Security Directory

H

home.pl S.A.

ec1lodz.pl

60

EC1 Łódź is a well-established cultural and educational institution based in Łódź, Poland, offering a diverse range of services including science and technology exhibitions, planetarium shows, film screenings, and interactive narrative experiences. The website reflects a mature digital presence with a strong focus on user engagement through events, workshops, and educational programs targeting families, students, and cultural enthusiasts. Technically, the site is built on TYPO3 CMS, integrates modern analytics and marketing tools such as Google Tag Manager and Facebook Pixel, and employs a cookie consent mechanism compliant with GDPR. Security posture is solid with HTTPS enforced and appropriate security headers, though DNSSEC is not enabled. The domain registration is consistent and legitimate, supporting the trustworthiness of the site. Overall, the website demonstrates a high level of professionalism, accessibility, and content quality, positioning EC1 Łódź as a key cultural hub in the region.

E

Eesti Ajaloomuuseum SA

ajaloomuuseum.ee

41

Eesti Ajaloomuuseum SA operates as a leading historical museum in Estonia, providing cultural and educational services through multiple exhibition venues including the Film Museum, Theatre and Music Museum, Great Guild Hall, and Maarjamäe Castle. The website targets museum visitors, families, and cultural tourists, offering detailed information on exhibitions, events, and visitor planning. The business model is public/governmental, focusing on cultural preservation and education with a medium organizational size and established presence since 2010. Technically, the website is built on the Voog CMS platform, hosted by Zone Media OÜ, and employs modern web standards with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and cookie consent implemented, though lacking advanced security headers and explicit incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, though improvements in security policies and vulnerability disclosure would enhance trust further.

C

Creditea

creditea.mx

56

Creditea is an established online personal loan provider operating primarily in Mexico and other countries, serving over 1.7 million clients. It offers personal loans up to $70,000 MXN with a focus on quick, easy, and secure loan processing through an online platform and mobile applications. The company is part of Grupo IPF, a larger financial group, which enhances its market credibility and reach. The website is professionally designed with good mobile optimization and clear navigation, supporting a positive user experience.

B

Bizberg Themes

bizbergthemes.com

58

Bizberg Themes is a small technology business specializing in the development and distribution of free and premium WordPress themes tailored for various sectors including education, NGOs, business, and eco-friendly organizations. The company emphasizes fast loading, SEO optimization, and user-friendly design, supported by dedicated customer service. Technically, the website is built on WordPress CMS, hosted behind Cloudflare CDN, and employs modern web technologies ensuring good performance and mobile optimization. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks comprehensive security headers and cookie consent mechanisms, which are areas for improvement. Overall, the website is professional and trustworthy with clear business focus, though privacy compliance could be enhanced.

A

AS Tallink Grupp

tallink.com

65

AS Tallink Grupp operates the Tallink Silja Line ferry and cruise services across the Baltic Sea, connecting major cities such as Helsinki, Stockholm, Tallinn, Turku, and the Åland Islands. The company offers passenger transportation, cargo services, onboard entertainment, tax-free shopping, and hotel accommodations, positioning itself as a leading maritime transport provider in the Baltic region. The website reflects a mature digital presence with a modern tech stack based on Next.js and React, delivering fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly disclosed. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. The absence of WHOIS data reduces domain registration transparency but does not detract significantly from the overall trustworthiness given the professional branding and extensive external references. Strategic recommendations include publishing a security policy, incident response contacts, and vulnerability disclosure information to enhance trust and compliance.

I

INHUS Prefab, UAB

inhusprefab.eu

45

INHUS Prefab, UAB is a medium-sized manufacturing company specializing in prefabricated reinforced concrete structures and architectural concrete facade elements. Operating primarily in Lithuania with projects extending to Nordic countries and the UK, the company positions itself as a reliable regional player in the construction sector. Their website reflects a professional digital presence with clear navigation, multilingual support, and a portfolio of completed projects. Technically, the site uses modern web technologies including HTML5, CSS, JavaScript, and integrates Google Analytics for user tracking. The site is mobile optimized and performs moderately well. Security posture is adequate with HTTPS enforced but lacks advanced security headers and public security policies. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, aligning with GDPR requirements. Contact information is transparent and includes company email, phone, and physical address. Overall, the website demonstrates good business credibility and digital maturity with room for security enhancements.

I

INHUS Engineering

inhusengineering.eu

18

INHUS Engineering is a medium-sized engineering firm specializing in structural design services for various building types, primarily serving clients in Lithuania and Scandinavian countries. The company employs over 100 engineers and utilizes advanced 3D modeling and calculation software to deliver precise and reliable project outcomes. Their website reflects a professional and consistent brand image, showcasing a broad portfolio of projects and maintaining active social media channels. Technically, the website uses modern web standards and integrates Google Analytics for visitor tracking. Security-wise, the site enforces HTTPS and implements a cookie consent mechanism, though it lacks advanced security headers and explicit security policies. Overall, the domain registration aligns well with the business claims, indicating legitimacy and trustworthiness.

Advokaadibüroo RASK is a leading Estonian law firm established in 2012, offering a broad range of professional legal services across multiple sectors including energy, transport, technology, healthcare, government, real estate, and finance. The firm targets Estonian businesses and individuals seeking tailored legal advice and support. Their market position is strong within Estonia, supported by a professional website showcasing detailed service areas, client case studies, and a well-presented team of partners and lawyers. The business model focuses on providing expert legal consultancy and representation.

P

Palmako UK

palmako.co.uk

65

Palmako UK operates as a specialized e-commerce retailer focused on quality garden rooms, log cabins, saunas, and greenhouses within the United Kingdom. Established in 2008, the company has a solid market presence supported by a well-structured Shopify-based website that targets consumers and businesses seeking outdoor living solutions. The website features consistent branding, clear contact information, and utilizes structured data to enhance search engine visibility. The business model centers on direct online sales with a focus on quality and customer service.

S

SMSPinigai.lt

smspinigai.lt

66

SMSPinigai.lt is a Lithuanian online lending platform established in 2010, offering personal loans, credit cards, and refinancing services. The company positions itself as a reliable and customer-focused financial service provider with a strong online presence and a user-friendly loan application process. Their market position is supported by a consistent brand, clear contact channels, and a comprehensive service offering tailored to Lithuanian consumers. Technically, the website employs modern JavaScript libraries, tracking tools, and structured data to enhance SEO and user experience. The site is mobile-optimized and provides clear navigation and content relevant to its audience. Security-wise, the site enforces HTTPS, uses cookie consent mechanisms, and avoids exposing sensitive data, though it lacks explicit security policies and incident response information. Overall, the website demonstrates a mature digital infrastructure with good privacy compliance and business credibility, though there is room for improvement in security transparency and accessibility.

P

Placet Group OÜ

smsmoney.ee

66

Smsraha.ee is a well-established Estonian financial services website operated by Placet Group OÜ, offering a variety of lending products including credit lines, credit cards, consumer loans, and business loans. The company has been active since 2009 and positions itself as a reliable and modern partner for both private and business clients in Estonia. The website is professionally designed with clear navigation and multi-language support, providing detailed product information and customer testimonials to build trust. Technically, the site uses modern JavaScript libraries and Google analytics tools, with good mobile optimization and SEO practices. Security posture is strong with HTTPS enforced and standard security headers present, although no dedicated security or incident response policies are published. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Overall, the site demonstrates a mature digital presence with a solid business credibility and trustworthy domain registration.

P

Paskolos.lt

paskolos.lt

66

Paskolos.lt is a Lithuanian financial services company specializing in consumer credit products including credit lines, consumer loans, credit cards, auto loans, and mortgage loans. Established in 2011, it operates as a medium-sized entity under the parent company UAB Nordecum. The website is professionally designed, providing clear navigation and comprehensive information tailored to Lithuanian consumers seeking flexible credit solutions. The company leverages online platforms to deliver convenient financial services with a focus on user experience and accessibility. Technically, the website employs modern JavaScript libraries, Google Tag Manager, and analytics tools, ensuring a responsive and moderately performant user experience. The presence of a chat component using Vue.js enhances customer interaction. SEO and accessibility are adequately addressed, though some improvements in accessibility could be made. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR requirements. While basic security headers are present, additional headers like Content-Security-Policy could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, Paskolos.lt presents a trustworthy and compliant online presence with solid business credibility and a good security posture. Strategic enhancements in security headers and incident response transparency could further strengthen its position.

The website www.capitecbank.co.za represents Capitec Bank, a major South African retail bank offering personal and small business banking services. However, direct content access is blocked by a Cloudflare security challenge page, preventing detailed content and metadata analysis. The technical infrastructure includes Cloudflare protection with Turnstile captcha, indicating a strong focus on security but limiting external visibility. The security posture cannot be fully assessed due to lack of accessible content and absence of visible security headers or policies. The domain WHOIS data is unavailable, likely due to privacy protection, which is common for financial institutions to prevent abuse. Overall, the site appears legitimate but the analysis is incomplete due to access restrictions.

The website at https://transactpro.com/lander is currently a minimal placeholder or parking page with no substantive content, business information, or user engagement features. The domain transactpro.com is registered since 2002 with Moniker Online Services LLC and is set to expire in 2026, indicating a long-standing registration. However, the DNS points to cashparking.com name servers, suggesting the domain is parked or monetized rather than actively used for business purposes. The page loads minimal HTML with scripts related to Google AdSense advertising, but no privacy, cookie, or terms of service policies are present. No contact information or social media links are available, and no forms or data collection mechanisms exist on the page. The technical infrastructure is basic, with JavaScript usage but no detected CMS or frameworks. Security posture is weak due to lack of HTTPS and security headers, and no GDPR compliance indicators are found.

V

Virumaa Muuseumid

virumaamuuseumid.ee

41

Virumaa Muuseumid is a regional museum network based in Estonia, focusing on cultural heritage and historical exhibitions in the Virumaa region. The website serves as an informational platform showcasing various museums such as Rakvere linnus and Palmse mõis, targeting visitors interested in history and culture. The organization appears to be a small-sized entity, likely government or non-profit, founded recently in 2022. The site is multilingual, supporting Estonian, English, Russian, and Finnish, enhancing accessibility for diverse audiences. Technically, the website is built on WordPress, utilizing common plugins like All in One SEO, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site is hosted by Zone Media OÜ, a known Estonian hosting provider. Performance and mobile optimization are good, with accessibility features implemented, including an accessibility toolbar. SEO practices are solid with proper meta tags and structured data. Security posture is adequate with HTTPS enabled and use of reCAPTCHA for forms. However, some security headers are missing, and DNSSEC is not enabled, which could be improved. Privacy compliance is strong, with a clear privacy policy, cookie consent banner, and GDPR adherence. Contact information is limited to a phone number and contact forms, with no public emails found. Overall, the website is professional, trustworthy, and serves its purpose well. Recommendations include enhancing security headers, enabling DNSSEC, and publishing explicit security and incident response policies to further strengthen trust and compliance.

Whyservices OÜ is a small Estonian technology company specializing in custom system administration, application hosting, and IT infrastructure consulting. Their website presents a professional image with clear service offerings including infrastructure consulting, Wordpress hosting via WellPress, containerized application hosting via WellHost, and Ruby on Rails development. The company targets digital agencies and small to medium businesses seeking tailored IT solutions. Technically, the website is built with modern HTML5, CSS3, and Tailwind CSS, and is mobile optimized with moderate performance. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and privacy policies indicates room for improvement. The WHOIS data is missing or unavailable, which raises concerns about domain legitimacy despite the professional web presence. Overall, the site scores well in content quality and business credibility but needs enhancements in privacy compliance and security best practices.

E

Eesti Füüsika Selts

fyysika.ee

49

FYYSIKA.EE is a specialized Estonian website operated by the Estonian Physical Society, focusing on physics, science, and technology news, seminars, and educational content. The site serves a niche audience of physics students, educators, and researchers primarily in Estonia. Technically, it is built on WordPress with a modern theme and uses standard web technologies such as jQuery and Google Fonts. The site is well-structured with semantic markup and schema.org data, enhancing SEO and accessibility. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies, which should be addressed to meet GDPR requirements. Overall, the site is professional and trustworthy but could improve in privacy transparency and security best practices.

P

Põhjala Brewery

pohjalabeer.com

46

Põhjala Brewery is an established Estonian craft beer producer with a diverse portfolio of beers including lagers, IPAs, porters, and non-alcoholic options. The company leverages its heritage and local nature inspirations to create unique beer flavors, targeting craft beer enthusiasts and event attendees. The website reflects a medium-sized hospitality business with a professional and consistent brand presence. Technically, the website uses modern web technologies including jQuery, Google Tag Manager, and Facebook Pixel, with good mobile optimization and SEO practices. However, it lacks explicit privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enforced but missing DNSSEC and security headers. The domain registration is consistent and trustworthy, supporting the legitimacy of the business. Overall, the website is functional and professional but could improve privacy compliance and security hardening.

The analyzed website at thearcane.com/lander is currently a minimal placeholder or parking page with very limited content and no visible business information. The domain is registered since 2001 with eNom, LLC, indicating a long-standing registration, but the website itself does not reflect an active or mature business presence. The site loads minimal scripts related to advertising and parking services and lacks any metadata, structured data, or user interaction elements such as forms or contact details. Technically, the site uses JavaScript and React-based scripts hosted on WSIMG, but no CMS or advanced frameworks are detected. Security posture is weak due to lack of HTTPS confirmation, security headers, and privacy policies. No GDPR compliance or incident response information is present. Overall, the site appears inactive or under development, with low trust and professionalism indicators.

P

Paysera LT UAB

paysera.ee

67

Paysera LT UAB operates the Paysera payment services platform, offering a broad range of financial services including IBAN accounts, payment gateways, currency exchange, and mobile banking solutions. The company targets both individual and business customers primarily in Estonia and other European countries, positioning itself as a reliable and cost-effective alternative in the payment services market. The website is professionally designed, multilingual, and provides comprehensive information about services, legal compliance, and customer support. Technically, the site uses modern web technologies with responsive design and good SEO practices, although some security headers could be enhanced. Security posture is strong with HTTPS enforcement and dedicated security policies, but lacks a public vulnerability disclosure program. WHOIS data confirms the legitimacy of the domain and company, with consistent registration details and appropriate domain age. Overall, Paysera demonstrates a mature digital presence with solid business credibility and security awareness.

The website multitudegroup.com currently serves as a placeholder 'Coming Soon' page hosted on the Squarespace platform. It lacks any substantive business content, contact information, or policy documentation. The domain is registered through Squarespace Domains II LLC with a registration date in early 2021, consistent with a new or developing business presence. The technical infrastructure is basic, relying on Squarespace's hosting and standard web fonts and scripts. There are no advanced SEO, accessibility, or security features implemented on the site at this time. From a security perspective, the site uses HTTPS but lacks DNSSEC and security headers, which are recommended to enhance domain and web application security. No privacy or cookie policies are present, indicating non-compliance with GDPR and related regulations. There are no forms or data collection mechanisms, which limits exposure but also reduces business functionality. The absence of contact or incident response information further reduces trust and transparency. Overall, the site is in an early stage of development with minimal digital maturity and security posture. The risk level is moderate due to lack of content and policies rather than active vulnerabilities. Strategic recommendations include implementing comprehensive privacy and cookie policies, enabling DNSSEC, adding security headers, and providing clear contact and incident response information to improve trust and compliance.

P

Placet Group OÜ

credit.pl

53

Credit.pl is a Polish financial comparison portal specializing in loans and credit products. It provides users with rankings and detailed information on various loan types including quick loans, loans without credit checks, and business loans. The site targets individuals and businesses in Poland seeking convenient online loan comparisons. Technically, the site uses modern web technologies including JavaScript and SVG graphics, and integrates Google Analytics for user tracking. The site is mobile optimized with a moderate performance profile. Security-wise, the site uses HTTPS but lacks advanced security headers and explicit security policies. Privacy compliance is limited with no visible privacy policy or terms of service, and cookie consent mechanisms are minimal. The domain is mature and registered since 2003, supporting business credibility. Overall, the site is functional and professional but would benefit from enhanced privacy and security disclosures.

T

Tallinna Hoiu-Laenuühistu

erahoius.ee

69

Tallinna Hoiu-Laenuühistu is a financial cooperative based in Estonia, founded in 2010, providing deposit and loan services primarily to physical and legal persons within Estonia. The website presents a professional and comprehensive digital presence, offering detailed product information, legal documents, and clear contact channels. The technical infrastructure includes modern JavaScript libraries, Google Tag Manager, and analytics tools, with a focus on user privacy and consent management. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response details are not published. Overall, the site reflects a trustworthy and compliant financial institution with a solid market position in Estonia.

P

Placet Group OÜ

smsraha.ee

66

Smsraha.ee is a well-established Estonian financial services provider specializing in consumer and business loans, credit lines, and credit cards. Operating since 2009, the company offers a range of flexible credit products tailored to both private individuals and businesses. The website reflects a professional and user-friendly design with clear navigation and comprehensive service descriptions, targeting the Estonian market. The business model focuses on providing accessible credit solutions with competitive terms and customer-centric features such as cashback and interest-free periods. The company positions itself as a reliable and modern partner in the Estonian lending market.

O

OpenSpeedTest™

openspeedtest.com

45

OpenSpeedTest™ is a technology-focused company providing a free, open-source HTML5 internet speed testing tool accessible via any modern web browser without requiring plugins like Flash or Java. Established in 2013, the company targets a broad audience including individual internet users, website and app owners, and enterprise infrastructure operators. Their business model centers on offering free tools supported by advertising and self-hosted deployment options. The website demonstrates a mature technical infrastructure leveraging modern web standards, Google analytics and advertising services, and a reliable CDN provider (Cachefly) to ensure fast and responsive user experiences across devices. Security posture is strong with HTTPS enforcement, comprehensive security headers, and no visible vulnerabilities. Privacy compliance is robust, featuring a detailed consent management platform aligned with GDPR requirements. However, the site lacks explicit Terms of Service and incident response contact details, which could enhance trust and compliance. Overall, OpenSpeedTest™ presents a professional, trustworthy, and technically sound online presence with room for improvement in formal policy disclosures and direct contact information.

S

Sportland International Group AS

sportland.fi

62

Sportland International Group AS operates a well-established retail and e-commerce platform specializing in sportswear, footwear, and equipment. The company has a strong market presence in the Baltic states and Finland, offering products from leading global brands. The website reflects a mature digital infrastructure with modern technologies such as React-based PWA (ScandiPWA), integration with analytics and marketing tools, and a focus on mobile optimization and user experience. Security posture is solid with HTTPS and monitoring tools in place, though explicit security policies and incident response information are absent. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates a professional and trustworthy online presence aligned with the company's business objectives.

S

Sportland

sportland.ee

64

Sportland is a leading sports retail company operating primarily in the Baltic region and Finland, with a strong e-commerce presence. Founded in 1997, it has grown to become the largest sports store chain in the Baltics, offering a wide range of sportswear, footwear, and equipment. The website reflects a mature digital infrastructure with modern technologies such as React-based ScandiPWA, Magento platform, and integrated performance and user behavior monitoring tools. Privacy and cookie policies are well implemented, indicating compliance with GDPR requirements. Security posture is solid with HTTPS enforcement, Cloudflare DNS, and monitoring via New Relic, although explicit security policies and incident response information are not publicly available. Overall, the website is professional, trustworthy, and well-optimized for user experience and SEO.

I

INHUS

inhus.eu

48

INHUS is a Lithuanian-based construction and manufacturing company specializing in precast reinforced concrete building structures, operating primarily in Lithuania and Northern Europe. The company follows a design-build business model integrating design, production, and construction services. Their website presents a professional portfolio of projects and maintains a consistent brand image across multiple subsidiary domains. Technically, the website uses modern web technologies including Google Tag Manager and Google Analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and formal policies are missing. Overall, the site is trustworthy and well-maintained, supporting INHUS's market position as a regional player in the construction sector.

Nevercode Ltd. operates Codemagic, a specialized SaaS platform providing continuous integration and delivery (CI/CD) services tailored for mobile app development across multiple frameworks including Flutter, React Native, native Android/iOS, Unity, Ionic, and MAUI. The company targets mobile development teams seeking to automate and accelerate their build, test, and release pipelines. With over 150,000 developers trusting the platform and notable clients showcased, Codemagic holds a strong market position as a focused mobile CI/CD solution. Technically, the website is modern, fast, and mobile-optimized, leveraging cloud hosting on AWS and integrating analytics tools such as Google Tag Manager and Plausible Analytics. Security posture is robust, with HTTPS enforced, SOC 2 type 2 and ISO 27001 certifications, and GDPR/CCPA compliance clearly stated. However, DNSSEC is not enabled and no public security.txt or incident response contacts were found, representing areas for improvement. Overall, the platform demonstrates a mature digital presence with strong trust signals and compliance adherence.

The website unitycicd.com serves as a dedicated landing page for Codemagic's Unity CI/CD automation services, operated by Nevercode Ltd. It targets Unity game developers and teams by offering cloud-based continuous integration and delivery solutions that simplify building, testing, and publishing games to multiple platforms including Google Play, Apple App Store, Steam, and Oculus Store. The site is well-branded, consistent with the parent Codemagic platform, and provides extensive documentation and community support links, positioning itself as a mature player in the CI/CD market for game development. Technically, the site is built with modern web standards including HTML5, CSS3, and JavaScript, leveraging Google Tag Manager and Plausible Analytics for tracking. Hosting is inferred to be on AWS based on DNS nameservers. The site is fast, mobile-optimized, and accessible with good SEO practices. No CMS is detected, indicating a custom-built solution. Security is robust with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and some security headers are missing. From a security posture perspective, the site demonstrates good practices such as cookie consent and a published security statement. However, it lacks explicit vulnerability disclosure mechanisms and incident response contact details. No critical vulnerabilities or suspicious content were detected. The WHOIS data aligns well with the business claims, showing a consistent domain registration and no privacy protection, enhancing trust. Overall, unitycicd.com is a professional, secure, and trustworthy website that effectively supports Codemagic's Unity CI/CD offering. Strategic improvements in DNS security and explicit vulnerability disclosure would further strengthen its security and compliance posture.

Nevercode Ltd. operates the Codemagic platform, a specialized continuous integration and delivery service tailored for React Native developers. The platform enables mobile development teams to automate their build, test, and deployment pipelines, accelerating time to market by approximately 20%. Positioned as a leading CI/CD solution in the React Native ecosystem, Codemagic serves a large developer base with integrations across popular Git repositories and testing services. The business model is SaaS-based, focusing on developer productivity and automation.

Nevercode Ltd. operates the Flutterci.com website, providing specialized continuous integration and continuous delivery (CI/CD) services for Flutter developers. The platform supports building, testing, and deploying Flutter applications across multiple platforms including mobile, web, and desktop. Positioned as a leading CI/CD provider in the Flutter ecosystem, the company targets mobile app developers seeking streamlined DevOps pipelines. The website reflects a mature SaaS business model with a focus on developer productivity and automation.

R

Ragnar Sellbergs stiftelse

ragnarsellbergsstiftelse.se

61

Ragnar Sellbergs stiftelse is a Swedish foundation supporting research projects at Swedish universities and institutes focused on waste and recycling. The website presents a professional and consistent brand image with good content quality tailored to its target audience of academic and research institutions. Technically, the site uses modern JavaScript frameworks, Episerver CMS, and is hosted on Microsoft Azure, with integrated analytics and monitoring tools such as Matomo, Piwik Pro, New Relic, and Microsoft Application Insights. Security posture is solid with HTTPS enforced and a comprehensive cookie consent mechanism, although explicit security headers and incident response information are absent. The absence of WHOIS data for the domain raises some concerns about domain registration legitimacy, which should be further investigated. Overall, the site is functional, privacy compliant, and trustworthy but could improve transparency and contact availability.

A

AlskadeStad.se

alskadestad.se

60

The website AlskadeStad.se presents a minimalistic digital presence with a focus on cookie consent and privacy compliance. The site uses modern technologies including Episerver CMS, Microsoft Azure hosting, and multiple analytics tools such as Microsoft Application Insights, Piwik Pro, and New Relic. However, the lack of substantive content, absence of contact information, and missing WHOIS registration data for the domain reduce the overall credibility and business transparency. The cookie consent mechanism is comprehensive and GDPR compliant, indicating a good privacy posture. Security-wise, HTTPS is enforced and monitoring tools are in place, but security headers and explicit security policies are missing. The domain's WHOIS data is unavailable, suggesting it may be a subdomain or alias, which impacts trustworthiness. Overall, the site is functional but lacks business and security transparency, limiting its trust and professional appeal.

1

Changing food together | The 10 Billion Challenge

10billionchallenge.org

59

The 10 Billion Challenge website is a professionally designed platform focused on transforming the global food system through societal collaboration and circular partnerships. The site targets stakeholders interested in sustainability and food security, presenting a clear mission and relevant content. Technically, the website leverages modern technologies including EPiServer CMS, Microsoft Azure hosting, and advanced analytics tools such as Matomo, Piwik Pro, and Microsoft Application Insights. The site is mobile optimized and includes a comprehensive cookie consent mechanism, reflecting good privacy compliance practices. Security posture is solid with HTTPS enforced, though explicit security headers are not detected, and no contact or incident response information is provided, which could be improved. Overall, the domain WHOIS data is unavailable, likely due to privacy protection, which is reasonable for this type of initiative. The website scores well on content quality and privacy compliance but could enhance trust and security transparency by adding contact details and security policies.

E

EasyMining

easymining.com

65

EasyMining is a company specializing in the development and implementation of sustainable industrial-scale processes aimed at creating true circularity, particularly in nutrient recycling. The website presents a professional and well-structured digital presence, targeting industrial stakeholders interested in sustainable resource management. The technical infrastructure leverages modern technologies including Episerver CMS, Microsoft Azure hosting, and advanced analytics tools such as Matomo, Piwik Pro, and Microsoft Application Insights, indicating a mature digital setup. Security measures are robust with HTTPS enforced and multiple security headers present, alongside a comprehensive cookie consent mechanism that aligns with GDPR requirements. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness, and no explicit contact or security policy information is provided on the site.

R

Ragn-Sells Group

ragnsells.com

65

Ragn-Sells Group is an environmental services company specializing in waste management and recycling solutions. The website presents a professional and well-structured digital presence, targeting businesses and organizations interested in sustainable environmental practices. The company leverages modern technologies including Episerver CMS and Microsoft Azure hosting, supported by advanced analytics tools such as Matomo, Piwik Pro, and Microsoft Application Insights. The website demonstrates good mobile optimization and accessibility features, enhancing user experience across devices. Security posture is strong with HTTPS enforced and detailed cookie consent mechanisms, although explicit security headers and incident response policies are not publicly visible. The absence of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy, but the overall digital footprint and linked domains support the authenticity of the business. Strategic recommendations include enhancing transparency with published security policies, adding contact information, and improving security headers to further strengthen trust and compliance.

R

Ragn-Sells

ragnsells.se

64

Ragn-Sells is a well-established Swedish environmental company specializing in waste collection, treatment, detoxification, and recycling services for businesses, organizations, and households across Sweden. The website presents a professional and consistent brand image with clear messaging targeting its core audience in the environmental services sector. Technically, the site leverages modern cloud infrastructure on Microsoft Azure, uses Episerver CMS, and integrates advanced analytics and monitoring tools such as Matomo (Piwik Pro), Microsoft Application Insights, and New Relic. Privacy compliance is robust, featuring a comprehensive cookie consent mechanism and clear privacy policy references, indicating adherence to GDPR requirements. Security posture is generally strong with HTTPS enforced and secure analytics platforms in use; however, explicit security headers are not detected, and no visible contact information or security policies are provided, which could be improved. WHOIS data for the www subdomain is missing, likely due to querying the subdomain rather than the root domain, but this does not detract significantly from the overall legitimacy of the business. Overall, the website is professional, secure, and compliant, with room for enhancements in transparency and security header implementation.

A

Audioboom

audioboom.com

71

Audioboom is a well-established global podcast publisher founded in 2010, offering podcast hosting, distribution, and advertising services. The platform connects creators and advertisers with passionate audiences and supports distribution across major podcast platforms. The website reflects a professional and consistent brand with clear navigation and relevant content targeting podcasters, advertisers, and listeners. Technically, the site uses modern web technologies including React, Turbo, and Google Analytics, hosted with Cloudflare DNS and registered via Amazon Registrar. Security posture is solid with HTTPS enforced, CSRF protections, and client-side error reporting, though some security headers and DNSSEC are not enabled. Privacy and cookie policies are comprehensive and GDPR compliant, but no explicit security or incident response policies are published. Overall, the site is trustworthy and professionally maintained with a good balance of content quality, technical implementation, and privacy compliance.

I

Interactive Advisors

interactiveadvisors.com

76

Interactive Advisors is a well-established robo-advisor platform affiliated with Interactive Brokers Group, offering low-cost, diversified investment portfolios with a focus on transparency and ease of use. The platform targets retail investors seeking automated portfolio management and self-directed trading options. The website demonstrates a high level of professionalism, with comprehensive content, clear navigation, and strong trust signals including SEC registration and SIPC protection. Technically, the site uses modern web technologies, is mobile-optimized, and performs well. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies could be improved. Privacy compliance is robust with clear cookie consent and privacy policies. Overall, the site reflects a credible and mature financial service provider with a solid digital presence.

S

Salv

salv.com

72

Salv is a Finland-based technology company specializing in financial crime prevention solutions, including AML compliance, fraud detection, and KYC risk scoring. The company offers a modular SaaS platform trusted by over 100 financial institutions across Europe, positioning itself as a key player in the fintech and banking sectors. Salv's platform emphasizes intelligence sharing and automation to enhance the effectiveness of fincrime teams. Technically, the website is built on HubSpot CMS with integrations of modern analytics and marketing tools such as Google Analytics, Hotjar, and CookieYes for consent management. The site is hosted behind Cloudflare, ensuring good performance and security. Security posture is strong, with ISO 27001 and SOC 2 Type 2 certifications prominently displayed, and best practices like HTTPS enforcement and cookie consent implemented. No critical vulnerabilities or exposed sensitive data were detected. Overall, Salv demonstrates a mature digital presence with a professional, user-friendly website that aligns well with its business objectives and compliance requirements.

X

Xolo OÜ

xolo.io

70

Xolo OÜ is a technology company founded in 2015, specializing in providing comprehensive business solutions tailored for solopreneurs and freelancers globally. Their platform offers services including virtual company invoicing without registration (Xolo Go), e-Residency company formation and management (Xolo Leap), accounting, tax reporting, and compliance support. The company positions itself as a trusted partner for independent business owners seeking to simplify administrative burdens and operate remotely. The website demonstrates a strong market presence with over 130,000 users and invoicing clients from 150 countries, indicating a mature and scalable business model. Technically, the website employs a modern tech stack with integrations of Google Analytics, HubSpot, Freshchat, and other marketing and analytics tools, ensuring robust user engagement tracking and customer support capabilities. The site is well-optimized for mobile devices, features clear navigation, and uses structured data for SEO enhancement. Performance is moderate, with room for optimization in loading speed. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not visible in the HTML, the use of reputable third-party services and absence of exposed sensitive data indicate a solid security posture. However, the site could benefit from publishing a formal security policy and vulnerability disclosure program to enhance transparency and incident response readiness. Overall, Xolo presents a professional, trustworthy, and user-centric platform with strong business credibility and compliance awareness. The lack of WHOIS data transparency is mitigated by consistent website content and social proof. Strategic recommendations include enhancing security header implementation, formalizing security policies, and continuous monitoring of third-party integrations to maintain a high security standard.

Stuudium operates an e-school platform primarily targeting students, parents, and teachers in Estonia. The website serves as a portal for users to select their school and log in to the platform. The business model is SaaS-based, providing educational institutions with digital tools for school management. The platform appears to have a moderate market position within the Estonian education sector, focusing on usability and accessibility for its target audience. Technically, the website uses standard web technologies including HTML5, CSS3, and JavaScript, with assets hosted on a dedicated CDN domain. The site is basic in design and functionality, with minimal content and limited SEO or accessibility features. Mobile optimization is present but basic. No advanced frameworks or CMS platforms are detected from the provided HTML. From a security perspective, the site uses HTTPS (assumed from external asset URLs), but no explicit security headers or policies are visible. The form disables autocomplete and autocorrect to enhance input security. However, the absence of privacy, cookie, and terms of service policies indicates gaps in compliance with GDPR and other regulations. No contact or incident response information is provided, limiting transparency and trust. Overall, the website is functional but basic, with moderate business credibility but limited privacy and security maturity. Strategic improvements in compliance documentation, security headers, and user trust signals are recommended to enhance the platform's security posture and regulatory adherence.

S

Beste Online Casino Österreich | 50+ Seriöse Online Casinos

spielautomatcasinos.at

71

The website spielautomatcasinos.at serves as an informational platform focused on online casinos in Austria, particularly slot machine casinos. It provides reviews, comparisons, and guides aimed at Austrian online gambling enthusiasts. The business model appears to be affiliate marketing and content provision within the gambling niche. Technically, the site employs Cloudflare for DNS and CDN services and likely uses WordPress as its CMS. The site implements lazy loading scripts to optimize performance and is mobile-friendly, though accessibility features are basic. Security posture is moderate with HTTPS likely enabled but lacks visible security headers and formal privacy or cookie policies, which are critical for GDPR compliance. Contact and incident response information are absent, limiting user trust and compliance transparency. Overall, the site is functional and professionally designed but requires improvements in privacy compliance and security best practices to enhance trustworthiness and regulatory adherence.

K

オンラインカジノ日本 ⚡️ 日本のベストカジノオンライン

kajinojapan10.com

56

KajinoJapan10.com is a Japanese language online casino affiliate and informational website targeting Japanese players interested in legal and reputable online casinos. The site provides detailed casino reviews, bonus offers, payment method guides, and legal context about gambling in Japan. The business model is primarily affiliate marketing, promoting various international online casinos accessible to Japanese users, often via VPN. Technically, the site is built on WordPress with common performance and user experience optimizations, including mobile responsiveness and SEO best practices. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and visible security headers. Privacy compliance is weak due to missing privacy and cookie policies. No direct contact or incident response information is provided, which limits transparency. Overall, the domain registration is consistent and supports legitimacy. Strategic improvements in privacy, security headers, and contact transparency would enhance trust and compliance.

P

Placet Group OÜ

laen.ee

68

Laen.ee is a well-established Estonian financial services provider specializing in a variety of loan products including credit cards, credit lines, consumer loans, and business loans. The company targets both private individuals and businesses within Estonia, offering flexible and user-friendly loan solutions. The website reflects a mature digital presence with clear service descriptions, a modern UI, and localized content in Estonian. Technically, the site employs standard web technologies such as JavaScript, jQuery, and Google Tag Manager, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and headers could be enhanced. Overall, the domain registration data aligns well with the business claims, supporting high legitimacy and trustworthiness.

M

Multitude Bank p.l.c.

ferratum.ee

56

Ferratum, operated by Multitude Bank p.l.c., is a well-established financial services provider specializing in quick and flexible online loans primarily targeting Estonian customers. The company is part of the larger Multitude Group, with a strong market presence since 2005 and operations in multiple countries. Their website offers a user-friendly experience with clear loan products, responsible lending information, and customer engagement through blogs and reviews. Technically, the site leverages modern frameworks such as Next.js and React, integrates third-party services like Salesforce chat and EmbedSocial reviews, and maintains good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and secure identification methods, although explicit security policies and incident response contacts are not published. Overall, the site demonstrates a mature digital presence with high trustworthiness and compliance with privacy regulations.

R

Raha.ee

raha.ee

57

Raha.ee is an Estonian financial advice platform established in 2016, offering practical guidance on earning, saving, and investing money. The website serves primarily individuals seeking to improve their personal finances through educational content and loan comparison tools. It holds a leading position in the Estonian market for financial advice websites, leveraging affiliate partnerships with multiple loan providers to monetize its services. Technically, the site is built on WordPress with modern web technologies, including JavaScript libraries and translation services, ensuring good mobile optimization and user experience. Security posture is solid with HTTPS and safe external linking practices, though explicit security headers and policies are absent. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

S

SIA Ondo

ondo.lv

68

Ondo is a Latvian-based financial services company specializing in providing fast online credit loans up to 5000 EUR with flexible repayment options. Positioned as a reliable player in the Latvian online lending market, Ondo targets consumers seeking quick and convenient credit solutions. The website is professionally designed, mobile-optimized, and provides clear information about its services, supported by a consistent brand presence and active social media channels. Technically, the site leverages modern web technologies including Webflow CMS, Google Tag Manager, Smartlook analytics, and Tawk.to live chat, ensuring a responsive and interactive user experience. Security posture is strong with HTTPS enforced, comprehensive cookie consent mechanisms, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with accessible privacy and cookie policies, indicating adherence to GDPR requirements. Overall, Ondo demonstrates a mature digital presence with good business credibility and technical implementation.

H

HUUM

huum.de

48

HUUM is a medium-sized manufacturing company specializing in sauna stoves and innovative sauna control systems, combining traditional Estonian sauna knowledge with modern Nordic design and technology. The company maintains a strong international presence with multiple regional domains targeting different markets including Germany, Estonia, Europe, the US, and Japan. The website is built on WordPress with performance optimizations and includes structured data for SEO enhancement. Privacy compliance is well addressed through Cookiebot, providing a comprehensive cookie consent mechanism and linking to a detailed privacy policy. However, explicit contact information and terms of service are not readily found on the homepage, which could be improved for better user trust and compliance.