Security Directory

Z

Zone Media OÜ

planeeringud.ee

61

The website planeeringud.ee serves as the official Estonian national repository for established planning documents, providing public access to planning data and downloadable files. It targets municipalities, planners, and the general public interested in regional planning information. The platform is built on modern Angular technology with Material Design components, ensuring a responsive and user-friendly interface. The site integrates Google Analytics for usage tracking but lacks visible privacy and cookie policies, indicating compliance gaps with GDPR requirements. Security posture is solid with HTTPS and a Content-Security-Policy header, though additional security headers and vulnerability disclosure mechanisms are absent. Overall, the site is professionally presented and trustworthy but would benefit from enhanced privacy compliance and security hardening.

Skepast & Puhkim OÜ is a leading Estonian consultancy specializing in infrastructure, environmental, and spatial planning services with over 15 years of experience. The company offers expert engineering and consulting services including infrastructure design, environmental impact assessments, and spatial planning solutions. Their market position is strong within Estonia, supported by a medium-sized team of 40 experts and a professional digital presence. The website is well-structured, multilingual, and provides clear contact channels and business information. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates Google Analytics and Tag Manager for traffic analysis. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. Privacy compliance is robust with a comprehensive privacy policy and cookie consent banner. No critical vulnerabilities or suspicious WHOIS patterns were detected, indicating a trustworthy domain and business operation.

P

Põltsamaa Vallavara OÜ

visitpoltsamaa.com

44

Visit Põltsamaa is a regional tourism information website dedicated to promoting the Põltsamaa municipality in Estonia. The site provides comprehensive information about local attractions, accommodations, dining options, events, and cultural heritage, targeting tourists and visitors interested in exploring the region. The business operates as a small entity, likely under Põltsamaa Vallavara OÜ, with a focus on hospitality and government-supported tourism promotion. The website is multilingual, supporting Estonian, English, Finnish, and Russian, enhancing accessibility for diverse visitors. Technically, the website is built on WordPress CMS with common plugins such as Yoast SEO for search optimization and WPML for multilingual support. It uses jQuery and Google Analytics for user tracking and performance monitoring. The site demonstrates good mobile optimization and a professional design, though accessibility features are basic. Performance is moderate, with room for improvement in technical implementation such as enabling DNSSEC and adding security headers. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protection enabled. However, it lacks DNSSEC and security headers like Content Security Policy or HSTS, which could enhance protection. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. Contact information is provided but limited to an email and phone number in the footer. No incident response or vulnerability disclosure information is available. Overall, the website is a credible and functional regional tourism portal with good business credibility and technical foundation but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

R

Rakvere Raamatukogu

lvkrk.ee

39

Rakvere Raamatukogu is a regional public library in Estonia providing a range of library and community services including book lending, e-catalog access, home delivery for vulnerable populations, and educational events. The website is built on Joomla CMS and integrates common web technologies such as Bootstrap, jQuery, and FontAwesome. It uses HTTPS and includes Google Analytics and Tawk.to live chat for user engagement and analytics. The site is well-branded and consistent with its public service mission, targeting local residents and library users. Security posture is moderate with HTTPS enabled but lacks advanced security headers and explicit security policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. WHOIS data confirms domain legitimacy and long-term registration consistent with the institution's history.

S

Spin TEK AS

llr.ee

53

The website www.llr.ee operates as the national pet registry platform for Estonia, managed by Spin TEK AS. It serves municipalities, veterinarians, shelters, and pet owners by providing a centralized system for pet registration and data management. The site is primarily in Estonian with an English option, targeting local government entities and citizens. The business model is focused on providing a government-aligned service with partnerships across municipalities and veterinary services, positioning itself as an essential national infrastructure for pet management. Technically, the website uses standard web technologies including jQuery and Google Analytics, with HTTPS enforced. The site shows moderate performance and basic mobile optimization. SEO and accessibility are basic but functional. However, there is a lack of advanced security headers and no visible privacy or cookie policies, which indicates room for improvement in compliance and security posture. From a security perspective, the site benefits from HTTPS and absence of exposed sensitive data but lacks explicit security headers such as CSP and HSTS. No vulnerability disclosures or incident response contacts are published, and no forms are present on the homepage to analyze input security. The use of Google Analytics without a cookie consent mechanism suggests potential GDPR compliance gaps. Overall, the website is legitimate and consistent with its stated purpose and ownership. The risk level is moderate due to missing privacy and security best practices. Strategic improvements in security headers, privacy compliance, and transparency would enhance trust and reduce potential regulatory risks.

T

Tamsalu Perearstid OÜ

tamsalutervisekeskus.ee

41

Tamsalu Perearstid OÜ operates the Tamsalu Tervisekeskus website, providing primary healthcare services in Tamsalu and Vajangu, Estonia. The company offers a range of medical services including vaccinations, paid therapies, dental care, and pharmacy services, targeting local residents. The website is professionally designed using WordPress with the Avada theme and integrates trusted Estonian healthcare portals and partners, reflecting a solid local market position as a small healthcare provider. Technical infrastructure is modern and includes SEO optimization and mobile responsiveness, though performance is moderate. Security posture is adequate with HTTPS enabled but lacks advanced security headers and cookie consent mechanisms. WHOIS data confirms domain legitimacy and consistency with business founding in 2022. Overall, the site is trustworthy and functional but could improve privacy compliance and security practices.

V

Virumaa Koostöökogu

viko.ee

40

Virumaa Koostöökogu is a small Estonian non-profit organization focused on regional cooperation and rural development in the Virumaa area. Founded in 2006, it serves local municipalities and communities by managing projects, organizing events, and facilitating cooperation among stakeholders. The website reflects this mission with relevant content, event announcements, and organizational information. Technically, the site is built on WordPress using popular plugins such as WPBakery Page Builder and Slider Revolution, with integration of Google Analytics and Facebook Pixel for tracking. The site is mobile-optimized and SEO-friendly but lacks some accessibility features. Security posture is moderate with HTTPS enforced and use of reCAPTCHA, but missing important security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies and no visible consent mechanisms despite tracking scripts. Overall, the domain registration data aligns well with the website content, supporting legitimacy and trustworthiness.

K

Kihnu Vallavalitsus

visitkihnu.ee

43

Visit Kihnu is a specialized tourism website promoting the Estonian island of Kihnu. It provides comprehensive information about local events, accommodations, transport options, cultural heritage, and services, targeting tourists interested in visiting the island. The website is operated by Kihnu Vallavalitsus, an official local government entity, which adds credibility and trustworthiness to the platform. The domain is registered since 2017 and aligns well with the business purpose and location. Technically, the website uses a modern JavaScript stack including jQuery, Leaflet.js for maps, Google Analytics, and Facebook Pixel for tracking. It employs Google reCAPTCHA for form security and uses HTTPS to secure communications. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. However, it lacks explicit privacy and cookie policies, which is a compliance gap. From a security perspective, the site has a good SSL configuration and uses CSRF tokens in forms, but no security headers were detected in the provided data. There is no visible incident response or vulnerability disclosure information. Tracking and analytics are moderately extensive, but privacy compliance is weak due to missing policies and consent mechanisms. Overall, the website is a credible and functional tourism portal with good business credibility and technical implementation. To improve, it should address privacy compliance by publishing policies and implementing cookie consent, enhance security headers, and provide incident response contacts to strengthen trust and compliance.

T

The Hertz Corporation

hertz.co.uk

67

The Hertz Corporation operates a comprehensive car and van rental service platform targeting customers primarily in the UK and worldwide. The website offers a broad range of services including daily car hire, electric vehicles, long-term business rentals, and van hire, supported by loyalty programs such as Gold Plus Rewards. The site is professionally designed with good content quality and clear navigation, optimized for mobile devices. Technically, the platform leverages modern JavaScript frameworks, Google Tag Manager, Google Analytics, and Stripe for payments, alongside security tools like Google reCAPTCHA Enterprise and a cookie consent mechanism powered by Securiti.ai. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent banner. WHOIS data for the subdomain queried is unavailable due to Nominet rules, but the main domain is legitimate and consistent with the business. Overall, the website demonstrates a mature digital presence with robust security and privacy practices.

G

Green Motion

greenmotion.com

70

Green Motion is a UK-based car and van rental company established in 2007, specializing in low CO2 emission vehicles and sustainable travel solutions. The company operates a global franchise model offering eco-friendly vehicle rental services, including electric vehicles. Their website is professionally designed, multilingual, and optimized for mobile users, reflecting a mature digital presence. Technically, the site employs modern frameworks such as Bootstrap and integrates multiple analytics and marketing tools, including Google Analytics, Microsoft Clarity, and Facebook Pixel, indicating a data-driven approach to customer engagement. Security-wise, the website enforces HTTPS, uses security headers, and implements cookie consent mechanisms, though it lacks DNSSEC and a public security policy or incident response contacts. Overall, the site demonstrates good security hygiene and privacy compliance, with room for improvement in transparency and DNS security. The domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

B

Budget Rent a Car

budget.com

75

Budget is a globally recognized car rental company operating under the Avis Budget Group umbrella. The website provides vehicle rental services including cars, trucks, and vans, targeting both leisure and business travelers. The brand maintains a strong market position with a professional online presence and comprehensive service offerings. Technically, the website employs modern JavaScript frameworks, integrates multiple analytics and marketing tools, and implements accessibility and privacy compliance features effectively. Security posture is robust with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly available. The absence of WHOIS data is notable but does not detract from the overall legitimacy of the site given the brand's prominence. Strategic recommendations include publishing detailed security policies and incident response information to enhance trust and compliance.

Kihnu.ee is the official website of the Kihnu Municipality Government in Estonia, serving as a comprehensive portal for local governance, community services, cultural events, and public information. The site targets residents, visitors, and local businesses, providing timely news, event calendars, and access to municipal resources. The business model is that of a governmental public service provider with a clear focus on community engagement and transparency. Technically, the website is built on the Liferay CMS platform, utilizing technologies such as jQuery, Bootstrap, and Font Awesome. It is hosted by Zone Media OÜ, an Estonian hosting provider, and employs HTTPS with a valid SSL certificate. The site is moderately optimized for performance and mobile devices, with a clear navigation structure and basic accessibility features. From a security perspective, the site enforces HTTPS but lacks several security headers and uses an outdated version of jQuery, which could expose it to vulnerabilities. There is no visible cookie consent mechanism or published security policy, which are important for GDPR compliance. Contact information is clearly provided, but incident response and vulnerability disclosure details are absent. Overall, the website is trustworthy and professional, reflecting its governmental nature. However, improvements in security practices, privacy compliance, and technical modernization are recommended to enhance its security posture and user trust.

Väike-Maarja vald operates as a local government entity in Estonia, providing a broad range of municipal services including administration, social welfare, education, culture, and community engagement. The website serves as an official portal for residents and stakeholders, offering news, event information, contact details, and access to various public services. The site is well-structured and content-rich, targeting local residents, businesses, and visitors. Technically, the website is built on the Liferay CMS platform, leveraging modern web technologies such as jQuery, Bootstrap, Google Analytics, and Microsoft Clarity for analytics and user experience enhancement. The site is hosted by Telia Eesti AS and uses HTTPS with a good SSL configuration. Mobile optimization and navigation clarity are good, though accessibility features could be improved. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks several important security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain. Overall, the website presents a trustworthy and professional digital presence for the municipality but would benefit from enhanced security headers, privacy compliance improvements, and clearer security policies to strengthen its security posture and regulatory adherence.

T

Tapa Vallavalitsus

tapa.ee

49

Tapa Vallavalitsus operates as the official municipal government portal for Tapa vald in Estonia, providing residents, businesses, and visitors with comprehensive information on local governance, social services, urban planning, cultural events, and community resources. The website is well-structured with clear navigation and a focus on public service delivery, targeting local citizens and stakeholders. The business model is that of a governmental public service entity, with a medium-sized operational scope typical for a municipality.

Järva vald operates as a local government authority in Estonia, providing a wide range of public services including social welfare, education, cultural activities, infrastructure management, and environmental oversight. The website serves as a comprehensive portal for residents, businesses, and visitors, offering detailed information and access to municipal resources. The site is well-structured with clear navigation and extensive content primarily in Estonian, targeting local stakeholders. Technically, the website is built on the Liferay CMS platform, utilizing technologies such as jQuery, Google Analytics, and Font Awesome. While the site is mobile-optimized and uses HTTPS, some technologies like jQuery 1.10.2 are outdated, which may introduce security risks. Performance is moderate, and SEO and accessibility are adequately addressed. From a security perspective, the website enforces HTTPS and includes some security best practices such as the use of security tokens in forms. However, it lacks several modern security headers and uses an outdated JavaScript library. Privacy compliance is partially met with a comprehensive privacy policy and data protection officer information, but no visible cookie consent mechanism is present. Incident response and security policies are not explicitly published. Overall, the website is trustworthy and professional, reflecting its governmental nature. The main risks relate to outdated libraries and incomplete privacy compliance. Strategic improvements in security headers, library updates, and privacy mechanisms would enhance the site's security posture and regulatory adherence.

Novian Eesti OÜ operates the KOVTP service portal, providing IT infrastructure and software development services primarily targeted at local governments in Estonia. The company has a long-standing history dating back to 1970 and is part of the Novian group, positioning itself as a key player in e-government solutions. The website is professionally designed, mobile-optimized, and provides clear contact information and user support resources. Technically, the site uses Liferay CMS, jQuery, Bootstrap, and integrates Google Analytics and Tag Manager for tracking. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers are missing and jQuery version is outdated. Privacy compliance is adequate with a cookie policy and GDPR considerations, but no explicit privacy or security policies are prominently available. Overall, the domain registration aligns well with the business identity, indicating legitimacy and trustworthiness.

S

Sillamäe linn

sillamae.ee

54

Sillamäe linn is the official municipal government website for the city of Sillamäe in Estonia. The site provides comprehensive information about the city's history, governance, social services, cultural events, and economic development initiatives. It serves residents, visitors, and businesses with a broad range of public service information and community engagement tools. The website is built on the Liferay CMS platform, featuring a responsive design suitable for desktop and mobile users. It integrates common web technologies such as jQuery, Bootstrap, and Font Awesome, and uses Google Analytics for visitor tracking. The site enforces HTTPS and includes a cookie consent banner, demonstrating awareness of privacy regulations such as GDPR. However, some technical aspects like the use of an outdated jQuery version and absence of security headers indicate areas for security improvement. Contact information is clearly presented, and the WHOIS data confirms the domain's legitimacy as a government entity. Overall, the website is professional and trustworthy but would benefit from technical and security enhancements.

Jõhvi vallavalitsus operates as the official municipal government for the Jõhvi region in Estonia, providing a wide range of public services including governance, social welfare, education, cultural events, urban planning, and community engagement. The website serves as a comprehensive portal for residents and stakeholders to access information, participate in local initiatives, and stay informed about municipal activities. The target audience primarily consists of local residents, businesses, and visitors seeking official information and services. Technically, the website is built on the Liferay CMS platform, utilizing JavaScript, jQuery, Bootstrap, and Font Awesome for UI components and styling. It employs HTTPS for secure communication and integrates Google Analytics for visitor tracking. The site demonstrates good mobile responsiveness and clear navigation, although some technical debt is evident with the use of an outdated jQuery version, which could pose security risks. From a security perspective, the site benefits from HTTPS encryption and a cookie consent mechanism indicating GDPR awareness. However, it lacks visible security headers and explicit security or incident response policies. The absence of a vulnerability disclosure policy and the use of outdated libraries suggest areas for improvement. No critical vulnerabilities or blocking mechanisms were detected, and contact information is clearly provided, enhancing trust. Overall, the website is professional, trustworthy, and functional, serving its governmental role effectively. Strategic improvements in updating libraries, implementing security headers, and publishing comprehensive security policies would enhance its security posture and compliance standing.

Raasiku Vallavalitsus operates as the local government authority for Raasiku vald in Estonia, providing a broad range of public services including social welfare, education, environmental management, and urban planning. The website serves as an information hub for residents and stakeholders, offering news, contact details, e-services, and detailed sectoral information. The organization holds a stable market position as a small-sized governmental entity with a domain age consistent with its operational history since 2010. Technically, the website is built on the Liferay CMS platform, utilizing standard web technologies such as JavaScript, jQuery, Bootstrap, and Google Fonts. It is hosted under a reputable registrar, Telia Eesti AS, and employs HTTPS with a cookie consent mechanism, indicating a moderate level of digital maturity. Mobile optimization and SEO practices are adequately implemented, though accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and includes a cookie consent banner, but lacks visible advanced security headers and explicit security or incident response policies. No critical vulnerabilities or exposed sensitive data were detected. The use of Google Analytics introduces moderate user tracking, balanced by privacy compliance measures including a privacy policy and cookie policy. Overall, the website presents a trustworthy and professional digital presence for a local government entity. Strategic recommendations include enhancing security headers, publishing incident response information, updating libraries regularly, and improving accessibility compliance to further strengthen the security posture and user trust.

Maardu Linnavalitsus operates as the municipal government portal for the city of Maardu, Estonia, providing residents and visitors with information about city services, news, events, and contact details. The website serves as an essential communication channel for local government functions and citizen engagement. It targets local residents, visitors, and stakeholders seeking municipal information and services. The business model is that of a government entity offering public services and information dissemination.

K

Kuusalu vallavalitsus

kuusalu.ee

50

Kuusalu vallavalitsus is the official local government authority for the Kuusalu municipality in Estonia, providing a wide range of public services including governance, social welfare, education, culture, environment, and crisis preparedness. The website serves residents, local businesses, and visitors by offering comprehensive information and access to municipal services. The site is built on the Liferay CMS platform and uses common web technologies such as jQuery, Bootstrap, and Font Awesome, with tracking enabled via Google Analytics and Google Tag Manager. The website is mobile optimized and presents a professional and consistent brand image aligned with government standards. Security-wise, the site enforces HTTPS but lacks visible security headers and uses an outdated jQuery version, which could pose vulnerabilities. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Overall, the website is functional and credible but would benefit from security and compliance improvements.

B

BSTX

bstx.com

59

BSTX operates as a regulated national securities exchange integrating blockchain technology to modernize public securities trading. Powered by tZERO technology and jointly owned by BOX Digital Markets and tZERO, BSTX aims to reduce friction and complexity in securities trading. The website reflects a medium-sized finance and technology business with a clear focus on blockchain-enabled securities exchange services. The technical infrastructure is based on WordPress CMS with common plugins and integrations such as LayerSlider and Google Analytics, hosted likely on WP Engine with Cloudflare DNS. The site is well designed, mobile optimized, and SEO friendly, though some accessibility features are basic. Security posture is solid with HTTPS enforced and domain transfer protections, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with privacy and terms pages present but no cookie consent mechanism or explicit GDPR compliance indicators. Contact information is limited to email and contact forms, with no phone or physical address listed. Overall, BSTX presents a credible and professional online presence consistent with its business claims.

H

Havaş

havas.net

64

Havaş is a well-established Turkish transportation and ground services company, founded in 1999, specializing in airport ground handling, bus services, and cargo warehousing. The website reflects a professional and modern digital presence with a focus on service offerings relevant to airlines, airports, and passengers. The technical infrastructure leverages popular front-end frameworks like Bootstrap and integrates multiple analytics tools such as Google Analytics and Yandex Metrika, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks advanced DNS security (DNSSEC) and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms, which could pose regulatory risks. Overall, the website is functional and credible but would benefit from improvements in privacy transparency and security hardening.

Copix is a modern digital printing company based in Estonia, offering a wide range of printing products and services such as labels, floor stickers, books, and interior decoration prints. The company targets businesses and individuals requiring quality printing solutions and operates an e-commerce platform for convenient ordering. The website is built on WordPress with modern technologies including Bootstrap, jQuery, and integrates multiple marketing and analytics tools such as Google Analytics and Facebook Pixel. Security posture is basic with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and DNSSEC. The domain is newly registered in 2024, consistent with the business's apparent recent establishment. Contact information is comprehensive and transparent, enhancing business credibility.

T

Tuumik Stuudio OÜ

tuumik.ee

49

Tuumik Stuudio OÜ is an established Estonian graphic design and photography studio founded in 2007. The company specializes in visual identity, illustration, print preparation, and photography services, targeting cultural institutions and corporate clients. Their website showcases a comprehensive portfolio demonstrating professional design and consistent branding. Technically, the site is built on WordPress with modern SEO and analytics tools, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and formal privacy or cookie policies, indicating compliance gaps. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

T

Tartu Oskar Lutsu nimeline Linnaraamatukogu

jutupeatus.ee

41

JutuPeatus.ee is a cultural and educational initiative hosted by the Tartu Oskar Lutsu Library, designed to celebrate Estonia's centennial by placing 100 story signs with secret literary messages across the country. The website offers an interactive map powered by Google Maps API, providing users with locations and background information about each sign, including author details and audio excerpts. The project targets literature enthusiasts, cultural tourists, and the general Estonian public interested in heritage. Technically, the site uses Bootstrap, jQuery, and Google services, delivering a moderately performant and mobile-optimized experience. However, it lacks advanced security headers and privacy compliance mechanisms such as cookie consent banners or privacy policies. The domain is registered to an Estonian educational network, consistent with the site's purpose, enhancing trustworthiness. Overall, the site is professionally designed and functional but could improve in privacy and security compliance.

R

RP9 OÜ

rp9.ee

43

RP9 OÜ operates a pub named Pubi RP9 located at Raekoja Plats 9 in Tartu, Estonia. The business focuses on hospitality services including food and beverage offerings, sports event broadcasting, and table reservations. The website provides a comprehensive menu with detailed descriptions and pricing, targeting local residents and visitors interested in social dining and sports entertainment. The company is a small-sized entity founded in 2017, with a consistent brand presence and clear contact information. Technically, the website is built on the concrete5 CMS platform, utilizing common web technologies such as jQuery, Bootstrap, and Google Analytics. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and avoids exposing sensitive data, but lacks important security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the domain registration is transparent and consistent with the business claims, indicating legitimacy.

T

Taararing OÜ

taararing.ee

42

Taararing OÜ is an Estonian company specializing in full solutions for deposit points and cleaning services for businesses, operating since 2006. The company serves retail stores and enterprises by managing deposit acceptance and providing cleaning services, employing approximately 50 people. Their market position is that of a trusted local service provider with a solid client base and over 16 years of experience in deposit acceptance management. Technically, the website is built on Concrete CMS with modern frontend technologies including Bootstrap 5 and jQuery, and integrates Google Analytics and Tag Manager for tracking. The site is mobile optimized and has good SEO practices, though accessibility is basic. Security posture is adequate with HTTPS enabled but lacks security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanism. Overall, the website is professional and credible but could improve in compliance and security transparency.

Q

Quality Pixels

qualitypixels.pl

41

Quality Pixels is a Polish interactive agency specializing in website design, creation, SEO, and Google Ads campaigns. Established in 2009, the company targets businesses seeking professional digital presence and marketing services. Their website reflects a consistent brand with good content quality and clear navigation, supporting their service offerings effectively. Technically, the site is built on WordPress with common plugins for SEO and multilingual support, and integrates major analytics and marketing tools such as Google Analytics, Facebook Pixel, and Google Tag Manager. The site is hosted by cyber_Folks S.A., a reputable registrar and hosting provider. Security-wise, the website uses HTTPS and cookie consent mechanisms but lacks advanced security headers and explicit privacy or security policies. No WAF or blocking mechanisms were detected, and the domain WHOIS data is consistent and trustworthy. Overall, the site demonstrates a moderate to good security posture with room for improvement in privacy compliance and security best practices.

L

La Gazette Drouot

gazette-drouot.com

67

La Gazette Drouot is a leading French media outlet specializing in auction news, art market updates, and cultural heritage content. It operates both as a weekly magazine and an online platform, offering comprehensive coverage of auction calendars, results, and featured lots. The website targets collectors, art professionals, and enthusiasts, providing subscription services and advertising opportunities. Technically, the site employs a modern tech stack including Bootstrap, jQuery, and various analytics and marketing tools, hosted behind Cloudflare for performance and security. The site is well-optimized for mobile and SEO, with good content quality and navigation. Security posture is strong with HTTPS and secure forms, though explicit security policies and incident response contacts are absent. Privacy compliance is robust with cookie consent and GDPR-aligned policies. However, the lack of WHOIS data for the domain raises questions about domain registration transparency, though the site content and branding strongly indicate legitimacy. Overall, the site scores well on content, technical implementation, and security, with room for improvement in business credibility and security transparency.

M

Moniteur des Ventes

moniteurdesventes.com

65

Moniteur des Ventes operates a professional online auction platform specializing in live, online, and catalogued auctions of professional equipment, vehicles, and industrial materials primarily targeting French-speaking markets. The platform connects auction houses, public entities, and businesses with buyers, offering a comprehensive auction calendar and account-based bidding services. The website demonstrates a professional and consistent brand presence with clear navigation and relevant content for its target audience. Technically, the website employs a mature technology stack including jQuery, Bootstrap, and various UI and analytics libraries. It integrates secure payment gateways such as Ingenico and Lemonway, and uses Google Analytics and Tag Manager for traffic analysis. The site is mobile-optimized and shows good SEO practices, though accessibility features are basic. Hosting includes Azure Blob Storage for some assets. From a security perspective, the site enforces HTTPS and uses secure payment processors, with a cookie consent mechanism supporting GDPR compliance. However, no explicit security headers or incident response policies are evident, and no direct contact information is provided on the main site. The absence of WHOIS registration data is a notable concern, impacting domain legitimacy and trustworthiness. Overall, the platform presents a solid business and technical foundation but would benefit from enhanced transparency in security policies and domain registration details to improve trust and compliance posture.

D

Drouot Estimations

drouot-estimations.com

57

Drouot Estimations is a French auction house operating under the Drouot group, specializing in art, antiques, jewelry, and collectibles. The website serves as a platform for auction calendars, results, object estimations, and online bidding services, targeting both French and international clients interested in auctions. The site is well-branded and professionally designed, reflecting a medium-sized business with a strong market position in the auction industry. Technically, the website employs modern web technologies including Bootstrap, jQuery, and various JavaScript libraries for sliders and carousels, ensuring a responsive and interactive user experience. Google Tag Manager and Google Analytics are integrated with a cookie consent mechanism, indicating some level of privacy awareness. However, explicit privacy and terms of service pages are not found, which is a compliance gap. From a security perspective, the site uses HTTPS and implements cookie consent, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of WHOIS registration data is a concern, potentially indicating privacy protection or domain registration issues, which slightly lowers trust. Overall, the website is functional, professional, and trustworthy from a user perspective but would benefit from enhanced transparency in privacy, security policies, and domain registration information to improve compliance and trustworthiness.

D

Drouot Immobilier

drouot-immobilier.com

60

Drouot Immobilier is a small real estate agency based in Paris 9ème, France, affiliated with the Groupe Drouot. The company specializes in property sales, estimations, research, and valorization services primarily targeting individuals and professionals interested in Paris and the surrounding regions. The website presents a professional and well-structured digital presence with clear navigation, good content quality, and compliance with privacy regulations including GDPR. Technically, the site uses modern JavaScript frameworks and Google Analytics for tracking, with a cookie consent mechanism in place. Security posture is generally good with HTTPS enforced, but lacks explicit security policies or incident response contacts. The domain WHOIS data is missing or unavailable, which raises some concerns about domain legitimacy and registration status, though the website content and branding appear consistent and trustworthy.

M

Międzynarodowy Festiwal Komiksu i Gier w Łodzi

komiksfestiwal.com

67

The Międzynarodowy Festiwal Komiksu i Gier w Łodzi website represents a well-established cultural event focused on comics and games, primarily targeting creators and enthusiasts in Poland and Central-Eastern Europe. The festival is the largest of its kind in the region, with a history dating back to 2006 for the domain and earlier for the event itself. The site offers multilingual support, event information, contests, and partner links, reflecting a mature digital presence. Technically, the site is built on WordPress with common plugins and tracking tools such as Google Analytics and Facebook Pixel, indicating a standard but effective infrastructure. Security posture is adequate with HTTPS enabled but could be improved by adding DNSSEC and security headers. Privacy compliance is basic but present, with cookie and privacy policies accessible and a consent mechanism implemented. Business credibility is strong due to the festival's reputation, social media presence, and consistent branding. Overall, the site is professional and trustworthy with room for security enhancements.

K

KOKO architects

koko.ee

43

KOKO architects is an established Estonian architectural firm founded in 2010, specializing in architecture, interior design, urban planning, and restoration projects. The company emphasizes contextual design that respects history, environment, and culture, targeting clients seeking unique and culturally sensitive architectural solutions. Their website showcases a professional portfolio of projects and maintains an active presence on major social media platforms, supporting their market position as a reputable small-sized architecture firm in Estonia. Technically, the website is built on Concrete CMS with modern frontend technologies like Bootstrap 5 and jQuery, and integrates analytics tools such as Google Analytics and Facebook SDK. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security-wise, the website enforces HTTPS and avoids exposing sensitive data but lacks visible security headers and formal privacy or cookie policies, indicating room for compliance and security improvements. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security best practices to strengthen trust and regulatory adherence.

E

Elixir OÜ

elixir.ee

39

Elixir OÜ is a small Estonian creative agency founded in 2011, specializing in website creation, branding, and web marketing with a strong emphasis on integrating digital and physical solutions. The company has a solid market position locally with a diverse portfolio and official partnerships, indicating a stable business model focused on service delivery to other businesses. Technically, the website employs modern front-end technologies such as Bootstrap, jQuery, and Google Analytics, with moderate performance and good mobile optimization. However, there is room for improvement in accessibility and security headers. Security posture is adequate with HTTPS usage implied, secure form handling, and no visible vulnerabilities, but lacks explicit security policies and headers. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable compliance gap. Overall, the website is professional and trustworthy, but enhancing privacy and security transparency would improve its risk profile.

N

Norstat Industrial Safety, Automation and Connectivity Solution

norstat.com

57

Norstat Industrial Safety, Automation and Connectivity Solution is a specialized provider of safety, automation, and connectivity products for the industrial marketplace. Their offerings include safety controllers, light curtains, safety interlocks, non-contact safety switches, safety relays, and signaling devices. The company operates a WordPress-based e-commerce website using WooCommerce and the Avada theme, supported by various plugins including CleanTalk for anti-spam and Google Analytics for tracking. The domain is well-established since 1996, consistent with the company's business history, and uses Cloudflare DNS services. Security posture is moderate with HTTPS enabled and anti-spam measures in place, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the website is professional and functional but would benefit from enhanced security and privacy practices.

E

Economybookings

economybookings.com

72

Economybookings is an established online car rental aggregator platform offering price comparison and booking services for over 175,000 vehicles across 20,000 locations worldwide. The company targets global consumers seeking affordable and convenient car rental options, supported by multilingual customer service and a large network of trusted suppliers. The website demonstrates a mature digital presence with modern technologies such as React and Next.js, integrated analytics, and compliance tools like Cookiebot for privacy management. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly disclosed. The absence of WHOIS domain registration data is a notable concern, potentially indicating privacy protection or registration inconsistencies. Overall, the platform presents a professional and trustworthy user experience with room for improvement in transparency and contactability.

L

Logotrade OÜ

logotrade.ee

46

Logotrade OÜ is a well-established Estonian company specializing in promotional products, including advertising gifts, business gifts, and branded merchandise. With over 20 years of experience and a strong client base exceeding 4000 customers, Logotrade positions itself as a leading provider in the promotional retail sector in Estonia and Europe. The company offers a comprehensive range of services including promotional gifts, advertising services, and advertising design, supported by professional expertise and strategic marketing insights. The website reflects a mature business with consistent branding, clear communication, and strong trust indicators such as customer testimonials and industry memberships. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Facebook Pixel, and Segment Analytics, integrated with a cookie consent mechanism ensuring GDPR compliance. The site is mobile-optimized, well-structured, and uses HTTPS with good SSL configuration. While some security headers are not explicitly detected, the overall security posture is solid with no visible vulnerabilities or exposed sensitive data. From a security perspective, the site demonstrates good practices including secure forms, privacy policies, and cookie consent. However, there is room for improvement by implementing additional security headers and publishing a formal security or vulnerability disclosure policy. No WAF or blocking mechanisms were detected, indicating full accessibility. Overall, Logotrade's website is professional, secure, and compliant, supporting its business credibility and customer trust. The domain registration data aligns well with the business claims, reinforcing legitimacy. Strategic recommendations include enhancing security headers, formalizing security policies, and continuous monitoring of third-party scripts to maintain a robust security posture.

D

Digiposter

digiposter.ee

41

Digiposter is an Estonian-based digital advertising company specializing in digital screens and LED advertising solutions across major cities and shopping centers in Estonia. The company leverages a network of digital and LED screens to deliver impactful advertising campaigns directly to potential customers in high-traffic locations. The website reflects a medium-sized enterprise with a professional digital presence, utilizing WordPress with Elementor and SEO best practices to reach its target audience effectively. Technically, the website is built on a modern WordPress stack with multilingual support via WPML, SEO optimization through Yoast, and analytics integration using Google Analytics and Hotjar. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS and has no visible exposed sensitive data or vulnerable libraries. However, it lacks advanced security headers and explicit security or privacy policies, which could be enhanced to improve compliance and trust. No WAF or blocking mechanisms were detected, indicating open accessibility. Overall, the website presents a credible and professional business with a solid market position in Estonia's retail and media advertising sectors. Strategic improvements in privacy compliance and security posture would further strengthen its digital maturity and trustworthiness.

Copix is a newly established Estonian digital printing company specializing in a wide range of printing services including labels, packaging, interior decoration prints, and book printing. The website is professionally designed using WordPress and Bootstrap, featuring a modern and responsive layout with clear navigation and multiple contact channels. The company targets businesses, schools, publishers, designers, and individual customers, positioning itself as a regional printing service provider with an online ordering platform. The technical infrastructure includes common marketing and analytics tools such as Google Analytics, Facebook Pixel, and Adform tracking, integrated via Google Tag Manager. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks DNSSEC and security headers, which are recommended for improvement. The domain is newly registered in 2024, consistent with the business launch, and shows no suspicious registration patterns. Overall, the website is functional, trustworthy, and business credible, though it would benefit from enhanced privacy and security policies.

E

Easy Web Soutions

easyweb.ee

49

EasyWeb is a small Estonian technology service provider specializing in WordPress website creation, management, SEO, marketing, UX, and design services targeted primarily at small businesses. The company presents a professional and user-friendly website with clear service offerings and client testimonials, positioning itself as a reliable local partner for digital presence needs. Technically, the website is built on WordPress with modern tools such as GSAP for animations, Facebook Pixel for tracking, and Google Analytics for analytics, hosted likely by Elkdata OÜ as indicated by the WHOIS and nameserver data. The site is mobile-optimized and performs well with fast loading times and good SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks explicit security headers and a published security policy. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the domain registration and hosting details align well with the business claims, supporting legitimacy and trustworthiness.

R

www.RigaCamping.lv

rigacamping.lv

43

RigaCamping.lv is a small hospitality business providing camping accommodations in Riga, Latvia. The website offers information about camping services including tent and motorhome rentals, secure camping spots with electricity, and an online reservation system that provides a discount for bookings made through the site. The target audience consists primarily of tourists and campers visiting Riga and nearby areas. The business operates locally with a clear focus on outdoor accommodation services. Technically, the website is built using standard HTML5, CSS (W3.CSS), and JavaScript, integrating Google Analytics and Twitter widgets for tracking and social media presence. The site is mobile optimized with a moderate performance profile and basic SEO and accessibility features. However, it lacks advanced security headers and privacy compliance mechanisms such as cookie consent banners and privacy policies. From a security perspective, the site uses HTTPS and does not expose sensitive data in the HTML content. Nevertheless, it lacks important security headers like Content Security Policy and HSTS, and there is no visible security or incident response policy. The embedded reservation form collects user data but its security posture is unknown. The site uses Google Analytics and Tag Manager, indicating moderate user tracking without clear privacy compliance disclosures. Overall, the website is functional and professional for a small local hospitality business but has notable gaps in privacy compliance and security best practices. Strategic improvements in security headers, privacy policies, and incident response information would enhance trust and compliance. The domain WHOIS data is consistent with the business location and shows no suspicious patterns, supporting the legitimacy of the site.

J

John Lothian News

johnlothiannews.com

58

John Lothian News is a specialized media outlet focused on delivering financial markets news and analysis. Established in 2011, it serves a niche audience of financial professionals and market participants. The website employs a WordPress CMS with the Divi theme and WooCommerce plugin, indicating a modern and flexible technical infrastructure. Hosting is provided by SiteGround, and the site uses Google Analytics and Tag Manager for user tracking. Security posture is solid with HTTPS enabled and use of Google reCAPTCHA, though there is room for improvement in security headers and DNSSEC implementation. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

M

Maria Mägi Advokaadibüroo

mmab.ee

42

Maria Mägi Advokaadibüroo is a professional law firm based in Estonia, providing legal services across major legal domains including business law, real estate law, contract law, tax law, intellectual property, bankruptcy, family law, and environmental law. The firm positions itself as a modern legal service provider with a team of partners and specialized lawyers, targeting clients seeking comprehensive legal assistance in Estonia. The website is well-structured, multilingual, and professionally designed, reflecting the firm's commitment to quality and client service. Technically, the website is built on WordPress using the Avia Framework, with integrations such as Yoast SEO and Google Analytics for performance and marketing insights. The site is mobile-optimized and includes cookie consent mechanisms aligned with GDPR requirements. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and implements cookie consent with opt-in/out options, demonstrating good privacy compliance. However, explicit security headers are missing, and there is no dedicated security policy or vulnerability disclosure page. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, the website presents a trustworthy and professional digital presence for the law firm, with a solid foundation in security and privacy compliance. Strategic improvements in security headers, accessibility, and explicit security policies would enhance the firm's digital maturity and client trust.

P

Pärnu Sadam AS

parnusadam.eu

47

Pärnu Sadam AS operates as a regional port authority and service provider located in southwestern Estonia, specifically at the mouth of the Pärnu River. The company offers essential harbor services including vessel scheduling, access permit management, and related maritime services. The website positions Pärnu Sadam as a key regional player in transportation and port services, targeting shipping companies, local businesses, and visitors. The business model revolves around providing port infrastructure and administrative services to facilitate maritime traffic and regional commerce. Technically, the website is built on WordPress 6.7.2 with a modern tech stack including Yoast SEO for search optimization, WPML for multilingual support, and integration of Google Analytics and Google Maps APIs. The site demonstrates good mobile optimization and moderate performance, with a clean and professional design. Cookie consent mechanisms and privacy policies are implemented in compliance with GDPR, enhancing user trust and legal compliance. From a security perspective, the site uses HTTPS with anonymized IP tracking in Google Analytics and provides a cookie consent banner with opt-in/out options. However, explicit security headers are not detected in the HTML content, and no dedicated security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the analyzed content, indicating a generally sound security posture. Overall, Pärnu Sadam's website reflects a credible and professional digital presence consistent with its business operations. The site is accessible without WAF or blocking mechanisms, includes comprehensive privacy and cookie policies, and provides clear contact information. Strategic recommendations include enhancing security headers, publishing explicit security policies, and maintaining regular audits of third-party scripts to further strengthen security and compliance.

O

Online Solution 360 GmbH

saveality.net

59

Saveality, operated by Online Solution 360 GmbH, is a specialized provider of cyber security and privacy solutions based in Germany. Founded in 2018, the company offers a range of services including secure remote desktop environments, multi-encryption data storage, end-to-end encrypted email and communication services, TOR/Onion web services, bulletproof hosting, penetration testing, secure mobile phone solutions, IoT protection, and cryptocurrency cold storage. The business targets clients requiring high confidentiality and privacy protection, positioning itself as a niche player in the cyber security market. The parent company is Online Solution Int Ltd. based in the UK. Technically, the website is built on WordPress and uses common web technologies such as jQuery, Google Analytics, and Google Tag Manager. Hosting and DNS services are managed via Cloudflare. The site implements HTTPS with a good SSL configuration but lacks DNSSEC and advanced security headers. Performance is moderate with good mobile optimization. Privacy compliance is basic with a cookie consent banner and a privacy policy hosted externally on adsafety.net. Security posture is adequate but could be improved by enabling DNSSEC, adding security headers, publishing a security policy, and providing a vulnerability disclosure mechanism. No critical vulnerabilities or exposed sensitive data were detected. Contact information is clearly presented, including phone numbers, emails, and physical addresses, enhancing business credibility. Overall, Saveality presents a professional and trustworthy front with room for improvement in security best practices and privacy transparency. Strategic recommendations include enhancing domain security, publishing detailed security and incident response policies, and improving privacy compliance disclosures.

S

SMEunited

smeunited.eu

72

SMEunited is a prominent non-profit association representing crafts and small and medium-sized enterprises (SMEs) across Europe, with a membership base spanning over 30 countries and encompassing more than 12 million enterprises. The organization focuses on advocacy, policy representation, and providing a unified voice for SMEs at the European level. Their website reflects a professional and consistent brand image, offering comprehensive information about their activities, publications, news, and events. Technically, the website employs modern tools such as Google Analytics, Google Tag Manager, and Cookiebot for consent management, indicating a mature digital infrastructure. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, though it lacks explicit security policy disclosures and incident response contacts. Overall, the website is accessible, well-structured, and compliant with privacy regulations, presenting a trustworthy digital presence for the organization.

K

KiVa / Tenz

kivaschool.be

48

The website www.kivaschool.be represents the KiVa anti-bullying program operated by Tenz in Belgium, supported by recognized educational institutions. It provides comprehensive information about the program, resources for schools, parents, and educators, and includes a webshop and training offerings. The site is well-structured with consistent branding and clear navigation, targeting educational stakeholders in Flanders. Technically, the site uses a custom CMS (Ambacht CMS) with common web technologies such as jQuery, Bootstrap 3, and Select2, and integrates Google Analytics and ReadSpeaker for accessibility. Security posture is moderate with no visible security headers and unknown SSL configuration, but it implements a detailed cookie consent mechanism. WHOIS data is unavailable due to registry restrictions, which reduces transparency but the site content and contact details support legitimacy. Overall, the site is professional and functional with room for improvement in security and privacy policy disclosures.