Security Directory

M

MuseumNext

museumnext.com

49

MuseumNext is a professional organization providing virtual conferences and online learning content tailored for museum professionals worldwide. The website positions itself as a leading platform for museum industry professional development, offering virtual events, season passes, and a blog with relevant articles. The site is well-branded, with trust signals including logos of leading museums and testimonials. Technically, the site is built on WordPress with Gravity Forms for data collection and integrates Google Tag Manager and LinkedIn Insight for analytics and marketing. The site is accessible, mobile-optimized, and SEO-friendly. Security posture is good with HTTPS enforced and no exposed sensitive data, though it lacks some security headers and explicit cookie consent mechanisms. WHOIS data is missing or unavailable, which slightly reduces trust but the professional presentation and content quality mitigate concerns. Overall, the site is a credible and valuable resource for its target audience.

M

Motor Agency

motor.ee

40

Motor Agency is a specialized exhibition design and production company based in Estonia, founded in 2014. They focus on creating immersive experiences for museums, expos, and showrooms by integrating multimedia and virtual reality technologies. Their market position is that of a niche, innovative agency with recognized awards and international partnerships. The website is built on Concrete CMS with modern frontend technologies like Bootstrap 5 and jQuery, and it demonstrates good mobile optimization and user experience. However, the site lacks critical privacy and cookie policies, which impacts compliance and user trust. Security posture is generally good with HTTPS and no exposed sensitive data, but the absence of security headers and incident response information suggests room for improvement. Overall, the business presents a professional and trustworthy image but should enhance privacy compliance and security transparency to strengthen its digital maturity.

E

Economybookings

economybookings.com

72

Economybookings is an established online car rental aggregator platform offering price comparison and booking services for over 175,000 vehicles across 20,000 locations worldwide. The company targets global consumers seeking affordable and convenient car rental options, supported by multilingual customer service and a large network of trusted suppliers. The website demonstrates a mature digital presence with modern technologies such as React and Next.js, integrated analytics, and compliance tools like Cookiebot for privacy management. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly disclosed. The absence of WHOIS domain registration data is a notable concern, potentially indicating privacy protection or registration inconsistencies. Overall, the platform presents a professional and trustworthy user experience with room for improvement in transparency and contactability.

L

Logotrade OÜ

logotrade.ee

46

Logotrade OÜ is a well-established Estonian company specializing in promotional products, including advertising gifts, business gifts, and branded merchandise. With over 20 years of experience and a strong client base exceeding 4000 customers, Logotrade positions itself as a leading provider in the promotional retail sector in Estonia and Europe. The company offers a comprehensive range of services including promotional gifts, advertising services, and advertising design, supported by professional expertise and strategic marketing insights. The website reflects a mature business with consistent branding, clear communication, and strong trust indicators such as customer testimonials and industry memberships. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Facebook Pixel, and Segment Analytics, integrated with a cookie consent mechanism ensuring GDPR compliance. The site is mobile-optimized, well-structured, and uses HTTPS with good SSL configuration. While some security headers are not explicitly detected, the overall security posture is solid with no visible vulnerabilities or exposed sensitive data. From a security perspective, the site demonstrates good practices including secure forms, privacy policies, and cookie consent. However, there is room for improvement by implementing additional security headers and publishing a formal security or vulnerability disclosure policy. No WAF or blocking mechanisms were detected, indicating full accessibility. Overall, Logotrade's website is professional, secure, and compliant, supporting its business credibility and customer trust. The domain registration data aligns well with the business claims, reinforcing legitimacy. Strategic recommendations include enhancing security headers, formalizing security policies, and continuous monitoring of third-party scripts to maintain a robust security posture.

Copix is a newly established Estonian digital printing company specializing in a wide range of printing services including labels, packaging, interior decoration prints, and book printing. The website is professionally designed using WordPress and Bootstrap, featuring a modern and responsive layout with clear navigation and multiple contact channels. The company targets businesses, schools, publishers, designers, and individual customers, positioning itself as a regional printing service provider with an online ordering platform. The technical infrastructure includes common marketing and analytics tools such as Google Analytics, Facebook Pixel, and Adform tracking, integrated via Google Tag Manager. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks DNSSEC and security headers, which are recommended for improvement. The domain is newly registered in 2024, consistent with the business launch, and shows no suspicious registration patterns. Overall, the website is functional, trustworthy, and business credible, though it would benefit from enhanced privacy and security policies.

K

Kartra

krtra.com

67

Kartra is a technology company offering an all-in-one marketing platform designed to streamline marketing efforts through automated email, sales funnels, landing pages, and forms. The company targets businesses and marketers seeking integrated marketing automation solutions and operates a SaaS business model. The website is professionally designed, SEO optimized, and uses modern marketing and tracking technologies, indicating a mature digital presence. Technically, the site is built on WordPress with Cloudflare DNS and CDN services, and integrates multiple analytics and advertising tools such as Google Tag Manager, Facebook Pixel, Bing Ads, and Taboola. Security posture is good with HTTPS enabled and domain registration protections in place, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy policy or terms of service found in the provided content. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the business.

D

Doping

doping.agency

55

Doping is a results-driven digital marketing agency specializing in Google Ads management and growth strategies for e-commerce, B2B, and B2C companies primarily in Estonia. The company emphasizes a 90-day Growth Sprint™ methodology to deliver measurable sales growth and ROI improvements. Their website showcases strong client testimonials, case studies, and a clear service offering including campaign optimization, landing page creation, and training programs. Technically, the site is built on Webflow with modern tracking and analytics tools such as Google Tag Manager, Facebook Pixel, and Mouseflow, ensuring good performance and user experience across devices. Security posture is solid with HTTPS and no exposed sensitive data, but lacks some advanced security headers and published policies. The absence of WHOIS data for the domain raises concerns about registration transparency, though the professional presentation and active business presence mitigate some risk. Overall, the site is credible and well-structured, but could improve privacy compliance and domain legitimacy disclosures.

E

Easy Web Soutions

easyweb.ee

49

EasyWeb is a small Estonian technology service provider specializing in WordPress website creation, management, SEO, marketing, UX, and design services targeted primarily at small businesses. The company presents a professional and user-friendly website with clear service offerings and client testimonials, positioning itself as a reliable local partner for digital presence needs. Technically, the website is built on WordPress with modern tools such as GSAP for animations, Facebook Pixel for tracking, and Google Analytics for analytics, hosted likely by Elkdata OÜ as indicated by the WHOIS and nameserver data. The site is mobile-optimized and performs well with fast loading times and good SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks explicit security headers and a published security policy. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the domain registration and hosting details align well with the business claims, supporting legitimacy and trustworthiness.

R

www.RigaCamping.lv

rigacamping.lv

43

RigaCamping.lv is a small hospitality business providing camping accommodations in Riga, Latvia. The website offers information about camping services including tent and motorhome rentals, secure camping spots with electricity, and an online reservation system that provides a discount for bookings made through the site. The target audience consists primarily of tourists and campers visiting Riga and nearby areas. The business operates locally with a clear focus on outdoor accommodation services. Technically, the website is built using standard HTML5, CSS (W3.CSS), and JavaScript, integrating Google Analytics and Twitter widgets for tracking and social media presence. The site is mobile optimized with a moderate performance profile and basic SEO and accessibility features. However, it lacks advanced security headers and privacy compliance mechanisms such as cookie consent banners and privacy policies. From a security perspective, the site uses HTTPS and does not expose sensitive data in the HTML content. Nevertheless, it lacks important security headers like Content Security Policy and HSTS, and there is no visible security or incident response policy. The embedded reservation form collects user data but its security posture is unknown. The site uses Google Analytics and Tag Manager, indicating moderate user tracking without clear privacy compliance disclosures. Overall, the website is functional and professional for a small local hospitality business but has notable gaps in privacy compliance and security best practices. Strategic improvements in security headers, privacy policies, and incident response information would enhance trust and compliance. The domain WHOIS data is consistent with the business location and shows no suspicious patterns, supporting the legitimacy of the site.

H

Helsingin Osuuskauppa Elanto

hok-elanto.fi

51

HOK-Elanto is Finland's largest regional cooperative within the S-ryhmä group, operating a broad network of over 400 retail outlets, restaurants, and service stations across the Helsinki metropolitan area and surrounding municipalities. The company serves over 700,000 customer-owners and employs nearly 7,000 people, positioning itself as a significant regional employer and retail service provider. The website reflects a mature digital presence with clear branding, comprehensive service information, and active engagement channels including social media and customer service portals. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and jQuery, supported by third-party services like Google Tag Manager for analytics and Usercentrics for consent management, indicating a commitment to privacy compliance and user experience. Hosting appears to be managed via a specialized Finnish cloud provider, ensuring regional performance and reliability. The site is mobile-optimized and SEO-friendly, with structured data and meta tags enhancing discoverability. From a security perspective, the site enforces HTTPS and integrates consent mechanisms, though it lacks explicit security headers which could be improved. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. WHOIS data confirms the domain's legitimacy, showing consistent registration details aligned with the business identity and a long operational history. Privacy and cookie policies are present and GDPR compliant, supporting regulatory adherence. Overall, HOK-Elanto's website demonstrates a solid digital infrastructure and trustworthy business representation. Strategic improvements in security headers and accessibility could further enhance the site's robustness and user inclusivity.

S

SOK

s-kaupat.fi

68

S-kaupat.fi is the leading online grocery store in Finland, operated under the S-ryhmä cooperative group and managed by SOK. The platform consolidates multiple grocery brands such as Prisma, S-market, Alepa, Sale, and Herkku, offering customers a wide selection of products with various delivery options including home delivery and pick-up. The website emphasizes customer benefits like bonus points and integrates a mobile app for enhanced shopping convenience. Technically, the site is built on modern frameworks including Next.js and React, with content managed via Contentful CMS. It employs industry-standard security practices such as HTTPS, security headers, and a cookie consent mechanism powered by Usercentrics. While the site lacks a dedicated security policy or incident response contact, it maintains a strong security posture overall. The domain registration details align well with the business identity, reinforcing legitimacy. Overall, the site presents a professional, user-friendly, and secure e-commerce experience tailored for Finnish consumers.

S

Suomen Osuuskauppojen Keskuskunta

alepakorttelitoive.fi

62

The website alepakorttelitoive.fi serves as a customer engagement platform for Alepa stores in Finland, allowing customers to submit product or service wishes to tailor local store assortments. The site is operated by Suomen Osuuskauppojen Keskuskunta, a large Finnish retail cooperative group, which aligns with the domain registration data and business focus. The platform is designed with modern web technologies including Next.js and integrates privacy and cookie consent management via Usercentrics, alongside Google Tag Manager for analytics. From a technical perspective, the site demonstrates a moderate to good level of digital maturity with responsive design and basic accessibility features. Hosting appears to be on AWS infrastructure, inferred from DNS nameservers. However, there is room for improvement in security headers and explicit security policy disclosures. The site uses HTTPS and secure form inputs, with a clear data retention policy for phone numbers collected via the form. Security posture is generally sound with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed through linked comprehensive privacy policies and cookie consent mechanisms, reflecting GDPR adherence. The absence of direct company contact emails is noted, but the presence of a contact form and optional phone number input with automatic deletion supports privacy best practices. Overall, the website is trustworthy and professionally maintained, with a strong alignment between WHOIS data and business identity. Strategic recommendations include enhancing security headers, publishing explicit security policies, and expanding contact information transparency to further improve trust and compliance.

S

Sotsiaalkindlustusamet

tarkvanem.ee

46

Tarkvanem.ee is a government-affiliated Estonian website operated by Sotsiaalkindlustusamet, providing comprehensive parenting information and resources targeted at parents of children of all ages. The site offers educational content on child development, parenting styles, health, and safety, supported by tests, videos, and expert advice. It holds a strong market position as a trusted public information portal in Estonia. Technically, the website is built on WordPress and leverages modern analytics and marketing tools such as Google Analytics, Matomo, Hotjar, and Facebook Pixel, alongside SEO optimization via Yoast. The site is mobile-optimized and accessible with good navigation and professional design. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Contact information is limited but includes a verified company email and a contact form. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy and security disclosures.

S

Stirling Brandworks

stirlingbrandworks.com

62

Stirling Brandworks is a specialized branding, marketing, and technology agency that offers a comprehensive suite of services including strategy, creative, marketing, UX/UI, and technology solutions. The company positions itself as a passionate and diverse team dedicated to helping brands grow and realize their potential. Their market presence is supported by a professional website with clear navigation and strong branding consistency. Technically, the website is built on modern frameworks such as React and Next.js, hosted on WPEngine, and integrates multiple marketing and analytics tools including Google Tag Manager, Facebook Pixel, and HubSpot Forms. Security posture is generally good with HTTPS enabled and no visible sensitive data exposure; however, the absence of security headers and cookie consent mechanisms are areas for improvement. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency but does not negate the professional appearance and functionality of the site. Overall, the website demonstrates a mature digital presence with room for enhanced security and privacy compliance.

N

Noranet

noranet.io

45

Noranet is a small Estonian-based company specializing in Internet of Things (IoT) solutions for both enterprises and private individuals. Their offerings range from smart monitoring and consumption management in residential buildings to digitalization and automation of industrial processes. The company appears to be recently founded in 2023 and operates under the parent company Startup Solutions OÜ. The website is professionally designed using WordPress with the Kadence theme and includes modern web technologies such as Google Tag Manager for analytics and marketing. Technically, the website demonstrates moderate performance and good mobile optimization, with proper SEO meta tags and structured data. However, there is room for improvement in accessibility and security best practices, as no advanced security headers or DNSSEC are implemented. The domain registration data aligns well with the business claims, showing consistency and legitimacy. From a security perspective, the site uses HTTPS and has domain transfer protections enabled, but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Analytics usage is moderate, relying on Google Tag Manager, which may track user behavior without explicit user consent. Overall, Noranet presents a credible and professional business presence with a solid technical foundation but requires enhancements in privacy compliance and security transparency to strengthen trust and regulatory adherence.

C

CENOS

cenos-platform.com

51

CENOS is a specialized software company providing accessible simulation tools tailored for practical engineers in industries such as induction heating, radio frequency, and wireless charging. Established in 2016, the company offers a SaaS model with a focus on intuitive use and efficient engineering processes, supported by strong customer testimonials from reputable industrial clients. The website demonstrates a professional and consistent brand presence with excellent content quality and user experience. Technically, the site is built on WordPress with modern frameworks and integrates Google Analytics and Trustpilot for marketing and feedback. Security posture is good with HTTPS enabled and domain protections, but lacks some advanced security headers and published security policies. Privacy compliance is partial, with cookie consent implemented but no explicit privacy or terms of service pages found. Overall, the site is trustworthy and well-positioned in its niche, though improvements in privacy and security transparency are recommended.

C

ConvexityShares

convexityshares.com

44

ConvexityShares is a small ETF issuer based in the USA, founded in 2020, currently without active products in the market. The company operates under the parent company Teucrium and targets investors interested in exchange-traded funds. The website provides basic business information, tax package support resources, and contact options primarily through a contact form and physical address. The digital infrastructure employs modern web technologies including Google Tag Manager and Twitter tracking pixels, indicating moderate digital maturity. However, the site lacks comprehensive privacy and cookie policies, which impacts privacy compliance ratings. From a security perspective, the website benefits from HTTPS encryption and domain transfer protection, enhancing trustworthiness. Nonetheless, it lacks advanced security headers and explicit incident response contacts, which are recommended for improved security posture. No critical vulnerabilities or exposed sensitive data were detected during analysis. The website is accessible without any WAF or blocking mechanisms, allowing full content inspection. Overall, ConvexityShares presents a basic but functional online presence consistent with a small financial services business. Strategic improvements in privacy compliance, security headers, and incident response transparency would enhance trust and regulatory alignment. The company’s partnership with tax package support services adds value to its investor audience.

O

Online Solution 360 GmbH

saveality.net

59

Saveality, operated by Online Solution 360 GmbH, is a specialized provider of cyber security and privacy solutions based in Germany. Founded in 2018, the company offers a range of services including secure remote desktop environments, multi-encryption data storage, end-to-end encrypted email and communication services, TOR/Onion web services, bulletproof hosting, penetration testing, secure mobile phone solutions, IoT protection, and cryptocurrency cold storage. The business targets clients requiring high confidentiality and privacy protection, positioning itself as a niche player in the cyber security market. The parent company is Online Solution Int Ltd. based in the UK. Technically, the website is built on WordPress and uses common web technologies such as jQuery, Google Analytics, and Google Tag Manager. Hosting and DNS services are managed via Cloudflare. The site implements HTTPS with a good SSL configuration but lacks DNSSEC and advanced security headers. Performance is moderate with good mobile optimization. Privacy compliance is basic with a cookie consent banner and a privacy policy hosted externally on adsafety.net. Security posture is adequate but could be improved by enabling DNSSEC, adding security headers, publishing a security policy, and providing a vulnerability disclosure mechanism. No critical vulnerabilities or exposed sensitive data were detected. Contact information is clearly presented, including phone numbers, emails, and physical addresses, enhancing business credibility. Overall, Saveality presents a professional and trustworthy front with room for improvement in security best practices and privacy transparency. Strategic recommendations include enhancing domain security, publishing detailed security and incident response policies, and improving privacy compliance disclosures.

S

SMEunited

smeunited.eu

72

SMEunited is a prominent non-profit association representing crafts and small and medium-sized enterprises (SMEs) across Europe, with a membership base spanning over 30 countries and encompassing more than 12 million enterprises. The organization focuses on advocacy, policy representation, and providing a unified voice for SMEs at the European level. Their website reflects a professional and consistent brand image, offering comprehensive information about their activities, publications, news, and events. Technically, the website employs modern tools such as Google Analytics, Google Tag Manager, and Cookiebot for consent management, indicating a mature digital infrastructure. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, though it lacks explicit security policy disclosures and incident response contacts. Overall, the website is accessible, well-structured, and compliant with privacy regulations, presenting a trustworthy digital presence for the organization.

I

Imeline Ajalugu – ajalugu kogu maailmast

imelineajalugu.ee

54

Imeline Ajalugu is a prominent media publication focused on history, recognized as the largest history magazine in Scandinavia. It offers historical content both online and in print, targeting history enthusiasts and readers interested in global historical topics. The website is built on a modern React and Next.js technology stack, incorporating Google Tag Manager and a consent management platform to handle user privacy preferences. The site demonstrates good design quality, mobile optimization, and basic accessibility features, providing a generally positive user experience. Security measures such as HTTPS and security headers are properly implemented, although explicit privacy and terms of service policies are not found in the provided content. The domain registration is privacy protected, which is common for media entities but limits transparency. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and clearer contact information.

Ä

Äripäev AS

imelineteadus.ee

55

Imeline Teadus is a leading Scandinavian popular science media publication operated by Äripäev AS, offering both digital and print content. The website demonstrates a mature digital presence with a modern tech stack based on React and Next.js, complemented by privacy and consent management tools. The security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response contacts are not publicly available. The business model revolves around subscription-based content delivery, supported by advertising and marketing partnerships. Overall, the website is professional, trustworthy, and well-optimized for user experience and SEO.

A

AS Äripäev

personaliuudised.ee

55

Personaliuudised is a leading Estonian digital media portal specializing in personnel management news, including labor law, payroll, recruitment, training, and employee relations. Owned by AS Äripäev, the site targets HR professionals and employers in Estonia, offering comprehensive news, podcasts, videos, and newsletters. The platform is well-established with a consistent brand presence and a professional digital footprint. Technically, the website leverages modern frameworks such as React and Next.js, ensuring a responsive and performant user experience. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response contacts are not publicly available. Privacy compliance is robust, featuring comprehensive privacy and cookie policies with consent management. Overall, the site demonstrates high business credibility and technical maturity, suitable for its professional audience.

A

AS Äripäev

palgauudised.ee

55

Palgauudised.ee is a specialized Estonian media portal operated by AS Äripäev, focusing on payroll, labor law, taxation, and work organization topics. It serves professionals seeking up-to-date information, practical tools, and educational resources such as webinars and conferences. The website employs a subscription-based business model with tiered access to content and services. Technically, the site is built on modern web frameworks including Next.js and React, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance via a consent management SDK. Contact information and legal policies are clearly presented, enhancing trust and transparency. Overall, Palgauudised.ee demonstrates a mature digital presence with a solid market position in the Estonian media landscape.

A

AS Äripäev

foundme.io

59

FoundME is a specialized media portal operated under AS Äripäev, focusing on news, opinions, podcasts, and radio shows related to the Estonian and international start-up ecosystem. The website targets entrepreneurs, investors, and the start-up community by providing curated content and subscription-based access to premium materials. Technically, the site is built on modern web technologies including React and Next.js, ensuring good mobile responsiveness and SEO optimization. Security posture is strong with HTTPS enforcement and appropriate security headers, although no explicit security policy or vulnerability disclosure page is present. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the site presents a professional and trustworthy digital presence with clear contact information and partner affiliations.

Ä

Äripäeva Teabevara ja Nõuandekeskus

teabevara.ee

51

Äripäeva Teabevara ja Nõuandekeskus is a professional Estonian business information service operated under Zone Media OÜ. The website offers licensed access to a continuously updated knowledge base and expert advice center targeting business professionals and specialists in Estonia. The platform integrates various content types including documents, audio, and video to support informed decision-making. Technically, the site is built on modern frameworks such as Next.js and React, hosted behind Cloudflare, ensuring good performance and security. The security posture is strong with HTTPS, security headers, and consent management, although explicit security policies and incident response contacts are not publicly available. Overall, the site is professional, trustworthy, and compliant with GDPR, but could improve transparency in contact and security disclosures.

K

KiVa

kivaschool.nl

51

KiVa is an established educational program focused on promoting social safety and positive group dynamics in schools, primarily in the Netherlands. The website presents a comprehensive and scientifically backed anti-bullying program, supported by certified trainers and a large network of schools and teachers. The digital infrastructure leverages modern web technologies including jQuery, Bootstrap, Google Maps API, and tracking tools such as Google Analytics and Facebook Pixel, indicating a mature digital presence. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-positioned in the education sector.

Lemonway is a French licensed payment institution specializing in providing modular and compliant payment solutions tailored for marketplaces and crowdfunding platforms. Established since 2012 and trusted by over 400 marketplaces including major clients like Decathlon and SNCF Connect & Tech, Lemonway offers a comprehensive suite of services including Pay-In, Identification (KYC), Wallet management, Pay-Out, and an intuitive Dashboard. Their API-centric approach enables seamless integration and control over payment flows, supporting multiple currencies and payment methods. The company emphasizes security, compliance, and user experience, backed by ACPR licensing and PCI DSS compliance. Technically, the website leverages modern frameworks such as Next.js and React, with robust analytics and tracking tools implemented responsibly with user consent. Security posture is strong with HTTPS, security headers, and secure forms, although explicit security policies and incident response details are not publicly disclosed. WHOIS data is missing or obscured, likely due to privacy protection, which slightly impacts trust but is common in regulated financial sectors. Overall, Lemonway presents a professional, secure, and mature digital presence aligned with its business objectives.

O

Online Solution (supported by SAVEALITY)

ano-phone.de

59

ANO-PHONE is a German-based small technology business specializing in secure, encrypted Android smartphones with integrated private VPN services. The company targets privacy-conscious consumers seeking enhanced mobile security and anonymity. Their product offers hardware encryption, secure communication channels, and control without backdoors or remote access. The website is built on WordPress with WooCommerce, featuring good content quality and a professional design. Technical infrastructure includes Cloudflare DNS and common analytics and advertising tools. Security posture is solid with HTTPS and no exposed sensitive data, though explicit security headers and policies are lacking. Privacy compliance is partial, with cookie consent implemented but no dedicated privacy policy page found. Contact information is limited to an email address, with no phone or physical address provided. Overall, the domain and website appear legitimate and consistent with the business claims.

O

Online Solution 360 GmbH

ano-phone.com

55

ANO-PHONE is a specialized provider of secure encrypted smartphones integrated with private VPN services, targeting privacy-conscious users and security-focused consumers. The company operates an e-commerce platform selling purified Android-based smartphones with hardware encryption, secure communication tools, and cryptocurrency wallet support. The business is positioned as a niche player in the technology sector, emphasizing privacy and security. The website is professionally designed, mobile-optimized, and includes essential business and contact information, although phone numbers and physical addresses are not explicitly listed. Technically, the site uses WordPress with WooCommerce, Google Analytics, and Cloudflare DNS, delivering moderate performance and good SEO optimization. Security posture is solid with HTTPS and client transfer protection on the domain, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is supported by a cookie consent mechanism and a privacy policy indicating GDPR adherence. Overall, the website and domain registration data indicate a legitimate and trustworthy business presence.

O

Online Solution 360 GmbH

securecommerce.eu

64

SecureCommerce, operated by Online Solution 360 GmbH, is a specialized cybersecurity service provider focused on protecting online stores and e-commerce platforms. The company offers managed firewall, DDoS protection, malware scanning, and monitoring services tailored to popular e-commerce systems such as Magento, WooCommerce, and Shopware. Their market position is that of a niche provider delivering Security-as-a-Service solutions to online merchants primarily in Germany. The website is professionally designed using WordPress and modern web technologies, providing a good user experience and clear navigation. Contact information and cookie consent mechanisms are well implemented, though privacy and terms policies are missing. Technically, the site uses reputable hosting via OVH SAS and integrates Google Analytics and Tag Manager for tracking. Security posture is moderate with room for improvement in security headers and published policies. Overall, the domain registration and business information are consistent and legitimate, supporting a trustworthy online presence.

N

Noatum Logistics

noatumlogistics.com

63

Noatum Logistics operates as a global transport and logistics solutions provider, positioned among the top 50 freight forwarders worldwide. Their services encompass air, ocean, road, and rail freight, along with customs brokerage, warehousing, and value supply chain services. The website reflects a professional and consistent brand presence targeting businesses requiring comprehensive logistics solutions. Technically, the site is built on WordPress with modern plugins and SEO tools, ensuring good performance and mobile optimization. Security measures include HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers and explicit privacy policies are missing. The absence of WHOIS registration data raises concerns about domain legitimacy, though the website content and infrastructure appear credible. Overall, the site demonstrates a mature digital presence with room for improvement in transparency and security best practices.

M

Miami International Holdings, Inc.

miaxoptions.com

62

Miami International Holdings, Inc. operates a global exchange group providing access to U.S. and international capital markets through multiple electronic exchanges specializing in options, equities, futures, and international securities. The company leverages award-winning technology platforms to deliver superior customer service tailored to financial market participants. The website reflects a mature business with a broad market presence and a diverse product portfolio. Technically, the website is built on Drupal CMS with modern frameworks like Bootstrap and uses advanced charting libraries such as Highcharts. It integrates Google Tag Manager and Analytics for tracking and marketing purposes. The site is mobile-optimized and offers good navigation and content quality, although some accessibility features could be improved. From a security perspective, the site enforces HTTPS and uses secure forms with CSRF tokens. However, there is a lack of visible security headers and no published security or incident response policies. Privacy compliance is minimal with no explicit privacy or cookie policies detected on the main page. The absence of WHOIS data raises concerns about domain registration transparency, which impacts trustworthiness. Overall, the website presents a professional and credible business front but should improve transparency around domain registration and privacy compliance to enhance trust and security posture.

MEMX is a U.S.-based financial technology company operating regulated securities exchanges for equities and options. The company also offers a customizable exchange technology platform delivered as a SaaS solution, enabling other market operators to launch exchanges quickly. Positioned as an innovative alternative exchange operator, MEMX emphasizes efficiency, transparency, and cost reduction in capital markets trading. The website reflects a professional and consistent brand with clear messaging targeted at market participants and exchange members. Technically, the website leverages modern JavaScript frameworks such as Vue.js, integrates analytics and marketing tools like Google Tag Manager and Mailchimp, and is hosted on infrastructure associated with GoDaddy. The site is mobile-optimized, accessible, and SEO-friendly, with good performance metrics. Security is well implemented with HTTPS and no exposed sensitive data, though some security headers are missing and DNSSEC is not enabled. From a security posture perspective, MEMX demonstrates strong fundamentals but lacks explicit public security policies, incident response contacts, and cookie consent mechanisms, which may impact privacy compliance, especially under GDPR. The WHOIS data confirms a long-established domain with consistent registration details, supporting the legitimacy of the business. Overall, MEMX presents a credible and professional online presence with solid technical infrastructure and a good security baseline. Enhancements in privacy compliance and security transparency would further strengthen trust and regulatory alignment.

C

Cboe Global Markets

cboe.com

67

Cboe Global Markets operates as a leading global financial market infrastructure provider, offering a broad range of tradable products including equities, options, futures, and volatility indices. The company serves a diverse audience of market participants, including traders, investors, and financial institutions, with a strong market position in the U.S. and international markets. Their business model centers on operating multiple exchanges, providing market data, clearing services, and listing opportunities for corporates and ETFs. Technically, the website employs modern web technologies such as React, Google Tag Manager, and Highcharts, ensuring a responsive and accessible user experience. The site is well-optimized for SEO and mobile devices, with comprehensive content and clear navigation. Privacy and cookie policies are implemented with consent mechanisms, reflecting good privacy compliance. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes security headers. However, explicit security policies, incident response information, and vulnerability disclosure mechanisms are absent, representing areas for improvement. The lack of WHOIS registration data reduces transparency but does not significantly detract from the site's legitimacy given the professional presentation and extensive business information. Overall, the website demonstrates a mature digital presence with strong business credibility and security posture, though enhancements in transparency and direct contact information would further strengthen trust and compliance.

T

Tervise Arengu Instituut

tubakainfo.ee

43

Tubakainfo.ee is an official Estonian government public health website managed by the Tervise Arengu Instituut (Health Development Institute). It provides comprehensive educational content on the harms of tobacco use, passive smoking, and supports tobacco cessation efforts. The site targets Estonian-speaking tobacco users, their families, and healthcare professionals, offering interactive tools, videos, and guidance. The website is well-structured, professionally designed, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins such as Yoast SEO, Google Tag Manager, and Facebook Pixel for analytics and marketing. It uses HTTPS with good SSL configuration but lacks some security headers. The site does not display a privacy or cookie policy, which is a notable compliance gap, especially given the use of tracking pixels. Contact information is clearly provided, enhancing business credibility. From a security perspective, the site shows good practices like HTTPS and nonce usage for AJAX but could improve by adding security headers and publishing explicit security and incident response policies. No vulnerabilities or suspicious patterns were detected. WHOIS data confirms the domain is registered to the official Estonian health institute, supporting legitimacy. Overall, the site is trustworthy and professional but should address privacy compliance and security policy transparency to improve its security posture and regulatory adherence.

T

Tervise Arengu Instituut

nutridata.ee

50

NutriData is a government-operated nutrition information system managed by the Estonian Health Development Institute (Tervise Arengu Instituut). It offers a suite of nutrition-related applications including diet analysis programs, food composition databases, product calculation tools, and nutrition survey software. The platform serves a broad audience ranging from individual users and healthcare professionals to food producers and researchers, positioning itself as an authoritative national resource for nutrition data and analysis in Estonia. The website is well-structured, content-rich, and provides comprehensive information about its services, training, and team members. Technically, the website is built as a modern Angular single-page application leveraging Google Analytics, Google Tag Manager, and Google reCAPTCHA for analytics and security. The site is mobile-optimized and uses standard web fonts and icons for a professional appearance. While the site uses HTTPS and some security best practices, it lacks certain HTTP security headers and a cookie consent mechanism, which are recommended for enhanced security and privacy compliance. From a security perspective, the site demonstrates good practices such as encrypted connections and form protection via reCAPTCHA. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data confirms the domain's legitimacy and consistency with the official institution managing the site. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure mechanisms indicates room for improvement in security transparency and incident readiness. Overall, NutriData presents a trustworthy, professional, and functional nutrition information platform with strong government backing. Strategic enhancements in privacy compliance, security headers, and incident response documentation would further strengthen its security posture and user trust.

H

Avaleht - Hiv

hiv.ee

40

The website hiv.ee serves as an informational and support portal focused on HIV awareness, prevention, testing, and living with HIV in Estonia. It targets Estonian-speaking individuals, including those living with HIV and at-risk populations, providing educational content, testing locations, and counseling resources. The site is positioned as a trusted health information source, likely operated or supported by public health entities or non-profit organizations. Technically, the site is built on WordPress, utilizing common libraries such as jQuery and Slick Carousel, and integrates marketing and analytics tools like Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile-optimized with good navigation and content relevance. Security-wise, the site enforces HTTPS and uses cookie consent banners but lacks visible security headers and explicit privacy policies, which are areas for improvement. Overall, the site is functional, professional, and moderately secure, with room to enhance privacy compliance and security posture.

P

Paya, Inc.

paya.com

64

Paya, Inc. is a well-established payment solutions provider offering integrated payment technologies and services primarily targeting businesses across multiple sectors including B2B, education, insurance, government, healthcare, nonprofits, and ERP providers. The company operates under the parent company Nuvei and has a strong market position with a large customer base and extensive partner network. Their website reflects a mature digital presence with professional design, comprehensive content, and clear navigation. Technically, the site is built on WordPress with modern marketing and analytics integrations, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and domain protections, though there is room for improvement in DNSSEC and security headers. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, Paya demonstrates high business credibility and digital maturity.

V

Visionest Institute

invicta.ee

47

Visionest Institute is an Estonian education and training organization formed by the merger of Marketingi Instituut, Invicta, and Director. It offers a wide range of professional development programs, including corporate training, personal development plans, and a digital magazine. The company targets businesses and individual learners, focusing on leadership, marketing, sales, and export sectors. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support. Technically, it is built on WordPress with WooCommerce and integrates advanced marketing and analytics tools such as Google Tag Manager, HubSpot, and Facebook Pixel. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response information are absent. Overall, the domain registration details align well with the business profile, indicating legitimacy and consistency.

H

HOK-Elanto Liiketoiminta Oy

alepa.fi

63

Alepa.fi is the official website of Alepa, a well-established Finnish grocery retail chain operated by HOK-Elanto Liiketoiminta Oy. The company has a strong market presence in Finland, offering both physical grocery stores and an online grocery shopping platform with delivery options. The website reflects a mature digital infrastructure built on modern technologies such as React and Next.js, hosted on AWS infrastructure. The site is well-optimized for mobile devices and provides a professional user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent managed via Usercentrics, though explicit security headers and detailed privacy policies are not prominently disclosed. Overall, the domain registration data aligns well with the business claims, indicating a legitimate and trustworthy entity.

S

SOK

skaupat.fi

68

S-kaupat.fi is the official online grocery store platform for the Finnish S-ryhmä retail group, operated by SOK. It offers a comprehensive range of grocery products from multiple store brands including Prisma, S-market, Alepa, Sale, and Herkku. The platform targets Finnish consumers seeking convenient and flexible online grocery shopping with various delivery options and integrated customer bonus programs. The website is well-branded, professionally designed, and localized primarily in Finnish with multilingual support. Technically, it leverages modern web technologies such as React and Next.js, integrates with Contentful CMS, and uses Usercentrics for cookie consent management. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, compliant with GDPR, and provides a good user experience.

Techindustry.lv is the official website for the largest and most significant industry exhibition in the Baltic region, focusing on machine building, metal processing, automation, electronics, and related technologies. The event is organized by BT 1, a leading Baltic exhibition organizer, and targets industry professionals and companies seeking to showcase and discover innovations. The website provides comprehensive information about exhibitors, news, and event details, supported by partner organizations and ticketing platforms. Technically, the site uses modern tracking and analytics tools, including Google Analytics and Facebook Pixel, and implements cookie consent mechanisms. However, it lacks explicit privacy and terms of service pages, and security headers are not detected, which are areas for improvement. The site is accessible without WAF or blocking mechanisms, and contact information is clearly provided with named personnel.

R

RIGA COMM

rigacomm.com

50

RIGA COMM is a well-established Baltic business technology event organizer hosting annual exhibitions and multiple conferences in Riga, Latvia. The platform targets business and technology professionals, entrepreneurs, and institutional leaders, offering a comprehensive event experience with specialized conferences covering cybersecurity, fintech, e-commerce, and more. The website reflects a mature digital presence with a WordPress CMS, modern marketing and analytics tools, and a cookie consent mechanism, indicating awareness of privacy compliance requirements. However, explicit privacy policies and terms of service are missing, which could be improved to enhance compliance and user trust. Security posture is generally good with HTTPS and reCAPTCHA usage, but could benefit from enhanced security headers and DNSSEC implementation. Overall, the site is professional, content-rich, and well-positioned in its market niche.

S

Starptautisko izstāžu rīkotājsabiedrība BT 1

balttour.lv

52

Balttour.lv represents the Baltic region's premier international tourism exhibition organized by Starptautisko izstāžu rīkotājsabiedrība BT 1 in partnership with ALTA. The website showcases detailed event information, participant lists, news, and visitor guidance, targeting tourism professionals and general visitors interested in travel opportunities. The business holds a strong market position as a leading event organizer in the hospitality and tourism sector in Latvia. Technically, the website employs a mature technology stack including Bootstrap, jQuery, and various UI libraries, with integration of Google Analytics and Facebook Pixel for marketing and analytics purposes. The site is mobile-optimized and well-structured, though some older libraries like jQuery 1.11.2 are used, which may pose security risks. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and dedicated security or privacy policy pages. WHOIS data confirms domain legitimacy with consistent registrant information matching the business claims. Overall, the website is professional and trustworthy but could improve compliance and security practices.

N

Nullist OÜ

nullist.ee

50

Nullist OÜ operates a well-established Estonian online marketing education platform, offering practical training and courses for beginners and advanced learners. The company has a strong market presence with over 3000 business clients and targets entrepreneurs, social media managers, and marketing professionals. Their business model focuses on digital education through webinars, workshops, and masterclasses. Technically, the website is built on WordPress with WooCommerce integration, leveraging modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Plausible Analytics, ensuring GDPR compliance and user consent mechanisms. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the site is professional, fast, mobile-optimized, and trustworthy, reflecting a mature digital infrastructure and credible business operations.

P

Pärnumaa infovärav

parnumaa.ee

51

Pärnumaa.ee is a well-established regional information portal serving the Pärnumaa county in Estonia. It provides comprehensive information for residents and visitors including news, job listings, educational resources, real estate offers, and business environment insights. The website is professionally designed using WordPress with Elementor and Yoast SEO plugins, ensuring good content management and search engine optimization. The site is bilingual with Estonian as the primary language and English as an alternate option. Technically, the site employs modern web technologies and integrates analytics and marketing tools such as Google Tag Manager, Hotjar, and Facebook Pixel, while maintaining GDPR compliance through a robust cookie consent mechanism.

Z

Zone Media OÜ

digioskused.ee

47

Digioskused.ee is an Estonian educational platform offering free AI and digital skills training, developed in partnership with Google and Estonian government agencies. The website serves individuals and businesses aiming to enhance their digital competencies through practical, accessible online courses. The platform leverages modern web technologies including WordPress, jQuery, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. Security measures include HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers are missing. The domain registration is consistent with the business purpose and geographic location, supporting legitimacy. Overall, the site presents a professional and trustworthy digital presence with good content quality and user experience.

M

Motor Agency

motoragency.eu

40

Motor Agency is a specialized exhibition design and production company focused on museums, expos, and showrooms. They integrate multimedia and virtual reality technologies to create immersive educational and entertainment experiences. Their market position is that of a niche service provider with recognized awards and partnerships in the cultural sector. The website reflects a professional and consistent brand image targeting cultural institutions and educational organizations primarily in Estonia and Europe. Technically, the site uses Concrete CMS with modern frameworks like Bootstrap 5 and includes multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, and LinkedIn Insight Tag. The site is mobile optimized and has good SEO practices but lacks visible privacy and cookie policies, which is a compliance gap. Security posture is decent with HTTPS enforced but missing security headers and formal security policies. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the business.

E

Eesti kaevandusmuuseum

kaevandusmuuseum.ee

44

Eesti Kaevandusmuuseum is a specialized museum and adventure tourism business located in Estonia, offering unique underground mining experiences, safaris, educational programs, and event hosting. The website is professionally designed using WordPress with WooCommerce and booking plugins, supporting multiple languages and providing rich content about their services and events. The technical infrastructure is modern and includes integration with Google Tag Manager and Facebook SDK for marketing and analytics, although Google Analytics is not fully configured. Security posture is solid with HTTPS enforced and cookie consent implemented, but could be improved with additional security headers and explicit incident response policies. Overall, the website reflects a credible and trustworthy business with a good digital presence.