeting prospective and current students, alumni, and researchers. Technically, the website is built on a modern WordPress platform utilizing popular plugins such as LearnPress for LMS functionality, Elementor for page building, and LayerSlider for rich content presentation. The site uses HTTPS with good SSL configuration and integrates Google Analytics for visitor tracking. The design is responsive and user-friendly, with clear navigation and structured data enhancing SEO. From a security perspective, the site employs HTTPS and some security best practices but lacks explicit security headers and visible privacy or cookie policies, indicating room for improvement in compliance and security posture. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data confirms the legitimacy and consistency of the domain registration with the institution's claims. Overall, the website is professional and credible but should enhance privacy compliance and security headers to improve trust and regulatory adherence.

S

Sevana

sevana.biz

50

Sevana is a specialized telecommunications technology company based in Estonia, founded in 2012, providing advanced call quality testing and monitoring solutions for VoIP and mobile networks including 2G to 5G. Their product suite includes proprietary tools such as AQuA, PVQA, and QualTest, targeting telecom operators, VoIP providers, and testers globally. The company positions itself as a reliable partner offering comprehensive voice and audio quality assessment technologies that enhance customer satisfaction and network performance. Technically, the website is built on a modern WordPress platform with a robust tech stack including Bootstrap, jQuery, and multiple analytics and marketing tools, hosted on DigitalOcean. The site is well-optimized for SEO and mobile devices, with good content quality and clear navigation. Security posture is solid with HTTPS enforced, reCAPTCHA protection on forms, and cookie consent mechanisms, though some security headers like Content-Security-Policy could be improved. WHOIS data confirms domain legitimacy with consistent registration details and a long domain age. Overall, the website reflects a professional and trustworthy business with a mature digital presence.

F

Fleep Technologies

fleep.io

64

Fleep Technologies operates the website fleep.io, offering a professional messaging platform designed for companies seeking simple and effective digital communication solutions. The service integrates team chats, project communication, and email messaging into a single app, targeting small to medium-sized businesses. The company positions itself as a straightforward, subscription-based communication tool with a free trial, emphasizing ease of use and cross-organization collaboration. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with Google Fonts and Google Analytics integrated for typography and user tracking respectively. Hosting is managed via Amazon AWS DNS services, and the site is mobile-optimized with responsive design elements. SEO practices are well implemented with proper meta tags and structured navigation. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. However, DNSSEC is not enabled, and there is a lack of explicit security policies or incident response information publicly available. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, indicating GDPR awareness. Overall, the website presents a professional and trustworthy front with good content quality and technical implementation. The absence of direct contact emails or phone numbers on the main pages is a minor gap. Strategic recommendations include enabling DNSSEC, publishing a security policy, and adding a vulnerability disclosure mechanism to enhance trust and security posture.

HugeDomains operates a professional domain marketplace specializing in premium domain sales with flexible payment plans. The website is well-structured, providing clear pricing, purchase options, and customer support channels. The technical infrastructure includes modern JavaScript libraries, Google Analytics for tracking, and Google reCAPTCHA Enterprise for bot mitigation, indicating a mature digital presence. Security posture is strong with HTTPS enforced and SSL encryption, though additional security headers and explicit security policies are absent. Privacy compliance is addressed with a comprehensive privacy policy and cookie consent mechanism. The absence of WHOIS data for the domain www.hugedomains.com suggests privacy protection or unregistered status, which is typical for domain marketplaces. Overall, the site presents a trustworthy and professional front for domain sales.

C

Convertal OÜ

convertal.ee

46

Convertal OÜ is a well-established Estonian digital marketing agency specializing in a broad spectrum of services including SEO, social media marketing, digital advertising, analytics, and marketing training. The company positions itself as a strategic partner for businesses aiming to enhance their online visibility and achieve measurable business outcomes. Their market position is strong within Estonia and the Baltic region, supported by client testimonials and Google Partner certification. Technically, the website is built on WordPress with modern marketing and analytics integrations such as Google Tag Manager, Facebook Pixel, and Hotjar, indicating a mature digital infrastructure. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though improvements in security headers and formal security policies are recommended. Overall, the website demonstrates professionalism, good user experience, and trustworthy business credibility.

W

White Mammoth

whitemammoth.com

48

White Mammoth is a specialized visualization company focusing on architectural 3D images, animations, drone photography, and virtual reality content. Their website showcases a portfolio of exterior and interior projects, targeting architects, real estate developers, and design professionals. The company positions itself as a niche service provider in the real estate visualization market, leveraging modern web technologies such as Bootstrap and jQuery to deliver a responsive and visually appealing user experience. Technically, the website employs standard frontend libraries and Google Analytics for tracking. While the site is mobile-optimized and well-structured, it lacks advanced security headers and explicit privacy or cookie policies, which are critical for compliance and user trust. The absence of WHOIS data for the domain raises concerns about domain legitimacy and transparency, although the active social media presence partially offsets this risk. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but improvements are needed in implementing security headers and formalizing privacy compliance. The overall risk is moderate, with recommendations focusing on enhancing security posture, adding privacy documentation, and clarifying domain registration details to improve trustworthiness. Strategically, White Mammoth should prioritize compliance and transparency to strengthen its market position and reassure clients about data protection and business legitimacy.

C

Car Rental Gateway Ltd.

carrentalgateway.com

67

Car Rental Gateway Ltd. operates a sophisticated SaaS platform focused on the car rental distribution industry, connecting over 150 mobility suppliers and facilitating millions of reservations annually. Their product suite includes a car rental gateway platform, a customizable keyless smart rental app (Titanium Mobility), and a comprehensive car rental operation platform (Car Cloud). The company targets car rental businesses and mobility providers globally, emphasizing scalable, flexible, and multilingual solutions. The website is professionally designed with clear navigation and mobile optimization, reflecting a mature digital presence. Technically, the website leverages modern frameworks such as Astro and employs Partytown to optimize third-party script loading. Google Analytics is used for user tracking, though no cookie consent mechanism or privacy policies are present, indicating gaps in privacy compliance. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but lacks explicit security headers and incident response information. The absence of WHOIS registration data is a notable concern, as it conflicts with the professional and active nature of the website. This discrepancy reduces domain trustworthiness and warrants further investigation. Overall, the site demonstrates strong business credibility and technical maturity but requires improvements in privacy compliance and domain legitimacy verification.

A

AS Printall

printall.ee

61

AS Printall is an established printing house based in Estonia, operating since 1971. The company offers a wide range of printing services including flyers, newspapers, magazines, catalogs, books, and marketing materials, with a strong emphasis on environmental responsibility and digitalization of production processes. Their market position is supported by multiple environmental and quality certifications such as FSC, PEFC, ISO 9001, and Nordic Swan, reflecting a commitment to sustainability and quality. The website targets customers and designers seeking professional printing solutions with fast turnaround and finishing options.

L

Lumi Capital

lumicapital.eu

43

Lumi Capital is a Baltic real estate company specializing in the development and management of residential rental apartment buildings across Tallinn, Riga, and Vilnius. Managing a portfolio of approximately 2000 apartments, the company partners with institutional investors such as insurance companies and pension funds. Their business model focuses on long-term rental housing with an emphasis on sustainability, innovation, and digital services, positioning themselves as a preferred brand for urban renters valuing flexibility and community. Technically, the website is built on Joomla CMS with Bootstrap and jQuery frameworks, integrating Google Analytics for user tracking. The site is mobile-optimized and presents a professional design with clear navigation. While performance is moderate, the technical stack is modern and well-maintained. From a security perspective, the site enforces HTTPS and obfuscates email addresses to reduce spam. However, it lacks explicit security headers and published security policies or incident response contacts. Privacy compliance is partial, with a cookie consent banner present but no dedicated privacy or terms of service pages. The WHOIS data is unavailable due to EURid privacy restrictions, but the website content and business information appear legitimate and consistent. Overall, Lumi Capital's digital presence reflects a professional real estate business with good technical implementation and moderate security posture. Enhancements in privacy documentation, security headers, and incident response transparency would strengthen trust and compliance.

P

PARENT PROJECT, z.s.

parentproject.cz

60

Parent Project Czech Republic is a specialized non-profit organization dedicated to supporting patients and families affected by Duchenne and Becker muscular dystrophy. The organization focuses on advocacy, improving patient care, education, community building, and promoting research. Their website is professionally designed, content-rich, and targets patients, families, and healthcare professionals primarily in the Czech Republic. Technically, the site uses modern web technologies including Google Analytics, Google Tag Manager, and a custom CMS platform (Solidpixels). It is served over HTTPS with no visible security warnings and includes a cookie consent mechanism, indicating a basic level of privacy compliance. However, no explicit privacy policy or terms of service pages were found, which is a gap in compliance and transparency. The absence of WHOIS data for the domain is a notable concern, reducing domain transparency and trustworthiness. Overall, the website presents a good security posture with secure forms and no obvious vulnerabilities, but could improve by adding security headers, a security policy, and vulnerability disclosure information.

P

Platformance

platformance.io

64

Platformance is a technology-driven advertising platform specializing in programmatic media, affiliate marketing, and creator-led content to help brands reach and acquire high-quality customers. The company positions itself as a partner for advertisers seeking measurable business outcomes through outcome-based pricing models and a curated network of trusted suppliers and publishers. The website demonstrates a professional and consistent brand presence with a focus on digital marketing solutions tailored for various business goals including online sales growth, engagement, and app installs. Technically, the site is built on Webflow CMS with modern JavaScript libraries and tracking tools such as Google Tag Manager and LinkedIn Insight, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and no visible sensitive data exposure, though improvements could be made by adding security headers and cookie consent mechanisms. Overall, the site is accessible, well-structured, and trustworthy, supporting the company's credibility in the Ad-Tech sector.

S

SKOLATO

skolato.cz

50

SKOLATO is a Czech-based company specializing in the manufacture and sale of school furniture and equipment for schools, kindergartens, and municipalities. The website presents a comprehensive catalog of products including school desks, chairs, boards, specialized classrooms, and outdoor furniture. The company targets educational institutions and local government bodies, positioning itself as a specialized supplier in the Czech market. Founded in 2016, SKOLATO operates a medium-sized e-commerce platform built on PrestaShop, leveraging modern web technologies and third-party marketing tools such as Google Analytics and Facebook Pixel. The website is well-structured, mobile-optimized, and provides clear navigation and product information, although it lacks explicit privacy and cookie policies, which impacts compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities, but security headers could be improved. Contact information is available primarily via phone and contact forms, but no direct company emails or detailed business registration data are present on the site. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in privacy compliance and security transparency are recommended to enhance trust and regulatory adherence.

F

Footshop a.s.

footshop.gr

66

Footshop a.s. operates a professional e-commerce platform specializing in sneakers, apparel, and accessories, targeting sneaker enthusiasts and streetwear consumers primarily in Greece and across Europe. The website presents a strong market position as a leading retailer with multiple physical stores and a loyalty program, offering a wide range of popular brands and premium collections. The business model focuses on online retail complemented by physical store presence, supported by a consistent and professional brand image. Technically, the website leverages modern technologies including Google Tag Manager, Google Analytics, Cookiebot for consent management, Typekit fonts, and React-based components rendered via Hypernova. It is built on the PrestaShop e-commerce platform with a Bootstrap-based theme, ensuring good mobile optimization and SEO practices. Performance is moderate with room for improvement in accessibility features. Security-wise, the site enforces HTTPS with excellent SSL configuration and implements cookie consent mechanisms. While explicit security headers are not visible in the HTML, best practices such as no exposed sensitive data and secure form handling are observed. There is no visible vulnerability or malware indication. However, the site could enhance its security posture by publishing a security policy and incident response contacts. Overall, the website scores highly on content quality, technical implementation, security posture, privacy compliance, and business credibility. It is a trustworthy and professional retail platform with comprehensive privacy and cookie policies, clear contact information, and strong brand consistency.

Neustar Localeze is an enterprise-level technology company specializing in local search and business listing management services. As a subsidiary of Neustar, it holds a strong market position as a leader in providing accurate and relevant local business data to consumers and partners. Their key services target small businesses, large chains, resellers, and data licensors, emphasizing data accuracy and real-time updates. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their B2B audience. Technically, the website employs modern front-end technologies including Bootstrap, Font Awesome, and jQuery, supplemented by analytics and tracking tools such as Google Analytics and Crazy Egg. The site is mobile optimized and SEO friendly, though some accessibility features are basic. Hosting and domain registration are stable and reputable, with no signs of blocking or WAF interference. From a security perspective, the site uses HTTPS and has domain transfer protections in place but lacks visible security headers and explicit security or incident response policies. Privacy compliance is partial, with a privacy policy linked on the parent company domain but no cookie consent mechanism present. No vulnerabilities or exposed sensitive data were detected. Overall, Neustar Localeze presents a trustworthy and professional online presence with room for improvement in security headers, privacy compliance, and incident response transparency. Strategic enhancements in these areas would strengthen their security posture and regulatory compliance.

LCV Real Estate is a Belgian project developer specializing in commercial real estate, offering a broad portfolio of projects including KMO units, retail, logistics, and build-to-suit developments primarily in Belgium and neighboring countries. The company targets businesses seeking to purchase or rent commercial properties, positioning itself as an expert partner for real estate investments with added value. The website is professionally designed, multilingual, and provides comprehensive project information and contact options. Technically, the site uses modern analytics and marketing tools such as Google Analytics, Microsoft Clarity, Facebook Pixel, and Bing Ads, integrated via Google Tag Manager. The site is mobile-optimized and SEO-friendly, though some accessibility features are basic. Security posture is good with HTTPS enforced and secure forms, but lacks some security headers and published incident response information. WHOIS data is unavailable due to domain registration restrictions, which lowers domain trustworthiness despite the professional web presence. Overall, the site scores well on content and privacy compliance but should improve transparency and security practices.