Security Directory

R

Ramirent

ramirent.sk

60

Ramirent is a Slovakia-based company specializing in the rental of tools, machinery, and equipment, supported by professional services and a wide branch network. The website presents a modern, well-structured digital presence built on React and Material-UI, offering good user experience and mobile optimization. However, the site lacks explicit privacy and cookie policies, as well as clear contact information, which impacts its privacy compliance and trustworthiness scores. Security posture is adequate with HTTPS enabled and secure forms, but missing security headers and incident response details suggest room for improvement. Overall, the website is functional and professional but would benefit from enhanced compliance and security transparency.

F

Falcony

falcony.io

69

Falcony is a SaaS platform focused on enabling employee and stakeholder involvement to build safer, happier, and more productive workplaces. The company offers a modular compliance and reporting platform with features including audits, observations, ESG compliance, risk management, whistleblowing, and tenant portals. Positioned as part of the WeKomply family, Falcony targets enterprises and organizations across multiple sectors such as technology, real estate, energy, transportation, and hospitality. The website is professionally designed, multilingual, and integrates modern web technologies to deliver a seamless user experience. Privacy and cookie consent mechanisms are implemented, reflecting good compliance practices. However, direct contact information such as emails and phone numbers are not publicly listed, with contact primarily via web forms.

R

Ramirent.pl

ramirent.pl

68

Ramirent.pl is a leading construction equipment rental company in Poland, offering a wide range of products including scaffolding, containers, fencing, power tools, and cranes. Established in 2004, it holds a strong market position as the largest rental provider in its sector within Poland. The website reflects a professional business model focused on serving construction professionals and companies. Technically, the site employs modern JavaScript libraries and tracking technologies such as Chart.js, Cookiebot, Google Tag Manager, Facebook Pixel, TikTok Pixel, and Hotjar, indicating a mature digital infrastructure with extensive analytics and marketing capabilities. Security-wise, the site uses HTTPS with good SSL configuration and implements cookie consent mechanisms, but lacks visible security headers and formal security policies, which could be improved to enhance trust and compliance. Overall, the website is well-designed and user-friendly, with good mobile optimization and SEO practices, but would benefit from publishing comprehensive privacy and terms of service documents and enhancing security transparency.

S

SHOPLINE

shopline.com

66

SHOPLINE is a well-established SaaS ecommerce platform founded in 2013, serving over 600,000 merchants globally. It offers a comprehensive suite of ecommerce solutions including online store building, social commerce, POS, payment processing, B2B ecommerce, and marketing automation. The platform targets entrepreneurs to enterprises seeking integrated commerce solutions. Technically, the website is built on Webflow CMS with a modern tech stack including JavaScript, jQuery, and multiple marketing and analytics tools such as HubSpot, Hotjar, and Facebook Pixel. The site is fast, mobile-optimized, and professionally designed with clear navigation and rich content. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. Privacy and cookie policies are present and GDPR compliant. WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency but does not detract from the overall legitimacy of the business. Strategic recommendations include publishing detailed security and incident response policies, enhancing transparency on data protection roles, and confirming security header implementations.

R

Rugby Europe

rugbyeurope.eu

78

Rugby Europe is the governing body responsible for the administration and promotion of rugby union across European countries outside the Six Nations Championship. The organization focuses on organizing competitions, developing rugby at various levels, and serving the rugby community in Europe. The website serves as the official digital presence, providing information and resources related to European rugby activities. Technically, the website employs modern web technologies including Google Tag Manager for analytics and Cookiebot for cookie consent management, hosted on a reliable Azure CDN platform. The site is mobile-optimized and includes structured data for enhanced SEO. Security-wise, the site enforces HTTPS and implements a comprehensive cookie consent mechanism, though lacks some advanced security headers and explicit security policies. Overall, the website is professional and trustworthy, but could improve privacy compliance and transparency by publishing privacy and terms of service policies and providing clear contact information. The domain WHOIS data is protected by EURid privacy services, which is common and justified for this type of organization.

W

World Rowing

worldrowing.com

69

World Rowing is an established international sports federation responsible for organizing rowing events worldwide, including the upcoming 2025 World Rowing Cup in Lucerne, Switzerland. The website serves as an official platform to provide event information and promote the sport to athletes, fans, and the rowing community. The domain is long-standing, registered since 1999, and hosted on a reliable infrastructure with AWS DNS and CDN services, reflecting a mature digital presence. Technically, the website employs modern JavaScript frameworks such as Vue.js, uses Google Tag Manager for analytics and marketing, and implements HTTPS with appropriate security headers. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. However, some standard compliance elements like a dedicated privacy policy and terms of service pages are not detected on the event page, though a cookie consent mechanism is present. From a security perspective, the site demonstrates good practices including HTTPS enforcement and clientTransferProhibited domain status, but lacks DNSSEC and a published security.txt file for vulnerability disclosure. No critical vulnerabilities or exposed sensitive data were found. The WHOIS data aligns well with the website's claims, supporting legitimacy and trustworthiness. Overall, the website is professional, secure, and credible, serving its purpose effectively. Enhancements in privacy compliance documentation and security disclosures would further strengthen its posture.

E

HOME | Europaralympic

europaralympic.org

58

The website www.europaralympic.org appears to be a Wix-hosted site related to the European Paralympic Committee or a similar organization. However, the content provided is minimal and truncated, with no clear business description, contact information, or privacy policies visible. The WHOIS data is unavailable or malformed, preventing extraction of registrar or registrant details, which negatively impacts trust and legitimacy assessment. Technically, the site uses Wix's standard JavaScript and hosting infrastructure but lacks visible security headers or HTTPS confirmation in the provided data. Overall, the site shows low digital maturity and limited compliance with privacy and security best practices.

N

Net Affinity Ltd.

netaffinity.io

62

Net Affinity Ltd. operates an application platform accessible at app.netaffinity.io, likely serving the hospitality or travel technology sector. The website is primarily a login portal with minimal public-facing content, indicating a focus on existing customers or internal users. The technical infrastructure includes modern iconography via Font Awesome and bot mitigation through Google reCAPTCHA, reflecting a baseline digital maturity. However, the absence of visible privacy, cookie, or terms of service policies, along with no contact information, limits transparency and user trust. The WHOIS data is unavailable due to a malformed request or privacy protection, which further constrains trust assessment. Security measures are basic but include HTTPS and reCAPTCHA, though security headers and advanced protections are not evident. Overall, the site presents a moderate risk profile with room for improvement in transparency, compliance, and security hardening.

H

HundrED

hundred.org

68

HundrED is a mission-driven non-profit organization dedicated to transforming K12 education globally by curating, amplifying, and implementing impactful and scalable education innovations. It holds a leading market position as a global curator and partner in the education sector, serving a broad audience including educators, innovators, and youth. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content focused on education innovation and community engagement. Technically, the site employs modern JavaScript frameworks, analytics tools like Matomo and Google Analytics, and follows good practices such as HTTPS enforcement and cookie consent mechanisms. Security posture is solid with room for improvement in security headers and explicit security policies. The domain is longstanding and privacy-protected, consistent with a reputable global non-profit. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

E

Exposure Labs Inc.

exposure.co

66

Exposure Labs Inc. operates Exposure.co, a specialized visual storytelling platform designed for photographers and visual storytellers to create and share photo and video stories. The company targets a diverse audience including hobbyists, professionals, brands, nonprofits, and sports teams, positioning itself as a niche leader in media publishing with a subscription-based SaaS business model. The platform offers rich features such as unlimited photo uploads, media embedding, custom Exposure sites, and audience-building tools, supported by a clean, modern, and mobile-optimized website design.

X

XTAXI.LV | taksometrs Rīgā un Liepājā

xtaxi.lv

58

The website www.xtaxi.lv appears to be a small business site built on the Wix platform, likely related to taxi or transportation services in Latvia. The site uses standard Wix hosting and JavaScript technologies but lacks visible business descriptions, contact information, or privacy and cookie policies. The technical infrastructure is typical for Wix sites, with moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled but missing important security headers and policies. The absence of WHOIS data due to query limits restricts domain legitimacy verification. Overall, the site shows minimal digital maturity and limited trust signals, which may impact user confidence.

L

LIDO

lido.lv

63

LIDO is a Latvian hospitality business focused on providing fresh, authentic, and quality food with a democratic approach to choice, price, and taste nuances. The website targets Latvian-speaking consumers and positions itself as a trusted local brand in the food service industry. The digital infrastructure includes modern web technologies such as HTML5, CSS3, JavaScript, Cookiebot for cookie consent, Google Tag Manager, Facebook Pixel, and reCAPTCHA for bot protection. The website is served over HTTPS with a valid SSL certificate, ensuring secure communication. However, explicit privacy policy and terms of service pages were not detected in the provided content, which may impact compliance and user trust. The security posture is generally good with HTTPS and consent mechanisms but lacks explicit security headers and detailed contact information for incident response. Overall, the website demonstrates a professional and trustworthy online presence with room for improvement in privacy transparency and security best practices.

E

EHR.FM

ehrhiti.lv

63

EHR.fm is a Latvian online radio platform offering over 30 free and advertisement-free radio channels along with podcasts and interactive features. The website targets Latvian-speaking users seeking a modern and user-friendly online radio experience. The platform leverages modern web technologies including JavaScript frameworks, Cookiebot for consent management, and Google Tag Manager for analytics. The site is well-structured with comprehensive privacy and cookie policies, reflecting good compliance with GDPR requirements. Security measures such as HTTPS enforcement and CSRF protection are in place, though no dedicated security policy or incident response information is published. Overall, the website demonstrates a mature digital presence with a focus on user privacy and advertising transparency.

W

Women Sports – Femmes et Sports – Sport au féminin

womensports.fr

44

Women Sports is a French media platform dedicated to women's sports, offering news, results, interviews, and a magazine subscription service. The website targets French-speaking sports enthusiasts, particularly women interested in female athletes and sports culture. It operates under the Sport & Sponsoring Media Group and maintains a subsidiary focused on African content. Technically, the site is built on WordPress with modern plugins and uses Google Analytics for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, HTTPS is enforced and Google reCAPTCHA is implemented, but the absence of security headers and missing WHOIS data slightly reduce trust. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the site is professional and trustworthy but could improve security posture and transparency.

T

Piletid sinu teekonnale

tpilet.ee

60

Tpilet.ee is an Estonian online platform specializing in the sale of bus tickets and providing bus timetable information. It serves primarily bus travelers within Estonia, offering services such as one-way and return ticket purchases, ticket returns, and corporate client agreements. The website is positioned as a key player in the Estonian transportation ticketing market, leveraging e-commerce to facilitate travel planning and ticketing. Technically, the website is built using modern web technologies including React and JavaScript, with integration of analytics tools such as Amplitude and Google Analytics. The site demonstrates moderate performance and good mobile optimization, although accessibility features are basic. The use of HTTPS ensures secure communications, and cookie consent mechanisms are in place to comply with basic privacy requirements. From a security perspective, the site enforces HTTPS and employs cookie consent banners, but lacks explicit security headers and published privacy or security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data aligns well with the business, indicating a legitimate and consistent domain registration. Overall, the website presents a professional and functional platform with room for improvement in privacy compliance, security best practices, and accessibility. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

T

TraceParts

traceparts.com

77

TraceParts operates as a leading global provider of 3D digital content for engineering professionals, offering free access to an extensive library of CAD models and supplier catalogs. The website is professionally designed with excellent content quality, targeting CAD users and engineers worldwide. The business model focuses on providing valuable digital assets to the engineering community, supporting product design and manufacturing processes. Technically, the site employs modern JavaScript libraries, analytics platforms like Piano Analytics and HubSpot, and a consent management platform (Didomi) to manage user privacy preferences. The website is accessible, mobile-optimized, and SEO-friendly, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS and uses consent management but lacks visible security headers and explicit security policies, which are recommended for enhancement. The absence of WHOIS data raises some concerns about domain registration transparency, though the website content and branding suggest a legitimate and established business. Overall, the site presents a strong digital presence with room for improvement in privacy compliance and security best practices.

SODECA is a Norwegian-based manufacturer specializing in industrial ventilation, smoke extraction, tunnel ventilation, and pressurization systems for evacuation routes. The company operates internationally with multiple country-specific websites, indicating a strong global presence. Their business model focuses on manufacturing high-quality ventilation products and providing consulting services to industrial clients and engineers. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content in Norwegian with English alternatives. Technically, the website uses modern frameworks such as Bootstrap and Font Awesome, with a cookie consent mechanism ensuring privacy compliance. The site is served over HTTPS with no visible security vulnerabilities or exposed sensitive data. However, security headers are not explicitly detected, and no public security or incident response policies are published on the site. Overall, the security posture is good with room for improvement in security header implementation and transparency around incident response. The absence of WHOIS data is typical for .no domains and does not detract from the site's legitimacy. Contact information is clearly provided, enhancing business credibility. The site demonstrates a mature digital presence suitable for its industry and market position.

SODECA is a Portuguese manufacturer specializing in industrial ventilation and exhaust solutions, including smoke control, tunnel ventilation, stair pressurization, and indoor air quality improvement. The company maintains a strong international presence with multiple country-specific websites, targeting industrial clients and technical professionals. Their business model combines manufacturing with direct sales, supported by online tools and technical consultancy services. The website reflects a professional and consistent brand image with clear navigation and relevant content. Technically, the website employs modern web technologies such as Bootstrap, Font Awesome, and integrates analytics and advertising tools like Google Analytics, Google Tag Manager, and Bing Ads. The site is mobile-optimized and performs moderately well, with good SEO practices and accessibility at a basic level. Security-wise, the site uses HTTPS and a cookie consent mechanism but lacks explicit security headers and published security policies or incident response contacts. Overall, the security posture is solid but could be improved by implementing additional security headers, publishing a security policy, and establishing a vulnerability disclosure process. The domain WHOIS data aligns well with the business claims, supporting legitimacy. The website provides comprehensive contact information and privacy compliance features, enhancing trustworthiness. Strategic recommendations include enhancing security headers, publishing incident response and security policies, improving accessibility, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

S

Sigma Technology Group

sigmatechnology.com

62

Sigma Technology Group is a well-established global technology company founded in 1999, specializing in software and embedded systems development, IT infrastructure, cloud services, and digital transformation. The company targets businesses seeking advanced digital and engineering solutions, positioning itself as a trusted partner with a strong presence in Sweden and international offices. Their key services include software development, AI consulting, DevOps, cloud technology, and automotive solutions, supported by a professional and comprehensive online presence. Technically, the website is built on WordPress with modern JavaScript libraries and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enabled and no exposed sensitive data, though improvements can be made by enabling DNSSEC and publishing explicit security policies. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the website reflects a high level of professionalism, trustworthiness, and business credibility.

E

Elva Kultuur

elvakultuur.ee

44

Elva Kultuur is a local government cultural portal serving the Elva municipality in Estonia. The website consolidates information about various cultural institutions and events within the municipality, targeting residents and visitors interested in cultural activities. It provides event calendars, news updates, and detailed pages for multiple cultural houses and centers. The site is positioned as an official source for cultural information in the region, supported by local government entities.

Sigma Technology Origo is a Sweden-based technology consulting company specializing in connecting business-critical information sources to empower data-driven decision making and personalized experiences. The company offers a range of services including Aftersales Digital Twin, Workshop solutions, Diagnostics, Renderpoint/Topicpack, and a cloud-based CCMS platform called Studio. It operates as part of the Sigma Technology Group, a global technology consulting firm with a presence in multiple countries and owned by Danir AB. The website content is professional and clearly targets businesses seeking advanced technology and digital solutions. Technically, the website uses standard web technologies such as HTML5, CSS, and JavaScript with jQuery, and is moderately optimized for mobile and performance. Security posture is moderate with HTTPS assumed but lacking explicit security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain is well-established and trustworthy, with no blocking or WAF detected.

Airvent Légtechnikai Zrt. is a well-established Hungarian manufacturer specializing in innovative ventilation and air handling products. Founded in 1999, the company offers a broad portfolio of HVAC-related products and services, including design support, customer service, and commissioning. Their market position is solid within Hungary and surrounding regions, targeting professional customers in industrial and residential ventilation sectors. The website reflects a mature digital presence with multilingual support and detailed product information. Technically, the site employs modern tracking and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag, with secure HTTPS and CSRF protections on forms. However, explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is strong, with clear cookie and privacy policies and consent mechanisms. Overall, the site is professional, secure, and trustworthy, supporting the company's credibility and business operations.

S

Siemens AG

c2comms.cloud

65

The website c2comms.cloud is a minimal placeholder or landing page associated with Siemens AG, a large multinational technology and industrial company headquartered in Germany. The domain is relatively new, registered in late 2022, and uses AWS infrastructure for DNS and real user monitoring. The site content is minimal with no visible business descriptions, contact information, or interactive elements. Footer links point to Siemens corporate legal and privacy pages, confirming corporate ownership. The technical infrastructure is modern but basic, with no CMS or advanced frameworks detected. Security posture is adequate with HTTPS and domain transfer protection but lacks DNSSEC and security headers. Privacy compliance is supported by links to comprehensive Siemens policies but lacks on-site consent mechanisms. Overall, the site appears legitimate but underdeveloped, likely serving as a technical or internal platform rather than a customer-facing portal.

G

Global Water Partnership Organisation Gwpo

gwpo-gwp.org

61

The Global Water Partnership Organisation (GWPO) operates as a global action network focused on advancing water governance and climate-resilient investments to promote sustainability and equity. The website presents basic information about the organization's mission and target audience, primarily stakeholders interested in water governance and climate resilience. The business model is that of a non-profit global network with a medium organizational size and a founding year indicated as 2025, which appears inconsistent with the organization's global positioning. Technically, the website is built using the Weblium platform, employing standard web technologies such as HTML5, CSS, and JavaScript. Hosting is provided by Loopia, with no advanced frameworks or analytics tools detected. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. From a security perspective, the site uses HTTPS but lacks DNSSEC and security headers, which are important for enhancing domain and web security. There is no visible security policy, incident response information, or vulnerability disclosure mechanisms. The WHOIS data raises concerns due to a domain creation date set in the future (2025), which is unusual and undermines trust in the domain's legitimacy. Overall, the website provides basic content and functionality but lacks critical privacy, security, and compliance features. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing privacy and cookie policies, and clarifying domain registration details to improve trustworthiness and compliance.

The website linnuriik.ee serves as an informational and promotional platform focused on birdwatching and nature tourism in Matsalu National Park, Estonia. It provides detailed descriptions of bird species, observation towers, hiking trails, and virtual tours, targeting nature enthusiasts and tourists interested in the region. The site is operated by the Foundation of Lääne County and funded by the European Regional Development Fund, indicating a regional public interest focus. Technically, the website is built on WordPress using a modern tech stack including popular plugins like Yoast SEO, WPBakery Page Builder, and Slider Revolution. The site is hosted under the registrar Zone Media OÜ, an Estonian entity, with HTTPS enabled and good SEO practices implemented. Mobile optimization and accessibility are adequate, though some improvements could be made. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks DNSSEC and important security headers, and does not publish explicit security or incident response policies. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms, which is a notable gap given GDPR requirements. Overall, the website is a well-maintained regional informational resource with good business credibility but requires enhancements in privacy compliance and security best practices to improve trust and regulatory adherence.

S

Solo Build It!

sitesell.com

60

Solo Build It! (SBI!) is an online platform focused on enabling solopreneurs to build profitable online businesses rather than just websites or blogs. The platform targets individual entrepreneurs seeking comprehensive tools and guidance to establish and grow their online presence. The website is professionally designed with good SEO and mobile optimization, leveraging modern web technologies and third-party marketing and analytics tools such as Google Analytics, Facebook Pixel, and Microsoft Clarity. However, the absence of WHOIS registration data and domain ownership details introduces uncertainty regarding domain legitimacy. Security posture is weak due to lack of visible security headers and absence of explicit privacy or cookie policies, which also impacts privacy compliance. Overall, the site presents a moderate risk profile with room for improvement in transparency and security.

E

European University Sports Association

eusa.eu

47

The European University Sports Association (EUSA) is a well-established non-profit organization dedicated to promoting and organizing university sports across Europe. The website reflects a professional and comprehensive platform showcasing their events, projects, partnerships, and media presence. Their market position is strong, supported by numerous official partnerships with European institutions and sports federations. The target audience includes European universities, student athletes, and sports organizations. The business model revolves around organizing championships, games, and educational projects, supported by sponsorships and partnerships. Technically, the website is built on the Lytee CMS platform, utilizing modern JavaScript libraries such as Slick Slider and lazy loading for performance optimization. The site is mobile-optimized, accessible, and SEO-friendly, with proper meta tags and structured data. The presence of Google and Microsoft site verification tags indicates attention to search engine indexing and webmaster tools. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, there is a lack of explicit security policies, incident response information, and security headers which could enhance the security posture. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is privacy-protected as per EURid policies, which is justified for this type of organization. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. Strategic recommendations include publishing security and incident response policies, adding security headers, and providing a vulnerability disclosure channel to further strengthen trust and security maturity.

C

CoreIT

coreit.se

65

CoreIT is a Swedish IT company providing a comprehensive range of IT services targeting businesses and organizations. The website is built on a modern WordPress platform using Elementor, indicating a moderate level of digital maturity. The site features good design quality, mobile responsiveness, and SEO optimization, supporting a positive user experience. However, the absence of WHOIS data for the exact domain queried limits the ability to fully verify domain legitimacy and business registration details. Security posture is moderate with no visible advanced security headers or policies, and privacy compliance is weak due to missing privacy and cookie policies. Tracking technologies such as Facebook Pixel and LinkedIn Insight are used, indicating moderate user tracking. Overall, the website presents a professional front but would benefit from enhanced transparency and security practices.

S

SiteSpeakAI

sitespeak.ai

60

SiteSpeakAI is a technology startup founded in 2023 that offers an AI-powered customer support chatbot builder. Their platform enables businesses to create custom-trained GPT-like AI agents that can be deployed across multiple platforms including websites, Slack, Telegram, and Discord to reduce support tickets and improve user experience. The company positions itself as an innovative provider in the AI customer support automation market, targeting businesses seeking to automate and enhance their customer service operations. Technically, the website employs modern JavaScript frameworks such as Alpine.js, integrates analytics via PostHog and New Relic, and uses Cloudflare for DNS services, indicating a mature and performant digital infrastructure. Security-wise, the site enforces HTTPS and uses domain transfer protection, but lacks visible security policies, privacy and cookie policies, and incident response information, which are areas for improvement. Overall, the website is professional and functional but would benefit from enhanced transparency and compliance documentation to improve trust and privacy posture.

F

Fibes

eatfibes.com

63

Fibes is a small Estonian e-commerce business specializing in functional fruit purees rich in dietary fibers, targeting active individuals seeking digestive health support. The website is built on the Shopify platform, leveraging modern e-commerce technologies and third-party integrations for customer reviews, analytics, and marketing. The site is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS and domain transfer lock, though improvements such as enabling DNSSEC and publishing comprehensive privacy and terms policies are recommended. Overall, the business appears legitimate and digitally mature for its size and market niche.

U

United Nations Alliance of Civilizations (UNAOC)

forsafeworship.org

58

The website forsafeworship.org represents the United Nations Alliance of Civilizations (UNAOC) initiative titled '#forSafeWorship - UN Plan of Action to Safeguard Religious Sites'. It serves as a platform to advocate for the protection and respect of religious sites worldwide, emphasizing peace and harmony. The target audience includes global communities, religious groups, governments, and peace organizations. The site operates as a non-profit advocacy platform under the United Nations umbrella, with a small organizational size and a founding year of 2020. Technically, the website is built on WordPress using the Divi theme and Yoast SEO plugin, hosted on Quadranet servers. It employs modern web technologies such as JavaScript and jQuery, and the site is moderately optimized for performance and mobile responsiveness. SEO practices are good, with comprehensive metadata and structured data enhancing search visibility. From a security perspective, the site uses HTTPS with a good SSL configuration and domain status protections. However, it lacks several security headers and does not provide explicit security or incident response policies. No vulnerability disclosure or security.txt files are present, and privacy compliance is minimal due to the absence of privacy and cookie policies. The domain registration is privacy protected but consistent with the nature of a UN-affiliated non-profit. Overall, the website is trustworthy and professional in its presentation and content but would benefit from enhanced privacy compliance, security headers, and explicit contact information to improve user trust and regulatory adherence.

A

ANOC Association of National Olympic Committees

anoc.tv

55

The ANOC.tv website serves as the official digital platform for the Association of National Olympic Committees, a Swiss-based non-profit organization dedicated to supporting and promoting Olympic committees worldwide. The site offers comprehensive coverage of sporting events, news, and specialized programs such as sustainability workshops, targeting Olympic committees, sports professionals, and enthusiasts. The business model focuses on media dissemination and informational services within the Olympic sports ecosystem. Technically, the website leverages modern web technologies including React, Google Tag Manager, Stripe.js, and push notification SDKs, indicating a mature digital infrastructure. The site is mobile-optimized with good design quality and user experience, although some accessibility and SEO aspects could be enhanced. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks advanced security headers and explicit security policies or incident response contacts. WHOIS data is transparent and consistent with the organization's identity, supporting domain legitimacy. Overall, the website presents a professional and trustworthy front with moderate privacy compliance and security posture. Strategic improvements in privacy policy publication, security headers, and incident response transparency would enhance compliance and user trust.

The website represents the official Olympics merchandise e-commerce platform focused on LA28 Olympics apparel and gear. It targets Olympics fans and sports merchandise buyers, offering licensed products under the official Olympics brand. The site demonstrates a professional design and consistent branding aligned with the Olympic movement, positioning itself as a trusted retailer in the sports merchandise market. Technically, the site uses modern web technologies including JavaScript, web fonts, and SPA architecture, providing a good user experience with mobile optimization and SEO best practices. However, the site lacks visible privacy and cookie policies, and no explicit contact information is provided in the analyzed content. Security posture is moderate with no detected security headers or advanced protections, and WHOIS data for the subdomain is unavailable, which is typical for subdomains but limits direct domain verification. Overall, the site is functional and credible but would benefit from enhanced privacy compliance and security measures.

C

Churnkey

churnkey.co

64

Churnkey is a technology company founded in 2020, specializing in SaaS solutions aimed at reducing customer churn and enhancing subscriber retention for subscription-based businesses. The website presents a professional and modern design, leveraging advanced frontend frameworks such as Vue.js and Nuxt.js, and is hosted with Cloudflare for performance and security benefits. The company integrates multiple marketing and analytics tools including HubSpot, Dreamdata, Google Tag Manager, and Facebook Pixel, indicating a mature digital marketing approach. However, the site lacks explicit privacy and cookie policies, as well as visible contact information, which impacts its privacy compliance and user trust. Security posture is generally good with HTTPS enabled and Cloudflare protection, but could be improved by enabling DNSSEC and publishing security policies. Overall, the website is functional and professional but would benefit from enhanced transparency and compliance documentation.

S

Stackpile

stackpile.io

63

Stackpile is a technology company founded in 2016, offering a SaaS platform that simplifies the installation of third-party integrations and unified analytics tracking for websites. Positioned as a niche provider, Stackpile targets website owners and developers seeking to streamline their analytics and integration management through a single API. The website presents a professional and consistent brand image with good content quality and clear navigation. Technically, the site employs modern JavaScript libraries and integrates multiple analytics and marketing tools such as Google Analytics, Hotjar, Mixpanel, and New Relic, hosted via Cloudflare ensuring good performance and security. Security posture is solid with HTTPS enforced and domain registration protected by privacy services, though improvements are recommended in security headers and explicit security policies. Privacy compliance is basic with privacy and terms pages present but lacking cookie consent mechanisms. Overall, the site is trustworthy with no blocking or suspicious indicators detected.

Ravijuhend.ee is a healthcare information portal coordinated by Tartu Ülikool and funded by Tervisekassa, providing evidence-based medical guidelines and patient instructions primarily for Estonian healthcare professionals and patients. The website serves as a trusted source for treatment guidelines, patient care instructions, and related educational content, positioning itself as a key national resource in Estonia's healthcare sector. Technically, the site employs modern web standards including HTTPS, Cloudflare DNS, and uses popular web fonts and iconography, delivering a professional and accessible user experience with good mobile optimization and SEO practices. Security-wise, the site benefits from HTTPS and secure form handling but lacks advanced DNS security (DNSSEC) and security headers, and does not publish privacy or cookie policies, which are important for GDPR compliance. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced privacy disclosures and security hardening to improve compliance and user trust.

A

AS Arstikeskus Confido

1220.ee

45

The website 1220.ee serves as the official Estonian health advice line platform, providing telephone and web chat medical consultation services. It targets Estonian residents and callers abroad, offering guidance on medical issues, prescription renewals, and emergency care decisions. The service operates under the auspices of the Estonian Health Insurance Fund (Tervisekassa) and collaborates with healthcare providers and pharmacies. The site is professionally designed with consistent branding and clear navigation, supporting multiple languages (Estonian and Russian). Technical infrastructure includes modern JavaScript libraries, CDN-hosted resources, and integration with Facebook SDK and Google Tag Manager for analytics and marketing purposes. The site uses HTTPS and shows no signs of blocking or WAF interference, indicating good accessibility and security basics. However, it lacks visible privacy and cookie policies, which impacts GDPR compliance and privacy posture. Contact information is limited to phone numbers with no email or physical address disclosed. No forms collecting personal data are present on the main page, reducing immediate data protection concerns. Overall, the site demonstrates a solid business credibility and technical foundation but requires improvements in privacy compliance and security policy transparency.

S

SYNLAB International

synlab-notes.com

57

SYNLAB International's investor website synlab-notes.com serves as a portal for investors and registered users to access company information and conference calls. The site is built on TYPO3 CMS and employs modern web technologies, providing a professional and consistent user experience. The business focus is on healthcare laboratory services with an international presence. Technically, the site is moderately optimized with good mobile responsiveness and basic SEO features. Security posture is adequate with HTTPS and secure login forms, but lacks explicit security headers and published incident response policies. Privacy compliance is supported by clear privacy and cookie policies with consent mechanisms. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Overall, the site is functional and professional but would benefit from enhanced transparency and security disclosures.

A

Andmik

andmik.ee

45

Andmik is a specialized platform focused on providing data visualization and budget tracking services for Estonian municipalities. The website presents detailed geographic and demographic data for various local governments, targeting municipal officials and stakeholders. The platform leverages modern web technologies including Vue.js and Leaflet for interactive maps, supported by Google Analytics and Tag Manager for user tracking. The domain is registered with a reputable Estonian registrar, Zone Media OÜ, and was created in 2021, aligning with the platform's apparent recent launch. Technically, the website employs a modern JavaScript framework and mapping libraries, ensuring a responsive and interactive user experience. However, there is room for improvement in accessibility and SEO optimization. Security-wise, the site lacks visible security headers and does not enable DNSSEC, which could be enhanced to improve overall security posture. Privacy compliance is weak, with no visible privacy or cookie policies, and no consent mechanisms, which is a significant gap given the use of tracking technologies. Overall, the website is functional and professionally designed but requires improvements in privacy compliance, security best practices, and contact transparency to enhance trust and regulatory adherence. Strategic recommendations include implementing comprehensive privacy and cookie policies, enabling DNSSEC, adding security headers, and providing clear contact and incident response information.

SoftExpert OÜ is an Estonian IT company specializing in the development and maintenance of mission-critical and complex web-based systems. Established since 2000, it has contributed to several major Estonian web services such as CV-Online and various photo and video platforms. The company offers a broad range of IT services including consulting, system creation, and maintenance, targeting Estonian businesses requiring reliable IT partnerships. The website content is primarily in Estonian with an English option, reflecting a local market focus. Technically, the website uses legacy technologies such as PHP, Perl, and C, hosted on Unix/Linux platforms. The site lacks modern frameworks and shows basic SEO and accessibility features. Performance is moderate, but mobile optimization is poor. The site includes Google Analytics and Tag Manager scripts for user tracking but lacks visible privacy or cookie policies, which is a compliance gap. From a security perspective, no HTTPS confirmation or security headers were detected in the provided data, indicating potential vulnerabilities. No forms or input fields are present, reducing attack surface but also limiting user interaction. The WHOIS data is consistent and transparent, with a domain age appropriate for the business history. Overall, the security posture is moderate but requires improvements in SSL/TLS implementation and security headers. The overall risk is moderate with recommendations to implement HTTPS, add privacy and cookie policies, improve mobile responsiveness, and enhance security headers. These steps will improve compliance, user trust, and security resilience.

S

SYNLAB AG

synlab.ag

58

SYNLAB AG is a leading European medical diagnostics and specialty testing company providing a comprehensive range of innovative and reliable diagnostic services to patients, healthcare providers, governments, and corporates. The company positions itself as a partner of choice for routine and specialty diagnostics, emphasizing customer-centric medical excellence. The website reflects a mature corporate presence with detailed financial reporting, corporate governance disclosures, and investor relations information. Technically, the site is built on TYPO3 CMS, uses modern web technologies, and includes privacy and cookie consent mechanisms aligned with GDPR requirements. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. Overall, the domain and website present a trustworthy and professional image consistent with a large healthcare enterprise.

UploadKit Demo is a specialized e-commerce solution integrated with the Shopify platform, providing advanced file upload capabilities tailored for personalized product stores. The website showcases various product demos highlighting features such as Google Drive synchronization, post-purchase uploads, and built-in malware protection. The business targets Shopify merchants seeking enhanced file upload functionality to improve customer experience and operational efficiency. Technically, the site leverages Shopify's Dawn theme, JavaScript, and Shopify's CDN infrastructure, ensuring good performance and mobile optimization. Security measures include HTTPS enforcement, malware scanning, and form protection via hCaptcha, although explicit privacy and cookie policies are absent, which impacts compliance posture. Overall, the domain registration data is consistent with the business claims, indicating a legitimate and established presence since 2018.

The analyzed content corresponds to an internal Chrome browser error page (chrome-error://chromewebdata/) which serves as a local offline or error display, including the embedded Chrome Dino game. No external website content, business information, or contact data is present. The page is not a public website but a browser internal resource, thus no typical business or compliance information is available. The technical infrastructure is minimal, relying on Chromium's internal scripts and styles. Security posture is limited to the browser's internal environment with no external SSL or headers applicable. Overall, this page cannot be evaluated as a commercial or organizational website.

S

SIUS AG

sius.com

58

SIUS AG is a Swiss-based manufacturer specializing in electronic target scoring systems primarily for sports shooting and military applications. With over 50 years of market presence, SIUS AG holds a leading position globally and serves as the official ISSF Results Provider, underscoring its prominence in the shooting sports industry. The company targets shooting sports enthusiasts, military clients, and international shooting organizations, offering high-quality electronic scoring solutions and related services. The website is professionally designed using the Wix platform, providing essential business information and contact details, though it lacks comprehensive privacy and security disclosures. Technically, the site employs modern web technologies typical of Wix-hosted sites but shows room for improvement in security headers and privacy compliance. The absence of WHOIS data raises concerns about domain registration transparency, which slightly impacts trustworthiness despite the professional presentation. Overall, the site reflects a medium-sized manufacturing business with a solid market position but could enhance its digital security and compliance posture to align with best practices.

C

CoreIT

cuponline.se

50

CupOnline is a well-established Swedish online platform specializing in the administration of sports cups, tournaments, and series, primarily focused on youth hockey. Operating since 2003 and managed by Abion AB with technology support from CoreIT, it serves a large user base with over 1.5 million participants and thousands of events annually. The platform offers comprehensive services including registration, live reporting, statistics, and integration with third-party services for referees and streaming. The website content is rich and relevant, targeting sports organizers and participants, with a business model supported by partnerships and advertising revenue. Technically, the site is built on ASP.NET WebForms with CoreCMS, featuring moderate performance and basic mobile optimization. Security posture is adequate with HTTPS but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing policies and consent mechanisms. Overall, the site is credible and functional but would benefit from enhanced security and privacy practices.

V

Visit Otepää

visitotepaa.com

44

Visit Otepää is a regional tourism promotion website dedicated to showcasing the attractions, events, accommodation, and culinary experiences of Otepää, Estonia's winter capital. The site targets tourists and visitors interested in exploring the natural beauty and cultural offerings of the region. It provides comprehensive information and interactive features such as maps, event listings, and a newsletter subscription to engage its audience. Technically, the website is built on WordPress with modern front-end technologies including Bootstrap and JavaScript libraries, and integrates Google Maps for location services. SEO is enhanced through Rank Math plugin and structured data markup is implemented for better search engine understanding. Security-wise, the site uses HTTPS with a valid SSL certificate and employs Google reCAPTCHA on its contact form to mitigate spam. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Overall, the website is professional, user-friendly, and trustworthy, but could improve its privacy compliance and security headers to enhance its security posture.

The website www.norway-hei.com is a personal informational site focused on Norwegian culture, history, food, and language, created by a native author. It serves a niche audience interested in authentic Norwegian experiences and provides rich content including stories, recipes, and cultural insights. The business model appears to be primarily advertising-based, leveraging Google Adsense and related ad networks. Technically, the site is built on the SBI! CMS platform with standard HTML, CSS, and JavaScript, but lacks advanced frameworks or modern infrastructure. Performance and mobile optimization are basic, with room for improvement in accessibility and SEO. Security posture is moderate with HTTPS enabled but missing important security headers and policies. No privacy, cookie, or terms of service policies are present, and no contact information is provided, which impacts privacy compliance and business credibility. Critically, WHOIS data for the domain is missing or unavailable, raising concerns about domain legitimacy and trustworthiness. Overall, the site is functional and content-rich but requires significant improvements in security, compliance, and transparency to enhance trust and professionalism.

Valgamaa Arenguagentuur is a regional development agency based in Estonia, focused on fostering cooperation among local development organizations and providing professional support services to businesses, non-profits, and local governments. The agency aims to enhance the economic and living environment of Valgamaa county, positioning itself as a key facilitator in regional development with a focus on entrepreneurship, education, and community welfare. The website reflects this mission with clear service offerings and active engagement channels. Technically, the website employs modern frontend technologies including Tailwind CSS, Swiper.js, and Plyr.js, managed through the Greativ CMS platform. It integrates analytics and social media tools such as Google Analytics and Facebook SDK, indicating a moderate level of digital maturity. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not provide visible privacy or cookie policies, which are critical for GDPR compliance. There is no incident response or vulnerability disclosure information, which could be improved to enhance trust and security posture. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices to reduce risk and improve user trust.

C

Chiller Oy

chiller.eu

74

Chiller Oy is a Finnish company specializing in innovative cooling, heating, and energy solutions tailored to various applications. The company aims to provide thermal comfort and optimal indoor air quality, positioning itself as a specialized B2B provider in the energy sector. The website reflects a medium-sized enterprise with a professional digital presence, leveraging WordPress CMS and modern SEO and analytics tools. The technical infrastructure is sound, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though improvements in security headers and incident response transparency are recommended. Overall, the website presents a trustworthy and professional image consistent with its business claims.

Airwave OÜ is a well-established Estonian company specializing in the import and wholesale of heating, ventilation, and air conditioning (HVAC) equipment, serving primarily the Baltic region and Finland since 1999. The company positions itself as one of the largest HVAC importers and wholesalers in the Baltics, offering a broad range of products including heat pumps, ventilation systems, and climate control devices. Their business model focuses on wholesale distribution supported by professional sales and after-sales services, catering to both commercial and residential customers. Technically, the website is built on the Odoo CMS platform, leveraging modern web technologies such as Bootstrap and FontAwesome for UI components. The site demonstrates good mobile optimization and SEO practices, with a clear navigation structure and professional design. Performance is moderate, and accessibility is basic but functional. The absence of advanced analytics or tracking scripts suggests a minimal user tracking approach. From a security perspective, the website enforces HTTPS with a valid SSL configuration and includes CSRF tokens in its scripts, indicating awareness of basic web security practices. However, it lacks several security headers and does not publicly disclose security policies or incident response procedures. There is no visible cookie consent mechanism, which may impact GDPR compliance. The presence of a privacy policy and terms of service pages indicates some level of compliance and transparency. Overall, Airwave OÜ's website reflects a credible and professional business with a solid market presence in the HVAC sector. Security posture is adequate but could be improved with enhanced headers, explicit policies, and cookie consent. The site is trustworthy with consistent WHOIS data and clear contact information. Strategic improvements in privacy compliance and security transparency would further strengthen their digital maturity and customer trust.