Security Directory

N

Národní technické muzeum

ntm.cz

54

Národní technické muzeum is a prominent national museum in the Czech Republic dedicated to preserving and showcasing technical history and innovation. The museum offers a wide range of exhibitions, educational programs, and cultural events targeting diverse audiences including families, schools, adults, and professionals. It maintains a strong market position as a leading cultural institution with multiple exhibition sites and partnerships with governmental and corporate entities. Technically, the website employs modern web technologies such as jQuery, Google Analytics, and Google Tag Manager, with good mobile optimization and accessibility features. The site is well-structured, professionally designed, and provides a rich user experience with clear navigation and relevant content. From a security perspective, the website uses HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks visible security headers and explicit security or incident response policies, which could be improved. The absence of WHOIS data for the domain is a notable concern for domain legitimacy verification, although the website content and external trust signals strongly support its authenticity. Overall, the website presents a low risk profile but would benefit from enhanced transparency in security policies and domain registration information to strengthen trust and compliance posture.

Z

Zasedáme.cz, s.r.o.

zasedame.cz

46

Zasedáme.cz, s.r.o. operates a premium event and conference space rental business located in the heart of Prague, offering multiple room sizes with modern technical equipment and comprehensive event services. The company targets corporate clients and individuals seeking well-equipped, centrally located venues with flexible scheduling options. The website is professionally designed, mobile-optimized, and provides clear pricing, contact information, and customer testimonials, supporting a strong market position in the hospitality and real estate sectors. Technically, the website employs a modern tech stack including Bootstrap, Swiper.js, and Usercentrics for cookie consent management, alongside analytics tools like Google Analytics and Hotjar. The site is served over HTTPS with no visible security vulnerabilities in the content, though security headers are not explicitly detected. The presence of a consent management platform indicates good privacy compliance practices. Security posture is solid with HTTPS and no exposed sensitive data, but the absence of explicit security policies or incident response contacts is a gap. The missing WHOIS data reduces domain trustworthiness and should be investigated further. Overall, the site demonstrates a mature digital presence with room for improvement in security transparency and domain registration clarity. Strategic recommendations include implementing security headers, publishing a security policy, adding incident response contacts, auditing third-party scripts, and considering a vulnerability disclosure policy to enhance trust and compliance.

MAXPROGRES, s.r.o. is a Czech Republic based company founded in 1996 specializing in technical security systems and system integration services. The company holds multiple ISO certifications and a national security certification (NBÚ T-level), positioning itself as a leader in the Czech security technology market. Their services include comprehensive security system design, installation, proactive monitoring, and 24/7 maintenance support. The website reflects a professional and consistent brand image with clear contact information and GDPR-compliant privacy and cookie policies. Technically, the site uses modern frontend technologies such as Bootstrap, jQuery, and Leaflet for mapping, and integrates Google Analytics and reCAPTCHA for analytics and security respectively. Security posture is moderate with HTTPS and CAPTCHA implemented, but lacks advanced security headers and a formal incident response or vulnerability disclosure mechanism. Overall, the site is accessible, well-structured, and trustworthy, supporting the company's market position and business credibility.

P

Praha 3

praha3.cz

68

The website www.praha3.cz serves as the official portal for the municipal district Praha 3 in the Czech Republic. It provides comprehensive information about local government services, news, events, and contact details for residents and visitors. The portal supports multiple languages via Google Translate links and offers online services such as appointment booking and downloadable forms. The site is well-branded and maintains consistent messaging aligned with its government entity status. Technically, the site employs modern web technologies including Google Analytics, Google Tag Manager, jQuery, and Bootstrap components. It is mobile-optimized, accessible, and includes SEO best practices such as meta tags and structured data (JSON-LD). The site uses HTTPS and implements cookie consent mechanisms compliant with GDPR, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses consent-based tracking scripts. However, it lacks explicit security headers and a published security.txt or incident response contact, which are recommended for transparency and vulnerability management. No WAF or blocking mechanisms were detected, and no obvious vulnerabilities were found in the content or scripts. Overall, the site presents a trustworthy and professional government portal with good content quality and technical implementation. The absence of WHOIS registration data slightly reduces trust but is mitigated by the official nature and consistent branding. Strategic improvements in security headers and incident response disclosures would enhance the security posture and trustworthiness further.

M

Magistrát města Karlovy Vary

mmkv.cz

53

The website mmkv.cz is the official online presence of the City Hall of Karlovy Vary, Czech Republic. It serves as a comprehensive portal for municipal services, citizen information, news, and administrative resources. The site targets residents and visitors, providing access to various public services such as permits, registrations, and local government information. The business model is that of a government public service portal, with a medium-sized organizational footprint and a well-established domain since 2002. Technically, the site is built on Drupal 10 CMS, leveraging Bootstrap for responsive design, Leaflet.js for mapping, and Google Analytics for visitor tracking. The infrastructure is hosted by a Czech registrar and hosting provider, REG-ZONER, ensuring regional consistency. The website demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. From a security perspective, the site enforces HTTPS and implements a detailed cookie consent mechanism compliant with GDPR. However, it lacks explicit security policy documentation and incident response contact information. No critical vulnerabilities or exposed sensitive data were detected. The site integrates third-party scripts responsibly but could improve by adding security headers and a vulnerability disclosure policy. Overall, mmkv.cz presents a trustworthy, professional, and user-friendly government portal with solid technical foundations and privacy compliance. Strategic enhancements in security transparency and incident readiness would further strengthen its posture.

O

OBRAZ – Obránci zvířat, z. s.

albertovakrutost.cz

54

The website albertovakrutost.cz is a campaign platform run by the non-profit organization OBRAZ – Obránci zvířat, z. s., focused on raising awareness and advocating against animal cruelty in supermarket Albert's chicken supply chain in the Czech Republic. The site provides detailed information about the campaign, including calls to action such as signing petitions. The organization positions itself as an animal welfare advocate with a clear mission and target audience of concerned consumers and animal rights supporters. Technically, the site uses modern frontend technologies including Vue.js, Alpine.js, and SwiperJS, supported by analytics and tracking tools like Google Analytics, Microsoft Clarity, and Ecomail. Hosting and DNS are managed via Cloudflare, ensuring good performance and security. The security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers could be improved. Privacy compliance is strong, with comprehensive GDPR-aligned privacy and cookie policies presented in Czech language. Contact information is transparent, including emails, phone number, and physical address. No terms of service or vulnerability disclosure policies were found. The domain is newly registered but consistent with the campaign's recent launch. Overall, the website is professional, trustworthy, and well-structured for its advocacy purpose.

G

GUN PRODUCTIONS

gutterdammerung.com

54

Gutterdämmerung.com is the official website for a niche entertainment project combining rock music, film, and live immersive experiences. The site promotes the Gutterdämmerung concept created by visual artist Bjorn Tagemose, featuring legendary rock artists. The business operates primarily in the media sector, targeting rock music fans and live event attendees. The website content is rich with artist information, multimedia, and event details, supporting fan engagement through newsletters and contests. Technically, the site uses standard web technologies including jQuery, Google Analytics, YouTube API, and MailChimp for marketing. Hosting is provided by One.com, with a domain registered since 2014, consistent with the business timeline. Security posture is moderate with HTTPS implied but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and professional but could improve in privacy and security practices.

F

Fosbury & Sons

fosburyandsons.com

50

Fosbury & Sons operates as a premium coworking and office space provider primarily serving the Brussels and Groot-Bijgaarden regions, with additional presence in Amsterdam. The company targets a broad audience including startups, entrepreneurs, and established companies seeking flexible workspaces, meeting rooms, and event spaces. Their market position is that of a high-quality, human-centric workspace provider emphasizing community and collaboration. Technically, the website employs modern web technologies including Google Tag Manager and Google Analytics, hosted with Cloudflare DNS services, and is optimized for mobile and SEO. Security posture is solid with HTTPS enforced and domain transfer protections in place, though DNSSEC is not enabled and additional security headers could be implemented. Privacy compliance is strong with clear cookie consent mechanisms and comprehensive privacy and terms policies. However, no explicit security policy or incident response contacts are published, and no vulnerability disclosure program is evident. Overall, the website is professional, trustworthy, and well maintained, with room for improvement in security transparency and DNS security.

T

Telefónica México

telefonica.com.mx

51

Telefónica México is a major telecommunications company providing innovative connectivity and telecom solutions to businesses and consumers in Mexico. The website reflects a strong market position with clear branding and comprehensive content tailored to its audience. The company leverages WordPress CMS with modern SEO and analytics tools, indicating a mature digital infrastructure. Security posture is solid with HTTPS and secure forms, though explicit security policies and incident response contacts are not published. Privacy compliance is good with a comprehensive privacy policy and terms of service, but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-optimized for users and search engines.

Y

YouGov

yougov.co.uk

66

YouGov is a well-established UK-based market research and data analytics company founded in 2000. It provides public opinion polling, market research, and data analytics services to a broad audience including businesses, media, and political organizations. The company holds a strong market position with a large user base and international presence. The website reflects a mature digital infrastructure with modern technologies such as Angular, AWS Cloudfront CDN, and multiple analytics and marketing tools integrated for performance and user insights. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms implemented via OneTrust. Security posture is strong, leveraging HTTPS, security headers, and monitoring tools like New Relic, though a dedicated security policy and incident response contact are not publicly found. Overall, the website is professional, trustworthy, and technically sound, supporting the company's credibility and business operations.

R

Redwall OÜ

redwall.ee

58

Redwall OÜ is a well-established Estonian web agency with over 13 years of experience, specializing in full-service web solutions including design, development, maintenance, and consulting. The company targets businesses and organizations seeking professional and user-centric digital presence. Their market position is solid within the local Estonian market, supported by a consistent brand and a comprehensive portfolio of services. Technically, the website is built on WordPress with modern performance optimizations such as WP Rocket, lazy loading, and deferred scripts. The site is mobile-optimized and accessible, integrating advanced analytics and marketing tools with GDPR-compliant consent mechanisms. Security posture is strong with HTTPS enforced, CAPTCHA on forms, and no visible vulnerabilities, though explicit security policies and incident response documentation are absent. Overall, the website reflects a professional, trustworthy, and technically mature digital presence.

L

Lumi Capital OÜ

lumikodud.ee

45

Lumi Kodud is a small Estonian real estate company specializing in rental apartments in Tallinn, offering 1-, 2-, and 3-room modern apartments managed reliably. The website is professionally designed using Joomla CMS with modern frameworks like Bootstrap and includes multi-language support. It integrates common analytics and marketing tools such as Google Analytics, Facebook Pixel, and Hotjar, and employs Google reCAPTCHA for form security. Privacy and cookie policies are present and indicate GDPR compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities, though additional security headers could enhance protection. Overall, the site is trustworthy and well-positioned for its local rental market niche.

I

Itera BI

bi365.ee

42

BCS Itera, operating under the brand Itera BI, is a specialized provider of business intelligence and data analytics solutions primarily leveraging Microsoft technologies such as Power BI, BI4Dynamics, and Azure. Founded in 2019 and based in Estonia, the company offers a comprehensive portfolio of services including BI strategy development, data warehouse architecture, BI implementation, cloud BI solutions, version upgrades, and advanced forecasting models. The website demonstrates a mature digital presence with rich content, client case studies, and educational resources, positioning the company as a trusted expert in the BI domain within its regional market. Technically, the site is built on WordPress with modern plugins and analytics integrations, delivering a good user experience and mobile optimization. Security posture is solid with HTTPS and secure form handling, though improvements in security headers and privacy compliance are recommended. Overall, the company presents a credible and professional image with clear contact channels and certifications, though it should enhance its privacy and cookie policies to meet compliance standards.

B

BCS itera

crmlahendused.ee

42

BCS itera is an Estonian technology company specializing in providing modern CRM and ERP solutions, including Microsoft Business Central and customer insights services. The company targets businesses seeking to manage customer journeys and sales processes effectively. The website reflects a professional B2B service provider with a clear focus on CRM-related offerings and digital transformation. The presence of a Finnish language partner site indicates regional market expansion. Technically, the website is built on WordPress with Elementor, integrating multiple analytics and marketing tools such as Google Analytics, Microsoft Clarity, and MonsterInsights. The site is served over HTTPS with a good SSL configuration, but lacks some security headers and explicit privacy or cookie policies, which are critical for GDPR compliance. No contact emails or phone numbers were found in the provided content, limiting direct communication channels. Overall, the website demonstrates moderate digital maturity with room for improvement in privacy compliance and security best practices.

V

Vejle Idrætshøjskole

vih.dk

67

Vejle Idrætshøjskole is a Danish educational institution specializing in sports-focused high school courses, targeting young people in sabbatical years or summer courses. The website presents a professional and modern digital presence built on React and Next.js, with good mobile optimization and SEO practices. The site implements a comprehensive cookie consent mechanism via Cookiebot, ensuring GDPR compliance and user privacy awareness. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security and incident response policies are not publicly visible. WHOIS data is unavailable, which is typical for Danish domains, but no suspicious indicators are found. Overall, the site reflects a trustworthy and well-managed educational service with moderate to good digital maturity.

E

Estonian Defence and Aerospace Industry Association

defence.ee

42

The Estonian Defence and Aerospace Industry Association is a medium-sized, essential government-related entity representing over 130 companies in Estonia's defence, aerospace, and security sectors. The association focuses on creating market opportunities, advocacy, and fostering cooperation among its members. The website is built on WordPress and uses standard analytics and marketing tools such as Google Analytics and Mailchimp. The technical infrastructure is modern but shows some server-side PHP warnings that could impact stability and security. Security posture is moderate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Contact information is available but limited to email and physical address, with no phone numbers or incident response contacts published. The website is professionally designed with good navigation and mobile optimization, supporting the association's credibility and trustworthiness.

21CC Triatloniklubi is a local Estonian triathlon club offering training and competition services primarily targeting adults and youth interested in triathlon sports. The website serves as an informational portal with basic navigation and content focused on club activities, training schedules, and competitions. The technical infrastructure is based on older JavaScript libraries such as MooTools and Slimbox, with a custom CMS platform inferred from URL structures. Google Analytics is used for visitor tracking, but no privacy or cookie policies are present, indicating limited privacy compliance. Security posture is basic with HTTPS enabled but lacking important security headers and policies. Overall, the site is functional but lacks modern security and privacy best practices.

Q

QATestLab

qatestlab.com

65

QATestLab is an independent software testing and QA services provider established in 2010, targeting software development companies and businesses seeking reliable quality assurance solutions. The company offers a variety of software testing types and solutions aimed at improving software quality. The website reflects a professional B2B service model with a consistent brand presence and clear business description. The technical infrastructure includes multiple modern analytics and marketing tools such as Google Analytics, Microsoft Clarity, Hotjar, and Visual Website Optimizer, indicating a mature digital marketing and performance measurement approach. Hosting and domain registration are stable and consistent with the business profile. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhancement. Privacy compliance is limited due to absence of explicit privacy and cookie policies, though a cookie consent mechanism is present. Overall, the website is well-designed, user-friendly, and trustworthy, but could improve transparency and security practices to align with best industry standards.

H

Hutten

hutten.eu

68

Hutten is a well-established Dutch catering and hospitality company with a history dating back to 1929. The company provides culinary services including business catering, event catering, and healthcare catering across the Netherlands. Their business model focuses on delivering high-quality, sustainable food and hospitality experiences with a strong emphasis on guest satisfaction and social impact. The website reflects a professional and consistent brand image targeting corporate clients, event organizers, and healthcare institutions. Technically, the website employs modern web technologies such as jQuery, Magnific Popup, Google Tag Manager, and Cookiebot for cookie consent management. Hosting assets on DigitalOcean CDN suggests a reliable infrastructure. The site is mobile-optimized and SEO-friendly, though some accessibility features could be improved. Security posture is good with HTTPS enforced and cookie consent implemented. However, the absence of security headers and visible privacy policy or terms of service pages indicates room for improvement in compliance and security best practices. No WHOIS registrant data is publicly available due to EURid privacy policies, but the domain and website content appear legitimate and consistent with the company's Dutch origin. Overall, Hutten's digital presence is professional and trustworthy, but enhancing transparency around privacy, security policies, and incident response would strengthen their compliance and security posture.

Avatud Lahendused OÜ is a medium-sized Estonian company founded in 2015, specializing in Odoo ERP implementations primarily for manufacturing companies. They hold a strong market position as one of the largest Odoo partners in the Baltic region, employing about 20 specialists and serving a diverse client base. Their website reflects a professional and consistent brand image with clear service offerings including ERP implementation, training, and consulting. Technically, the website is built on the Odoo CMS platform, leveraging modern web technologies such as Bootstrap and FontAwesome, and integrates Google Analytics for user tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS with CSRF protections and secure forms but lacks some security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible consent mechanism. Overall, the website is trustworthy and credible but would benefit from enhanced privacy and security disclosures.

Sporditurg.ee operates as a localized Estonian online marketplace specializing in sports equipment and related goods. It provides a platform for both private individuals and legal entities to post free classified ads, targeting sports enthusiasts across Estonia. The website offers categorized listings by sport type, size, condition, and location, facilitating easy navigation for users. The business model is focused on community-driven listings with monetization likely through featured ads and advertising partnerships. The market position is niche and local, serving a specific segment within the retail industry.

B

BDA Consulting OÜ

bda.ee

49

BDA Consulting OÜ is an Estonian network-based training and consulting company specializing in delivering training, development, consulting projects, service design, and strategic consulting. The company leverages a network of over 200 recognized experts to serve its clients, positioning itself uniquely in the Estonian market. The website is professionally designed using the Wix platform, featuring structured data that enhances SEO and business information visibility. The technical infrastructure is modern and includes common analytics and tracking tools such as Google Analytics, Facebook Pixel, and Inspectlet, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and some JavaScript hardening, but lacks explicit security headers and visible privacy or cookie policies, which are areas for improvement. Overall, the website presents a trustworthy business presence with room to enhance privacy compliance and security transparency.

C

Coursy.io LMS

coursy.io

54

Coursy.io is a technology company specializing in providing a Learning Management System (LMS) tailored for mid-sized and large enterprises. Their platform focuses on digitizing training processes to improve business outcomes through systematic training management. The company also offers an e-learning course marketplace called Coursy Academy, targeting training professionals and organizations seeking efficient onboarding, compliance, and skills development solutions. The website presents a professional and modern digital presence, emphasizing ease of use, administrative efficiency, and integration capabilities. The business is positioned as a leading LMS provider in its regional market with a solid client base including notable organizations.

O

Oreon OÜ

bestcredit.ee

52

BestCredit.ee is an established Estonian financial services company operating since 2011 under Oreon OÜ. The company offers a variety of loan products including small consumer loans, business loans, mortgage loans, guarantee loans, and construction loans. Their business model focuses on online lending with self-service features and loan calculators to facilitate customer engagement. The website targets both private individuals and businesses within Estonia, positioning itself as a reliable and professional lender with a clear regulatory license from the Estonian Financial Supervision Authority.

L

Laomaailm

laomaailm.ee

43

Laomaailm is an established Estonian company specializing in warehouse and industrial storage solutions with over 30 years of market presence. The company offers a broad range of products including shelving, lifting equipment, industrial stairs, and rental services, targeting B2B customers in manufacturing and logistics sectors. The website reflects a mature business with consistent branding and multilingual support, indicating a focus on regional and international clients. Technically, the site is built on WordPress with WooCommerce and enhanced by popular plugins such as Yoast SEO and WPML for multilingual capabilities. The infrastructure includes Google Tag Manager and Analytics for tracking, and the site is secured with HTTPS and cookie consent mechanisms, demonstrating compliance with GDPR requirements. Security posture is solid but could be improved by adding explicit security headers and incident response information. Overall, the website is professional, user-friendly, and trustworthy, supporting the company's market position and business credibility.

L

Luna Park Sydney

lunaparksydney.com

65

Luna Park Sydney is a well-established amusement and theme park located in Sydney, Australia, with a domain registered since 1999. The website offers comprehensive information about rides, ticketing options, immersive experiences, group bookings, and events, targeting families, tourists, and educational groups. The technical infrastructure is built on Adobe Experience Manager with integration of multiple modern analytics and marketing tools such as Google Analytics, Facebook Pixel, and TikTok Pixel. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and CSRF protections, though explicit security headers and cookie consent mechanisms are lacking, which could be improved for better compliance and security. WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the website scores well in content quality, technical implementation, and business credibility, with moderate privacy compliance and security posture scores.

A

AMIT Baltic

amit.lv

44

AMIT Baltic operates as a software provider specializing in dealer management systems (DMS) for the automotive industry, primarily targeting auto dealers and related businesses in the Baltic region. Their flagship product, AutoMaster, is positioned as a trusted solution recommended by auto manufacturers and importers, serving a medium-sized market with a focus on resource management and process optimization. The website reflects a professional presence with clear branding and client endorsements from major automotive brands, indicating a solid market position. Technically, the website employs legacy technologies such as jQuery 1.8.2 and bxSlider, alongside Google Analytics for user tracking. While the site is accessible and moderately optimized for performance and SEO, mobile optimization and accessibility are basic. The absence of modern frameworks or CMS suggests a relatively simple technical infrastructure. Hosting and domain registration appear consistent and legitimate, with no blocking or WAF interference detected. From a security perspective, the site lacks visible security headers and uses an outdated JavaScript library, which could expose it to vulnerabilities. There is no evidence of HTTPS enforcement or advanced security policies. Privacy compliance is weak, with no privacy or cookie policies found, and no consent mechanisms for tracking, which poses regulatory risks under GDPR. Contact information is comprehensive and clearly presented, enhancing business credibility. Overall, the website scores moderately well but requires improvements in privacy compliance, security hardening, and modernization of its technical stack to reduce risks and enhance trustworthiness. Strategic recommendations include implementing privacy and cookie policies, upgrading JavaScript libraries, adding security headers, and enforcing HTTPS to strengthen the security posture and regulatory compliance.

A

addCar

addcar.com

55

addCar Rental operates an international online car rental service offering vehicle bookings across Europe, the USA, the Middle East, and other countries. The company targets travelers seeking affordable and reliable car rentals with services including airport pickup, insurance protection, flexible cancellations, and 24/7 support. The website reflects a medium-sized business with a consistent brand presence and recognition such as the 2024 booking.com Traveller Review Award. Technically, the site uses modern frameworks like Angular and Bootstrap, integrates Google Analytics and Tag Manager for tracking, and provides a responsive, well-structured user experience. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit incident response information. The WHOIS data is missing or unavailable, which raises concerns about domain legitimacy despite the professional website and business presence. Overall, the site scores well on content quality and business credibility but should address WHOIS transparency and security header implementation to improve trust and compliance.

E

eHost OÜ

ettevotja.ee

40

Aktiva.ee is an Estonian business information portal focused on supporting entrepreneurs at various stages including startups, operating companies, and those expanding internationally. The site provides practical guides, legal and accounting information, marketing advice, and resources to help businesses succeed. It targets Estonian-speaking entrepreneurs and small businesses, positioning itself as a trusted informational gateway in the local business ecosystem. The website is built on WordPress, uses modern web technologies including Google Analytics and reCAPTCHA, and is hosted with reputable providers including Cloudflare for DNS and eHost OÜ as registrar. The site is well-structured with clear navigation and good mobile optimization, though it lacks explicit privacy and cookie policies which impacts compliance. Security posture is solid with HTTPS and anti-bot measures, but could be improved with additional security headers and published policies. Overall, the site is a credible, small-scale business resource with room for enhanced privacy and security transparency.

H

HansaLaw

hansalaw.ee

45

HansaLaw is an internationally recognized legal and tax advisory firm with over 10 years of experience, operating primarily in the Baltic region with offices in Tallinn, Riga, and Vilnius. The firm offers comprehensive legal consulting and conflict resolution services tailored to clients seeking expert legal advice. The website is built on WordPress using the Avada theme, incorporating modern web technologies and third-party marketing and analytics tools such as Google Analytics, Facebook Pixel, and Adform tracking. The site is well-designed, mobile-optimized, and provides clear navigation, although it lacks explicit privacy and cookie policies, which impacts its privacy compliance rating. Security posture is adequate with HTTPS enabled and good SSL configuration, but could be improved by enabling DNSSEC and adding security headers. No WAF or blocking mechanisms were detected, and the domain registration data is consistent with the business claims, supporting legitimacy.

Rentokil is a professional pest control service provider targeting residential and business customers in Estonia. The website presents localized content in Estonian, emphasizing expertise and comprehensive pest control solutions. The technical infrastructure includes modern web technologies and tracking tools such as Google Analytics and Google Tag Manager, hosted primarily on Rentokil's CDN. While the website design and content quality are good, there is a lack of visible privacy, cookie, and security policies, which impacts compliance and trust. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, warranting further verification. Overall, the security posture is moderate but could be improved by implementing security headers and explicit compliance documentation.

N

Nuare Studio

nuarestudio.com

45

Nuare Studio is a specialized art outsourcing and software development company established in 2006, serving the video game and movie industries. The company offers a broad range of creative services including 2D and 3D art, animation, VFX, and IT development such as mobile and web applications. Their market position is supported by collaborations with prominent clients and a portfolio of major projects. Technically, the website is built on WordPress with modern plugins and SEO tools, delivering a good user experience with mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled and domain locks in place, though DNSSEC is not enabled and security headers are missing. Privacy compliance is lacking as no privacy or cookie policies are found, which is a notable gap. Overall, the business credibility is high with clear contact information and trust signals like testimonials and client logos. Strategic improvements in privacy compliance and DNS security would enhance their security and trust profile.

B

BNI Eesti

bni.ee

54

BNI Eesti operates as the Estonian chapter of BNI, the world's leading business referral organization established globally in 1985. The website serves business professionals and entrepreneurs in Estonia, providing networking, referral generation, and business training services. The domain has been registered since 2010, aligning with the organization's established presence. The site uses a proprietary CMS and is hosted behind Cloudflare, leveraging modern web technologies including jQuery, Google Analytics, and Facebook Pixel for analytics and marketing. The website is well-structured, mobile-optimized, and presents consistent branding aligned with the global BNI identity. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers and detailed privacy/security policies are absent. Contact information is primarily via contact forms, with no direct emails or phone numbers visible. Overall, the site is professional, trustworthy, and serves its business networking purpose effectively.

T

Tritech OÜ

tritech.ee

49

Tritech OÜ is a small Estonian manufacturing company specializing in mechanical engineering and CNC machining services, established in 2012. The company offers a range of services including mechanical engineering design, CNC turning and milling, product assembly, and customized mechanical solutions. Their target audience is industrial companies seeking high-quality machined parts and assembly services. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website is built on WordPress with WooCommerce for e-commerce capabilities, using modern tools such as Google Analytics and Facebook Pixel for marketing and tracking. The site is mobile-optimized and SEO-friendly, though performance is moderate. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but lacks explicit security headers and formal security policies. Overall, the security posture is solid but could be improved by adding cookie consent mechanisms, security policies, and vulnerability disclosure information. The domain registration is consistent with the business claims, enhancing trustworthiness. Strategic recommendations include enhancing privacy compliance and security transparency to further build customer trust and regulatory adherence.

Stratum Traffic Engineering GmbH is a specialized consulting company in the Intelligent Transport Systems (ITS) and traffic engineering sector, offering services such as traffic analysis, road safety, project management, and business development for ITS SMEs. The company targets organizations seeking expertise in traffic audits, modeling, and tolling systems, positioning itself as a niche ITS SME with international market development capabilities. The website reflects a professional and consistent brand image with clear service offerings and contact information, supported by social media presence on Facebook and LinkedIn. Technically, the site is built on WordPress using popular plugins and themes, delivering moderate performance and good mobile optimization. However, the site lacks advanced security headers and explicit privacy or cookie policies, which are critical for compliance and trust. The domain registration is consistent and transparent, with no privacy protection, supporting the legitimacy of the business. Overall, the website is functional and credible but requires improvements in privacy compliance and security posture to enhance trust and regulatory adherence.

G

Goal Marketing OÜ

goal.ee

40

Goal Marketing OÜ is a well-established Estonian digital marketing agency founded in 2010. The company specializes in social media content creation, strategic marketing campaigns on Meta and Google platforms, and offers training services including Chat GPT and GA4. Their website reflects a professional service provider targeting businesses seeking comprehensive digital marketing solutions. The agency maintains a consistent brand presence with detailed team profiles and client logos, indicating a credible market position within Estonia. Technically, the website is built on WordPress using popular plugins and themes, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and captcha-protected forms, but lacks advanced security headers and explicit privacy policies. Cookie consent is implemented via CookieYes, supporting GDPR compliance to some extent. Overall, the domain registration data aligns with the business claims, reinforcing legitimacy. Strategic improvements in privacy documentation and security headers would enhance compliance and trust.

S

SA Tallinna Lauluväljak

lauluvaljak.ee

46

Tallinna Lauluväljak is a well-established event venue and cultural site in Tallinn, Estonia, operating since 2010. The organization offers rental services for event spaces, furniture, and equipment, alongside visitor services such as a visitor center and park attractions. The website is professionally designed using Drupal CMS, with integration of modern analytics and marketing tools including Google Analytics, Google Tag Manager, and Facebook Pixel. The site is mobile-optimized and provides clear navigation and relevant content for event organizers and visitors. Security posture is solid with HTTPS enabled and no visible sensitive data exposure, though security headers are not explicitly detected. Privacy compliance is basic with a privacy policy present but lacking cookie consent mechanisms and terms of service. Contact information is clearly provided, enhancing business credibility.

I

International Transport Workers' Federation (ITF)

itfafrica.org

59

The International Transport Workers' Federation (ITF) operates a comprehensive website focused on its Africa regional activities, advocating for transport workers' rights and union coordination across the continent. The site demonstrates a mature digital presence with multilingual support, modern CMS technology (Drupal 10), and integration of analytics and translation services. Contact information is clearly provided with physical offices in Nairobi and Abidjan, supporting its global federation status. However, the absence of a visible privacy policy and terms of service pages, along with incomplete WHOIS data, slightly detracts from its overall trustworthiness. Security posture is adequate with HTTPS and anonymized analytics but lacks explicit security headers and vulnerability disclosure mechanisms. Overall, the website is professional, content-rich, and well-structured, serving its target audience effectively while leaving room for improvements in privacy and security transparency.

B

Blend IT

blendit.eu

45

Blend IT is a small technology company specializing in providing remote software development teams primarily located in the Philippines and Estonia. Their business model focuses on outsourcing long-term software professionals to clients globally, emphasizing flexible team structures and direct client-to-developer communication. The company positions itself as a niche provider addressing talent shortages through remote work solutions. Technically, the website is built on WordPress with modern front-end technologies such as Bootstrap and jQuery, and it integrates Google Analytics for user tracking. The site is mobile optimized and uses SEO best practices including structured data and meta tags. Security-wise, the site enforces HTTPS and employs basic anti-spam measures in its contact form but lacks published security policies or incident response information. Privacy compliance is limited due to the absence of privacy and cookie policies. Overall, the website is professional and credible but would benefit from enhanced privacy and security disclosures.

E

Efore

efore.com

52

Efore is a company specializing in automated battery cell manufacturing and energy storage solutions, targeting industrial, telecom, and energy sectors. Their website presents a professional image with clear navigation and modern design, leveraging WordPress and Elementor technologies. The company emphasizes customized battery solutions and sustainability. Technically, the site is well-structured with SEO optimization and mobile responsiveness, though performance is moderate. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and explicit security policies. Privacy compliance is limited, with no clear privacy or terms of service pages, though a cookie consent mechanism is present. WHOIS data is missing, which raises concerns about domain registration legitimacy. Overall, the site is functional and professional but would benefit from enhanced transparency and security documentation.

B

Baltic Legal

baltic-legal.com

44

Baltic Legal is a specialized corporate law office providing company formation, legal, accounting, and immigration services focused on the Baltic states of Latvia, Estonia, and Lithuania. The company targets entrepreneurs and businesses seeking to establish operations in these countries, offering a one-stop solution for business registration, tax management, and residence permits through investment. The website content is professionally structured and provides detailed service descriptions, although it lacks explicit contact information and privacy policies. Technically, the website employs standard web technologies including HTML5, CSS, JavaScript, Font Awesome icons, and integrates Google Analytics and Google Tag Manager for visitor tracking. The site is moderately optimized for mobile devices and SEO, but lacks advanced accessibility features and security headers. The absence of HTTPS status information and security headers suggests room for improvement in security posture. From a security perspective, the site does not expose sensitive data and uses no known vulnerable libraries. However, the lack of privacy and cookie policies, absence of contact details for incident response, and missing WHOIS registration data reduce trustworthiness and compliance with data protection regulations. The WHOIS query returned no registration data, which is inconsistent with the active website presence and raises concerns about domain legitimacy. Overall, Baltic Legal presents a credible business offering with good content quality and technical implementation but requires significant improvements in security, privacy compliance, and transparency to enhance trust and regulatory adherence.

PD Instore is a well-established retail design-to-build partner with over 80 years of industry experience, specializing in visual merchandising and instore environment solutions. The company targets retail brands seeking innovative and comprehensive brand experience services, offering design, build, and rollout capabilities. Their market position is strong, supported by a large team and a broad portfolio of well-known brand partnerships. Technically, the website is built on WordPress using Elementor, with modern JavaScript libraries and Google Analytics integration, reflecting a moderate to good digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms in place, but lacks explicit security headers and published security policies. Privacy compliance is partial, with cookie consent but no visible privacy policy or terms of service. Overall, the website is professional and trustworthy but could improve transparency and security documentation.

T

Total Risc Technology (TRT)

trt.com

66

Total Risc Technology (TRT) is a globally recognized IT managed services provider specializing in server, storage, and networking solutions. With a strong emphasis on ISO 27001 and ISO 9001 certifications, TRT delivers cost-effective, scalable IT support and maintenance services to a diverse clientele ranging from small businesses to multinational corporations. Their service portfolio includes business continuity, managed services, professional consulting, infrastructure deployment, and cloud solutions, supported by a global team of IT experts and strategic partnerships with leading technology vendors such as IBM, HP, Dell, Cisco EMC, and NetApp. Technically, the website is built on WordPress with modern plugins like Yoast SEO and WPBakery Page Builder, integrating analytics and user behavior tracking tools such as Google Analytics and Hotjar. The site demonstrates good mobile optimization and SEO practices but lacks some advanced accessibility features and explicit cookie consent mechanisms. Security posture is strengthened by HTTPS enforcement and ISO certification; however, the absence of visible security headers and incident response contact details suggests room for improvement. The domain WHOIS data is notably missing, which raises concerns about domain registration transparency and trustworthiness despite the professional online presence. This discrepancy should be addressed to enhance credibility. Overall, TRT presents as a mature and reliable IT services provider with a solid market position but could benefit from enhanced transparency and compliance features on their website.

S

Savantor Ltd

savantor.com

54

Savantor Ltd is a specialized consulting and resourcing firm focused on the payments, cards, mobile, banking, and transactions sectors. With over 25 years of experience, the company offers expert services including specialist resourcing, payments strategy, platform selection and transition, and operational efficiency. Their client base includes major financial institutions and payment networks, positioning them as a trusted advisor in the European and UK markets. The website reflects a professional and well-structured digital presence, leveraging WordPress and Elementor technologies, with good mobile optimization and SEO practices. Privacy and cookie policies are comprehensive and GDPR compliant, supported by a consent mechanism. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. The absence of WHOIS registration data is a notable anomaly that requires further investigation to confirm domain legitimacy. Overall, the website and business present a credible and professional image with minor technical and security enhancements recommended.

M

MRPeasy

mrpeasy.com

69

MRPeasy is a cloud-based SaaS provider specializing in Manufacturing ERP and MRP software tailored for small manufacturers. The company offers a comprehensive suite of services including production planning, stock management, CRM, purchases, finances, and team collaboration tools. Positioned as a leading solution for small manufacturers, MRPeasy emphasizes simplicity and power in its offerings. The website reflects a professional and consistent brand image with good content quality and SEO optimization. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and integrates advanced analytics and optimization tools like Google Analytics and Visual Website Optimizer. The site is mobile-optimized and performs moderately well, with good accessibility and SEO features. Security best practices are observed, including HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly available. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms in place. However, the absence of WHOIS registration data reduces the overall trust score, as domain legitimacy cannot be fully verified. Contact information is available, including verified company emails and social media presence, enhancing business credibility. Overall, MRPeasy presents a trustworthy and professional online presence suitable for its target market, but improvements in transparency regarding security policies and domain registration details would further strengthen trust and compliance.

IITEE OÜ is an Estonian IT service provider specializing in professional IT solutions for companies, particularly those in the manufacturing sector. Founded in 2006, the company offers IT maintenance, hosting services with high availability, and Office 365 business-class email solutions. Their business model focuses on providing reliable and efficient IT support to improve operational efficiency for their clients. The website reflects a small but professional company with clear contact information and a focus on B2B services. Technically, the website uses a modern frontend stack including Bootstrap, jQuery, Owl Carousel, and Google Fonts. Google Analytics and Google Tag Manager are employed for user tracking and marketing insights. The site is mobile responsive and well-structured, though accessibility features are basic. Hosting appears to be managed by Elkdata OÜ, consistent with the WHOIS data. From a security perspective, the website uses HTTPS and avoids exposing sensitive data. However, no explicit security headers were detected, and there is a lack of privacy and cookie policies, which impacts GDPR compliance. No vulnerability disclosure or incident response information is provided. The security posture is moderate but could be improved by implementing standard security headers and formal policies. Overall, the website is professional and trustworthy with a solid business foundation. The main risks relate to privacy compliance and security best practices, which should be addressed to enhance trust and regulatory adherence.

B

Baklavacı Güllüoğlu

gulluoglu.com

61

Baklavacı Güllüoğlu operates a well-established e-commerce website specializing in traditional Turkish desserts such as baklava, kadayıf, lokum, and chocolates. The company targets consumers interested in authentic Turkish sweets and offers a variety of products with online ordering and delivery options. The website demonstrates a good level of digital maturity with modern technologies including jQuery, Google Tag Manager, Facebook Pixel, and Google Analytics integrated for marketing and analytics purposes. The site is built on the Hipotenus e-commerce platform, indicating a professional infrastructure. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although some HTTP security headers are not explicitly detected. Privacy compliance is robust, with a comprehensive privacy policy and cookie consent banner supporting GDPR requirements. However, the absence of WHOIS data for the domain raises concerns about domain registration transparency, which slightly impacts overall trustworthiness. No evidence of WAF or blocking mechanisms was found, allowing full content accessibility and analysis.

O

Outline Reklaam

outline.ee

39

Outline Reklaam is an established Estonian marketing and advertising agency with over 20 years of experience. They offer a comprehensive suite of services including graphic design, internet solutions, photography, 3D, video marketing, and website development. Their business model focuses on in-house content creation and serving a diverse client base, as evidenced by their portfolio and testimonials. Technically, the website is built on WordPress using the Avada theme and integrates common plugins such as Contact Form 7 and MonsterInsights for analytics. The site is moderately optimized for performance and mobile devices, with basic accessibility features. Security posture is adequate with HTTPS enabled and reCAPTCHA on forms, but lacks visible security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security transparency.

MTÜ Eesti Kvaliteediühing is a non-profit organization based in Estonia focused on uniting organizations and individuals dedicated to development and quality improvement. The website serves as a platform for sharing news, events, and international quality-related activities, targeting quality professionals and organizations. The business model centers on membership and community engagement within the quality sector. The organization appears established with a domain age consistent with its founding year of 2018 and maintains a moderate market position within Estonia's quality community. Technically, the website is built on WordPress 6.5.5 using the Avada theme and integrates popular plugins such as Yoast SEO and CleanTalk anti-spam. It employs modern web technologies including jQuery and Font Awesome, and uses Google Analytics for visitor tracking. The site is served over HTTPS, indicating a secure transport layer, and shows moderate performance and good mobile optimization. SEO practices are implemented with meta tags and structured data, although accessibility features are basic. From a security perspective, the site benefits from HTTPS and anti-spam measures but lacks explicit security headers and documented security policies. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy and cookie policies are absent, which is a compliance gap, especially under GDPR. Incident response and vulnerability disclosure mechanisms are not evident, limiting transparency in security management. Overall, the website demonstrates a solid business credibility and technical foundation but requires improvements in privacy compliance and security policy transparency. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, enhancing security headers, and publishing incident response contacts to strengthen trust and compliance.

The website seo.com.au is currently a parked domain with minimal content indicating it is available for purchase or joint venture. There is no active business operation or service offering visible on the site. The primary contact method is a single email address. The technical infrastructure includes use of Google Tag Manager, Google Analytics, and Facebook Pixel for tracking, hosted on AWS DNS servers. However, the site lacks security headers, DNSSEC, and visible HTTPS confirmation, which reduces its security posture. Privacy compliance is poor, with no privacy or cookie policies present despite extensive tracking scripts. Overall, the site is low in content quality and business credibility, reflecting its parked status rather than an operational business.