Security Directory

V

Veinitee.ee

veinitee.ee

40

Veinitee.ee is a small Estonian hospitality business focused on promoting local wineries and wine tourism through a collaborative network of producers. The website serves as a portal to explore various wine routes and wineries across Estonia, targeting wine enthusiasts and tourists. The business is relatively new, founded in 2022, and leverages modern web technologies including WordPress with the Divi theme and Yoast SEO for content management and search optimization. The site integrates Google Tag Manager and Analytics for visitor tracking but lacks visible privacy and cookie policies, which impacts compliance. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but could be improved with enhanced security headers and incident response information. Overall, the website is professionally designed with good content relevance and navigation, though privacy compliance and explicit contact details could be enhanced to improve trust and regulatory adherence.

W

Discover the beauty of vineyards and indulge in exquisite wine experiences with WineTourism.com. Plan your perfect winery adventure today! | Winetourism.com

winetourism.com

71

WineTourism.com is an online platform dedicated to providing information and planning tools for wine tourism enthusiasts. The website offers resources to discover local wineries, learn about wine regions, and plan winery adventures. It targets wine lovers and travelers interested in wine experiences, positioning itself as a niche hospitality service provider. The platform uses modern web technologies including Google Tag Manager, Google Analytics, and Font Awesome, ensuring a visually appealing and moderately optimized user experience. Mobile responsiveness and SEO practices are adequately implemented, contributing to good content accessibility and navigation. Security posture is moderate with HTTPS enabled and cookie consent mechanisms in place; however, the absence of security headers and explicit privacy policies indicates room for improvement. The lack of WHOIS registration data raises concerns about domain legitimacy and business credibility, which impacts overall trust. Strategic recommendations include publishing comprehensive privacy and terms policies, enhancing security headers, and providing clear contact and incident response information to improve compliance and user trust.

P

Peace and Sport

april6.org

58

April6.org is a professionally designed website representing the International Day of Sport for Development and Peace, an initiative by the non-profit organization Peace and Sport based in Monaco. The site serves as a platform to promote awareness, mobilize organizations and individuals, and share impactful stories related to sport's role in peacebuilding and sustainable development. It features multilingual support, partner endorsements, and calls to action including donations and toolkit downloads. Technically, the site is built on WordPress using the Divi theme, integrates Google Analytics for tracking, and uses Mailjet for newsletter subscriptions. The website is well-structured with good SEO practices and mobile optimization, though it lacks explicit privacy and cookie policies, which impacts privacy compliance scoring. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but security headers are not explicitly detected. WHOIS data is unavailable due to privacy protection or query failure, which limits domain trust transparency but is not uncommon for non-profit organizations. Overall, the site is credible, functional, and serves its advocacy purpose effectively.

S

Streamify AB

streamify.io

70

Streamify AB operates a specialized live shopping platform designed to enhance e-commerce customer engagement and conversion rates through live video streaming technology. The company targets online retailers and brands seeking to leverage interactive live shopping experiences. Founded in 2017 and based in Sweden, Streamify has established a solid market presence with notable clients and a comprehensive SaaS offering that includes mobile recording apps, product synchronization, replay capabilities, and integrated analytics. Technically, the website employs modern web technologies including Google Tag Manager, HubSpot, and LinkedIn Insight tags, with a focus on performance and mobile optimization. The platform uses HTTPS and implements cookie consent mechanisms, reflecting a good level of privacy compliance. However, explicit security headers and published security policies are absent, indicating room for improvement in security transparency. From a security perspective, the site demonstrates a mature posture with secure forms and encrypted connections but lacks published incident response or vulnerability disclosure information. The absence of public WHOIS data due to privacy protection is common for commercial SaaS businesses and does not detract from the site's legitimacy. Overall, Streamify presents a professional, trustworthy digital presence with moderate technical sophistication and good privacy practices. Strategic recommendations include enhancing security header implementation, publishing security and incident response policies, and expanding direct contact information to improve trust and compliance. These steps will strengthen the company's security posture and customer confidence while supporting continued growth in the competitive live shopping market.

C

Cleverec AB

cleverec.se

42

Cleverec AB operates a specialized SaaS platform called Cleverservice, designed to streamline referee assignments, digital receipts, payments, and tax reporting for sports associations primarily in Sweden. The company has an established market presence since 2014, focusing on a niche segment with tailored services for associations and referees. The website is built on WordPress with the Divi theme, incorporating modern web technologies and analytics tools such as Google Analytics and Google Tag Manager. The site demonstrates good content quality, clear navigation, and mobile optimization, supporting a positive user experience. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though improvements such as enabling DNSSEC and additional security headers are recommended. Privacy compliance is well addressed with a dedicated GDPR page and cookie policy. Overall, the website reflects a professional and trustworthy digital presence aligned with the company's business objectives.

Riga Hockey Cup is a youth ice hockey tournament organizer based in Latvia, providing a platform for various age groups to compete in a well-structured European championship. The website offers multilingual support and comprehensive event information, targeting youth hockey teams, coaches, and fans. The digital infrastructure leverages common web technologies such as jQuery, Fancybox, and social media integrations, with moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though security headers and explicit incident response policies are absent. Privacy compliance is basic with a privacy policy and cookie consent implemented, reflecting GDPR awareness. The absence of WHOIS data limits domain legitimacy verification, but the site appears professional and trustworthy overall.

Y

Young Reporters for the Environment

yre.global

54

Young Reporters for the Environment (YRE) is a well-established international non-profit program operated by the Foundation for Environmental Education, focused on empowering youth aged 11-25 to investigate and report on environmental issues globally. The website serves as a platform for education, competitions, and community engagement, leveraging multimedia content and social media channels to reach its audience. Technically, the site is built on Squarespace with integrations such as Google Analytics and YouTube embeds, providing a modern and responsive user experience. Security posture is strong with HTTPS and HSTS enabled, though additional security headers could enhance protection. Privacy compliance is evident with clear GDPR and cookie policies including consent mechanisms. Overall, the site demonstrates a professional and trustworthy presence consistent with its non-profit mission.

F

Foundation for Environmental Education

leaf.global

52

The website www.leaf.global represents the Learning about Ecosystems and Forests (LEAF) programme, operated by the Foundation for Environmental Education, a registered non-profit organization focused on environmental education. LEAF promotes outdoor learning and ecosystem restoration education globally, with implementation in 28 countries and recognition by HundrED’s Global Collection 2024. The site provides educational resources, campaigns, and online courses via the FEE Academy platform. Technically, the site is built on Squarespace, uses modern web technologies, and integrates Google Analytics and Stripe for analytics and payment processing. Security posture is strong with HTTPS and HSTS enabled, no exposed sensitive data, and secure forms. Privacy compliance is well addressed with GDPR-compliant cookie and privacy policies. However, WHOIS data is unavailable due to privacy protection, which is justified for this non-profit entity. Overall, the site is professional, trustworthy, and well-maintained, serving a global educational mission.

F

Foundation for Environmental Education

ecoschools.global

56

Eco-Schools is a globally recognized environmental education programme operated by the Foundation for Environmental Education, engaging millions of students across over 100 countries. The website serves as a comprehensive resource hub offering educational materials, news, events, and online courses to support sustainability education. Technically, the site is built on Squarespace, leveraging modern web technologies and analytics tools, providing a good user experience with mobile optimization and clear navigation. Security posture is strong with HTTPS and HSTS enabled, though additional security headers could enhance protection. Privacy compliance is well addressed with clear GDPR and cookie policies. The absence of WHOIS data limits domain trust verification but does not detract significantly from the overall legitimacy given the organization's established reputation and transparent content.

U

United Nations Alliance of Civilizations (UNAOC) in partnership with BMW Group

interculturalleaders.org

58

InterculturalLeaders.org is a non-profit digital platform established in 2013 as a partnership between the United Nations Alliance of Civilizations (UNAOC) and the BMW Group. It serves as a skills and knowledge-sharing hub for civil society organizations and young leaders focused on intercultural dialogue and addressing cross-cultural tensions. The platform offers networking, training, mentorship, and funding opportunities to its community, positioning itself as a niche but credible player in the non-profit sector dedicated to peacebuilding and social inclusion. Technically, the website is built on WordPress 5.1.19 and leverages common web technologies such as jQuery, Bootstrap, Font Awesome, and Google reCAPTCHA for form security. Hosting is managed via Quadranet, and the site enforces HTTPS with a Content Security Policy header. While the site is mobile-optimized and has a professional design, some accessibility and SEO features are basic. Analytics usage includes Google Analytics and Facebook SDK, indicating moderate user tracking without explicit cookie consent mechanisms. From a security perspective, the site demonstrates good baseline practices such as HTTPS enforcement and CAPTCHA on forms but lacks advanced security headers and DNSSEC. No exposed sensitive data or vulnerabilities were detected in the HTML content. The WHOIS data shows privacy protection typical for non-profit organizations, with domain age consistent with the business history, supporting legitimacy. Overall, the website is a credible and professionally maintained platform with moderate technical maturity and security posture. However, it lacks explicit privacy and cookie policies, which impacts privacy compliance scores. Strategic improvements in security headers, privacy disclosures, and cookie consent would enhance trust and compliance.

T

The Intercultural Innovation Hub

interculturalinnovation.org

57

The Intercultural Innovation Hub is a non-profit initiative established in 2011, operating as a partnership between UNAOC and the BMW Group. It focuses on supporting innovative grassroots projects that promote intercultural dialogue and cooperation globally. The website presents a professional and consistent brand image with good content quality targeting changemakers and organizations interested in social innovation. Technically, the site is built on WordPress with a modern tech stack including Yoast SEO, Google Analytics, and Facebook Pixel, hosted on Quadranet servers. Mobile optimization and SEO practices are well implemented, though accessibility is basic. Security posture is moderate with HTTPS enabled and domain protection in place, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and credible but would benefit from enhanced privacy and security disclosures.

C

Conviva

conviva.com

65

Conviva operates a leading real-time performance analytics platform focused on digital experience monitoring for media, streaming, and related industries. The company leverages full-census client-side telemetry to provide actionable insights that improve app performance, user engagement, and operational efficiency. Their market position is strong, supported by customer testimonials, industry awards, and extensive use of modern web technologies. The website is professionally designed, mobile optimized, and SEO friendly, reflecting a mature digital presence. However, the absence of WHOIS registration data raises questions about domain registration status, though the active and rich website content suggests legitimate business operations. Security posture is good with HTTPS and no exposed sensitive data, but lacks explicit security policies and vulnerability disclosures. Privacy compliance is basic with cookie consent but no visible privacy policy. Overall, Conviva presents as a credible and professional technology company with room to improve transparency in privacy and security documentation.

E

Estiko Grupp

estiko.ee

52

Estiko Grupp is a well-established Estonian enterprise group primarily operating in Tartu, with diversified business interests in packaging production, real estate development and management, accommodation services, and energy production. The company has a medium-sized footprint with numerous subsidiaries and a strong local market presence, supported by government recognition and a professional digital presence. The website reflects a solid business model targeting both corporate clients and local communities, emphasizing sustainability and community engagement. Technically, the website is built on the Voog CMS platform, leveraging modern JavaScript libraries such as jQuery, TweenMax, and Slick slider for interactive and responsive user experience. The site is mobile-optimized and includes standard SEO and accessibility features, although some accessibility aspects could be improved. Hosting and domain registration are consistent and transparent, with no blocking or WAF interference detected. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks advanced security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected, but improvements such as enabling DNSSEC and publishing a security.txt file would enhance the security posture. Privacy compliance is basic but present, with a privacy policy and cookie banner aligned with GDPR requirements. Overall, Estiko Grupp's website demonstrates a good balance of business credibility, technical implementation, and privacy compliance, scoring an overall AI rating of 81. Strategic improvements in security policies and technical security controls are recommended to further strengthen trust and resilience.

R

RAMIRENT BALTIC AS

ramirent.ee

62

Ramirent Baltic AS operates as the largest tool and construction equipment rental service provider in the Baltic region, offering a comprehensive range of rental products and services including 24-hour technical support and modular factory solutions. The company is part of the Loxam Group, a recognized leader in equipment rental, which enhances its market position and credibility. The website reflects a professional and user-friendly digital presence with clear navigation and localized content tailored for Estonian customers. Technically, the website is built on a modern WordPress CMS platform with WooCommerce integration, leveraging popular libraries such as jQuery and Google Tag Manager for analytics and marketing. The site demonstrates good mobile optimization and moderate performance, with a GDPR-compliant cookie consent mechanism and structured data enhancing SEO and user experience. From a security perspective, the site enforces HTTPS and uses Cloudflare bot management cookies, indicating a proactive approach to security. However, some security headers are not explicitly detected, and there is no publicly available security policy or incident response contact, which could be improved to strengthen trust and compliance. Overall, the website presents a trustworthy and professional image with strong business credibility and compliance posture. Strategic improvements in security policy transparency and enhanced accessibility could further elevate the site's maturity and user trust.

S

Stackpile

stackpile.io

63

Stackpile is a technology company founded in 2016, offering a SaaS platform that simplifies the installation of third-party integrations and unified analytics tracking for websites. Positioned as a niche provider, Stackpile targets website owners and developers seeking to streamline their analytics and integration management through a single API. The website presents a professional and consistent brand image with good content quality and clear navigation. Technically, the site employs modern JavaScript libraries and integrates multiple analytics and marketing tools such as Google Analytics, Hotjar, Mixpanel, and New Relic, hosted via Cloudflare ensuring good performance and security. Security posture is solid with HTTPS enforced and domain registration protected by privacy services, though improvements are recommended in security headers and explicit security policies. Privacy compliance is basic with privacy and terms pages present but lacking cookie consent mechanisms. Overall, the site is trustworthy with no blocking or suspicious indicators detected.

A

Art Media Agency OÜ

elundidoonorlus.ee

41

The website elundidoonorlus.ee serves as an informational platform dedicated to organ, tissue, and cell donation and transplantation in Estonia. It is operated by Art Media Agency OÜ and provides educational content, registration links for organ donors, and related legal and statistical information. The site targets Estonian residents interested in organ donation and transplantation, positioning itself as a niche public health resource. Technically, the site uses legacy JavaScript libraries such as jQuery 1.4.4 and integrates Google Analytics and Facebook Pixel for user tracking. The hosting is provided by Zone Media OÜ, an Estonian registrar, and the domain has been active since 2011, indicating a stable presence. Security-wise, the site uses HTTPS but lacks visible security headers and employs outdated libraries that may pose vulnerabilities. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms, despite the use of tracking technologies. Contact information is not explicitly provided on the main page, limiting direct user engagement. Overall, the site is functional and informative but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

S

Sõeluuring.ee

soeluuring.ee

54

Sõeluuring.ee is a health screening awareness website focused on early detection of cellular changes and pre-cancerous conditions in Estonia. The website provides informational content aimed at encouraging participation in health screenings to improve treatment outcomes. Technically, the site is built on WordPress using the Divi theme, with integrations for Google Analytics and Facebook Pixel for tracking user interactions. The site is hosted with DNS managed by Cloudflare, providing good performance and security benefits. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a significant gap given the use of tracking technologies. Business credibility is moderate, with consistent branding and good content quality, but no explicit contact information or certifications are provided. Overall, the site is functional and professionally designed but would benefit from enhanced privacy compliance and security transparency.

T

Talsi novads

talsunovads.lv

61

The website www.talsunovads.lv serves as the official digital presence of Talsi Municipality in Latvia, providing comprehensive information about local government operations, public services, cultural events, education, social support, and community engagement. It targets residents, local businesses, and visitors, offering structured navigation and multilingual support primarily in Latvian. The site is built on Drupal CMS with modern web technologies and demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforcement and security headers, though explicit incident response and vulnerability disclosure policies are absent. Privacy compliance is well addressed with a detailed privacy policy and cookie consent mechanism aligned with GDPR requirements. WHOIS data could not be retrieved due to query limits, but the domain appears legitimate and consistent with a government entity. Strategic recommendations include publishing security policies, incident response contacts, and vulnerability disclosure information to enhance trust and compliance.

A

Andmik

andmik.ee

45

Andmik is a specialized platform focused on providing data visualization and budget tracking services for Estonian municipalities. The website presents detailed geographic and demographic data for various local governments, targeting municipal officials and stakeholders. The platform leverages modern web technologies including Vue.js and Leaflet for interactive maps, supported by Google Analytics and Tag Manager for user tracking. The domain is registered with a reputable Estonian registrar, Zone Media OÜ, and was created in 2021, aligning with the platform's apparent recent launch. Technically, the website employs a modern JavaScript framework and mapping libraries, ensuring a responsive and interactive user experience. However, there is room for improvement in accessibility and SEO optimization. Security-wise, the site lacks visible security headers and does not enable DNSSEC, which could be enhanced to improve overall security posture. Privacy compliance is weak, with no visible privacy or cookie policies, and no consent mechanisms, which is a significant gap given the use of tracking technologies. Overall, the website is functional and professionally designed but requires improvements in privacy compliance, security best practices, and contact transparency to enhance trust and regulatory adherence. Strategic recommendations include implementing comprehensive privacy and cookie policies, enabling DNSSEC, adding security headers, and providing clear contact and incident response information.

E

Euroopa rändevõrgustiku Eesti kontaktpunkt

emn.ee

44

The website www.emn.ee serves as the official Estonian contact point for the European Migration Network, providing comprehensive migration and asylum policy reports, applied research, and urgent information exchange. It targets policymakers, researchers, and migration professionals, positioning itself as a trusted government-related entity with a focus on migration statistics and policy analysis. The site is well-structured, content-rich, and regularly updated with news, events, and publications relevant to migration topics. Technically, the website is built on WordPress with Yoast SEO and integrates Google Analytics and Tag Manager for tracking. It demonstrates good mobile optimization and moderate performance. The use of HTTPS and cookie consent mechanisms reflects a solid privacy posture, although some security headers and explicit incident response information are missing. Security-wise, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks published security policies and vulnerability disclosure mechanisms, which could enhance trust and compliance. No WAF or blocking mechanisms were detected, indicating full accessibility. Overall, the website scores well on content quality, technical implementation, security posture, privacy compliance, and business credibility, making it a reliable and professional resource in its domain. Strategic improvements in security headers, incident response transparency, and accessibility could further strengthen its position.

M

Medicover

medicover.com

70

Medicover is a large healthcare provider specializing in diagnostic and healthcare services primarily in Central and Eastern Europe, with recent expansion into India. The company operates through two main divisions, Diagnostic Services and Healthcare Services, targeting patients and healthcare consumers in these regions. The website presents a professional and consistent brand image with comprehensive corporate governance and financial information, indicating a mature business presence. Technically, the website is built on Drupal CMS with Bootstrap framework and integrates modern analytics tools such as Google Analytics and Google Tag Manager. It is mobile optimized and includes a cookie consent mechanism compliant with GDPR. However, explicit security headers are not detected, and there is no visible security policy or incident response information published. From a security perspective, the site enforces HTTPS and uses privacy-compliant analytics configurations. The absence of WHOIS data raises concerns about domain registration legitimacy, which requires further investigation. No critical vulnerabilities or exposed sensitive data were found in the content. Overall, the website demonstrates a good security posture but could improve transparency and security best practices. The overall risk is moderate due to the missing WHOIS data and lack of explicit security policies. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and verifying domain registration details to strengthen trust and compliance.

S

SYNLAB AG

synlab.ag

58

SYNLAB AG is a leading European medical diagnostics and specialty testing company providing a comprehensive range of innovative and reliable diagnostic services to patients, healthcare providers, governments, and corporates. The company positions itself as a partner of choice for routine and specialty diagnostics, emphasizing customer-centric medical excellence. The website reflects a mature corporate presence with detailed financial reporting, corporate governance disclosures, and investor relations information. Technically, the site is built on TYPO3 CMS, uses modern web technologies, and includes privacy and cookie consent mechanisms aligned with GDPR requirements. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. Overall, the domain and website present a trustworthy and professional image consistent with a large healthcare enterprise.

O

OÜ Tervise Paradiis

veekeskus.eu

44

OÜ Tervise Paradiis operates the largest water center in Estonia, located in Pärnu, offering a wide range of recreational and sports facilities including pools, saunas, bowling, and fitness services. The website is well designed, multilingual, and provides comprehensive information and booking forms for various customer segments such as families, schools, and groups. Technically, the site is built on WordPress with modern plugins and frameworks, and it integrates Google Analytics and Tag Manager for tracking. Security posture is good with HTTPS and secure form handling, though some security headers could be improved and no explicit security policies are published. Privacy compliance is addressed with a privacy policy and cookie consent mechanism. Overall, the domain registration is consistent with the business location and sector, indicating legitimacy and trustworthiness.

T

Tervisekassa

haigekassa.ee

66

Tervisekassa is a government-related healthcare organization in Estonia responsible for managing national health insurance and providing various health-related benefits and services to insured individuals. The website serves a broad audience including individuals, employers, healthcare providers, and vulnerable groups such as Ukrainian refugees. It offers comprehensive information on health insurance, medical services, preventive screenings, and related administrative procedures. The site is well-structured, multilingual, and integrates modern digital tools to enhance user experience and accessibility. Technically, the website is built on the Drupal CMS platform and leverages several third-party services including Google Analytics, Google Tag Manager, Google reCAPTCHA, Siteimprove, and tawk.to for analytics, marketing, security, and user support. The site is hosted behind Cloudflare DNS, uses HTTPS, and implements a robust cookie consent mechanism compliant with GDPR. Performance and accessibility are rated good, with mobile optimization and clear navigation. From a security perspective, the site enforces HTTPS and uses bot protection mechanisms. However, it lacks explicit security headers and a published security policy or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website's governmental and Estonian identity, supporting legitimacy. Overall, Tervisekassa's website demonstrates a mature digital presence with strong business credibility and privacy compliance. Strategic improvements could include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and security posture.

L

Liikumistervise innovatsiooni klaster SportEST

sportest.eu

42

Liikumistervise innovatsiooni klaster SportEST is a small Estonian cluster organization focused on fostering innovation in the field of movement health. The website presents the cluster as a recognized European-level partner with a bronze certification from the European Cluster Excellence program. The business model centers on collaboration among sector organizations and companies to develop innovative solutions in movement health. The website content is primarily in Estonian with language options for English and Russian, targeting regional and international stakeholders in the health innovation sector. Technically, the website is built on WordPress 4.7.29, utilizing common JavaScript libraries such as jQuery and plugins for slideshows and lightboxes. Google Analytics and Google Tag Manager are implemented for user tracking. The site is served over HTTPS, ensuring encrypted communication. However, the WordPress version is outdated, and minor PHP warnings are visible, indicating backend issues that could pose security risks. Accessibility and SEO optimizations are basic but functional, and mobile responsiveness is good. From a security perspective, the site lacks important security headers and does not publicly disclose privacy or cookie policies, which impacts GDPR compliance. No incident response or vulnerability disclosure information is available. The WHOIS data is unavailable due to EURid privacy policies, but the domain appears legitimate based on website content and certifications. Overall, the security posture is moderate but could be improved by addressing backend errors, updating software, and enhancing privacy compliance. The overall risk is moderate with recommendations to improve backend stability, implement security headers, publish privacy and cookie policies, and update the CMS to a supported version. These steps will enhance trust, compliance, and security posture for the cluster and its stakeholders.

P

PHORIA

phoria.com.au

60

PHORIA is a specialized XR studio based in Australia, focusing on emerging immersive technologies such as Augmented Reality, Virtual Reality, and Mixed Reality. The company positions itself as an award-winning provider crafting impactful stories and experiences using cutting-edge XR technologies. Their target audience includes businesses and organizations seeking innovative immersive solutions. The website reflects a professional and modern digital presence with good design quality and mobile optimization. Technically, the site employs a variety of modern analytics and marketing tools including Google Tag Manager, Facebook Pixel, Hotjar, and Segment Analytics, indicating a mature digital marketing strategy. Security-wise, the site benefits from HTTPS and uses secure third-party scripts but lacks explicit security headers and formal security policies, which are recommended for improvement. The WHOIS data is incomplete and malformed, which raises some concerns about domain registration transparency and trustworthiness. Overall, the website is functional and professional but would benefit from enhanced privacy, security disclosures, and clearer contact information to improve trust and compliance.

U

United Nations Alliance of Civilizations (UNAOC)

unaoc.org

59

The United Nations Alliance of Civilizations (UNAOC) is a United Nations entity dedicated to fostering intercultural dialogue, understanding, and cooperation globally. It serves as a convener and facilitator to promote harmony among diverse cultures and religions, aiming to prevent conflict and enhance social cohesion. UNAOC operates through various programs, global forums, youth engagement initiatives, and campaigns against hate speech and antisemitism, positioning itself as a key player in international peacebuilding and cultural diplomacy. Technically, the UNAOC website is built on the WordPress CMS platform, utilizing a modern tech stack including jQuery, Yoast SEO, and various plugins for enhanced functionality such as responsive sliders, mega menus, and media embedding. The site demonstrates good mobile optimization, accessibility, and SEO practices, supported by structured data markup and social media integration. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS with excellent SSL configuration and avoids exposing sensitive data. However, it lacks explicit security headers and a cookie consent mechanism, which are areas for improvement to enhance compliance and security posture. No vulnerabilities or suspicious activities were detected in the visible content. Overall, UNAOC's digital presence reflects a professional, trustworthy, and authoritative organization aligned with United Nations standards. The domain's WHOIS data is privacy protected, which is typical for UN domains, and the domain age aligns with the organization's history. Strategic recommendations include implementing security headers, adding a cookie consent banner for GDPR compliance, and publishing incident response and vulnerability disclosure policies to further strengthen trust and security.

S

SIIDRIKODA OÜ

kodas.ee

38

SIIDRIKODA OÜ operates the Kodas brand, a craft cider producer and hospitality business based in Estonia. The company offers a range of award-winning sustainable ciders, a restaurant, factory tours, accommodation in unique iglu houses, and event tickets. The website is professionally designed using WordPress and WooCommerce, supporting e-commerce and booking functionalities. The digital infrastructure includes modern marketing and analytics tools such as Google Analytics, Microsoft Clarity, Facebook Pixel, and Klaviyo, indicating a mature digital marketing approach. Security posture is good with HTTPS enabled and privacy compliance evident through comprehensive privacy and cookie policies. No critical vulnerabilities or blocking mechanisms were detected, and WHOIS data supports the legitimacy of the domain and business. Overall, the website presents a trustworthy and professional online presence for a small hospitality and retail business.

L

Luke Mõis

lukemois.ee

41

Luke Mõis is a hospitality business based in Estonia, operating a website that serves as a digital presence for their venue and services. The website is built on WordPress using the Divi theme and integrates WooCommerce for e-commerce functionality. It targets local and regional customers interested in hospitality, events, and accommodation services. The site demonstrates a moderate level of digital maturity with standard tracking tools such as Google Analytics and Facebook Pixel implemented alongside cookie consent mechanisms. Security posture is generally good with HTTPS enforced and no obvious vulnerabilities detected, though the absence of security headers and explicit privacy policies indicates room for improvement. Overall, the website is functional and professional but lacks some compliance and security best practices, which should be addressed to enhance trust and regulatory adherence.

A

Anija Mõis

anijamois.ee

42

Anija Mõis is a historic manor and cultural site located in Northern Estonia, offering a wide range of services including a permanent exhibition, visitor programs, event hosting such as weddings and seminars, workshops, a manor café, and a gift shop. The website reflects a well-established cultural tourism business targeting families, tourists, and event organizers. The site is built on WordPress using the Avada theme and Fusion Builder, integrating modern plugins like Slider Revolution and Contact Form 7 with Google Analytics and reCAPTCHA for security and analytics. Security posture is good with HTTPS and reCAPTCHA, though some security headers are missing and no privacy policy page was found, indicating room for compliance improvement. Overall, the website is professional, content-rich, and trustworthy, with clear contact information and active social media presence.

T

Tartu County Tourism Foundation

visitnarva.ee

47

Visit Narva is the official tourism website for Narva city and its surrounding county in Estonia, managed by the Tartu County Tourism Foundation. The site provides comprehensive and up-to-date information on local attractions, events, conferences, and travel logistics, targeting tourists, event organizers, and local businesses. It serves as a key regional portal promoting Narva as a travel destination with multilingual support and rich multimedia content including virtual tours and social media integration. Technically, the website is built on Drupal 7 with a moderate performance profile and good mobile and accessibility features. Security posture is adequate with HTTPS and basic security headers, though there is room for improvement in advanced security practices and incident response readiness. Privacy compliance is basic with a cookie consent mechanism and privacy policy present, but lacks detailed GDPR-specific disclosures or a data protection officer contact. Overall, the website is professional, trustworthy, and well-aligned with its business purpose, with a domain registration consistent with its Estonian location and tourism focus.

M

MTÜ Sibulatee

sibulatee.ee

44

Sibulatee is a non-profit organization dedicated to promoting the cultural and tourism assets of the Peipsimaa region in Estonia. The website serves as a comprehensive portal for events, local businesses, cultural heritage, and educational opportunities, targeting tourists and local communities interested in authentic regional experiences. The platform leverages WordPress and WooCommerce to provide event listings, e-commerce for local products, and seminar information, supported by active social media engagement and newsletter subscriptions. Technically, the site uses modern JavaScript libraries and tracking tools such as Google Analytics, Facebook Pixel, and Hotjar, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enforced and cookie consent implemented, though improvements in security headers and policies are recommended. Privacy compliance is addressed with a clear privacy policy and cookie banner, aligning with GDPR requirements. Overall, the site is professionally designed, user-friendly, and trustworthy, with clear contact information and consistent branding. No critical vulnerabilities or blocking mechanisms were detected, supporting a positive risk profile.

K

kalateave.ee

kalateave.ee

42

The website kalateave.ee serves as the Fisheries Information Centre for Estonia, focusing on enhancing knowledge and sustainability in fisheries, aquaculture, and aquatic resource utilization. It targets industry professionals, non-profits, research institutions, and the general public interested in fisheries. The site offers informational content, research publications, educational materials, and event announcements, positioning itself as a central knowledge hub in the Estonian fisheries sector. Technically, the site is built on Joomla CMS with modern web technologies including jQuery, Bootstrap, and FontAwesome, and integrates Google Analytics for visitor tracking. The site is mobile-optimized and has good SEO practices but lacks some accessibility features and security headers. Security posture is solid with HTTPS enforced and CSRF protections, but there is room for improvement in privacy compliance and explicit security policies. Overall, the site is professional and trustworthy but should enhance privacy transparency and security headers to align with best practices.

Z

Zone Media OÜ

xn--puhvetitepiv-pcb.ee

43

The website 'PUHVETITE PÄIV RÕNGUST RANNUNI' serves as the official online presence for a regional Estonian food and cultural event organized by Zone Media OÜ. It provides visitors with event details, galleries, maps, and multimedia content to promote local buffets and experiences in the Rõngu and Rannu areas. The site targets local visitors and tourists interested in Estonian culinary culture. Technically, the site is built on WordPress with a modern theme and several plugins supporting multilingual content, social media integration, and cookie consent management. The infrastructure is hosted likely by Zone Media OÜ, with proper HTTPS and moderate performance. Security posture is adequate with SSL and cookie consent but lacks advanced security headers and explicit incident response or vulnerability disclosure mechanisms. Privacy compliance is partial, with a cookie policy and consent mechanism but no visible privacy policy or terms of service. Overall, the site is professional and trustworthy for its niche but could improve in privacy and security transparency.

T

Tartu Welcome Centre

tartuwelcomecentre.ee

40

Tartu Welcome Centre is a local newcomer information and support center based in Tartu, Estonia, founded in 2019. It provides free consultations, registry services, cultural and networking events, and useful information to international newcomers and their families in Tartu and South-Estonia. The organization positions itself as a community-oriented non-profit entity aiming to facilitate smooth integration and settlement for newcomers. The website is built on WordPress with modern SEO and analytics tools, hosted by Zone Media OÜ. The site is well designed, mobile optimized, and offers clear navigation and professional content. However, it lacks formal privacy and cookie policies, which impacts compliance and user trust. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and vulnerability disclosure mechanisms. Overall, the website is trustworthy and functional, serving its target audience effectively.

T

Tiigi Seltsimaja

tartukorraldab.ee

60

Tartu korraldab is a government-affiliated event coordination platform managed by Tiigi Seltsimaja, focusing on organizing and promoting cultural and city-wide events in Tartu, Estonia. The website serves as a central hub for information on major city celebrations such as Tartu linna päev, jõululinn, and other seasonal festivals. The business operates under the official city branding and targets residents and visitors interested in Tartu's cultural life. Technically, the site is built on WordPress with modern plugins like Elementor and Modern Events Calendar, optimized for performance and mobile responsiveness. Security posture is solid with HTTPS, anti-spam measures, and GDPR-compliant cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the domain registration and website content align well, indicating a legitimate and trustworthy presence.

V

Võrumaa Arenguagentuur SA

vorumaa.ee

39

Võrumaa Arenguagentuur SA operates the website vorumaa.ee as a regional development center serving Southeast Estonia. The organization provides information, consulting, and training services primarily targeting local businesses, non-profits, and municipalities. The website reflects a government or non-profit entity with a clear regional focus and a mission to support economic and community development. The site is built on WordPress using the Divi theme and incorporates modern SEO practices via Yoast SEO. It uses Google Analytics and Tag Manager for analytics and includes a cookie consent mechanism, indicating some attention to privacy compliance. Security measures include HTTPS and Google reCAPTCHA, but explicit security policies and incident response information are absent. Overall, the website is professionally designed with good content relevance and moderate trustworthiness, though it lacks some compliance documentation such as privacy and terms of service pages.

Valgamaa Arenguagentuur is a regional development agency based in Estonia, focused on fostering cooperation among local development organizations and providing professional support services to businesses, non-profits, and local governments. The agency aims to enhance the economic and living environment of Valgamaa county, positioning itself as a key facilitator in regional development with a focus on entrepreneurship, education, and community welfare. The website reflects this mission with clear service offerings and active engagement channels. Technically, the website employs modern frontend technologies including Tailwind CSS, Swiper.js, and Plyr.js, managed through the Greativ CMS platform. It integrates analytics and social media tools such as Google Analytics and Facebook SDK, indicating a moderate level of digital maturity. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not provide visible privacy or cookie policies, which are critical for GDPR compliance. There is no incident response or vulnerability disclosure information, which could be improved to enhance trust and security posture. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices to reduce risk and improve user trust.

T

Tartu Ärinõuandla

arinouandla.ee

41

Tartu Ärinõuandla is a non-profit organization based in Estonia, providing expert consultancy and support services to entrepreneurs, NGOs, youth labs, and investors. The organization is recognized within its network as a leading entrepreneurship developer since 2014. The website serves as a portal for information, events, and service registration, targeting local and regional business communities. Technically, the site is built on WordPress, leveraging common marketing and analytics tools such as Google Analytics, Facebook Pixel, and Sendinblue for newsletter management. Security measures include HTTPS enforcement and reCAPTCHA on forms, though some security headers are missing. Privacy compliance is addressed with a cookie consent banner and a privacy policy page, though terms of service and security policies are absent. Overall, the site is professional, trustworthy, and well-aligned with its business purpose.

S

SA Jõgevamaa Arendus- ja Ettevõtluskeskus

jaek.ee

45

SA Jõgevamaa Arendus- ja Ettevõtluskeskus (JAEK) is a regional development and entrepreneurship support organization based in Jõgeva County, Estonia. Founded in 2010, it provides a broad range of services including entrepreneurship training, community programs, cultural and tourism promotion, and health and safety initiatives. The website serves as an information hub for local businesses, citizens, and institutions, offering news, project details, and contact information. The organization positions itself as a key regional player in supporting economic and social development.

S

SA Saare Arenduskeskus

sasak.ee

40

SA Saare Arenduskeskus is a regional development foundation based in Estonia, focused on supporting local municipalities, entrepreneurs, and civic organizations in Saare County. The organization provides professional consulting, project management, and training services aimed at fostering regional growth and community development. The website reflects a small-sized, government/non-profit entity with a clear regional focus and a business model centered on service provision rather than commercial sales. Technically, the website is built on the concrete5 CMS platform and utilizes modern web technologies including Bootstrap, jQuery, FontAwesome, and AOS for animations. It integrates Google Analytics and Facebook SDK for tracking and social media functionalities. The site is mobile-optimized and demonstrates good design and navigation clarity, though accessibility features are basic. Hosting appears to be managed by Zone Media OÜ, an Estonian registrar and hosting provider. From a security perspective, the site enforces HTTPS and includes minimal security headers such as X-Content-Type-Options. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of comprehensive security headers and lack of published security or incident response policies indicate room for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible consent mechanisms, which could pose regulatory risks under GDPR. Overall, the website is functional, professional, and trustworthy with moderate digital maturity. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, enhancing security headers, and publishing incident response contacts to improve compliance and security posture.

S

Sihtasutus Läänemaa

laanemaa.ee

44

Sihtasutus Läänemaa operates as a regional non-profit organization dedicated to supporting and promoting the Läänemaa county in Estonia. The website serves as an information hub for residents, local businesses, non-profit organizations, educational institutions, and tourists. Key services include entrepreneurship support, coordination of education, tourism development, and event aggregation. The organization positions itself as a trusted regional authority fostering sustainable development and cultural engagement. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The site is mobile-optimized and includes SEO best practices, although accessibility features are basic. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but could be improved by adding security headers and explicit incident response policies. Privacy compliance is partially met with a privacy and cookie policy present, but lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and well-aligned with its business objectives.

Global Water Partnership (GWP) is an established international organization focused on water resource management and investment initiatives. The website serves primarily as a landing page announcing a transition to a new phase called the Global Transformation Agenda On Water Investments and directs users to a new website (gwpo-gwp.org). The organization appears to be a non-profit or partnership entity with a global focus on water-related projects. The domain has a long history dating back to 1996, supporting its legitimacy and established presence. Technically, the website uses common web technologies including Google Analytics, Google Tag Manager, and Facebook SDK for tracking and marketing purposes. The hosting provider appears to be Loopia based on DNS nameservers. The site is moderately optimized for performance and mobile use but lacks advanced accessibility and SEO features. No CMS or major frameworks are detected from the provided data. From a security perspective, HTTPS is enabled, but no DNSSEC or security headers are present, which reduces the overall security posture. There are no visible forms or data collection points on the landing page, limiting attack surface but also limiting user engagement. Privacy and cookie policies are absent, indicating poor privacy compliance. No contact information or incident response details are provided, which may impact user trust and compliance. Overall, the website is functional but minimalistic, with room for improvement in privacy compliance, security hardening, and content richness. The domain registration data aligns well with the organization's identity, supporting trustworthiness. Strategic improvements in security headers, privacy policies, and user engagement features are recommended to enhance the website's credibility and compliance.

1

1Kelvin

kelvin.ee

50

1Kelvin is an Estonian-based company specializing in technical system planning, design, and installation with a strong focus on energy efficiency and related services. With over 20 years of experience, the company positions itself as a reliable partner for large and complex projects in Estonia, targeting primarily business clients requiring engineering and energy consultancy services. The website reflects a professional and consistent brand image, offering clear information about services and company expertise. Technically, the site is built on WordPress with modern front-end technologies and integrates Google Analytics and Tag Manager for user tracking. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and explicit incident response information. Privacy compliance is partially addressed with references to cookie and privacy policies but lacks an explicit consent mechanism. Overall, the site is trustworthy and credible with room for improvement in security and privacy transparency.

E

EB THERM OÜ

ebtherm.ee

43

EB THERM OÜ is an established Estonian company founded in 1993 specializing in ventilation, heating, and climate control equipment sales, installation, maintenance, and consulting. The company targets residential and commercial customers seeking efficient and environmentally sustainable indoor climate solutions. Their website reflects a consistent brand presence with partner affiliations to Dantherm and Cotes, indicating a solid market position in the energy sector. Technically, the website is built on Drupal 7 with jQuery and integrates Google Analytics and Tag Manager for user tracking. The site is mobile-optimized and provides clear navigation and relevant content, though it lacks formal privacy and cookie policies. Security posture is moderate with HTTPS enabled and IP anonymization in analytics, but missing security headers and incident response information reduce overall security maturity. No blocking or WAF mechanisms were detected, allowing full content access and analysis.

M

MTÜ Eesti Kütte- ja Ventilatsiooniinseneride Ühendus

ekvy.ee

53

MTÜ Eesti Kütte- ja Ventilatsiooniinseneride Ühendus (EKVÜ) is a well-established non-profit professional association in Estonia, founded in 2010, serving heating and ventilation specialists. The organization provides professional training, certification services, and collaborates with governmental and industry bodies. The website reflects a medium-sized organization with over 400 members and multiple industry partners, positioning itself as a key player in the Estonian energy sector. The site is professionally designed, mobile responsive, and uses Joomla CMS with modern frontend technologies.

The website www.visitsaulkrasti.lv serves as an official regional tourism portal for Saulkrasti municipality in Latvia. It provides comprehensive visitor information including local attractions, events, accommodation options, dining, and useful tips for tourists. The site targets visitors and tourists interested in exploring the Saulkrasti region, positioning itself as a key local tourism information hub. The business model focuses on promoting local tourism services and events, supporting the hospitality and government sectors. The content is well-structured, visually appealing, and consistent with the brand identity of Saulkrasti tourism. Technically, the website is built on WordPress CMS and utilizes modern JavaScript libraries such as jQuery, Swiper.js for sliders, and Magnific Popup for galleries. It integrates Google Tag Manager and Google Analytics for tracking and marketing purposes. The site demonstrates good mobile optimization and basic accessibility features, with moderate performance. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the website enforces HTTPS with excellent SSL configuration. However, it lacks explicit security headers and does not provide a dedicated security or incident response policy. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism, aligned with GDPR requirements. Contact information is transparent and professionally presented, enhancing business credibility. Overall, the website is trustworthy, professionally maintained, and serves its purpose effectively. Strategic improvements could include implementing additional security headers, publishing a security policy or incident response contact, and adding a security.txt file to facilitate vulnerability disclosures. These steps would further strengthen the site's security posture and trustworthiness.

V

Valkas novada pašvaldība

valka.lv

55

Valkas novada pašvaldība operates as the official local government authority for the Valkas novads region in Latvia. The website serves as a comprehensive portal offering residents, businesses, and visitors access to municipal services, news, administrative information, and community resources. It is well-positioned as a trusted source of local government information with a clear focus on public service delivery. Technically, the website is built on the Drupal CMS platform, leveraging modern web technologies such as Bootstrap and jQuery for responsive design and user experience. The site is mobile-optimized and includes accessibility features, ensuring broad usability. Google Analytics is integrated with privacy-conscious settings to monitor traffic without compromising user privacy. From a security perspective, the site enforces HTTPS, employs standard security headers, and implements cookie consent mechanisms aligned with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit security policy and incident response information, which could enhance transparency and preparedness. Overall, Valkas novada pašvaldība's website demonstrates a solid digital presence with good content quality, technical implementation, and security posture. Strategic improvements in security transparency and incident response communication would further strengthen its trustworthiness and compliance.

S

Smiltenes novada pašvaldība

smiltenesnovads.lv

63

Smiltenes novada pašvaldība is the official local government authority for Smiltene Municipality in Latvia. The website serves as a comprehensive portal providing residents and stakeholders with access to municipal services, administrative information, social and cultural resources, and community news. The site is well-structured with clear navigation and covers a broad range of local government functions including education, social services, culture, tourism, and public safety. The target audience primarily consists of local residents and businesses seeking municipal information and services. Technically, the website is built on the Drupal CMS platform, utilizing modern web technologies such as Bootstrap for responsive design and Google services like reCAPTCHA and Analytics for security and user behavior insights. The site demonstrates good mobile optimization and accessibility features, ensuring usability across devices. Performance is moderate, with proper meta tags and SEO considerations implemented. From a security perspective, the website enforces HTTPS and includes several security headers to protect against common web vulnerabilities. The use of Google reCAPTCHA on forms helps mitigate automated abuse. However, the site lacks a publicly accessible privacy policy and terms of service, which are important for GDPR compliance and user trust. No explicit incident response or vulnerability disclosure information is provided, which could be improved to enhance security posture. Overall, the website is a credible and professional government portal with strong business credibility and technical implementation. The main areas for improvement include publishing comprehensive privacy and terms policies, enhancing transparency around data protection and incident response, and expanding direct contact information. These steps would strengthen compliance and user trust while maintaining a secure and user-friendly digital presence.

E

Eesti Põllumajandus-Kaubanduskoda

epkk.ee

44

Eesti Põllumajandus-Kaubanduskoda (EPKK) is a well-established Estonian organization founded in 2010, serving as a key chamber representing agricultural producers, food processors, forestry, and land management enterprises. The website provides comprehensive information about the organization's advocacy efforts, events, vocational qualifications, and market information services. The target audience primarily consists of Estonian agricultural and related sector stakeholders. The business model is non-profit and focused on supporting stable development and fair competition within the agricultural sector. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Modern Events Calendar, ensuring good SEO and event management capabilities. The site is hosted by a reputable Estonian registrar and uses HTTPS, providing a secure browsing experience. However, there are gaps in privacy compliance, notably the absence of privacy and cookie policies and consent mechanisms. Security posture is moderate with HTTPS and secure forms but lacks advanced security headers and published security policies. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.