Security Directory

A

AS Äripäev

pollumajandus.ee

54

Põllumajandus.ee is a specialized thematic news portal operated by AS Äripäev, focusing on agriculture and rural economy news in Estonia and abroad. It serves as a trusted source for professionals and enthusiasts in the agricultural sector, offering news, market reviews, interviews, opinion pieces, podcasts, and marketing content. The site is part of a larger media group with multiple related thematic sites, enhancing its market position and reach. Technically, the website is built on modern web technologies including React and Next.js, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly available. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Overall, the site demonstrates a mature digital presence with professional content and strong business credibility.

A

AS Äripäev

personaliuudised.ee

55

Personaliuudised is a leading Estonian digital media portal specializing in personnel management news, including labor law, payroll, recruitment, training, and employee relations. Owned by AS Äripäev, the site targets HR professionals and employers in Estonia, offering comprehensive news, podcasts, videos, and newsletters. The platform is well-established with a consistent brand presence and a professional digital footprint. Technically, the website leverages modern frameworks such as React and Next.js, ensuring a responsive and performant user experience. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response contacts are not publicly available. Privacy compliance is robust, featuring comprehensive privacy and cookie policies with consent management. Overall, the site demonstrates high business credibility and technical maturity, suitable for its professional audience.

A

AS Äripäev

palgauudised.ee

55

Palgauudised.ee is a specialized Estonian media portal operated by AS Äripäev, focusing on payroll, labor law, taxation, and work organization topics. It serves professionals seeking up-to-date information, practical tools, and educational resources such as webinars and conferences. The website employs a subscription-based business model with tiered access to content and services. Technically, the site is built on modern web frameworks including Next.js and React, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance via a consent management SDK. Contact information and legal policies are clearly presented, enhancing trust and transparency. Overall, Palgauudised.ee demonstrates a mature digital presence with a solid market position in the Estonian media landscape.

E

Eesti Aripaev AS

mu.ee

54

The website www.mu.ee operates as a specialized healthcare news portal primarily targeting Estonian medical professionals such as doctors and pharmacists. It provides fresh and diverse coverage of healthcare events, professional news, conference and seminar information, training, and health-related radio broadcasts. The site is affiliated with Eesti Aripaev AS, a reputable media company in Estonia, reinforcing its credibility and market position within the healthcare media sector. Technically, the website is built using modern web technologies including React and Next.js, ensuring good performance and mobile optimization. The presence of security headers and enforced HTTPS indicates a strong security posture. However, the site lacks visible privacy and cookie policies, as well as explicit GDPR compliance mechanisms, which are critical for user trust and regulatory adherence. Security-wise, the site demonstrates good practices such as secure transport and security headers but does not provide public-facing security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the site is accessible without WAF or blocking mechanisms, allowing full content access. The overall risk assessment is moderate with recommendations to enhance privacy compliance, provide clear contact information, and implement GDPR consent mechanisms. These improvements will strengthen user trust and regulatory compliance, supporting the site's professional reputation and operational integrity.

A

AS Äripäev

logistikauudised.ee

55

Logistikauudised.ee is a leading Estonian media outlet specializing in transport and logistics news, operated by AS Äripäev. The website offers comprehensive industry news, analysis, and organizes related conferences, targeting professionals and stakeholders in the logistics sector. The platform is built on a modern React and Next.js technology stack, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not published. Privacy and cookie policies are present with consent mechanisms, indicating good compliance with GDPR. Overall, the site demonstrates a professional and trustworthy digital presence with clear business information and active social media engagement.

A

AS Äripäev

kinnisvarauudised.ee

55

Kinnisvarauudised is a leading Estonian real estate news portal and organizer of real estate conferences, operated by AS Äripäev. The website provides comprehensive coverage of real estate development, management, and maintenance topics, targeting professionals, investors, and enthusiasts in the Estonian real estate sector. The platform is well-established with a history dating back to 2000 and maintains a strong market position as a trusted source for real estate news and insights. Technically, the site uses modern web technologies including React and Next.js, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response contacts are not publicly available. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy practices. Overall, the website demonstrates a professional and trustworthy digital presence with room for improvement in security transparency and accessibility.

K

Kestlikkusuudised

kestlikkusuudised.ee

52

Kestlikkusuudised is a specialized Estonian media platform focusing on ESG (Environmental, Social, and Governance) topics, providing news, podcasts, and insights for professionals and businesses interested in sustainability. The website is well-branded and consistent with a clear target audience of ESG professionals in Estonia. Technically, the site uses modern web technologies such as React and Next.js, ensuring good mobile optimization and user experience. However, the site lacks explicit privacy and cookie policies, and no contact information is readily available, which impacts privacy compliance and business credibility scores. Security posture is moderate with no visible security headers or explicit policies, and no WAF or blocking mechanisms are detected, indicating accessible content. WHOIS data aligns well with the website's business focus, supporting legitimacy.

A

AS Äripäev

kaubandus.ee

55

Kaubandus.ee is a leading Estonian media platform specializing in trade sector news, including retail, wholesale, and e-commerce. Operated by AS Äripäev, it offers news articles, industry reports, podcasts, and organizes conferences and training events. The website targets professionals and stakeholders in the Estonian trade industry, maintaining a strong market position as a trusted source of sector-specific information. Technically, the site is built on modern web technologies including React and Next.js, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies are not publicly disclosed. Privacy compliance is well addressed with comprehensive privacy and cookie policies aligned with GDPR. Overall, the site demonstrates a professional and credible digital presence with clear contact information and active social media engagement.

A

AS Äripäev

foundme.io

59

FoundME is a specialized media portal operated under AS Äripäev, focusing on news, opinions, podcasts, and radio shows related to the Estonian and international start-up ecosystem. The website targets entrepreneurs, investors, and the start-up community by providing curated content and subscription-based access to premium materials. Technically, the site is built on modern web technologies including React and Next.js, ensuring good mobile responsiveness and SEO optimization. Security posture is strong with HTTPS enforcement and appropriate security headers, although no explicit security policy or vulnerability disclosure page is present. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the site presents a professional and trustworthy digital presence with clear contact information and partner affiliations.

A

AS Äripäev

ehitusuudised.ee

53

Ehitusuudised is a leading Estonian construction news portal and conference organizer operated by AS Äripäev. The website provides comprehensive news coverage, podcasts, and industry insights focused on construction, architectural design, and building materials. It targets professionals and enthusiasts in the Estonian construction sector, maintaining a strong market position as a trusted media source. The business model revolves around subscription-based content access, advertising, and event management. Technically, the site is built on a modern React and Next.js stack, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforcement and standard security headers, although explicit security policies and incident response contacts are not publicly available. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the website demonstrates a mature digital presence with good content quality and business credibility.

A

AS Äripäev

dv.ee

55

AS Äripäev operates the website www.dv.ee, a leading Russian-language economic and business news portal in Estonia. The site provides comprehensive coverage of local and international economic news, stock market updates, research articles, podcasts, and events. It targets Russian-speaking business professionals and investors interested in Estonia's economic landscape. The business model is primarily media publishing with revenue from subscriptions and advertising. The company maintains a consistent brand presence and offers rich, relevant content with good quality and professional design. Technically, the website is built using modern web technologies including React and Next.js, with CSS modules for styling and integration of privacy and consent management tools such as Didomi and Privacy Center SDK. The site is mobile-optimized and performs moderately well, with good SEO and basic accessibility features. Security posture is strong with HTTPS enforced and multiple security headers present, though no explicit security policy or incident response information is published. Overall, the website demonstrates a mature digital infrastructure and a secure environment for users. The WHOIS data confirms the legitimacy of the domain and its alignment with the business identity. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user trust and regulatory adherence. Strategic recommendations include publishing a dedicated security policy, incident response contacts, and a vulnerability disclosure policy to further enhance transparency and security maturity.

Ä

Äripäeva Teabevara ja Nõuandekeskus

teabevara.ee

51

Äripäeva Teabevara ja Nõuandekeskus is a professional Estonian business information service operated under Zone Media OÜ. The website offers licensed access to a continuously updated knowledge base and expert advice center targeting business professionals and specialists in Estonia. The platform integrates various content types including documents, audio, and video to support informed decision-making. Technically, the site is built on modern frameworks such as Next.js and React, hosted behind Cloudflare, ensuring good performance and security. The security posture is strong with HTTPS, security headers, and consent management, although explicit security policies and incident response contacts are not publicly available. Overall, the site is professional, trustworthy, and compliant with GDPR, but could improve transparency in contact and security disclosures.

Lemonway is a French licensed payment institution specializing in providing modular and compliant payment solutions tailored for marketplaces and crowdfunding platforms. Established since 2012 and trusted by over 400 marketplaces including major clients like Decathlon and SNCF Connect & Tech, Lemonway offers a comprehensive suite of services including Pay-In, Identification (KYC), Wallet management, Pay-Out, and an intuitive Dashboard. Their API-centric approach enables seamless integration and control over payment flows, supporting multiple currencies and payment methods. The company emphasizes security, compliance, and user experience, backed by ACPR licensing and PCI DSS compliance. Technically, the website leverages modern frameworks such as Next.js and React, with robust analytics and tracking tools implemented responsibly with user consent. Security posture is strong with HTTPS, security headers, and secure forms, although explicit security policies and incident response details are not publicly disclosed. WHOIS data is missing or obscured, likely due to privacy protection, which slightly impacts trust but is common in regulated financial sectors. Overall, Lemonway presents a professional, secure, and mature digital presence aligned with its business objectives.

A

AS Äripäev

raamatupidaja.ee

46

Raamatupidaja.ee is a well-established Estonian media portal specializing in accounting, tax, and labor law news. Operated by AS Äripäev, it serves professionals in accounting and finance sectors with news, expert advice, podcasts, and training services. The website demonstrates a mature digital infrastructure using modern web technologies such as React and Next.js, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response information are not publicly available. The site complies with GDPR and provides clear privacy and cookie policies. Overall, Raamatupidaja.ee presents a trustworthy and professional online presence with a solid market position in Estonia's business media landscape.

H

HOK-Elanto Liiketoiminta Oy

alepa.fi

63

Alepa.fi is the official website of Alepa, a well-established Finnish grocery retail chain operated by HOK-Elanto Liiketoiminta Oy. The company has a strong market presence in Finland, offering both physical grocery stores and an online grocery shopping platform with delivery options. The website reflects a mature digital infrastructure built on modern technologies such as React and Next.js, hosted on AWS infrastructure. The site is well-optimized for mobile devices and provides a professional user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent managed via Usercentrics, though explicit security headers and detailed privacy policies are not prominently disclosed. Overall, the domain registration data aligns well with the business claims, indicating a legitimate and trustworthy entity.

S

SOK

skaupat.fi

68

S-kaupat.fi is the official online grocery store platform for the Finnish S-ryhmä retail group, operated by SOK. It offers a comprehensive range of grocery products from multiple store brands including Prisma, S-market, Alepa, Sale, and Herkku. The platform targets Finnish consumers seeking convenient and flexible online grocery shopping with various delivery options and integrated customer bonus programs. The website is well-branded, professionally designed, and localized primarily in Finnish with multilingual support. Technically, it leverages modern web technologies such as React and Next.js, integrates with Contentful CMS, and uses Usercentrics for cookie consent management. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, compliant with GDPR, and provides a good user experience.

A

AS Äripäev

ituudised.ee

56

ITuudised is a leading Estonian news portal focused on the ICT sector, operated by AS Äripäev. It provides comprehensive news, success stories, lessons, results, and plans related to the Estonian IT industry, supplemented by IT training and technology-themed radio shows. The portal targets IT professionals, business leaders, and technology enthusiasts in Estonia, positioning itself as a key information source in the local technology media landscape. Technically, the website leverages modern web technologies including React and Next.js, ensuring a responsive and well-structured user experience. The site is well-optimized for SEO and mobile devices, with a professional design and clear navigation. Security-wise, the site enforces HTTPS, includes essential security headers, and avoids exposing sensitive data, reflecting a mature security posture. However, explicit security policies and incident response contacts are not publicly available, indicating room for improvement in transparency. Overall, the website demonstrates strong business credibility and privacy compliance, with clear contact information and GDPR-aligned policies. The domain registration details align well with the business identity, reinforcing trustworthiness.

A

AS Äripäev

aripaev.ee

57

AS Äripäev operates a leading Estonian business media platform providing comprehensive economic and business news, analysis, and multimedia content. The website targets business professionals and investors, offering subscription-based access to premium content including PRO packages and investor-specific services. The company is part of the Nordic media conglomerate Bonnier Group, reinforcing its market position and credibility. Technically, the site is built on modern web technologies including React and Next.js, delivering a responsive and accessible user experience with good SEO practices. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response details are not publicly available. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a mature digital presence with high trustworthiness and professional content delivery.

A

AS Äripäev

bestmarketing.ee

55

Best Marketing is a leading Estonian marketing news portal and event organizer, operated by AS Äripäev. The website delivers comprehensive marketing, advertising, and communication industry news, targeting marketing professionals in Estonia. It offers subscription-based content, podcasts, videos, and organizes marketing conferences, positioning itself as a key media player in the Estonian marketing sector. The site is well-branded, professionally designed, and maintains consistent content quality. Technically, the site is built on modern frameworks such as Next.js and React, with good mobile optimization and SEO practices. Security posture is strong with HTTPS, security headers, and consent management in place, although no explicit security policy or incident response information is published. Privacy and cookie policies are present and GDPR compliant. Contact information is clearly provided, enhancing business credibility. Overall, the site demonstrates a mature digital presence with a solid foundation for content delivery and user engagement.

U

UÜ Granaat

granaat.ee

40

UÜ Granaat is a small Estonian technology company specializing in creating sales-enhancing websites and e-commerce stores on the Voog platform. Established in 2010, the company leverages over 15 years of experience to deliver tailored web solutions aimed at helping small businesses achieve their goals. Their market position is strengthened by their official partnership with Voog and a strong portfolio of satisfied clients, as evidenced by numerous positive testimonials. Technically, the website is built using modern frameworks such as Next.js and React, styled with Tailwind CSS, and optimized for fast performance and excellent mobile responsiveness. Hosting and domain registration are consistent and managed by Elkdata OÜ, further supporting the company's legitimacy. The site integrates Google Analytics via Google Tag Manager and uses Calendly for scheduling client calls. From a security perspective, the site enforces HTTPS and employs secure form handling, but lacks explicit security headers and published security policies. Privacy compliance is limited due to the absence of privacy and cookie policies, which presents a compliance risk under GDPR. No critical vulnerabilities or exposed sensitive data were detected. Overall, UÜ Granaat presents a professional and trustworthy web presence with solid technical foundations and business credibility. However, to enhance compliance and security posture, the company should publish privacy and cookie policies, implement consent mechanisms, and add recommended security headers.

C

Creditea

creditea.mx

56

Creditea is an established online personal loan provider operating primarily in Mexico and other countries, serving over 1.7 million clients. It offers personal loans up to $70,000 MXN with a focus on quick, easy, and secure loan processing through an online platform and mobile applications. The company is part of Grupo IPF, a larger financial group, which enhances its market credibility and reach. The website is professionally designed with good mobile optimization and clear navigation, supporting a positive user experience.

C

Creditea

creditea.cz

60

Creditea is an online lending platform operating in the Czech Republic, offering personal loans up to 130,000 CZK with rapid approval and fund disbursement within 15 minutes. The company is part of the IPF Group, which has a presence in nine countries and serves over 1.7 million customers. The website demonstrates a modern digital infrastructure using React and Next.js frameworks, with integrated analytics and cookie consent mechanisms. While the site is professionally designed and mobile-optimized, it lacks explicit privacy and terms of service pages, which are critical for regulatory compliance and user trust. Security posture is generally good with HTTPS and cookie consent, but could be improved with additional security headers and published security policies. The absence of WHOIS data reduces domain trustworthiness, though the business licensing by the Czech National Bank supports legitimacy.

A

AS Tallink Grupp

tallink.com

65

AS Tallink Grupp operates the Tallink Silja Line ferry and cruise services across the Baltic Sea, connecting major cities such as Helsinki, Stockholm, Tallinn, Turku, and the Åland Islands. The company offers passenger transportation, cargo services, onboard entertainment, tax-free shopping, and hotel accommodations, positioning itself as a leading maritime transport provider in the Baltic region. The website reflects a mature digital presence with a modern tech stack based on Next.js and React, delivering fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly disclosed. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. The absence of WHOIS data reduces domain registration transparency but does not detract significantly from the overall trustworthiness given the professional branding and extensive external references. Strategic recommendations include publishing a security policy, incident response contacts, and vulnerability disclosure information to enhance trust and compliance.

C

Creditea International

creditea.com

52

Creditea International operates an online lending platform targeting consumers in multiple countries including Estonia, Latvia, Lithuania, Czech Republic, and Mexico. The website serves as a gateway to country-specific portals offering consumer credit services. The business model focuses on digital lending solutions, positioning itself as a regional player in the online finance sector. The site uses modern web technologies such as React and Next.js, indicating a contemporary technical infrastructure. However, the content is minimal and primarily navigational, with limited visible business or compliance information. Security posture is moderate but lacks visible security headers and compliance documentation, which could be improved to enhance trust and regulatory adherence. The absence of WHOIS registration data and contact information raises concerns about transparency and legitimacy. Overall, the website is functional but requires enhancements in security, privacy compliance, and business credibility to strengthen its market position and user trust.

Vumonic Datalabs is a technology company specializing in AI-powered market intelligence and consumer transaction data analytics. Founded in 2016 and headquartered in Estonia, it leverages a large email receipts panel primarily in India with plans for global expansion. The company targets buy-side and sell-side funds, corporates, and brands seeking actionable insights to drive smarter decisions. The website reflects a modern, professional digital presence built on Next.js and React, with good performance and mobile optimization. Security posture is solid with HTTPS and domain registration protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is basic, lacking cookie consent mechanisms despite use of Google Analytics. Overall, the business demonstrates credibility with consistent WHOIS data and clear market positioning.

C

Creditea

creditea.ee

58

Creditea is a financial services provider offering transparent and flexible credit accounts primarily targeting consumers in Estonia and the Baltic region. The company is part of the IPF group and serves over 1.7 million customers across nine countries. Their services include credit lines and payment accounts accessible via web and mobile applications, emphasizing ease of use and transparency with no hidden fees. The website is professionally designed, mobile-optimized, and provides a user-friendly experience with clear navigation and relevant content in Estonian. Technical infrastructure leverages modern web technologies such as React and Next.js, with integrations for analytics and advertising through Google Tag Manager and Bing Ads. Security posture is strong with HTTPS enforcement, security headers, and GDPR-compliant cookie consent mechanisms. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy and ownership transparency. Overall, the website demonstrates a mature digital presence with good security and privacy practices but would benefit from clearer contact information and verified domain registration details.

M

Multitude Bank p.l.c.

ferratum.ee

56

Ferratum, operated by Multitude Bank p.l.c., is a well-established financial services provider specializing in quick and flexible online loans primarily targeting Estonian customers. The company is part of the larger Multitude Group, with a strong market presence since 2005 and operations in multiple countries. Their website offers a user-friendly experience with clear loan products, responsible lending information, and customer engagement through blogs and reviews. Technically, the site leverages modern frameworks such as Next.js and React, integrates third-party services like Salesforce chat and EmbedSocial reviews, and maintains good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and secure identification methods, although explicit security policies and incident response contacts are not published. Overall, the site demonstrates a mature digital presence with high trustworthiness and compliance with privacy regulations.

S

SmartPosti

smartpost.ee

64

SmartPosti is a leading parcel delivery service in Estonia, operating under the parent company Posti Group Oyj. The company offers a comprehensive range of parcel logistics services including parcel sending, receiving, self-service management, courier home delivery, and international shipments. Their extensive network and digital platform provide customers with flexible and convenient parcel handling options. The website demonstrates a mature digital infrastructure built on modern technologies such as Next.js and Contentful CMS, with good mobile optimization and accessibility. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the website reflects a professional and trustworthy business with strong compliance to privacy regulations and a clear market position in the transportation sector.

C

Centra

centra.dev

60

Centra is a technology company specializing in providing developer-centric e-commerce solutions through APIs and headless commerce platforms. Their website offers comprehensive documentation, guides, and sandbox access aimed at developers and e-commerce businesses seeking to build custom commerce stacks. The company positions itself as a flexible and modern alternative in the e-commerce technology market, focusing on Direct-to-Consumer and Wholesale business models. Technically, the website leverages modern frameworks such as Next.js and React, with GraphQL APIs and integrations with HubSpot for forms and Leadfeeder for tracking. The site demonstrates good performance, mobile optimization, and accessibility, reflecting a mature digital infrastructure. SEO practices are well implemented with appropriate meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and uses asynchronous script loading to optimize performance and security. However, it lacks published security policies, incident response information, and vulnerability disclosure mechanisms, which are important for transparency and trust. Privacy and cookie policies are also missing, indicating compliance gaps with GDPR and related regulations. Overall, Centra's website is professional and trustworthy, with strong business credibility and technical maturity. The main risks relate to privacy compliance and security transparency, which should be addressed to enhance user trust and regulatory adherence.

ClinEco is a specialized B2B clinical trials marketplace platform launched in 2021 by Cambridge Healthtech Inst., targeting sponsors, CROs, service providers, and clinical trial sites. The platform facilitates partner discovery, collaboration, and community engagement within the clinical research industry. It leverages a modern React/Next.js tech stack hosted on AWS, integrating popular marketing and analytics tools such as HubSpot, Google Analytics, Hotjar, and AdRoll. The website demonstrates good design quality, clear navigation, and mobile responsiveness, supporting a positive user experience and professional brand presentation. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is limited due to absence of explicit privacy and cookie policies. Overall, the domain registration is consistent and trustworthy, aligning with the business identity and location.

Y

Yolla eSIM

yollaesim.com

64

Yolla eSIM is a telecommunications service provider specializing in offering eSIM data plans for over 91 countries worldwide. Their business model focuses on providing affordable mobile internet connectivity for travelers through a web platform and a dedicated mobile app. The company appears to be a small-sized entity founded in 2020, with a clear market position targeting global travelers seeking cost-effective data roaming solutions. Technically, the website is built on a modern React and Next.js stack with Material-UI components, delivering a good user experience and mobile optimization. However, some SEO and accessibility aspects could be improved. Security-wise, the site enforces HTTPS and has domain transfer protections but lacks visible security headers and explicit security policies, which could be enhanced to strengthen trust and compliance. Overall, the website is professional and functional with moderate trustworthiness and no blocking or WAF interference detected.

O

OneStream Software

onestreamsoftware.com

71

OneStream Software is a leading enterprise finance management platform that integrates finance and operational data with AI to enhance the strategic impact of CFOs. The company targets large enterprises and finance professionals seeking unified financial planning, consolidation, reporting, and analytics solutions. Their market position is strong, supported by recognized certifications such as SOC 2 and ISO 27001, and a comprehensive digital presence including customer success stories and analyst reports. Technically, the website is built on modern frameworks like Next.js and React, with robust performance, mobile optimization, and SEO practices. The security posture is solid, featuring HTTPS, security headers, and secure form handling, though explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the website reflects a mature, professional enterprise software provider with a high level of trustworthiness and digital maturity.

K

Krulli kvartal

krulli.co

59

Krulli kvartal is a community-oriented urban development project based in Tallinn, Estonia, focused on creating a human-centered, inclusive, and sustainable urban space. The website showcases rental spaces, event venues, and community activities, targeting local residents, creatives, and startups. The project emphasizes collaboration and cultural engagement within the Kalamaja district. Technically, the website is built on a modern stack using Next.js and Strapi CMS, hosted on DigitalOcean, with good performance and mobile optimization. Security posture is strong with HTTPS and security headers, but lacks explicit privacy and cookie policies, which impacts privacy compliance. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and incident response disclosures.

P

PDF Generator API

pdfgeneratorapi.com

74

PDF Generator API is a technology company specializing in providing an API service that automates PDF document creation from templates and JSON data. Their platform targets developers and businesses seeking to integrate PDF generation capabilities into their applications, offering a browser-based drag-and-drop editor for template management. The company appears to be a small-sized entity founded around 2017, with a focused niche in document automation technology. Technically, the website leverages modern web technologies including Next.js and React, supported by analytics and monitoring tools such as Mixpanel, Google Analytics 4, RudderStack, and Bugsnag. Hosting is likely on Amazon AWS infrastructure, indicated by the DNS servers. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO practices in place. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism with granular user options, reflecting some privacy compliance efforts. However, the absence of DNSSEC, security headers, explicit privacy policy, terms of service, and contact information for security or incident response reduces the overall security posture. No WAF or blocking mechanisms were detected, and the domain registration is consistent and legitimate. Overall, the website presents a professional and functional service with room for improvement in privacy transparency, security hardening, and contact availability. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing comprehensive privacy and security policies, and providing clear contact channels for incident response.

C

Chronogolf by Lightspeed

chronogolf.com

73

Chronogolf by Lightspeed operates a leading online platform for booking golf tee times and managing golf course operations. The company targets golfers seeking convenient tee time reservations and golf course operators needing management software. The website demonstrates a mature digital presence with modern technologies such as React and Next.js, integrated Google Maps API, and comprehensive privacy and cookie consent mechanisms. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly disclosed. The absence of WHOIS data for the domain www.chronogolf.com suggests privacy protection or alternative registration, but the website's professional quality and association with Lightspeed support its legitimacy. Overall, the site is well-optimized for performance, mobile use, and SEO, providing a trustworthy user experience.

G

G-Works Oy

g.works

65

G-Works Oy is a Finnish digital agency specializing in designing, implementing, and maintaining websites, e-commerce stores, and custom digital systems with over 15 years of experience. The company targets businesses and organizations seeking tailored digital solutions and positions itself as a reliable and professional service provider in the Finnish technology sector. Their website reflects a modern, professional design with clear navigation and strong branding consistency. Technically, the site is built using modern frameworks such as Next.js and React, hosted on Vercel, and employs Cloudflare DNS services. The site is optimized for performance, mobile responsiveness, and accessibility, with good SEO practices in place. Security-wise, the website enforces HTTPS, uses appropriate security headers, and implements a comprehensive cookie consent mechanism via Cookiebot, demonstrating good GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data confirms the legitimacy of the domain registration, matching the company’s location and business claims. Overall, the website presents a trustworthy and professional digital presence.

P

PT Gramedia Asri Media

gramedia.com

67

Gramedia.com is the largest and most trusted online bookstore in Indonesia, operated by PT Gramedia Asri Media. The website offers a comprehensive catalog of books and related products, targeting Indonesian consumers interested in literature and educational materials. The business model is e-commerce retail with a strong emphasis on official stores and promotional campaigns. The company maintains a significant market position as a leading book retailer in the region. Technically, the website is built on modern frameworks such as React and Next.js, incorporating various analytics and marketing tools including Google Analytics, Hotjar, TikTok Pixel, and Facebook Pixel. The site demonstrates good mobile optimization and SEO practices, although accessibility features could be improved. Performance is moderate, with a well-structured and professional design. From a security perspective, the site enforces HTTPS and employs standard security headers, reflecting a solid security posture. However, the absence of a visible cookie consent mechanism and explicit security or incident response policies indicates room for improvement in privacy compliance and transparency. The WHOIS data is unavailable, which slightly reduces trust but is mitigated by the company's established market presence and consistent branding. Overall, Gramedia.com is a credible and professionally managed e-commerce platform with a strong business foundation and good technical implementation. Strategic enhancements in privacy compliance and security transparency would further strengthen its trustworthiness and regulatory adherence.

H

Härkila

harkila.com

75

Härkila is a well-established hunting apparel and equipment brand with a strong market presence in over 50 countries. The company offers a wide range of hunting clothes, footwear, and accessories targeting hunters and outdoor enthusiasts. The website reflects a professional e-commerce platform built with modern technologies such as React and Next.js, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and explicit security policies. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a visible privacy policy and terms of service. Overall, the website is trustworthy and credible but could improve transparency and security practices.

D

Domains By Proxy, LLC

zora.co

66

Zora is a technology company operating a niche social networking platform that integrates blockchain technology by making every post a coin. The platform targets users interested in social networking combined with crypto and blockchain features. The website is built using modern web technologies such as React and Next.js, hosted with Cloudflare DNS services, and employs analytics tools like Google Tag Manager and PostHog. The site is mobile optimized and has good SEO and accessibility basics. Security posture is solid with HTTPS enforced and domain status protections, though DNSSEC is not enabled, which is a recommended improvement. Privacy and cookie policies are present with consent mechanisms, but terms of service and explicit security policies are missing. No direct contact information or incident response channels are publicly available. The domain is privacy protected via Domains By Proxy, which is common for tech startups and blockchain projects, and the domain age is mature, supporting legitimacy. Overall, the website is professional and trustworthy with room for improvement in security disclosures and contact transparency.

L

LogoArchive • The world's largest historical logo book • Endless logo inspiration

logo-archive.org

60

LogoArchive is an online platform offering the world's largest historical logo book, providing over 4000 carefully curated logos with new additions daily. It targets design professionals and branding teams seeking logo inspiration. The website is built using modern technologies such as Next.js and React, integrating payment and analytics services like Stripe and Splitbee. While the site demonstrates good design quality and user experience, it lacks visible privacy and cookie policies, contact information, and security headers, which are critical for compliance and trust. The absence of WHOIS data further limits the ability to fully assess domain legitimacy. Overall, the platform serves a niche market effectively but should enhance its security posture and privacy compliance to improve trustworthiness.

W

Wittl

wittl.co

62

Wittl is a SaaS company providing a modern applicant tracking system tailored for small and medium-sized teams. Their platform enables users to create job postings, customize career sites, manage applicant reviews, and collaborate efficiently during the hiring process. Positioned as an affordable and user-friendly alternative to legacy ATS solutions, Wittl targets SMBs seeking streamlined recruitment workflows. The website demonstrates a professional and consistent brand presence with clear service offerings and customer testimonials, reinforcing trust and market relevance. Technically, the site is built on a modern React and Next.js stack, delivering fast performance and excellent mobile optimization. The use of privacy-focused analytics (Plausible) aligns with contemporary data protection expectations. However, the absence of certain security headers and cookie consent mechanisms indicates room for improvement in security and privacy compliance. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data, reflecting good baseline security hygiene. The lack of published security policies or incident response contacts suggests an opportunity to enhance transparency and preparedness. The WHOIS data is privacy protected, which is typical for SaaS businesses but limits external verification of registrant details. Overall, Wittl presents a credible and well-executed online presence with minor gaps in privacy compliance and security best practices. Strategic enhancements in these areas would further strengthen user trust and regulatory alignment.

I

Infopank

infopank.ee

51

Infopank is Estonia's largest business information platform, providing a comprehensive suite of services including competition reports, marketing lists, sales agent tools, certificates, data interfaces, debt registers, and background information. The platform targets Estonian businesses and professionals seeking reliable business data to support growth and decision-making. Technically, the website leverages modern frameworks such as Next.js and React, integrates Google Tag Manager, Facebook Pixel, Hotjar, and a consent management platform (Didomi), indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit privacy and security policies are not found in the provided content. Overall, the site is professional, functional, and trustworthy, with room for improvement in privacy compliance documentation and accessibility.

M

Mineflow

mineflow.ai

49

Mineflow is a newly founded AI-driven mineral exploration startup focused on transforming exploration site data into accurate 3D and 2D models of mineral deposits such as gold and copper. The company targets mining professionals and geologists with a SaaS platform leveraging advanced AI technologies. The website is built using modern web technologies including React and Next.js, providing a good user experience with responsive design and clear navigation. Analytics are implemented via PostHog, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced, but lacks DNSSEC and security headers, and no privacy or cookie policies are published, which are critical for compliance and trust. The domain is privacy protected and very new, consistent with a startup profile. Overall, the website is professional but would benefit from enhanced privacy compliance and security hardening.

V

VideoGen, Inc.

videogen.io

59

VideoGen, Inc. operates a cutting-edge AI-powered video generation platform designed to simplify and accelerate video creation for content creators, marketers, educators, and businesses. The platform offers a wide range of AI-driven features including script writing, voiceover generation, avatar integration, and multi-format video outputs tailored for social media and professional use. Backed by Y Combinator and trusted by millions, VideoGen positions itself as a leading SaaS solution in the AI video generation market. Technically, the website is built on modern web technologies including React and Next.js, hosted and secured via Cloudflare. It demonstrates excellent performance, mobile optimization, and SEO practices. The security posture is strong with HTTPS enforcement and appropriate security headers, although privacy compliance could be enhanced by implementing explicit cookie consent mechanisms. From a security perspective, no critical vulnerabilities or exposed sensitive data were detected. The domain uses privacy protection for WHOIS data, which is justified for a startup. The business credibility is high, supported by professional branding, testimonials, and a comprehensive affiliate program. Overall, VideoGen presents a mature digital presence with room for minor improvements in privacy transparency and security policy disclosures.

T

Tatva Labs Inc.

cekura.ai

63

Cekura, operated by Tatva Labs Inc., is a technology company specializing in AI voice agent testing and observability solutions. The company offers a SaaS platform that enables enterprises and conversational AI companies to efficiently test, monitor, and improve their AI voice agents. Positioned as a trusted partner with backing from Y Combinator and strategic partnerships with Cisco, Cekura serves over 50 conversational AI companies globally. Their platform supports scenario simulation, persona emulation, and real-time alerting to ensure AI agents perform reliably in complex conversational workflows. Technically, the website is built on modern frameworks such as Next.js and React, with integrated analytics via PostHog and scheduling via Cal.com, demonstrating a mature digital infrastructure with fast performance and excellent mobile optimization. Security-wise, the company holds SOC2 Type2 and HIPAA compliance certifications, indicating a strong commitment to data protection and regulatory adherence. However, the site lacks explicit security headers and a public vulnerability disclosure, which are recommended for enhanced security posture. Overall, Cekura presents a professional, trustworthy, and technically sound presence in the AI voice technology market.

Cleva is a fintech startup founded in 2023 that provides US-based dollar accounts and virtual USD cards to global users, including non-US residents. The company positions itself as a solution for cross-border USD banking, enabling users to receive payments from platforms like Upwork, Deel, and Amazon, convert currencies, and make transfers with low fees. Supported by Y Combinator and featured in reputable media outlets, Cleva demonstrates a growing market presence in the fintech space. The website is built on modern technologies such as React and Next.js, hosted on AWS infrastructure, and optimized for mobile devices with good performance and SEO practices. Security posture is solid with HTTPS and domain protections, though improvements are needed in DNSSEC and security headers. Privacy compliance is weak due to the absence of privacy and cookie policies and lack of consent mechanisms. Overall, the site is professional and trustworthy but should enhance transparency and security policies to improve compliance and user trust.

N

Nowadays AI, Corp.

getnowadays.com

62

Nowadays AI, Corp. operates a technology-driven platform that leverages artificial intelligence to streamline corporate event planning. The company positions itself as an in-house event planner for businesses, offering services such as venue search, negotiation with venues globally, and travel agency capabilities certified by IATA. The platform targets corporate clients seeking efficient and hassle-free event organization, supported by notable trust signals including Y Combinator backing and press coverage. Technically, the website is built using modern frameworks such as Next.js and React, with integrations like Intercom for customer engagement and embedded YouTube videos for marketing. The site demonstrates good mobile optimization and SEO practices, though some accessibility features could be enhanced. Performance is moderate, with room for improvement in loading speed and security headers. From a security perspective, the site uses HTTPS (implied by the URL), but no explicit security headers were detected in the HTML content. Privacy and terms of service pages are present, indicating some compliance with data protection regulations such as GDPR. However, no cookie consent mechanism or detailed security policies were found, suggesting areas for compliance improvement. Overall, the risk profile is moderate with no critical security issues detected. The lack of public WHOIS data is typical for startups and does not detract from legitimacy given the professional branding and external validations. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing more detailed security and incident response policies to strengthen trust and compliance.

O

Omnistrate

omnistrate.com

73

Omnistrate is a technology company specializing in providing a modular control plane as a service for SaaS products, enabling rapid build, deployment, and scaling of multi-tenant B2B applications. The platform emphasizes AI-powered infrastructure management, SaaS billing, and global deployments, targeting startups and enterprises seeking to accelerate SaaS product delivery. The website is professionally designed using modern frameworks such as Next.js and Material UI, hosted via Cloudflare, and optimized for mobile devices with good SEO practices. Security posture is solid with HTTPS and basic security headers, though improvements are recommended in DNSSEC and advanced security headers. Privacy compliance is currently lacking, with no visible privacy or cookie policies or consent mechanisms. Contact information and incident response details are not explicitly provided, which may impact user trust and compliance. Overall, the domain registration is consistent with the business profile, and no blocking or WAF challenges were detected, allowing a full content analysis.

S

Speedoc Singapore

speedoc.com

62

Speedoc Singapore operates as a healthcare service provider specializing in delivering medical services such as doctor home visits and telemedicine consultations within Singapore. The company positions itself as a convenient and accessible healthcare solution, bringing doctors, nurses, ambulance, and medicine directly to patients' locations. The website reflects a medium-sized enterprise with a focus on the Singapore market and healthcare sector. Technically, the site is built using modern web technologies including React and Next.js, with integration of popular analytics and marketing tools such as Google Analytics, Facebook Pixel, and LinkedIn Insight. The site is mobile optimized and presents a professional user experience with good SEO practices. Security-wise, the website enforces HTTPS and uses hCaptcha for bot protection, but lacks some security headers and explicit privacy and cookie policies, which are areas for improvement. The WHOIS data for the subdomain sg.speedoc.com is unavailable, which is typical for subdomains, but the main domain's registration details are not provided here. Overall, the website is credible and functional but could enhance privacy compliance and security posture further.