Security Directory

D

Data Protected

lambda.ge

55

Lambda Gaming is a small technology company specializing in the development and publishing of retro and indie video games. Founded in 2022, the company targets gamers interested in nostalgic 8-bit style games and maintains an active online presence through its website, blog, and career opportunities. The business model focuses on direct engagement with its community and game distribution via digital platforms. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, hosted with Cloudflare DNS and secured with HTTPS. The site demonstrates good mobile optimization and moderate performance, with standard SEO and accessibility features. Security posture is solid with HTTPS enforcement and standard security headers, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy and cookie policies are comprehensive and GDPR compliant, with user tracking via Google Analytics and Facebook Pixel at a moderate level. Overall, the website is professional and trustworthy, with room for improvement in security transparency and accessibility compliance.

Bolt Technology OÜ operates a leading European mobility superservice platform offering ride-hailing, food and grocery delivery, car and scooter rentals, and business travel solutions. The company is well-positioned in the transportation and technology sectors with a large global footprint across 600+ cities and 50+ countries. Their digital presence is robust, leveraging modern web technologies such as Next.js and React, with strong SEO, mobile optimization, and accessibility features. The website demonstrates a high level of professionalism and branding consistency, supported by comprehensive privacy and cookie policies aligned with GDPR requirements. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response contacts are not publicly detailed, representing an area for improvement. Overall, Bolt's website and digital infrastructure reflect a mature and trustworthy business with a strong market presence and good compliance practices.

H

Hala

hala.ai

62

Hala.ai is a technology company specializing in conversational AI platforms that integrate with major business software such as QuickBooks Online, IBM Watson, Microsoft Dynamics, and SAP. The company offers digital assistants and enterprise-grade conversational interfaces designed to streamline business processes and improve operational efficiency. Positioned as a niche B2B SaaS provider, Hala.ai targets business users and enterprises seeking to automate routine tasks and unify software interactions under a single conversational UI. The company is small-sized, founded in 2017, and based in Estonia. Technically, the website is built on modern web technologies including Ghost CMS, Tailwind CSS, and JavaScript frameworks, hosted on AWS infrastructure. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Analytics are implemented via Google Analytics and Google Tag Manager, with additional marketing tracking through Albacross. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a published security policy or incident response information. DNSSEC is not enabled, which is a recommended improvement. The WHOIS data is transparent and consistent with the website content, though the registrant uses a personal Gmail address, which is common for small businesses but slightly reduces trust. Overall, Hala.ai presents a professional and trustworthy online presence with a solid technical foundation and good privacy compliance. Strategic improvements in security headers, DNSSEC, and incident response transparency would enhance its security posture and trustworthiness further.

J

John Robertson Architects

jra.co.uk

61

John Robertson Architects is a reputable architectural practice operating primarily in the UK with offices in London, Edinburgh, and Lodz. They specialize in commercial, residential, and mixed-use architectural projects, offering design, planning, and project delivery services. The firm positions itself as a leading player in the architectural sector with a strong portfolio and industry recognition. Technically, the website is built on modern frameworks such as Next.js and uses Sanity CMS, delivering a fast, mobile-optimized, and accessible user experience. The site employs HTTPS and a cookie consent mechanism, indicating good privacy compliance. However, the absence of WHOIS data for the domain www.jra.co.uk due to a naming rules violation introduces some uncertainty about domain registration legitimacy. Security posture is generally strong with no visible vulnerabilities, but the lack of explicit security headers and incident response information suggests room for improvement. Overall, the website is professional and trustworthy, though the domain registration anomaly should be clarified to enhance credibility.

The website glassolutions.eu is currently inaccessible due to a Cloudflare Turnstile human verification challenge, which blocks access to the actual content. This prevents a full analysis of the business, security posture, and compliance status. The visible page is a generic security challenge page with no business or contact information, no privacy or cookie policies, and no visible metadata or structured data. The technical infrastructure includes Cloudflare's security services, but no further technology stack details are available. The security posture cannot be fully assessed due to lack of content and security headers visibility. Overall, the site presents a low trust profile in its current state due to inaccessibility and lack of transparency.

Adaltum.ee is a small Estonian translation service provider operated by Elkdata OÜ, founded in 2022. The website offers professional translation and localization services targeting businesses and organizations requiring multilingual content adaptation. The site is built on WordPress and uses standard themes and scripts, providing a moderate level of technical maturity with good mobile optimization and basic SEO. Security posture is adequate with HTTPS enabled but lacks important security headers and formal privacy or cookie policies, which impacts compliance and trust. No direct contact information or incident response policies are published, limiting transparency. Overall, the website is functional and professional but would benefit from enhanced security practices and compliance documentation to improve trust and legal adherence.

Plastok is an Estonian-based e-commerce business specializing in the sale and custom manufacturing of plastic, rubber, and sealing products. Established in 2010, the company offers a broad range of products including antivibration mats, seals, and BulletSafe shooting range equipment. The website is professionally designed with a clear focus on product categories and customer navigation, targeting businesses and individuals requiring specialized plastic and rubber solutions. The technical infrastructure leverages modern web technologies such as React and Emotion CSS, hosted by Radicenter OÜ, a reputable Estonian hosting provider. Analytics and cookie consent are managed via Google Tag Manager and Cookiebot respectively, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced, though the absence of security headers and explicit privacy and terms policies suggests room for improvement. Overall, the website is functional and trustworthy but would benefit from enhanced compliance documentation and security best practices to strengthen user trust and regulatory adherence.

The website at innove.com/lander is minimalistic, serving primarily as a placeholder or landing page with no visible business content, contact information, or policies. The domain is longstanding, registered since 1998 with GoDaddy.com, LLC, indicating potential legitimacy, but the lack of substantive content limits the ability to assess the business fully. Technically, the site uses React for frontend rendering and loads scripts from wsimg.com and Google AdSense, suggesting some monetization intent. However, the absence of metadata, SEO elements, and accessibility features points to low digital maturity. Security posture is basic with HTTPS enabled but no DNSSEC or security headers detected. There are no visible vulnerabilities or exposed sensitive data, but the lack of privacy and cookie policies indicates compliance gaps. Overall, the site appears underdeveloped and lacks trust and transparency signals, resulting in a moderate risk profile.

The website www.shop.com currently presents a Cloudflare WAF challenge page with a Turnstile captcha, blocking direct access to its content. Due to this, no meaningful business or technical content is accessible for analysis. The WHOIS query for the domain returned no match, indicating the domain may be unregistered, privacy-protected, or otherwise obscured, which raises concerns about transparency and legitimacy. The lack of accessible content, metadata, or contact information prevents a full assessment of the company's market position or services. Technically, the site is protected by Cloudflare's security infrastructure, but no further details on hosting, CMS, or technology stack are available beyond the presence of JavaScript and SVG usage. Security posture cannot be fully evaluated due to the blocking mechanism, but the absence of visible HTTPS or security headers is noted. Overall, the risk assessment is elevated due to the inability to verify domain registration, absence of business information, and the presence of a WAF challenge that restricts content access. Strategic recommendations include resolving access issues to allow proper content delivery, publishing clear privacy and security policies, and ensuring transparent WHOIS registration data.

E

Elektrum Eesti OÜ

elektrum.ee

61

Elektrum Eesti OÜ is a well-established energy company operating in Estonia, offering a range of electricity packages, insurance, renewable energy solutions, and electric vehicle charging services. As part of the Latvenergo group, it holds a strong market position in the Baltic energy sector, serving both private and business customers with a focus on reliability and environmental sustainability. The website reflects a professional digital presence with clear navigation, multi-language support, and comprehensive service information. Technically, the site employs modern web technologies including JavaScript, CSS, and integrates third-party services such as Google Tag Manager and Usercentrics for cookie consent management. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. Overall, the site demonstrates good privacy compliance and business credibility, supported by consistent WHOIS data and transparent contact information.

T

Tanel Teemusk

teemusk.com

47

The website teemusk.com represents a seasoned freelance iOS developer and technical team lead, Tanel Teemusk, showcasing his portfolio, resume, and contact information. The site targets businesses and clients seeking expert iOS development and technical leadership services. The business model is freelance consultancy with a strong emphasis on technical expertise and project leadership. The website is professionally designed using WordPress with Divi Builder and SEO optimizations, providing a good user experience and clear navigation. Social media presence is leveraged for contact and trust building. Technically, the site employs modern web technologies including HTTPS, Google Analytics, and Google reCAPTCHA for security and analytics. The CMS is WordPress, with plugins enhancing SEO and form functionality. Performance is moderate with good mobile optimization. However, some security best practices such as DNSSEC and security headers are missing, which could be improved. Security posture is solid with HTTPS and anti-bot measures, but lacks published security or privacy policies, which impacts privacy compliance. No direct company emails or phone numbers are disclosed, relying on contact forms and social media. The domain registration data is consistent with the business claims, showing a long-standing domain without privacy protection, supporting legitimacy. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security hardening to improve user trust and regulatory adherence.

The analyzed content corresponds to a Chrome internal error page (chrome-error://chromewebdata/) which serves as an offline or error display within the Chrome browser. It includes embedded JavaScript and CSS for the Chrome Dinosaur game, but contains no actual business or website content. There is no evidence of a commercial entity, business description, or contact information. The page is not accessible as a public website and does not provide privacy, cookie, or terms of service policies. Technically, the page uses standard HTML5, CSS3, and JavaScript with Canvas and Web Audio APIs to render the game. Security posture is minimal but acceptable given the lack of external inputs or forms. Overall, this is not a live website but a browser error page, and thus cannot be evaluated as a business website.

F

Flebu International AS

flebu.com

59

Flebu International AS is a Norwegian manufacturer specializing in industrial fans, including high pressure, inert gas, exhaust gas, maritime, and offshore fans. The company targets industrial and maritime sectors requiring tailored fan solutions. The website is professionally designed using the Wix platform, featuring relevant business information and structured data for enhanced search visibility. However, the absence of WHOIS registration data raises concerns about domain legitimacy, warranting further verification. Technically, the site employs modern web technologies with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and some JavaScript hardening but lacks important security headers and privacy compliance mechanisms. Overall, the site presents a credible business front but requires improvements in privacy, security headers, and domain registration transparency.

V

Vincent Holding OÜ

vholding.ee

49

Vincent Holding OÜ is a sales and distribution company specializing in consumer products such as Batiste dry shampoo, Moxie tampons, Andmetics, Foreo, and Purederm masks. The company positions itself as a major player in the retail sector within Estonia. The website is built using the Wix platform, leveraging Wix Thunderbolt and standard web technologies including JavaScript and Webpack. The technical infrastructure is modern and supports mobile optimization, though performance is moderate. Security posture is adequate with HTTPS enabled and some cookie handling mechanisms, but lacks comprehensive security headers and policies. Privacy compliance is minimal with no visible privacy or cookie policies, and no contact information is provided on the site, which limits user trust and regulatory compliance. Overall, the website is functional and professionally designed but requires improvements in privacy, security policies, and contact transparency to enhance trust and compliance.

Meidron is a small Estonian company founded in 2011, offering IT support and consulting services, EU funding project management, and environmental consulting. The company targets businesses and organizations requiring specialized consulting and support services. The website is simple and functional, providing basic business information and contact details, including email, phone, and LinkedIn profile. The market position appears niche and regional with a focus on professional service delivery. Technically, the website uses basic HTML, CSS, and JavaScript with Google Analytics for tracking. Hosting appears to be on Oracle Cloud infrastructure. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. No CMS or frameworks are detected, indicating a custom or static site. From a security perspective, the domain is well-registered with a long history and transfer protection. However, the site lacks DNSSEC, visible HTTPS enforcement, and security headers. No privacy or cookie policies are present, and no consent mechanisms are implemented, indicating GDPR compliance gaps. The use of Google Analytics without cookie consent further impacts privacy compliance. No incident response or vulnerability disclosure information is provided. Overall, the website presents a moderate risk profile with good business credibility but requires improvements in security posture and privacy compliance to enhance trust and regulatory adherence.

C

ChangeGroup

changegroup.com

74

ChangeGroup is a well-established global leader in currency exchange and related financial services, operating over 100 bureaus across multiple continents. Owned by Prosegur, a publicly listed company, ChangeGroup offers a broad portfolio including currency exchange, money transfers, tax free refunds, and ATM networks, targeting international travelers and business clients. The website reflects a mature digital presence with a focus on user experience and accessibility. Technically, the site uses modern web technologies and appears to be built on a robust CMS platform, likely Adobe Experience Manager. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security headers and policies could be improved. WHOIS data for the subdomain is unavailable, which is expected and not suspicious. Overall, the site demonstrates professionalism, trustworthiness, and compliance with privacy regulations.

H

Hauser's Jewelers

hausersjewelers.com

60

Hauser's Jewelers is a long-established retail and e-commerce business specializing in high-end jewelry and watches, with a heritage dating back to 1898. The website serves as a professional online storefront built on the Shopify platform, showcasing various jewelry collections and brands. The business targets consumers seeking luxury jewelry and watch products, offering both sales and repair services. The site demonstrates consistent branding and good content quality, reflecting its market position as a reputable jeweler. Technically, the website leverages modern web technologies including Shopify's Expression theme, web fonts, and JavaScript libraries. It is hosted on Shopify's infrastructure with Network Solutions as the domain registrar. The site is mobile-optimized and provides a good user experience with clear navigation and product presentation. Performance is moderate, with standard Shopify CDN usage. From a security perspective, the site uses HTTPS and has domain transfer protections in place. However, DNSSEC is not enabled, and no explicit security headers were detected in the provided data. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms. Contact information is limited to contact forms without explicit emails or phone numbers. No vulnerability disclosure or incident response information is provided. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy compliance and security header implementation to improve its security posture and regulatory adherence.

R-Systems is an Estonian software development company specializing in hydrography and spatial data software solutions, founded in 1989. The company offers services including hydrographic survey software, spatial data processing, and sensor integration, targeting sectors such as military, air surveillance, logistics, and GIS. The website reflects a small, niche technology business with a long operational history but limited online presence and content depth. Technically, the website uses basic HTML, CSS, and JavaScript with Google Analytics for tracking. The site lacks modern frameworks or CMS and shows basic performance and SEO optimization. Mobile optimization and accessibility are minimal, indicating room for improvement in digital maturity. From a security perspective, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies, which are critical for GDPR compliance. No contact information or incident response details are provided, limiting transparency and trust. The use of Google Analytics without a consent mechanism further impacts privacy compliance. Overall, the website presents a moderate risk profile with no critical security issues detected but several compliance and usability gaps. Strategic improvements in privacy policies, security headers, mobile optimization, and contact transparency are recommended to enhance trust and compliance.

S

Studio One

studio-one.am

56

Studio One is a medium-sized Armenian IT consulting and digital services company specializing in web design, development, mobile apps, online marketing, and security audits. The company serves a diverse client base including governmental, financial, e-commerce, manufacturing, consulting, and media sectors. Their website reflects a professional and consistent brand image with clear navigation and relevant content. Technically, the site uses modern JavaScript libraries, Google Analytics, and Google Maps API, but lacks some advanced accessibility and mobile optimization features. Security posture is moderate with HTTPS usage but missing important security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies. WHOIS data aligns well with the business claims, indicating legitimacy. Overall, the website is functional and professional but could improve in privacy and security transparency.

P

Plakit OÜ

plakit.ee

57

Plakit OÜ is a small Estonian company specializing in software and platform testing services. The website presents basic information about the business, targeting clients seeking quality assurance for their software products. The site is built on the Wix platform, utilizing Wix's Thunderbolt framework and standard JavaScript libraries. While the technical infrastructure is modern and the site is mobile-optimized, the content is minimal and lacks comprehensive privacy, cookie, and terms of service policies. Security posture is adequate with HTTPS enabled and some cookie handling mechanisms, but lacks advanced security headers and incident response information. Overall, the website is functional but could benefit from enhanced privacy compliance and clearer contact details to improve trust and professionalism.

The website harno.ee is registered to the Estonian Ministry of Education and Research (Haridus- ja Teadusministeerium) and appears to be a government-related domain. However, the actual website content is inaccessible due to a Cloudflare security challenge page employing Turnstile captcha, which blocks direct access to the site's content. This prevents a full analysis of the website's offerings, policies, and user interface. The domain is relatively new, created in 2020, which aligns with possible recent governmental digital initiatives. Technically, the site uses Cloudflare for security and performance, but no DNSSEC is enabled, and no security headers are visible in the provided data. The lack of visible privacy, cookie, or terms of service policies, as well as absence of contact information, limits the assessment of compliance and user support. The site does not expose any forms or data collection fields beyond the captcha mechanism. From a security perspective, the use of Cloudflare's WAF and captcha indicates a proactive approach to mitigate automated threats and abuse. However, the absence of DNSSEC and security headers suggests room for improvement in hardening the domain's security posture. The lack of visible compliance documentation and contact channels is a concern for transparency and user trust. Overall, the site is legitimate and consistent with a government entity but currently inaccessible for detailed content and compliance evaluation. Strategic recommendations include enabling DNSSEC, publishing clear privacy and cookie policies, adding contact and incident response information, and implementing security headers to enhance trust and security.

The website cityntel.com represents a small Chinese company specializing in the rental, leasing, sales, and recycling of diesel generators ranging from 30KW to 2000KW, focusing on imported brands such as Cummins, Mitsubishi, and Caterpillar. The target audience includes infrastructure sectors such as railway, transportation, municipal engineering, real estate, factories, hotels, and construction sites. The business model is primarily service-oriented, providing equipment solutions tailored to client needs. The website content is primarily in Simplified Chinese and provides product listings, case studies, team introductions, and news updates related to diesel generators. Technically, the website is built on the EmpireCMS platform, utilizing standard web technologies including HTML5, CSS, JavaScript, and libraries such as Blazy for lazy loading and WOW.js for animations. The site has basic mobile optimization and moderate performance but lacks advanced SEO and accessibility features. There is no evidence of modern frameworks or advanced hosting details. The WHOIS data shows inconsistencies, including a domain creation date in the future and minimal registrant information, which raises legitimacy concerns. From a security perspective, the website lacks critical security headers, DNSSEC is not enabled, and there is no visible HTTPS enforcement information. Privacy and cookie policies are absent, and no incident response or vulnerability disclosure information is provided. These gaps indicate a low security maturity level and potential compliance issues with data protection regulations such as GDPR. Overall, the website presents a functional but basic online presence for a niche diesel generator rental business. The main risks relate to domain legitimacy concerns and insufficient security and privacy practices. Strategic improvements in security posture, compliance documentation, and WHOIS transparency are recommended to enhance trust and reduce operational risks.

A

Alarmeco

alarmeco.ee

42

Alarmeco is an Estonian company specializing in low-voltage, building automation, and security systems. Positioned as a domain expert, it offers modern technical solutions primarily targeting businesses and organizations within Estonia. The website reflects a professional and consistent brand image with clear contact information and relevant business descriptions. Technically, the site uses standard web technologies including Google Tag Manager for analytics, and it is well-optimized for mobile devices with moderate performance. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

T

Trimtex Norge

trimtex.no

67

Trimtex Norge operates an e-commerce platform specializing in sports apparel, targeting the Norwegian market. The website is built on the Shopify platform, leveraging modern e-commerce technologies and third-party marketing tools such as Klaviyo and Rebuy Engine. The business appears to be a medium-sized retailer founded in 2022, with a consistent brand presence and a focus on direct-to-consumer sales. The website demonstrates good design quality, mobile optimization, and SEO practices, although explicit privacy and terms of service policies are not found on the analyzed page. Security measures include HTTPS enforcement and standard security headers, with no detected vulnerabilities or WAF blocking. However, the absence of clear contact information and privacy policies slightly reduces trust and compliance scores. Overall, the site is professionally implemented with moderate tracking and marketing integrations.

The website at hashtago.com/lander is currently a minimal placeholder or parking page with very limited content and no substantive business information. The domain is registered since 2013 with GoDaddy.com, LLC and has standard domain status protections but lacks DNSSEC and advanced security configurations. The technical infrastructure includes basic JavaScript and a parking-lander framework with Google Adsense advertising. There are no privacy, cookie, or terms of service policies present, nor any contact or security incident response information. The security posture is weak with no security headers detected and no evidence of HTTPS enforcement in the provided content. Overall, the site lacks professionalism, trust indicators, and compliance features, resulting in a low trust and security score.

E

Eklips Digital

eklips.se

57

Eklips Digital is a specialized provider of subscription-based corporate websites, targeting listed and non-listed companies primarily in the Nordic region. Founded in 2011, the company offers a Corporate Website as a Service (CWaaS) platform that includes web development, design, branding, hosting, maintenance, security, and support services. Their market position is strengthened by serving 10% of Nasdaq Stockholm Main Market companies and delivering over 300 websites with a 99.9% uptime guarantee. The website is professionally designed using modern technologies such as Next.js and React, reflecting a mature digital infrastructure. However, the absence of WHOIS data for the domain www.eklips.se raises concerns about domain registration legitimacy, which should be verified. Security posture is moderate with no visible vulnerabilities but lacks explicit security headers and incident response information. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website presents a trustworthy and professional business presence but requires improvements in compliance and domain legitimacy verification.

Q

Qminder

qminderapp.com

67

Qminder operates as a SaaS platform specializing in queue management, appointment scheduling, and service analytics for businesses with physical customer service locations. Their market position is strong, serving a diverse range of sectors including healthcare, government, retail, and banking. The website presents a professional and modern digital presence with clear navigation and mobile optimization, reflecting a mature technical infrastructure. The technology stack includes JavaScript frameworks, HubSpot marketing and analytics tools, and cookie consent solutions, indicating a well-integrated digital marketing and analytics environment. Security posture is robust with HTTPS enforcement, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are not published, representing an area for improvement. The absence of WHOIS domain registration data reduces transparency and slightly impacts trustworthiness. Overall, Qminder demonstrates a solid business and technical foundation with room to enhance security communication and domain registration transparency.

The website bkry.org is a personal or small-scale blog site operated by an individual named Adam Saynuk. The site primarily serves as a platform for philosophical blog content with minimal additional business or commercial services. The domain is registered since 2011 under the organization 'studio_saynuk' in the US, consistent with the website owner’s identity. The site uses WordPress CMS with standard plugins and minimal customization. Technical infrastructure is basic but functional, with HTTPS enabled and moderate performance. However, the site lacks advanced security measures such as DNSSEC and security headers, and no privacy or cookie policies are present, indicating limited compliance with privacy regulations. Contact information is not explicitly provided, reducing business credibility and user trust.

C

Cedo Ltd

cedo.com

45

Cedo Ltd is a well-established manufacturer and supplier of household essentials, operating for over 60 years with a significant presence in Europe. The company focuses on producing goods such as refuse sacks, biodegradable bin liners, aluminium foil, freezer bags, cling film, and baking paper, serving both leading retailers and B2B operators. Sustainability and recycling are core to their business strategy, with a strong emphasis on reducing plastic waste and promoting circular economy principles. Their market position is supported by multiple production sites and a large workforce, reflecting a mature and stable business model. Technically, the website is built on a modern CMS platform (OctoberCMS) with standard web technologies including HTML5, CSS3, and JavaScript. The site is mobile-optimized and presents a professional design with good user experience. However, some technical improvements could enhance performance and accessibility further. The hosting provider is inferred from DNS records, and the domain is secured with HTTPS, though DNSSEC is not enabled. From a security perspective, the site uses HTTPS and domain registration protections but lacks advanced security headers and explicit security policies. No incident response or vulnerability disclosure information is published, and no contact information for security issues is provided. Privacy compliance is partially addressed with a comprehensive privacy policy available as a PDF, but no cookie consent mechanism is present. The absence of visible contact details on the site may impact user trust and compliance. Overall, the website demonstrates a solid business credibility and technical foundation but would benefit from enhanced security practices and improved privacy compliance mechanisms. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent, publishing security policies, and providing clear contact information to improve trust and compliance.

K

Kuusakoski Oy

kuusakoski.com

77

Kuusakoski Oy is a well-established company specializing in expert-level recycling services, focusing on restoring value to waste materials by collecting, processing, and producing new raw materials. With a history spanning over 100 years, Kuusakoski positions itself as a pioneer in the circular economy, serving industrial and business customers worldwide. Their key services include material processing, sale of recycled raw materials, data security and reuse, logistics, analysis and research, and local service offerings. The company emphasizes sustainability and holds certifications such as EcoVadis Silver. Technically, the website employs modern JavaScript libraries and tracking tools including Google Analytics, Google Tag Manager, and OneTrust for cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. However, explicit security headers are not detected, and no incident response or vulnerability disclosure policies are published, indicating areas for improvement in security maturity. The security posture is solid with HTTPS enforced and a comprehensive cookie consent mechanism, but the absence of WHOIS data and domain registration details introduces some uncertainty regarding domain legitimacy. The website provides clear contact information, including official company emails and phone numbers, and maintains active social media profiles, enhancing trustworthiness. Overall, Kuusakoski demonstrates a mature digital presence aligned with its business goals, though it should address security header implementation and publish incident response policies to strengthen its security posture and compliance stance.

C

CBS Pakistan

cbspakistan.com

41

CBS Pakistan is a medium-sized technology company founded in 2009, specializing in customized business software solutions including ERP systems for retail, manufacturing, and education sectors, as well as UI/UX design and website development services. The company positions itself as an experienced provider with over 16 years of continual excellence and more than 1000 projects delivered, targeting businesses seeking tailored technology solutions to optimize operations and growth. Technically, the website is built with standard web technologies (HTML5, CSS3, JavaScript) and uses Cloudflare for DNS and hosting services. Google Analytics is integrated for user tracking. The site is mobile optimized and has good SEO practices but lacks advanced accessibility features. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional and functional but could improve in privacy and security transparency.

A

Afternic (GoDaddy Operating Company, LLC)

ryapolov.com

70

The website ryapolov.com is a domain sales landing page hosted on the Afternic platform, a domain aftermarket service owned by GoDaddy Operating Company, LLC. It offers the domain ryapolov.com for sale with options to buy outright or lease to own. The site targets domain buyers including businesses and individuals seeking premium domain names. The business model is focused on domain brokerage and sales, leveraging GoDaddy's extensive infrastructure and brand recognition. The platform provides contact forms and phone support to facilitate domain price inquiries and transactions. Technically, the site is built using modern web technologies including React and Next.js, hosted on Amazon AWS infrastructure. It employs HTTPS with strong security headers and integrates third-party services such as Klarna for payments and Trustpilot for reputation. The site is optimized for performance and mobile responsiveness, with good SEO and basic accessibility features. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature digital presence. From a security perspective, the website demonstrates strong posture with enforced HTTPS, secure forms protected by reCAPTCHA, and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policy documentation and incident response contact information, which are recommended for enhanced trust and compliance. The absence of WHOIS data for the domain reduces transparency but is likely due to privacy protection or query limitations. Overall, the site is legitimate, professional, and secure, suitable for its domain sales purpose. The overall risk assessment is low, with recommendations to improve transparency by publishing security policies and incident response details, enhancing accessibility, and maintaining regular audits of third-party scripts. These steps will further strengthen trust and compliance in the competitive domain aftermarket space.

S

Speakly

speakly.me

53

Speakly is a modern language learning platform offering online courses in multiple languages such as Spanish, French, and German. The website targets a global audience of language learners and positions itself as a fast and effective learning solution with over a million users. The business model is subscription-based, focusing on delivering educational content through a web and mobile app interface. The company was founded in 2016 and maintains a medium-sized presence in the education sector. Technically, the website uses modern JavaScript frameworks like Vue.js and integrates Google Tag Manager for analytics, indicating a moderate level of digital maturity. The site is mobile optimized and provides a good user experience with professional design and clear navigation. Security-wise, the website uses HTTPS and implements cookie consent mechanisms but lacks visible security headers and explicit privacy policies, which are areas for improvement. Overall, the site is legitimate and professionally maintained but would benefit from enhanced transparency and security practices.

N

Nord Property Ltd

nordproperty.com

43

Nord Property Ltd is a medium-sized real estate company based in Estonia, specializing in international real estate services including brokering, property management, consulting, appraisal, investment counseling, and development sales. The company targets property buyers, sellers, and investors primarily in Estonia and Spain, offering multilingual support and a professional service portfolio. The website is well-structured with clear navigation and relevant content, supporting a good user experience and moderate mobile optimization. Technically, the site uses common analytics and tracking tools such as Google Analytics and Google Tag Manager, along with Google Maps API for location services. However, no CMS or hosting provider details were identified, and performance is moderate.

The website cvok.ee is an established Estonian job portal operated by Zone Media OÜ since 2010. It offers job postings, CV database services, and recruitment-related offerings targeting job seekers and employers in Estonia. The platform includes additional services such as accounting and CV expert advice, positioning itself as a comprehensive employment resource in the local market. The site content is primarily in English with options for Estonian and Russian, catering to a diverse audience. Technically, the site uses legacy HTML and JavaScript technologies, including an outdated jQuery version, and integrates Google Analytics for traffic monitoring. The design and user experience are basic, with limited mobile optimization and accessibility features. Security posture is moderate; HTTPS is implied but no advanced security headers or cookie consent mechanisms are present. The WHOIS data confirms a consistent and legitimate domain registration with no privacy protection, enhancing trust. Overall, the site is functional but would benefit from modernization and improved security and privacy compliance.

J

John Deere

johndeere.com

58

John Deere is a globally recognized enterprise specializing in manufacturing and selling agricultural, construction, forestry, and landscaping equipment. The website serves as a comprehensive portal for product information, dealer location, parts and service, financial services, and digital tools, targeting customers in agriculture, construction, and related industries. The site demonstrates a mature digital presence with extensive product catalogs and clear navigation tailored to diverse user segments. Technically, the website employs modern JavaScript libraries, Adobe Dynamic Tag Management for analytics, and OneTrust for cookie consent management, hosted likely on Akamai infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a high level of digital maturity. Performance is moderate with room for optimization. Security posture is strong with HTTPS enforced and cookie consent implemented; however, explicit security headers and published security policies are absent. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The absence of WHOIS data is notable but likely due to privacy or query limitations rather than malicious intent. Overall, the website presents a low risk profile with strong business credibility and technical implementation. Strategic improvements in security transparency and privacy policy visibility would enhance trust and compliance.

O

OÜ Nõo Lihatööstus

noo.ee

49

OÜ Nõo Lihatööstus is an established Estonian meat manufacturing company with a digital presence via a WordPress and WooCommerce-based website. The company focuses on producing quality meat products targeted primarily at local consumers and families. The website reflects a moderate level of digital maturity with good content quality, consistent branding, and a functional e-commerce platform. Technical infrastructure includes modern web technologies and integration with payment services such as Montonio. Security posture is adequate with HTTPS enabled and cookie consent implemented; however, the absence of security headers and explicit privacy policies indicates room for improvement. Overall, the site is accessible and professionally presented, supporting the company's market position as a trusted local manufacturer.

E

Edicy

edicy.com

59

Edicy is a technology company offering a SaaS platform focused on no-code landing page creation tailored for startups, small businesses, and marketers. The platform emphasizes ease of use, professional design templates, and integration with popular marketing tools such as Mailchimp, HubSpot, Google Analytics, and Meta. The website presents a polished, mobile-optimized user experience with clear navigation and comprehensive content about the product's features and benefits. Technically, the site leverages modern JavaScript libraries, analytics platforms, and a cookie consent management system to ensure compliance and user tracking. Security posture is solid with HTTPS enforced and cookie consent mechanisms, though explicit security headers and incident response policies are absent. The WHOIS data is missing or unavailable, which is unusual and reduces domain trust, but the website's professional presentation and social media presence support legitimacy. Overall, the site scores well on content quality, technical implementation, and privacy compliance, with room for improvement in business credibility and security transparency.

J

JABLAY123

themissionsociety.org

49

JABLAY123 is an online gambling-related website primarily focused on providing alternative access links and promotional content for slot games and casino gambling. The site offers various gambling game types and live chat support but lacks formal business contact information and compliance documentation. Technically, the website is built on the Squarespace platform with modern HTTPS and HSTS security but lacks important security headers and privacy policies. The absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Overall, the site presents basic content and technical implementation but falls short on privacy, security best practices, and business credibility.

F

Fairown

fairown.com

62

Fairown operates a buyback and credit system aimed at consumers who want to resell or dispose of products easily. The company positions itself as a niche retail service provider offering convenience and choice to customers. The website is built on the Wix platform, leveraging Wix Thunderbolt and standard web technologies, indicating a moderate level of digital maturity. The site is accessible, mobile-optimized, and uses HTTPS with some JavaScript security hardening. However, the absence of WHOIS registration data raises concerns about domain legitimacy. Additionally, the lack of privacy, cookie, and terms of service policies indicates gaps in compliance and transparency. Overall, while the business model and website content are clear and professional, the security and compliance posture require improvement to enhance trust and regulatory adherence.

W

Whirlpool Europe

whirlpool.eu

77

Whirlpool Europe operates as the regional web presence for Whirlpool Corporation, a leading global manufacturer of home appliances. The website serves multiple European markets with localized content and provides product information, customer support, and store locator services. The site demonstrates a professional design with consistent branding and a focus on European consumers. Technically, the website employs modern JavaScript libraries, Google Analytics, Google Tag Manager, and OneTrust for cookie consent management, indicating a mature digital infrastructure. The site is served over HTTPS with good SSL configuration, though it lacks some advanced security headers. Privacy compliance is partially addressed through cookie consent mechanisms, but explicit privacy policy and terms of service documents were not detected in the provided content. No contact information or forms were found, which may impact user trust and compliance. Overall, the domain appears legitimate and consistent with a major brand, though WHOIS data is privacy protected as typical for .eu domains.

The website whatifi.com is currently a parked domain page indicating that the domain is registered but not linked to any hosting service. It primarily promotes web hosting packages from Zone.eu in multiple languages, targeting domain owners who may be interested in subscribing to hosting services. The content is basic and lacks any detailed business information, contact details, or privacy and security policies. Technically, the site uses standard HTML, CSS, and JavaScript with a Content-Security-Policy header but lacks other important security headers and HTTPS enforcement details. The domain registration is consistent and legitimate, with a long history dating back to 1999, registered through Ascio Technologies, Inc. Danmark. Overall, the site serves as a placeholder with minimal content and limited business credibility or trust signals.

R

Royal Vopak

vopak.com

63

Royal Vopak operates as a global independent infrastructure provider specializing in tank storage solutions, positioning itself as the world’s leading company in this sector. The website reflects a large enterprise with a focus on energy transition, sustainability, and terminal operations, targeting industrial and commercial clients worldwide. The digital presence is professional, with a modern design and good mobile optimization, supported by a Drupal CMS platform and integration of analytics and marketing tools such as Google Analytics, Hotjar, and Cookiebot for consent management. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response information are absent. The lack of publicly available WHOIS data raises some concerns about domain registration transparency, but the website content and branding suggest legitimacy. Privacy compliance is partially met with cookie consent but lacks a clear privacy policy page. Overall, the site is functional and professional but could improve transparency and security documentation.

K

KHS Gruppe

khs.com

68

KHS Gruppe is a well-established international manufacturer specializing in filling and packaging systems for the beverage, food, and non-food industries. With over 150 years of history and a leading market position, KHS offers comprehensive turnkey solutions, digital services, and extensive customer support. Their website reflects a mature digital presence with detailed product and service information, customer testimonials, and sustainability commitments. Technically, the site is built on TYPO3 CMS, uses modern frameworks like Bootstrap, and integrates Matomo analytics for privacy-conscious tracking. Security posture is solid with HTTPS and cookie consent mechanisms, though some improvements in security headers and explicit security policies are recommended. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements, supporting KHS's credibility as a global industry leader.

The website famulus.ee is currently a parked domain page managed by Zone Media OÜ, an Estonian domain registrar and hosting provider. The page informs visitors that the domain is registered but not linked to any hosting service and promotes Zone's web hosting packages in multiple languages. The business operates in the technology sector, focusing on domain registration and web hosting services, targeting domain owners seeking hosting solutions. The domain is mature, registered since 2010, and the registrant information aligns with the hosting provider, indicating legitimacy. Technically, the website is a simple static page built with standard HTML, CSS, and JavaScript. It is mobile responsive and provides basic user experience but lacks advanced SEO and accessibility features. Security headers are minimal, with a weak Content-Security-Policy allowing 'unsafe-inline' scripts, and DNSSEC is not enabled for the domain. No HTTPS configuration details are visible, but the domain status suggests it is active and likely supports HTTPS. From a security perspective, the site has a low security posture due to weak headers and lack of DNSSEC. No privacy, cookie, or terms of service policies are present, and no contact or incident response information is provided. There are no analytics or tracking scripts detected, indicating minimal user tracking. The absence of contact details and policies reduces privacy compliance and user trust. Overall, the site serves as a placeholder with basic information and links to Zone Media OÜ's hosting services. The risk is low as no sensitive data is collected or exposed, but the lack of security best practices and compliance documentation suggests room for improvement. Strategic recommendations include enhancing security headers, enabling DNSSEC, adding privacy and cookie policies, and providing clear contact information to improve trust and compliance.

Statiiv OÜ operates a professional website focused on creative services including photography, quality calligraphy, and graphic design. The business targets individuals and organizations seeking artistic visual content, positioning itself as a small local creative service provider in Estonia. The website presents a clean, modern design with consistent branding and clear business identification through the company registration number. Technically, the website uses standard web technologies such as HTML5, CSS3, Google Fonts, and JavaScript. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. No CMS or complex frameworks are detected, indicating a lightweight custom implementation. From a security perspective, the site does not exhibit advanced security measures such as security headers or documented policies. The email contact is obfuscated via JavaScript to reduce spam risk, and no forms collect sensitive data. However, the SSL status is unknown from the provided data, and no privacy or cookie policies are present, which are important for GDPR compliance. Overall, the website is functional and professional but would benefit from enhanced security practices, explicit privacy and cookie policies, and improved technical SEO and accessibility. The domain WHOIS data aligns well with the business information, supporting legitimacy and trustworthiness.

N

Nordic Aviation

nordicavi.com

60

Nordic Aviation is a small aviation service provider specializing in aircraft wetlease (ACMI), damplease, charter, and consultancy services primarily targeting airlines and lessors. The company operates from Latvia and offers aircraft acquisition and consultancy to optimize airline performance. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and editor elements, indicating a moderate level of digital maturity. The site is moderately optimized for mobile devices and SEO but lacks advanced accessibility features and comprehensive privacy compliance. Security posture is basic with HTTPS usage implied but no visible security headers or incident response information. The absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Overall, the website provides basic business information but lacks critical compliance and security disclosures, suggesting a need for enhanced transparency and security controls.

Agentuur MUST is a small Estonian event organizing company with a Facebook presence dating back to 2009. Their Facebook page serves as their primary digital footprint, offering basic business information, contact details, and social proof through likes and followers. The company targets clients seeking event management services locally. Technically, the page leverages Facebook's robust platform, ensuring good performance, mobile optimization, and security through HTTPS and standard security headers. However, the page lacks explicit privacy, cookie, and security policies, which limits compliance and trust signals. No vulnerability disclosure or incident response information is provided, indicating room for improvement in security transparency. Overall, the business appears legitimate and consistent with its domain registration data, but enhancing privacy and security disclosures would strengthen its digital maturity and user trust.

T

TVT Media

tvt.biz

48

TVT Media is a well-established media services company founded in 2004, positioning itself as a global content services powerhouse. The company offers a comprehensive suite of media management and distribution services including onboarding, metadata management, versioning, access services, asset management, playout, on-demand, and delivery. Their target audience includes broadcasters, studios, and content owners operating in the international entertainment market. The website reflects a professional and consistent brand image with clear navigation and relevant content. Technically, the site uses modern front-end technologies such as Vue.js and integrates Google Maps API, hosted on AWS infrastructure. Performance and mobile optimization are good, though accessibility features are basic. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is basic with a cookie banner and privacy policy present but no explicit GDPR compliance statements or terms of service. Contact information is complete and includes a Singapore HQ address, phone number, and company email. Overall, the website is credible and trustworthy with room for improvement in security and compliance documentation.

J

Joss Services

joss-services.com.au

55

Joss Services is a 100% Indigenous owned and operated company specializing in security, construction, and commercial cleaning services primarily serving the Sydney Metro area. The company presents itself as a niche service provider with certifications such as FACCI ASSURED and membership in Supply Nation, indicating a commitment to quality and Indigenous business standards. The website is built on the Squarespace platform, featuring a professional design with clear navigation and mobile responsiveness. However, the absence of privacy and cookie policies, as well as incomplete WHOIS data, limits the overall trust and compliance posture. Security-wise, the site uses HTTPS but lacks security headers and formal security policies. Contact information is clearly provided, enhancing business credibility. Overall, the website reflects a legitimate small business with room for improvement in privacy compliance and security best practices.