Security Directory

K

Kompas.id

kompas.id

63

Kompas.id is a prominent Indonesian digital news platform offering comprehensive coverage across various domains including politics, economy, sports, and international news. The platform operates on a subscription-based model providing premium content to its audience. It targets Indonesian readers seeking quality journalism and up-to-date news. The website demonstrates a professional design with consistent branding and clear navigation, supporting a good user experience. Technically, Kompas.id leverages modern web frameworks such as Nuxt.js and Vue.js, and integrates multiple analytics and advertising technologies to optimize performance and marketing efforts. Security-wise, the site enforces HTTPS and employs several security best practices, though there is room for improvement in implementing comprehensive security headers and explicit security policies. Privacy compliance is partially addressed through a cookie consent mechanism, but lacks visible privacy and terms of service documentation in the provided content. Overall, the domain registration data aligns well with the business profile, indicating a legitimate and established media entity.

T

The Medical Journal of Australia

mja.com.au

67

The Medical Journal of Australia (MJA) is a prominent healthcare publication serving medical professionals and researchers primarily in Australia. It offers a wide range of medical research articles, editorials, guidelines, and educational content. The website is professionally designed and well-structured, reflecting its position as a leading medical journal affiliated with the Australian Medical Association. The business model relies on subscriptions, advertising, and content dissemination to healthcare audiences. Technically, the site is built on Drupal 10, leveraging modern web technologies including Google Analytics, Google Tag Manager, and Stripe for payment processing. The site is mobile-optimized and accessible, with moderate performance. Security posture is strong with HTTPS enforced and no visible sensitive data exposure, though some security headers could be improved. The WHOIS data is privacy protected by a reputable Australian registrar, which is typical for professional organizations. No signs of malicious activity or suspicious domain registration patterns were found. Privacy compliance is basic with a privacy policy present but lacking explicit cookie consent mechanisms. Overall, the site demonstrates a mature digital presence with strong business credibility and good security hygiene, though improvements in privacy compliance and security headers are recommended to enhance trust and regulatory adherence.

I

IRIS

irisnetwork.org

41

IRIS is a well-established global network of independent market research institutes, operating since 2003 with over 30 offices worldwide. The organization specializes in delivering comprehensive market research services, including public confidence studies and pharma industry research, targeting businesses seeking international market insights. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern web technologies such as jQuery, Bootstrap, Google Analytics, and reCAPTCHA, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but lacks DNSSEC and security headers, and does not provide privacy or cookie policies, which are compliance gaps. Overall, the domain WHOIS data supports the legitimacy and long-term operation of the business. Strategic improvements in privacy compliance and security hardening are recommended to enhance trust and regulatory adherence.

A

Auto & Service OÜ

auto-service.ee

42

Auto & Service OÜ is a small automotive service company based in Haapsalu, Estonia, operating since 2003. The company offers a range of automotive services including car repair, tire services, used car sales, and hand car wash. Since 2023, it has been the official Toyota service center in the region, providing factory-trained technicians and original Toyota parts, enhancing its market position and trustworthiness. The website is built on WordPress and uses common plugins and Google Analytics for tracking. It is mobile optimized and provides a basic GDPR-compliant cookie consent mechanism and privacy policy. However, no explicit contact emails or phone numbers are found on the main page, which could be improved for better customer engagement.

V

Viljandi Motokeskus

motokeskus.eu

40

Viljandi Motokeskus is a small Estonian retailer specializing in the sale and maintenance of motor vehicles including ATVs, motorcycles, scooters, and electric vehicles. The company targets local consumers and enthusiasts seeking motorized transport and related accessories. Their business model combines e-commerce with physical retail and service offerings. The website is built on WordPress with WooCommerce and Elementor, reflecting a moderate level of digital maturity with good SEO practices and mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is functional and professional but could improve in security and privacy transparency to enhance trust and compliance.

K

KALASTUSPOOD OÜ

boat-service.ee

40

Boat Service Estonia, operated by KALASTUSPOOD OÜ, is a specialized e-commerce and service provider focused on marine equipment including boats, boat motors, marine electronics, and accessories. Established in 2018, the company targets boat owners and marine enthusiasts primarily in Estonia, offering sales, maintenance, rental, and winter storage services. The website demonstrates a solid market position as one of the leading marine equipment sellers in the region, supported by a professional online presence and active social media engagement. Technically, the site is built on WordPress with WooCommerce, leveraging modern plugins and tracking tools such as Google Analytics, Facebook Pixel, and Hotjar, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies are missing. Overall, the site is trustworthy and professionally managed, but could improve privacy and security transparency.

Semako Romulad OÜ is a small Estonian company specializing in vehicle dismantling, auto repair, 24-hour roadside assistance, towing services, spare parts sales, and equipment rental. The company targets vehicle owners and businesses in Estonia requiring these transportation-related services. Their market position is local/regional with partnerships with recognized organizations such as Autolammutuste Liit and the Estonian Police and Border Guard Board. The website content is relevant and well-structured, providing clear information about services and contact details. Technically, the website uses a modern but basic tech stack including Bootstrap, jQuery, Flexslider, and Google Analytics. The site is mobile-optimized and performs moderately well. Hosting and domain registration are consistent with the business location, registered through Zone Media OÜ in Estonia. However, no CMS is explicitly detected, and accessibility features are basic. From a security perspective, the website uses HTTPS but lacks advanced security headers and DNSSEC, which are recommended for improved security posture. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. No incident response or vulnerability disclosure policies are found. The site uses Google Analytics for tracking, with moderate user tracking levels but limited privacy compliance. Overall, the website is functional and professional but would benefit from enhanced security measures, privacy compliance improvements, and formalized policies to increase trust and regulatory adherence.

STIK AS is an Estonian automotive service company specializing in vehicle dismantling, repair, maintenance, and parts sales. Operating multiple locations across Estonia including Rakvere, Paide, Tallinn, and Roosna-Alliku, the company serves a regional market with a focus on passenger cars, vans, SUVs, and commercial vehicles. Their services include accident repairs, painting, glass sales and replacement, tire services, and official dealership representation for Ford and Mazda in Lääne-Virumaa. The website reflects a medium-sized business with a service-oriented business model targeting vehicle owners and operators in Estonia. Technically, the website uses older JavaScript libraries such as jQuery 1.8.2 and integrates Google Analytics and Google Tag Manager for tracking. The site appears to be custom-built or uses a non-mainstream CMS, with basic mobile optimization and accessibility features. SEO is basic with minimal meta descriptions and no structured data markup. The site is accessible without WAF or blocking mechanisms. From a security perspective, the site uses HTTPS but lacks visible security headers and employs outdated JavaScript libraries, which may expose it to vulnerabilities. There are no visible privacy or cookie policies, nor incident response contacts, indicating gaps in compliance and security posture. Contact information is comprehensive and clearly presented, enhancing business credibility. Overall, the website scores moderately on content quality, technical implementation, and business credibility but scores low on privacy compliance and security posture. Strategic improvements in updating technology, implementing security best practices, and adding privacy policies would enhance trust and compliance.

M

Motohoov

motohoov.ee

41

Motohoov is a small Estonian business specializing in motorcycle gear, stylish riding apparel, and maintenance services. Established in 2010, it operates a WordPress-based website that serves as a digital storefront and information portal for motorcycle enthusiasts in Estonia. The website is well-structured with good SEO practices and provides a cookie consent mechanism compliant with GDPR regulations. The business targets local motorcycle riders and offers key services including retail sales, spare parts ordering, and servicing. The site integrates Google Analytics for visitor tracking and uses modern web technologies such as Elementor and Yoast SEO plugins.

A

AS Õhtuleht

ohtuleht.ee

59

Õhtuleht is a prominent Estonian news media website offering a wide range of content including news, sports, entertainment, opinions, and multimedia formats such as video, radio, and television. It serves the Estonian-speaking public with a comprehensive digital news platform supported by advertising and digital subscriptions. The website is well-branded and consistent with a strong market presence in Estonia's media sector. Technically, the site leverages modern web technologies including React with Next.js framework, integrates multiple advertising and analytics services such as Google Analytics, Gemius, and Cxense, and uses JW Player for video content. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and security headers. From a security perspective, the website enforces HTTPS with good SSL configuration and uses asynchronous script loading to optimize performance. However, it lacks explicit security headers like Content-Security-Policy and X-Frame-Options, and does not publicly disclose security policies or incident response procedures. Privacy compliance is basic, with a cookie consent mechanism present but no clear privacy or terms of service pages detected. Overall, the website is legitimate and trustworthy with consistent WHOIS data and a solid business model. The main risks relate to privacy compliance and security best practices, which could be enhanced to improve user trust and regulatory adherence.

M

MPY Telecom Oyj

mpy.fi

55

MPY Telecom Oyj is a Finnish telecommunications company specializing in providing fiber optic internet and reliable connectivity services to residential customers, housing companies, and businesses. Established in 2000, MPY has a strong market presence in Finland, offering high-speed internet solutions tailored for remote work, entertainment, and communication needs. The website reflects a professional and consistent brand image with clear service offerings and customer-centric content. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools such as Matomo and Google Analytics, managed with a compliant cookie consent mechanism. Security-wise, the website enforces HTTPS, implements key security headers, and maintains good SSL configuration, although DNSSEC is not enabled and no explicit security policy or incident response information is published. Overall, MPY demonstrates a mature digital infrastructure and a trustworthy online presence, with room for improvement in security transparency and accessibility compliance.

LEADELL Pilv is a well-established Baltic law firm network providing comprehensive legal services to business clients across Estonia, Latvia, and Lithuania. The firm specializes in a broad range of legal sectors including tax, administrative law, real estate, mergers and acquisitions, healthcare, IT, dispute resolution, business law, and finance. The website reflects a professional and consistent brand image with good content quality and clear navigation, targeting business clients in the Baltic region. Technically, the site is built on WordPress with modern analytics and SEO tools, showing moderate performance and good mobile optimization. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies are absent. Privacy compliance is partial, with a consent mechanism present but no explicit privacy or cookie policy pages found. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

S

Saimaa Group Oy

saimaagroup.fi

49

Saimaa Group Oy is Finland’s largest industrial insulation and scaffolding group, providing specialized services locally and internationally. The company operates through subsidiaries such as Arme and Kymsol, offering comprehensive contracting and digital solutions to ensure efficient and safe worksite operations. Their market position is strong within the manufacturing sector, supported by multiple branch locations and a flexible contract model tailored to customer needs. Technically, the website is built on WordPress with the Divi theme and several modern plugins, hosted on Microsoft Azure DNS infrastructure, reflecting a moderate level of digital maturity. Security posture is generally good with HTTPS enabled and cookie consent implemented, though there is room for improvement in DNSSEC adoption and explicit security policies. Privacy compliance is basic, lacking a dedicated privacy policy page, which is a notable gap. Overall, the website and domain registration data indicate a legitimate and professional business with a solid online presence.

T

TKM Grupp AS

tkmgroup.ee

45

TKM Grupp AS is a leading Estonian retail and wholesale group with a significant market share, employing over 4700 people and operating a large loyalty program with more than 750,000 customers. The group has a strong market position, recognized by multiple awards for competitiveness and led by experienced management. The website reflects a mature digital presence built on WordPress with modern SEO and analytics tools integrated. Security posture is strong with HTTPS and security headers implemented, though cookie consent and explicit contact details could be improved. Overall, the site is professional and trustworthy, supporting the company's business credibility and market leadership.

P

Print.com

print.com

74

Print.com operates as a professional print management platform targeting brands, agencies, resellers, and creatives. It offers a comprehensive catalogue of print products and services, including a web app, API, and digital asset management, connecting users to over 200 print partners across Europe. The platform emphasizes efficiency, collaboration, and sustainability, positioning itself as a trusted solution for frequent print buyers. Technically, the website is built on WordPress with modern SEO and analytics integrations, providing a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response details are absent. The lack of WHOIS registrant data introduces some uncertainty regarding domain legitimacy, but the professional presentation and compliance efforts mitigate this risk. Overall, the site demonstrates a mature digital presence suitable for its business model.

U

University of Alabama System

uasystem.edu

65

The University of Alabama System website represents Alabama’s largest higher education enterprise, encompassing three institutions that provide teaching, research, and service programs, along with a world-class medical center. The site targets students, faculty, researchers, and the public interested in higher education and medical services in Alabama. The business model is that of a public university system focused on education and research, holding a strong market position within the state. Technically, the website is built on Joomla! CMS with modern front-end frameworks such as UIkit and uses Google Analytics and Tag Manager for tracking. The site demonstrates good design quality, mobile optimization, and SEO practices, although accessibility features are basic. Security posture is moderate with HTTPS implied but lacks visible security headers and explicit security policies. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Overall, the domain registration data is consistent with the institution’s identity, indicating legitimacy and active maintenance.

STORYBOOK OÜ operates the website ssb.ee, providing a comprehensive business information database with over 123 million companies and thousands of job listings. The platform offers credit reports, tenders, content marketing, and AI applications targeting businesses and professionals primarily in Estonia but also internationally. The company is positioned as a significant player in the finance and media sectors, leveraging a large dataset and AI technologies to serve its audience. Technically, the website is built on WordPress with modern libraries such as jQuery, Elementor, and Google services integrated for analytics and user interaction. The site is mobile-optimized and SEO-friendly, with structured data enhancing search visibility. Security-wise, the site uses HTTPS and includes reCAPTCHA for form protection, but lacks some advanced security headers and explicit security policies. Privacy compliance is basic, with cookie consent implemented but no visible privacy or terms of service pages. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

K

Kreedix OÜ

kreedix.ee

69

Kreedix OÜ is an established Estonian company specializing in comprehensive credit management and debt collection services, operating since 2004. The company offers a full spectrum of services from sales credit management to cash collection, including credit ratings, debt portfolio analysis, and credit insurance. Kreedix holds a strong market position as a pioneer in the Estonian credit management sector, supported by partnerships with reputable finance and credit insurance companies such as Euler Hermes, Atradius, Coface, and EVUL. The website reflects a professional and consistent brand image targeting business clients requiring credit and debt management solutions. Technically, the website is built on WordPress using Elementor and Yoast SEO plugins, integrating modern web technologies such as Google Analytics and Google reCAPTCHA for security and analytics. The site is mobile-optimized with good SEO practices and moderate performance. Security posture is solid with HTTPS enforced and reCAPTCHA protecting forms, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the security posture is good with no critical vulnerabilities detected, and the domain registration data supports the legitimacy of the business. The site does not show signs of blocking or WAF interference, allowing full content access. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility features to further strengthen compliance and user experience.

E

Elkdata OÜ

wirumill.ee

45

Wiru Mill is an Estonian-based e-commerce business specializing in organic and specialty food products such as crispbreads and organic olive oil. The website is built on WordPress with WooCommerce, targeting consumers interested in healthy and organic food options. The business appears to be small and relatively new, founded in 2023, with hosting and domain registration managed by Elkdata OÜ, indicating a consistent and legitimate setup. Technically, the website uses modern web technologies including Google Analytics and AdSense for tracking and monetization, and WPBakery for page building. The site is mobile optimized and has a good design and user experience, although accessibility and SEO could be improved. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Overall, the website is functional and professional but would benefit from enhanced privacy and security practices to improve trust and compliance.

А

Апостроф

apostrophe.ua

62

Апостроф is a Ukrainian online news media outlet established in 2014, providing comprehensive news coverage, analytical articles, interviews, and video content focused on Ukrainian society, politics, economy, and world events. The website targets Ukrainian-speaking audiences interested in current affairs and cultural topics. It operates primarily on an advertising revenue model, leveraging Google Adsense and Google Tag Manager for monetization and analytics. The site demonstrates a good level of digital maturity with modern JavaScript libraries and responsive design, ensuring a positive user experience across devices. Security posture is strong with HTTPS enforcement and standard security headers, though there is room for improvement in privacy compliance and incident response transparency. Overall, Апостроф presents as a credible and professional media entity with consistent branding and quality content.

V

Vgorode.ua

vgorode.ua

56

Vgorode.ua is a prominent Ukrainian local news and city information portal established in 2009, serving multiple major cities with news, event listings, and city directories. The website targets residents and visitors seeking up-to-date local information and operates on an advertising-supported business model. It maintains a consistent brand presence and leverages social media channels to engage its audience. Technically, the site uses a custom CMS with a modern tech stack including jQuery, Google Analytics, and header bidding for advertising. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is good with HTTPS enforced and no visible vulnerabilities, but security headers could be enhanced. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the site is professional, content-rich, and trustworthy, with room for improvement in privacy and security practices.

Viva.ua is a Ukrainian online media publication focused on show business, celebrity news, culture, and entertainment. It targets Ukrainian-speaking audiences interested in the latest news and exclusive content about stars and cultural events. The website features a variety of content including news articles, interviews, event coverage, and fashion and beauty topics. It operates primarily on an advertising revenue model, leveraging multiple ad networks and tracking services. Technically, the site uses modern web technologies including Google Analytics, Google Tag Manager, Facebook SDK, and header bidding for ads. The site is served over HTTPS with a good security posture, including CSRF tokens and asynchronous script loading. However, it lacks explicit privacy and cookie policies and does not provide clear contact information for business or security inquiries, which impacts its privacy compliance score. Overall, the site is professionally designed with good navigation and content quality, but could improve transparency and compliance aspects.

P

PT. Jaringan Pemberitaan Nusantara Negeriku

jpnn.com

57

JPNN.com is a prominent Indonesian online news portal operated by PT. Jaringan Pemberitaan Nusantara Negeriku, part of the Jawa Pos Group. The website delivers comprehensive news coverage across multiple sectors including politics, economy, crime, sports, entertainment, and regional news through various subdomains. It targets Indonesian readers seeking up-to-date and popular news content. The business model centers on digital news publishing monetized through advertising networks and sponsored content. Technically, the website employs a modern tech stack including jQuery, Google Tag Manager, Google Analytics, and Google Publisher Tags for ad management. It uses Owl Carousel for content sliders and integrates multiple third-party ad and tracking services. The site is mobile-optimized with good SEO practices and structured data markup enhancing search engine visibility. Performance is moderate with room for optimization. Security posture is solid with HTTPS enforced and a Content-Security-Policy header present, though additional security headers could improve defense-in-depth. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic; a cookie consent mechanism is implemented but no explicit privacy policy page was found. WHOIS data is missing or privacy protected, which slightly reduces trustworthiness but the website's content and branding indicate a legitimate media entity. Overall, JPNN.com is a well-established media website with strong content and technical foundations. Strategic improvements in privacy transparency, security headers, and WHOIS data clarity would enhance trust and compliance.

P

PT.CIPTA MEGASWARA TELEVISI

kompas.tv

61

Kompas.tv is a prominent Indonesian media portal operated by PT.CIPTA MEGASWARA TELEVISI, offering comprehensive news coverage and video content across national, regional, international, sports, entertainment, and lifestyle categories. The website serves a broad Indonesian audience seeking timely and reliable news, supported by a strong brand presence and multiple related media properties. Technically, the site employs modern advertising technologies, Google Tag Manager, and analytics tools, ensuring a robust digital infrastructure with moderate performance and good mobile optimization. Security-wise, the site enforces HTTPS with appropriate security headers and script nonce usage, though it lacks explicit privacy and cookie policies, which impacts compliance. Overall, the site is trustworthy and professional but would benefit from enhanced privacy transparency and contact information to improve user trust and regulatory compliance.

Г

ГЛАВКОМ

glavcom.ua

61

Glavcom.ua is a Ukrainian online news media platform providing up-to-date news, interviews, special projects, and opinion columns primarily focused on politics, economy, sports, health, and technology. The website targets Ukrainian-speaking audiences interested in current events and maintains a consistent brand presence with active social media engagement. Technically, the site employs modern web technologies including Google Analytics, Adsense, and lazy loading scripts, delivering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and no visible sensitive data exposure, though it lacks explicit security headers and formal privacy or cookie policies. Overall, the domain registration aligns well with the website's claims, indicating legitimacy and trustworthiness.

S

Suara.com

suara.com

64

Suara.com is a prominent Indonesian online news portal delivering a wide range of news content including politics, business, sports, entertainment, lifestyle, and technology. It operates under the Arkadia Digital Media group, which manages several sister sites and regional portals, positioning Suara.com as a major player in the Indonesian media landscape. The website targets Indonesian readers seeking up-to-date and balanced news coverage. Technically, the site employs modern web technologies such as jQuery, Google Tag Manager, Google Analytics, Microsoft Clarity, and Google Adsense for advertising and analytics. The site is mobile-optimized and features a structured navigation system with multiple content categories and regional subdomains. Security-wise, the site uses HTTPS with good SSL configuration and some security best practices, though it lacks explicit security headers and published security policies. Privacy compliance is basic, with no clear privacy or cookie policy pages detected in the provided content, though cookie consent mechanisms are present. The WHOIS data for the domain is missing or unavailable, which is unusual but the website's active and professional presence mitigates some concerns. Overall, Suara.com is a credible and well-established media portal with room for improvement in privacy transparency and security policy disclosures.

2

24 Канал

24tv.ua

61

24 Канал is a prominent Ukrainian news media organization providing up-to-date news, live TV streaming, video reports, and expert commentary focused on Ukraine and global events. The website serves a broad Ukrainian-speaking audience and operates multiple sub-sites covering specialized topics such as economy, geopolitics, sports, business, education, and real estate. The business model centers on digital news dissemination and multimedia content delivery, positioning itself as a major player in the Ukrainian media landscape. Technically, the website is built on a modern Angular framework (version 16.2.12) and integrates several analytics and tracking tools including Google Analytics, Matomo, Gemius, PostHog, and Sentry for error tracking. The site is mobile-optimized with responsive design and good SEO practices, although accessibility features are basic. Hosting appears to be managed by Luxnet.ua infrastructure, a known Ukrainian internet service provider. From a security perspective, the site enforces HTTPS with strong SSL configuration and uses modern security headers, although explicit headers like Content-Security-Policy are not visible in the HTML source. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks publicly available privacy and cookie policies, incident response contacts, and vulnerability disclosure mechanisms, which are important for compliance and trust. Overall, 24 Канал demonstrates a strong business and technical foundation with high content quality and professional presentation. The main risks relate to privacy compliance gaps and lack of transparency on security incident handling. Strategic improvements in these areas would enhance trust and regulatory adherence.

Т

ТОВ Редакція газети "Факти та коментарі"

fakty.ua

61

Факти.ua is a well-established Ukrainian online news media platform operated by ТОВ Редакція газети "Факти та коментарі", founded in 1997. The website offers a broad range of news, articles, commentaries, and analytical content targeting Ukrainian-speaking audiences interested in national and international affairs, culture, sports, and society. It maintains a strong market position as a trusted news source with consistent branding and professional content quality. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with integrations of Google Analytics and Tag Manager for traffic analysis. The site is optimized for mobile devices and uses structured data (JSON-LD) for enhanced SEO. Performance is moderate with good mobile responsiveness but could benefit from additional accessibility improvements. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and does not provide visible security or incident response policies. Privacy compliance is basic, with a privacy policy and terms of service present but no cookie consent mechanism or GDPR-specific disclosures. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional and trustworthy with room for improvement in privacy compliance and security best practices. No blocking or WAF interference was detected, allowing full content access and analysis.

U

UkrNet

ukr.net

62

UkrNet is a prominent Ukrainian online news portal providing comprehensive news coverage across politics, economy, sports, culture, technology, and entertainment. It serves a broad Ukrainian-speaking audience with fresh news updates and integrates additional services such as email and search. The website demonstrates a mature digital infrastructure with modern advertising and analytics technologies, including Google Tag Manager and MGID. Security posture is solid with HTTPS enforcement and sandboxed iframes for email widgets, though some security headers could be improved. Privacy compliance is limited due to absence of explicit privacy and cookie policies in the analyzed content. WHOIS data is unavailable for the queried subdomain, which slightly reduces trust but does not detract from the site's evident legitimacy and market position. Overall, UkrNet is a well-established media platform with good technical and business credibility.

Г

ГОРДОН

gordonua.com

45

ГОРДОН is a Ukrainian media company operating an online news portal providing up-to-date news, exclusive interviews, and multimedia content focused on Ukraine and global events. The website targets Ukrainian-speaking audiences interested in politics, war, culture, and current affairs. It maintains a strong market position as a recognized news source with a medium-sized operation founded in 2013. The business model relies on advertising revenue and mobile app distribution. Technically, the site uses a mix of modern and legacy technologies, including Google Analytics, Google Tag Manager, Facebook Pixel, and Cloudflare DNS services. The site is mobile-optimized and SEO-friendly but uses an outdated jQuery version and lacks some security headers. Security posture is moderate with HTTPS enforced but missing DNSSEC and some headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional and trustworthy but can improve security and privacy practices.

Р

РБК-Україна

rbc.ua

63

РБК-Україна is a prominent Ukrainian online news media portal providing comprehensive coverage of national and international news, political and economic analysis, currency exchange rates, interviews, and opinion pieces. The website targets Ukrainian-speaking audiences interested in current affairs and maintains a strong market position as a major news outlet in Ukraine. The business model is centered on digital news publishing with monetization through advertising and sponsored content. Technically, the site employs modern web technologies including Google Analytics, Google Tag Manager, Google Adsense, and Gemius for analytics and advertising. The site is well-structured with good SEO practices and basic mobile optimization. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response contacts are not publicly available. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the website demonstrates a mature digital presence with high content quality and professional branding.

H

Holstre Külaselts

holstre.ee

40

Holstre Külaselts is a local community association representing the village of Holstre in Viljandi County, Estonia. The website serves as an informational portal providing news, cultural heritage trail details, local projects, and community events. The organization appears to be a small non-profit entity focused on promoting local culture and community engagement. The website is built on WordPress using the Astra theme and Elementor page builder, incorporating modern web technologies and plugins such as Google Analytics and 360-degree image viewers. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content for its target audience. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal security policies. Privacy compliance is minimal, with no visible privacy or cookie policies, which is a gap for GDPR compliance. Overall, the website is trustworthy and professionally maintained but could improve in privacy and security transparency.

M

Marché des Objets Graphiques

marche-objets-graphiques.com

55

The website 'Marché des Objets Graphiques' serves as an online presence for a recurring event organized by étapes magazine, focusing on graphic and artisanal objects. It targets creative professionals and enthusiasts in France, particularly in Paris, providing a platform for showcasing and selling unique graphic works and crafts. The site is well-structured, visually consistent, and uses modern web technologies including WordPress and Google Analytics for tracking visitor engagement. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the content and branding align with a known magazine entity. Security posture is adequate with HTTPS and spam protection, but lacks comprehensive security headers and visible privacy compliance documentation. Overall, the site is functional and professional but would benefit from improved compliance and transparency measures.

C

CostPocket

costpocket.com

70

CostPocket is a Finnish technology company specializing in AI-powered expense management and document digitization solutions for businesses and accounting firms. The company offers a SaaS platform that automates receipt and invoice processing, integrates with numerous accounting software, and provides mobile applications for ease of use. With over 13,000 companies using their service and more than 40 integrations, CostPocket holds a strong market position in the Nordic and Baltic regions. The website demonstrates a modern technical infrastructure leveraging Vue.js, cloud hosting, and multiple analytics and marketing tools. Security posture is solid with HTTPS enforcement and access controls, though improvements such as DNSSEC and published security policies could enhance trust. Privacy compliance is basic, with cookie consent implemented but no visible privacy or terms of service pages. Overall, CostPocket presents a professional and trustworthy digital presence aligned with its business goals.

K

Kravia

validius.fi

64

Kravia is a cloud-based SaaS provider specializing in automated debt collection software, invoicing services, and portfolio management. The company integrates with popular accounting platforms to streamline financial operations for businesses. Their website demonstrates a modern technical infrastructure leveraging Webflow CMS, Cloudflare CDN, and multiple analytics and marketing tools. Security posture is strong with HTTPS enforcement, use of Auth0 for authentication, and a comprehensive cookie consent mechanism. However, explicit privacy and terms of service pages are not found, which slightly impacts privacy compliance scoring. WHOIS data is unavailable, likely due to privacy protection, which is common for SaaS companies but limits full legitimacy verification. Overall, Kravia presents as a professional and trustworthy service provider in the finance technology sector.

S

Suomen Hostingpalvelu Oy

hostingpalvelu.fi

63

Suomen Hostingpalvelu Oy is a Finnish technology company specializing in domain registration, web hosting, and website building services. Established in 2008, it has positioned itself as a trusted local provider with a strong emphasis on customer service and technical reliability. The company offers a range of hosting packages, including AI-assisted WordPress hosting, targeting both individual and business customers in Finland. Their partnership with Suomen Yrittäjät further strengthens their market credibility. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and jQuery, and integrates multiple analytics and marketing tools like Google Analytics, Hotjar, and Trustmary. The site is well-optimized for SEO, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Hosting servers are located in Finland, ensuring good performance and compliance with local data regulations. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. It employs cookie consent mechanisms compliant with GDPR. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. No critical vulnerabilities or suspicious patterns were detected. Overall, Suomen Hostingpalvelu Oy demonstrates a high level of professionalism, trustworthiness, and compliance, making it a reliable service provider in the Finnish hosting market. Strategic enhancements in security transparency and incident response readiness would further strengthen their security posture.

XiBE is a Netherlands-based technology company offering a cloud-based ideas realization platform designed to facilitate employee collaboration in idea sharing, selection, and execution. The website presents a modern, user-friendly interface hosted on the Weebly platform, targeting organizations seeking to enhance bottom-up innovation. The platform emphasizes ease of use and community engagement, supported by client testimonials and logos from reputable organizations. Technically, the site employs standard web technologies including jQuery and Google Analytics, with moderate performance and mobile optimization. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and visible privacy or cookie policies, which are critical for GDPR compliance. No contact information or incident response channels are provided, limiting transparency and user trust. Overall, the site is professional and credible but would benefit from enhanced privacy compliance and security best practices.

A

Aspo Plc

aspo.com

62

Aspo Plc is a Finnish conglomerate specializing in demanding B2B customers, operating primarily in Northern Europe and selected growing markets. The company owns and develops businesses in sectors including shipping (ESL Shipping), food industry solutions (Leipurin), and industrial supplies and logistics (Telko). Aspo positions its subsidiaries as market leaders, focusing on sustainable and long-term value creation. The website reflects a professional corporate presence with comprehensive investor relations, governance, and sustainability information. Technically, the website is built on the HubSpot CMS platform, utilizing modern JavaScript libraries such as jQuery, Highcharts, and Slick Carousel. It integrates Google Analytics and Google Analytics 4 for visitor tracking and employs a cookie consent mechanism compliant with GDPR. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. From a security perspective, the site enforces HTTPS and uses cookie consent banners, but lacks explicit security headers and published incident response contacts or vulnerability disclosure policies. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy, despite the professional and consistent website content. Overall, Aspo Plc's website presents a credible and professional business front with room for improvement in security best practices and transparency regarding domain registration and incident response.

N

Neway

neway.ee

49

Neway is an award-winning brand and experience design agency based in Estonia, with a domain age consistent with its claimed business history since 2007. The company specializes in creating brands and experiences from strategy through execution, targeting businesses seeking high-quality creative services. The website showcases a professional portfolio with multimedia content and highlights multiple industry awards, positioning Neway as a reputable player in the creative agency market. Technically, the website uses modern JavaScript frameworks such as Vue.js, integrates multiple analytics and marketing tools, and is hosted by Zone Media OÜ. Security posture is strong with HTTPS enforced, reCAPTCHA on forms, and cookie consent implemented, though explicit security policies and incident response information are absent. Privacy compliance is partial due to missing privacy and terms of service pages. Overall, the website is professional, trustworthy, and technically sound, with room for improvement in privacy and security transparency.

E

Etapes :

etapes.com

49

Étapes is a well-established French media company specializing in design, image, and visual communication since 1994. The website serves as a digital magazine platform offering editorial content, subscription services, event agendas, and job listings targeted at design professionals and enthusiasts. The company maintains a consistent brand presence across multiple social media platforms, reinforcing its market position as a reference media in its sector. Technically, the website is built on WordPress with WooCommerce integration for e-commerce capabilities, leveraging modern web technologies and SEO plugins to optimize content delivery and user experience. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but lacks visible security headers and explicit privacy and cookie policies, which are critical for compliance and trust. The absence of WHOIS registration data raises concerns about domain legitimacy, warranting further verification. Overall, the site is professional and functional but would benefit from enhanced transparency and security practices.

T

Thisispaper, Inc.

thisispaper.com

61

Thisispaper, Inc. operates a niche media website focused on art, design, and architecture, providing curated stories, travel guides, and a membership subscription model called Thisispaper+. The company targets creative professionals and enthusiasts seeking high-quality cultural content. The website is built on modern web technologies including Webflow CMS, Memberstack for membership management, and integrates payment gateways such as Stripe and PayPal. Analytics tools like Google Analytics and Microsoft Clarity are used for user behavior insights. Security posture is good with HTTPS enforced and secure payment integrations, though explicit security headers could be improved. Privacy compliance is limited with no clear privacy or cookie policies detected, which is a risk area. The absence of WHOIS domain registration data raises concerns about domain legitimacy and transparency. Overall, the website is professional, content-rich, and technically sound but would benefit from enhanced privacy disclosures and domain registration clarity.

9

9Dots

9dotsmedia.com

57

9Dots is a Mediatech service provider specializing in advanced monetization solutions for publishers and app developers. Their offerings include header bidding, video and audio monetization, and app distribution services aimed at maximizing ad revenue and audience engagement. The company positions itself as an industry connector with innovative native monetization technologies. Technically, the website is built on WordPress using Elementor, with modern libraries such as jQuery and FontAwesome, and integrates Google Analytics and reCAPTCHA for analytics and security. The site is well-designed, mobile-optimized, and provides a good user experience. Security posture is moderate with HTTPS enabled and use of reCAPTCHA, but lacks explicit security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. WHOIS data is missing or unavailable, raising concerns about domain legitimacy. Overall, the website is functional and professional but requires improvements in transparency and security documentation.

A

Accorp Sp. z o.o.

instytut-pollster.pl

72

Instytut Badań Pollster, operated by Accorp Sp. z o.o., is a well-established Polish market research institute founded in 2012. The company specializes in various research methodologies including CAWI, CAPI, CATI, and qualitative studies, holding a strong market position as the second largest CAWI research provider in Poland in 2022. Their services target businesses and institutions requiring reliable market and opinion data to support business growth and societal development. The website reflects a professional and modern digital presence with comprehensive content and clear navigation.

I

iPromote

ipromote.com

65

iPromote is a mature and established company specializing in programmatic digital advertising solutions. Their platform offers automated, scalable, and white-labeled advertising services across multiple channels including display, paid search, CTV/OTT, social media, native, video, and Yelp ads. The company positions itself as an industry leader with award-winning technology and a strong partner ecosystem. The website reflects a professional and modern digital presence with excellent content quality and user experience. Technically, the site is built on WordPress with advanced SEO and performance optimizations, integrating tools like Google Tag Manager, HubSpot, and Jetpack for analytics and marketing. Security posture is solid with HTTPS enforced and domain protections in place, though some security headers and explicit policies could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. Overall, the business credibility is high, supported by consistent branding and social media presence.

E

Edumus Education OÜ

edumus.ee

51

Edumus Education OÜ operates the Edumus platform, offering engaging and practical online courses targeted at primary and secondary school youth in Estonia and Ukraine. The platform emphasizes hybrid learning with live online classes and self-paced assignments, supported by expert-created curricula. The company has established a credible market presence with over 100 specialists contributing to education content and partnerships with educational foundations. Technically, the website is built on Squarespace, leveraging modern analytics and marketing tools, and provides a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements in security headers are recommended. Overall, Edumus demonstrates a trustworthy and professional online presence aligned with its educational mission.

T

Taimne Teisipäev | Sest elu on tähistamist väärt!

taimneteisipaev.ee

42

Taimne Teisipäev is a niche Estonian website dedicated to promoting healthier eating habits by encouraging more plant-based food consumption. The site targets health-conscious consumers interested in lifestyle changes towards plant-based diets. The business model appears to be informational and advocacy-focused, without direct e-commerce or transactional services. The website uses modern frontend technologies including Bootstrap and Nuxt.js, and integrates popular analytics and tracking tools such as Google Analytics and Facebook Pixel, indicating a moderate level of digital maturity. However, the absence of explicit privacy, cookie, and terms of service policies suggests gaps in compliance and transparency. Security posture is moderate with HTTPS usage implied, but lacks published security policies or incident response contacts. Overall, the domain registration is consistent and legitimate, supporting the website's credibility. Strategic improvements in privacy compliance and security transparency are recommended to enhance trust and regulatory adherence.

L

Lastekaitse Liit

kiusamisestvabaks.ee

42

Kiusamisest vabaks is a non-profit educational platform operated by Lastekaitse Liit, focused on bullying prevention in Estonia. The website offers multilingual educational materials and awareness content targeting nurseries, kindergartens, and grade schools. It collaborates with reputable partners including the Estonian Ministry of Education and Research and international child protection organizations. The platform is well-positioned within its niche, serving educators, parents, and children with relevant resources. Technically, the website is built on WordPress with modern technologies such as Bootstrap, jQuery, and Google services for analytics and tag management. It employs multilingual support via WPML and uses SEO best practices including structured data and Open Graph metadata. The site is mobile-optimized and performs moderately well, with a consistent and professional design. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA for form protection. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no visible cookie consent mechanism. Overall, the website demonstrates a solid business credibility and technical foundation with room for improvement in privacy compliance and security transparency. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

R

Ridango AS

pilet.ee

52

Pilet.ee is a well-established Estonian online platform specializing in public transportation ticket sales and management of the Ühiskaart travel card. Operated by Ridango AS, the service provides users with convenient access to tickets across multiple regions and transport types in Estonia. The website offers clear navigation and service descriptions targeting public transport users, supporting multiple languages including Estonian, English, and Russian. The platform integrates with regional ticketing subdomains and partners such as Omniva for card sales. Technically, the website employs standard web technologies including JavaScript, jQuery, and Google Analytics for user tracking. DNS is managed via Cloudflare, but DNSSEC is not enabled. The site uses HTTPS, ensuring encrypted communications, but lacks advanced security headers which could improve protection against common web threats. Mobile optimization and accessibility are basic but functional. From a security perspective, the site demonstrates a moderate posture with no visible vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies, as well as a consent mechanism despite the use of Google Analytics, indicates compliance gaps with GDPR and privacy best practices. No incident response or security policy information is publicly available. Overall, Pilet.ee is a credible and professional service with a solid market position in Estonia's transportation sector. Strategic improvements in privacy compliance, security headers, and user consent mechanisms would enhance trust and regulatory adherence, supporting long-term operational security and customer confidence.

C

Corgea

corgea.com

66

Corgea is an AI-driven security platform focused on automatically detecting, triaging, and fixing insecure code, targeting developers and security teams. The company appears to be a small technology startup founded in 2020, offering SaaS solutions in the cybersecurity domain. The website is professionally designed using Framer, with good content relevance and user experience, though it lacks explicit privacy and cookie policies as well as contact information. Technically, the site uses modern analytics and marketing tools such as HubSpot and Google Analytics, but lacks security headers and DNSSEC, which are recommended for enhanced security. The domain registration is consistent and transparent, registered with NameCheap since 2020, aligning with the company's startup profile. Overall, the security posture is moderate with room for improvement in privacy compliance and security best practices.