Security Directory

I

Inission

inission.com

66

Inission is a Swedish-based full service electronics and mechanics manufacturer specializing in providing end-to-end solutions across the complete product lifecycle. The company targets businesses and engineers requiring development, prototyping, industrialization, manufacturing, and product maintenance services. Their market position is that of a quality-focused and sustainable partner with a strong emphasis on customer satisfaction and innovation. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Google Tag Manager, hosted on DigitalOcean infrastructure, and optimized for performance and mobile responsiveness. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response policies are absent. The WHOIS data is unavailable, which slightly impacts trust but is mitigated by professional content and investor relations transparency. Overall, the site demonstrates a mature digital presence suitable for a medium-sized manufacturing business.

Swissôtel Hotels & Resorts operates a luxury hospitality brand with a global footprint, offering premium hotel accommodations, event hosting, and loyalty programs. The website reflects a mature digital presence with multilingual support, rich content, and integrated marketing and analytics tools. Technically, the site uses ASP.NET Web Forms, modern JavaScript libraries, and robust cookie consent mechanisms, ensuring a good user experience across devices. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly disclosed. The absence of WHOIS data is a notable anomaly but does not detract from the apparent legitimacy of the site given its branding and parent company association. Overall, the site is professional, secure, and compliant with privacy regulations, serving a large luxury hospitality market segment.

B

Big Penny

trumansbeer.co.uk

53

Big Penny is a hospitality operator based in Walthamstow, London, managing large community venues that offer food, drink, and live events. The company emphasizes inclusivity and community connection, operating flagship venues such as Big Penny Social and Flukes. The website is professionally designed using Webflow CMS and integrates modern technologies including Google Analytics and cookie consent mechanisms. The technical infrastructure is moderate in performance with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS usage and cookie consent, but lacks visible security headers and formal security policies. Privacy compliance is basic with a privacy policy and cookie banner present but no GDPR explicit statements or data retention policies. Business credibility is strong with clear contact information and consistent branding. Overall, the website is functional and trustworthy for its hospitality business purpose.

E

Evocon

evocon.com

61

Evocon is a Denmark-based company specializing in user-friendly OEE (Overall Equipment Effectiveness) software designed to help manufacturing companies automate data collection from machines and provide real-time production performance insights. The company targets manufacturers seeking to improve productivity, reduce waste, and enhance operational efficiency. Their market position is supported by a global client base and trusted brand presence, including notable manufacturing partners. Technically, the website is built on WordPress with modern integrations such as HubSpot, Google Tag Manager, and Hotjar, indicating a mature digital infrastructure. Performance and mobile optimization are good, though accessibility features are basic. Security posture is solid with HTTPS enforced and domain transfer protections in place, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service found. Overall, the website reflects a professional and credible business with room for improvement in privacy and security transparency.

I

Iutecredit

iutecredit.md

62

Iutecredit is a Moldovan financial services company specializing in instant credit products, refinancing, and smart shopping solutions. The company leverages a mobile application (Myiute) and an extensive ATM network to provide convenient access to financial services. The website reflects a mature digital presence with a focus on user experience and mobile accessibility. The business is positioned as a trusted player in the Moldovan microfinance sector with over 15 years of operational history through its parent company, Iute Group AS. Technically, the website is built on WordPress and integrates multiple analytics and marketing tools, indicating a well-developed digital marketing strategy. Security posture is strong with HTTPS, security headers, and reCAPTCHA usage, though some improvements in cookie consent and incident response transparency are recommended. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

E

Eton

etonshirts.com

72

Eton is a well-established Swedish brand specializing in premium men's shirts and accessories, with a history dating back to 1928. The company operates a sophisticated e-commerce platform targeting men seeking quality and style in shirts and related apparel. Their market position is strong within the premium retail segment, supported by a comprehensive product range including custom-made options and a membership club offering exclusive benefits. Technically, the website is built on modern frameworks such as Next.js and React, leveraging Contentful CMS and integrating analytics tools like Google Tag Manager and Voyado. The site demonstrates excellent design quality, mobile optimization, and accessibility, providing a seamless user experience. Security posture is robust with HTTPS enforcement, security headers, and no visible vulnerabilities, although the absence of explicit security policy or incident response information is noted. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. However, the WHOIS data for the domain is missing, which raises concerns about domain registration transparency despite the site's legitimacy and professional appearance. Overall, the website is secure, professional, and user-friendly but would benefit from improved domain registration transparency and explicit security disclosures.

R

R Haldus OÜ

rhaldus.ee

45

R Haldus OÜ is a small Estonian company specializing in property management services for commercial and residential real estate. Their website presents a focused business model offering competent and quality property maintenance and management services. The site is primarily in Estonian with options for English and Russian, targeting property owners seeking professional management solutions. Technically, the website is built on the Voog CMS platform and uses common JavaScript libraries such as jQuery and Modernizr, along with Google Analytics and Google Tag Manager for tracking. The site is moderately optimized for mobile devices and has basic SEO and accessibility features. Security-wise, the website uses HTTPS but lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. There is no visible incident response or vulnerability disclosure information, which limits transparency in security matters. Overall, the website is functional but basic, with room for improvement in privacy, security, and content depth.

I

Inzmo Gmbh

inzmo.com

72

INZMO GmbH is a German-based innovative insurance provider specializing in digital insurance solutions for consumers. Their offerings include mobile phone insurance, rental deposit warranties, bicycle insurance, laptop/tablet insurance, and e-scooter insurance. The company positions itself as a revolutionary player in the insurance market, emphasizing ease of use, fast claims processing, and 24/7 customer support. Their market approach leverages a user-friendly app and digital-first experience to attract tech-savvy customers seeking hassle-free insurance products. Technically, the website is built on modern frameworks such as Next.js and React, hosted on AWS infrastructure, and integrates Google Tag Manager and Cookiebot for analytics and privacy compliance. Security posture is strong with HTTPS enforcement and bot protection via Google reCAPTCHA, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, supporting trust and regulatory adherence. Overall, INZMO demonstrates a mature digital presence with a solid business model and good security hygiene.

M

Mobalytics

mobalytics.gg

69

Mobalytics is a technology company specializing in gaming performance analytics and companion software, targeting competitive gamers across multiple popular titles such as League of Legends, TFT, Diablo 4, and others. The platform boasts over 10 million users and maintains partnerships with esports organizations, positioning itself as a leading player in the gaming analytics market. Their business model revolves around providing personalized game insights, in-game overlays, and esports data services, primarily delivered via a WordPress-based website and a Windows desktop application integrated through Overwolf. Technically, the website leverages a modern tech stack including WordPress CMS, Google Fonts, multiple analytics and marketing tools (Google Analytics, Mixpanel, Hotjar, Ahrefs, Comscore), and integrates Riot Games APIs for game data. The site is well-optimized for performance, mobile responsiveness, and SEO, with fast loading times and clear navigation. Hosting appears to be cloud-based with CDN usage for static assets. From a security perspective, the site uses HTTPS with good SSL configuration and employs asynchronous loading of scripts to minimize performance impact. However, explicit security headers are not evident, and there is no visible security policy or incident response contact information. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy policy or terms of service found in the provided content. No direct company contact emails or phone numbers are visible, which may impact user trust and support accessibility. Overall, Mobalytics presents a professional and trustworthy online presence with strong business credibility and technical maturity. To enhance security posture and compliance, the company should publish clear privacy and security policies, implement security headers, and provide direct contact information. These improvements would further solidify user trust and regulatory adherence.

S

Spring

springadvertising.com

62

Spring is an independent creative advertising agency based in Vancouver, Canada, established in 2005. The company offers a broad range of services including strategy, design, advertising, branding, digital, and on-demand creative services. They have a strong market presence with a focus on real estate marketing and have worked with over 100 brands across more than 70 industries. The website reflects a professional and consistent brand image with clear navigation and good content quality. Technically, the site is built on WordPress with modern plugins and SEO tools, hosted by Automattic Inc., ensuring reliable infrastructure and good performance. Security posture is solid with HTTPS enforced and domain transfer protection, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is basic but present, with privacy and cookie policies including consent mechanisms. Contact information is complete and easily accessible, enhancing business credibility. Overall, the website is trustworthy and well-maintained, suitable for its target audience.

A

Actual Reports OÜ

actualreports.com

67

Actual Reports OÜ is a small Estonian technology company specializing in business process automation with a focus on document generation and data collection solutions. Their website presents a professional and consistent brand image, targeting developers, eCommerce merchants, and general users with products such as PDF Generator API, PDFViewer, Printout Designer, and PDFMake. The company leverages a partner ecosystem to provide comprehensive automation tools. Technically, the website uses modern web fonts, Font Awesome icons, embedded YouTube videos, and Google Tag Manager for analytics. Hosting appears to be on Amazon AWS infrastructure. The website is mobile optimized with good SEO practices but lacks advanced accessibility features. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanism. Contact information is limited to email and physical address with no phone or contact forms. Overall, the website is functional and professional but could improve in privacy and security transparency.

M

M-Partner

mpartner.ee

41

M-Partner is an established Estonian recruitment company specializing in the effective hiring of managers and specialists, with over 20 years of experience and more than 1000 successful recruitments. Their business model focuses on full search and headhunting services, targeting Estonian companies seeking qualified personnel. The website reflects a professional and consistent brand image, supported by client logos and clear service descriptions. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates essential tools such as Google Tag Manager and reCAPTCHA, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforcement, email obfuscation, and cookie consent mechanisms, though additional security headers and formal policies could enhance protection. Overall, the site is accessible, well-structured, and compliant with GDPR, presenting a trustworthy and credible online presence.

A

ADM Interactive

adm.ee

53

ADM Interactive is a leading digital solutions agency based in Estonia, established in 1997. The company specializes in custom software development, digital marketing, cloud infrastructure hosting, and integration services, serving over 370 clients worldwide including notable brands. ADM positions itself as a comprehensive service provider covering the entire customer lifecycle with a strong emphasis on innovation and ROI. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, and Cookiebot for consent management. The site is mobile-optimized, SEO-friendly, and integrates multiple marketing and analytics tools. Security posture is strong with HTTPS, cookie consent, and no visible vulnerabilities, although explicit security policies and incident response details are not published. Overall, ADM demonstrates a mature digital presence with solid business credibility and compliance adherence.

Namespace OÜ is a small Estonian digital agency specializing in full-service software development with expertise in Python, API, and React.js technologies. The company targets businesses seeking custom digital applications and API integrations, positioning itself as a niche technology service provider with a portfolio of notable projects such as Navirec, GSMtasks, and Parcelfellows. The website reflects a professional and consistent brand image with clear contact information and project showcases. Technically, the website is built using modern frameworks including React.js and Next.js, with integrations for Google Analytics, Google Tag Manager, and Cal.com scheduling. The site is mobile-optimized and performs moderately well, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and uses standard analytics scripts but lacks explicit security headers and visible security policies. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. The WHOIS data aligns well with the business claims, showing a consistent and legitimate registration. Overall, the website presents a moderate risk profile with room for improvement in privacy compliance and security best practices. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

R

Roadplan

roadplan.ee

48

Roadplan is an Estonian company specializing in road project design, outdoor space projects, and consulting services. Founded in 2013, it positions itself as a leading road project designer in Estonia, targeting clients who require sustainable and innovative solutions for their outdoor environments. The website content is primarily in Estonian and focuses on communicating the company's expertise and service offerings. Technically, the website is built on WordPress and uses modern web technologies including Google Fonts, Google Analytics, Google Tag Manager, and reCAPTCHA for form security. The site is hosted by Zone Media OÜ, a known Estonian hosting provider. Performance and mobile optimization are good, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the website uses HTTPS with a valid SSL certificate and employs reCAPTCHA to protect forms. However, it lacks important security headers and does not provide explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is professional and functional but lacks comprehensive privacy and cookie policies, explicit contact information, and detailed security disclosures. These gaps reduce its privacy compliance and slightly impact trustworthiness. Strategic improvements in these areas would enhance the site's security posture and user trust.

D

Dispak

dispak.ee

45

Dispak is an Estonian retail business specializing in the sale of paper and fabric bags, primarily targeting customers seeking packaging solutions for gifts and corporate gifts. The company claims over two decades of experience and offers custom logo printing services with a minimum order quantity. The website is primarily in Estonian and serves the local market with a product-focused approach. Technically, the site uses jQuery and jQuery UI libraries along with Google Analytics and Tag Manager for tracking. The hosting and domain registration are consistent with an Estonian business identity. However, the website lacks explicit privacy, cookie, and terms of service policies, which impacts its compliance posture. Security headers and advanced security practices are not evident, and no incident response or vulnerability disclosure information is provided. Overall, the site is functional with moderate technical implementation but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

C

Certex Eesti

certex.ee

54

Certex Eesti is a medium-sized Estonian company specializing in the sale of steel wire ropes, lifting slings, load securing equipment, and related accessories. It operates an e-commerce platform integrated with a comprehensive product catalog targeting industrial and construction sectors. The company is part of the Lifting Solutions Group, indicating a solid market position within the lifting equipment industry in the Baltic region. The website demonstrates good digital maturity with modern CMS usage (Pimcore), responsive design, and integration of consent management and analytics tools. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly available. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, making it suitable for B2B and B2C customers seeking lifting and securing solutions.

T

TF Bank

tfbankgroup.com

66

TF Bank operates as an internet-based niche bank offering consumer banking services through a proprietary IT platform emphasizing automation. The website presents a professional image consistent with a financial institution targeting consumers seeking streamlined online banking solutions. The technical infrastructure is built on WordPress CMS, utilizing modern web technologies such as jQuery and Cookiebot for cookie consent management, alongside Google Tag Manager for analytics. The site is secured with HTTPS, and cookie consent is actively managed, reflecting a commitment to privacy compliance. However, the absence of WHOIS data for the domain group.tfbank.se raises questions about domain registration legitimacy, although the website content itself appears credible and well-maintained. Security posture is solid with HTTPS and consent mechanisms, but could be improved by adding explicit security headers and detailed privacy and security policies. Overall, the site demonstrates a good balance of professionalism, technical maturity, and privacy awareness, with room for enhanced transparency and security documentation.

L

Laser Diagnostic Instruments

ldi.ee

44

Laser Diagnostic Instruments (LDI) is an Estonian-based company specializing in advanced oil spill detection systems and water monitoring sensors. Their flagship product, the ROW (Remote Optical Watcher), provides autonomous, non-contact detection of oil spills and algal blooms, serving industrial and environmental clients globally. The company has a strong niche market position with installations across multiple continents and industries including energy, water treatment, and shipping ports. The website reflects a professional and consistent brand image with detailed product information and client testimonials, supporting their credibility in the environmental monitoring sector. Technically, the website is built on WordPress with modern plugins and frameworks, offering good performance and mobile optimization. Security posture is solid with HTTPS and standard best practices, though improvements are recommended in cookie consent and security headers. Privacy compliance is basic with a privacy policy present but lacking cookie consent mechanisms. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, LDI presents a trustworthy and professional digital presence aligned with their business objectives.

Hydroscand AS operates as a leading Norwegian supplier specializing in hoses, couplings, and related hydraulic and industrial components. The company boasts a broad product range and a nationwide network of branches and dealers, positioning itself strongly within the manufacturing sector. Their website reflects a professional and consistent brand presence, targeting industrial and commercial customers requiring specialized hose solutions and services such as machine service and central lubrication systems. Technically, the website leverages modern tools including Litium CMS, Google Tag Manager, Matomo Analytics, and a comprehensive cookie consent mechanism, demonstrating a mature digital infrastructure with good mobile optimization and accessibility. Security-wise, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data, although explicit security policies and incident response contacts are not publicly available. Overall, the site is trustworthy and compliant with GDPR through detailed cookie management and privacy policy linkage to a reputable third-party provider. Strategic recommendations include enhancing transparency by publishing terms of service, security policies, and clear contact information for security incidents to further strengthen trust and compliance.

D

Dajani Pharmacy Ltd

dajanipharmacy.com

63

Dajani Pharmacy Ltd is a well-established healthcare provider based in Central London, offering a comprehensive range of pharmacy and medical clinic services including prescribing pharmacists, GP services, allergy and blood testing, aesthetic treatments, and COVID-19 testing. The company has a strong local presence with two physical locations and a history spanning over 40 years. Their website reflects a professional and user-friendly digital presence with clear service offerings and multiple contact channels. Technically, the site uses modern web technologies such as Bootstrap, jQuery, Google Analytics, and Microsoft Clarity, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is basic, with privacy and cookie policies present but lacking active consent mechanisms. Overall, the website demonstrates a credible and trustworthy business with room for technical and security enhancements.

C

CyberCube

cybcube.com

72

CyberCube is a leading provider of cyber risk analytics and modeling solutions tailored for the insurance market. The company offers a suite of products and services including underwriting tools, portfolio management, consulting, and event response services. Their technology leverages artificial intelligence and extensive data to quantify cyber risk and support decision-making for insurers, reinsurers, brokers, and investment entities. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting industry professionals. Technically, the site is built on HubSpot CMS with modern JavaScript frameworks and integrates multiple analytics and marketing tools. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not published. The absence of WHOIS registration data is a notable gap, reducing domain transparency and trust slightly. Overall, CyberCube presents as a credible and authoritative player in the cyber risk analytics space with a well-executed online presence.

T

Thorgate

thorgate.eu

55

Thorgate is a well-established technology company specializing in software development, web design, and mobile applications with a strong focus on Python and related technologies. Operating primarily in the Nordics and Baltics with offices in Estonia, UK, Norway, and Poland, the company targets businesses and startups seeking expert development and design services. Their market position is strong within the Nordic region, supported by a professional online presence and a diversified service portfolio including startup investments. Technically, the website leverages modern frameworks such as Django and React, integrates multiple analytics and marketing tools including Google Analytics, Hotjar, Facebook Pixel, and HubSpot, and maintains good mobile optimization and SEO practices. While performance is moderate, the site is well-structured and content-rich, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses Sentry for error tracking, but lacks explicit security headers and published security policies or incident response information. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website presents a high level of professionalism and trustworthiness with minor areas for improvement in security policy transparency and accessibility. The risk profile is low, and the company demonstrates a solid foundation for secure and compliant digital operations.

S

Sparkup

teaduspark.ee

45

Sparkup Tartu Teaduspark is a well-established science and technology park based in Tartu, Estonia, founded in 2010. It serves as a hub for science- and technology-intensive startups and scaleups, offering incubation, acceleration, business development services, and rental spaces. The organization supports companies through various programs including Sparkup Inkubaator, ESA BIC Estonia, and multiple thematic accelerators focused on energy, climate, defense, and logistics. The website reflects a mature digital presence with a modern WordPress-based infrastructure, leveraging Elementor for design and Google Tag Manager and Facebook Pixel for analytics and marketing. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not published. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy page, primarily in Estonian. Overall, the site demonstrates good professionalism, clear navigation, and strong business credibility, positioning Sparkup as a key player in the Estonian innovation ecosystem.

E

Eesti Keskkonnauuringute Keskus OÜ

klab.ee

40

Eesti Keskkonnauuringute Keskus OÜ is a government-affiliated Estonian company specializing in chemical, physical, and microbiological laboratory analyses, geotechnical studies, and environmental condition modeling. The company positions itself as a leading environmental research and laboratory service provider in Estonia, serving government bodies, environmental agencies, and research institutions. Their website reflects a professional and consistent brand image with a clear focus on environmental services and scientific expertise. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The site includes a consent management platform (Usercentrics) for cookie compliance and integrates Google Tag Manager for analytics. Performance and mobile optimization are good, though accessibility features are basic. The hosting and domain registration are consistent with an Estonian government-related entity, registered since 2013. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism, but lacks explicit security headers and a published security or incident response policy. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of a security.txt or vulnerability disclosure policy is noted as an area for improvement. Overall, the website demonstrates a solid business credibility and technical foundation with room for enhanced security and privacy policy transparency. The risk profile is low, but strategic improvements in security headers and formal policies would strengthen trust and compliance.

Polhem International is a marketing and communications agency operating primarily in Scandinavia and the Baltics. The company offers a broad range of services including marketing, communication, public relations, events, influencer marketing, digital advertising, social media, and media training. The website reflects a professional and consistent brand presence with a modern technical infrastructure leveraging Nuxt.js and Bootstrap 5 frameworks. Tracking and analytics are implemented via Google Analytics and Google Tag Manager, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and DNSSEC, which could be improved. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the domain is well-established and legitimate, supporting the credibility of the business.

A

askRobin México

askrobin.com

57

askRobin México operates as an online loan search platform targeting Mexican consumers seeking personal loans and debt liquidation options. The platform aggregates offers from multiple financial institutions to provide tailored financing proposals. The website is built on WordPress with a modern tech stack including jQuery, Bootstrap Slider, and integrates marketing and tracking tools such as Google Tag Manager, Facebook Pixel, and SalesManago. The site is well-structured, mobile-optimized, and provides clear navigation and content relevant to its audience. Security posture is adequate with HTTPS enforced, but lacks some security headers and cookie consent mechanisms. WHOIS data for the subdomain is unavailable, which slightly impacts trust but the presence of partner logos and privacy policies supports legitimacy. Overall, the site presents a professional and functional digital presence for its business model.

S

SRINI OÜ

srini.ee

45

SRINI OÜ is an Estonian software development company specializing in custom software solutions primarily for government and private sector clients. Founded in 2019, the company operates from Tallinn and Tartu with approximately 80 employees. Their business model focuses on delivering tailored software design, development, and maintenance services, leveraging modern methodologies such as SCRUM and XP. The company has a positive market position supported by government contracts and a spin-off subsidiary, Modena. Technically, the website is built on WordPress, uses Java-based technologies, and integrates Google Analytics and Google Maps APIs. The site is mobile-optimized and SEO-friendly but lacks published privacy and cookie policies, which impacts compliance. Security posture is good with HTTPS enforced, but missing security headers and incident response contacts are areas for improvement. Overall, SRINI presents a credible and professional digital presence with moderate risk and room for enhanced privacy and security practices.

Kinkston is an Estonian company specializing in corporate and promotional gifts, targeting businesses seeking branding and advertising products. The website presents a professional and consistent brand image with a focus on the Estonian market. The technical infrastructure is modern, leveraging Angular framework and standard marketing tools such as Google Tag Manager and CookieHub for cookie consent management. The domain is well-established since 2010, indicating a stable business presence. Security posture is adequate with HTTPS enabled and cookie consent implemented, though there is room for improvement in security headers and explicit security policies. Privacy compliance is good, with GDPR-aligned cookie consent but lacks a dedicated privacy policy page on the domain itself. Overall, the website is functional, professional, and trustworthy with moderate risk.

L

Likewize

brightstar.com

67

Likewize is a technology service provider focused on offering comprehensive protection and support for technology disruptions. The company positions itself as a reliable partner for consumers and businesses seeking to mitigate technology-related issues. The website is professionally designed using WordPress CMS, enhanced with SEO tools like Yoast, and incorporates modern tracking and consent technologies such as Google Tag Manager and OneTrust. While the site is accessible and well-structured, it lacks explicit privacy and terms of service documentation, as well as direct contact information, which are important for trust and compliance. The absence of WHOIS data raises questions about domain registration legitimacy, though the website content suggests a legitimate business presence. Security posture is generally good with HTTPS and cookie consent, but could be improved by adding security headers and incident response contacts.

I

Indevex

indevex.com

54

Indevex is a small healthcare-focused company specializing in the development of science-based nutritional products, such as NGC®, aimed at supporting health, recovery, and performance. The company positions itself as a niche innovator leveraging clinical research to back its product offerings. The website reflects a professional and consistent brand image with good content quality and SEO optimization, targeting health-conscious consumers and athletes. Technically, the site is built on WordPress 6.8.1, utilizing modern technologies including Google Tag Manager for analytics and Cookiebot for cookie consent management. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service detected. Overall, the domain is legitimate, long-established since 1999, and registered through a reputable registrar without privacy protection, supporting trustworthiness. Strategic improvements in privacy transparency, security headers, and contact information publication are recommended to enhance compliance and user trust.

W

Weekdone

weekdone.com

64

Weekdone is a technology company specializing in SaaS-based OKR (Objectives and Key Results) software designed to help businesses align goals, track progress, and manage performance. The company offers a suite of services including OKR management, weekly progress reporting, project tracking, and continuous performance management. Positioned as a leading provider in the OKR software market, Weekdone targets businesses and teams seeking structured goal-setting and transparent progress reporting tools. The website reflects a professional and consistent brand image with clear navigation and relevant content aimed at its target audience. Technically, the website is built on WordPress CMS and leverages modern front-end technologies such as jQuery, Google Analytics, Google Tag Manager, and CookieYes for consent management. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate, with multiple external resources loaded from reputable domains. The technical infrastructure is supported by GoDaddy as the registrar and hosting provider. From a security perspective, the website enforces HTTPS with excellent SSL configuration and employs a comprehensive cookie consent mechanism that aligns with GDPR requirements. However, it lacks explicit security headers, published security policies, incident response contacts, and vulnerability disclosure mechanisms. No exposed sensitive data or vulnerable libraries were detected in the HTML content. The security posture is solid but could be improved by implementing additional security best practices and transparency measures. Overall, Weekdone presents a trustworthy and professional online presence with a mature domain and consistent business information. The main risks relate to the absence of published privacy and security policies and limited contact information. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and improving accessibility compliance to further strengthen trust and compliance.

N

Nex OÜ

nex.ee

40

Nex OÜ operates as a small Estonian IT service provider specializing in computer repair, network consulting, remote support, and IT infrastructure management. The company positions itself as a reliable local partner with authorized partnerships from recognized brands such as Lenovo and Epson. Their website clearly communicates their service offerings and contact information, targeting businesses and individuals requiring IT support and hardware sales. Technically, the website is built on WordPress and utilizes modern web technologies including jQuery, LiteSpeed Cache, and Google Tag Manager. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. However, some security best practices such as security headers are missing. From a security perspective, the site enforces HTTPS and does not expose sensitive data. However, it lacks published privacy and cookie policies, incident response contacts, and vulnerability disclosure mechanisms, which are important for compliance and trust. The WHOIS data is consistent with the business claims, enhancing legitimacy. Overall, the website is professional and functional but would benefit from improved privacy compliance and enhanced security headers to strengthen trust and regulatory adherence.

J

JAS Worldwide Inc.

jas.com

71

JAS Worldwide Inc. is a well-established global freight forwarding and logistics company offering a comprehensive range of services including airfreight, ocean freight, ground freight, customs brokerage, cargo insurance, contract logistics, and green solutions. The company positions itself as a leader in international shipping and supply chain support with over four decades of industry experience. Their market presence is supported by partnerships such as with Lufthansa Cargo and a network of subsidiaries including JAS Jet Air Service S.p.A., Multilogistics S.p.A., and Setoa S.p.A. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Tag Manager, Google Analytics, and Facebook Pixel for analytics and marketing. The site demonstrates good performance, excellent mobile optimization, and solid SEO practices. Accessibility is good, though there is room for further enhancement. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes security headers. It implements a GDPR-compliant cookie consent mechanism and maintains privacy and cookie policies. However, there is no explicit security policy or incident response contact information visible, and no vulnerability disclosure or security.txt file is present. The absence of WHOIS data for the domain is a notable concern, though the website content and branding strongly indicate legitimacy. Overall, the website presents a professional, trustworthy, and secure digital presence for JAS Worldwide, with recommendations to improve transparency around security policies and domain registration details to further enhance trust and compliance.

V

Visit Estonia

visitestonia.com

69

Visit Estonia operates as the official national tourism website for Estonia, providing comprehensive travel information, tips, and cultural insights to visitors. The website targets tourists and travelers seeking to explore Estonia's attractions, nature, and culinary experiences. It maintains a strong market position as a government-backed tourism portal with a well-established domain since 2000. The business model focuses on tourism promotion and trip planning services, leveraging digital content to attract and assist visitors.

D

Decoland

decoland.cz

52

Decoland is a Czech Republic based luxury and design furniture retailer and interior design studio. The company offers a curated gallery of design furniture and accessories, targeting consumers seeking high-end interior solutions. The website is built on a modern React and Next.js framework, incorporating cookie consent and Google Tag Manager for analytics and privacy compliance. The site is well-structured, mobile-optimized, and provides comprehensive privacy and cookie policies in Czech language. Security posture is good with HTTPS and security headers, though explicit security policies and incident response contacts are absent. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but does not indicate malicious intent. Overall, Decoland presents a professional and trustworthy online presence in the luxury furniture retail sector.

T

TBD Pharmatech

biodiscovery.eu

52

TBD Pharmatech is a European-based Contract Development and Manufacturing Organization (CDMO) specializing in Active Pharmaceutical Ingredients, advanced intermediates, and fine chemicals production. Founded in 2021, the company positions itself as a reliable partner for pharmaceutical companies seeking development and manufacturing services. The website reflects a professional and consistent brand image with clear business focus and relevant service offerings. Technically, the site is built on WordPress with modern analytics and tracking tools integrated, including Google Analytics and Google Tag Manager. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and comprehensive security headers. Privacy compliance is weak due to absence of privacy and cookie policies and no visible consent mechanisms. Overall, the site is trustworthy and credible but would benefit from enhanced privacy and security practices to align with regulatory requirements and industry best practices.

J

Jolos

jolos.eu

44

Jolos is a full spectrum creative agency based in Estonia, specializing in world-class event production, branding, campaigns, and live and virtual events. The company positions itself as a high-quality, professional agency focused on delivering unique and memorable experiences for brands and organizations. The website reflects a mature digital presence built on WordPress, leveraging modern optimization and analytics tools such as Google Analytics and Tag Manager with IP anonymization enabled. The site is well-designed, mobile-optimized, and rich in multimedia content, showcasing detailed case studies and team profiles that enhance trust and professionalism. Security posture is solid with HTTPS enforced and no exposed sensitive data, though the absence of security headers and formal security policies suggests room for improvement. Privacy compliance is limited due to missing privacy and cookie policies and lack of consent mechanisms. Overall, the domain registration aligns with the business claims, indicating legitimacy and trustworthiness.

O

Onninen AS

onninen.no

67

Onninen AS operates as a leading electrical wholesaler in the Nordic region, primarily serving contractors, projects, and industrial clients with a broad product range exceeding 100,000 electrical items. The company maintains a strong market position supported by a network of 26 express stores across Norway and a comprehensive online webshop. Their business model focuses on rapid delivery and extensive product availability, targeting professional customers in the energy and industrial sectors. Technically, the website leverages modern web technologies including React, Contentful CMS, and integrates Google Tag Manager and YouTube APIs for analytics and media embedding. The site is mobile-optimized with good SEO and accessibility features, reflecting a mature digital presence. Security posture is solid with HTTPS enforced and secure form handling, though explicit security policies and incident response information are not publicly disclosed. Privacy compliance is robust, with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website and business demonstrate high professionalism and trustworthiness, though WHOIS data is unavailable due to privacy protection, which is justified for a commercial entity of this scale.

R

RESCUE®

rescuefirst.com

64

RESCUE® is a specialized roadside assistance provider operating primarily in Bengaluru, India, offering 24/7 vehicle breakdown services including puncture repair, battery jumpstart, towing, emergency fuel delivery, and key recovery. The company positions itself as a premier and reliable service provider with OEM trained mechanics and a fleet of state-of-the-art tow trucks, servicing over 100,000 vehicles since 2011. Their business model focuses on rapid dispatch of mechanics and tow trucks within 30 minutes to customer locations, targeting vehicle owners in need of emergency roadside help. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Analytics, Google Tag Manager, and Google reCAPTCHA for analytics and security. The site is mobile optimized with good SEO practices and moderate performance. Accessibility is basic but functional. The hosting and infrastructure appear stable and professionally managed. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. Forms are protected with reCAPTCHA, and no sensitive data is exposed in the HTML. However, the site lacks a visible cookie consent mechanism and formal security or incident response policies, which are areas for improvement. No vulnerabilities or suspicious activities were detected. Overall, RESCUE® demonstrates a solid business presence with a trustworthy domain registration and consistent branding. The website quality is good, supporting the business credibility. Strategic recommendations include implementing cookie consent for privacy compliance, publishing security policies, and enhancing accessibility to further strengthen trust and compliance.

N

Nordic Hotel Forum

nordichotels.eu

51

Nordic Hotel Forum is a modern four-star superior hotel located in the heart of Tallinn, Estonia, just 150 meters from the Old Town. The hotel targets business travelers, conference attendees, and tourists seeking quality accommodation and conference facilities. The website is built on WordPress using the Avada theme and integrates WooCommerce for e-commerce capabilities. It employs modern analytics and marketing tools such as Google Analytics, Hotjar, Google Tag Manager, and Cookiebot for cookie consent management. The site is well-structured with good SEO and mobile optimization, providing a professional user experience. Security posture is strong with HTTPS and cookie consent mechanisms, though it lacks some HTTP security headers and formal privacy and terms of service pages. WHOIS data is not publicly available due to EURid privacy policies, which is typical for .eu domains. Overall, the website represents a legitimate hospitality business with moderate digital maturity and good security hygiene.

L

Luxury Produtos & Ecommerce

luxurysex.com.br

58

Luxury Sex is a Brazilian e-commerce retailer specializing in adult pleasure products, founded in 2018. The company offers a wide range of products including cosmetics, accessories, vibrators, and fetish items, targeting adult consumers seeking to enhance their intimate experiences. The business emphasizes fast delivery, discreet packaging, and multiple payment options including Pix with discounts, positioning itself as a niche market leader in Brazil. The website is professionally designed with consistent branding and clear contact information, supporting a trustworthy online shopping experience. Technically, the site leverages a modern tech stack including the Yampi e-commerce platform, Google Analytics, Microsoft Clarity, and Mixpanel for analytics and user tracking. It uses HTTPS with a secure checkout subdomain and integrates various marketing and retargeting tools. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Cookie consent mechanisms are implemented, but a dedicated privacy policy page is missing. From a security perspective, the website enforces HTTPS and uses secure payment processing domains. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. WHOIS data is consistent with the business information, indicating legitimate domain ownership. Overall, the site demonstrates a good security posture but could improve transparency and compliance documentation. The overall risk is moderate with no critical issues detected. Strategic recommendations include implementing security headers, publishing a security policy and incident response contacts, adding a vulnerability disclosure mechanism, and enhancing accessibility. These improvements would strengthen the site's security posture and compliance, further boosting customer trust and business credibility.

K

Kinema

kinema.eu

56

Kinema OÜ is a small Estonian company specializing in the sale, installation, and maintenance of modern garage doors, industrial lifting doors, loading equipment, and access control systems. The company targets both industrial and private customers within Estonia, positioning itself as a local provider of comprehensive door and automation solutions. The website is built on WordPress with WooCommerce components, integrating modern analytics and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, and Cookiebot for consent management. The technical infrastructure is modern and moderately optimized for performance and mobile use, though accessibility features are basic. Security posture is good with HTTPS enabled and cookie consent implemented, but could be improved by adding explicit security headers and publishing formal privacy and security policies. No contact emails or phone numbers were found in the provided content, which limits direct customer engagement visibility. Overall, the website reflects a professional small business with consistent branding and a clear business focus, but with room for improvement in privacy compliance and security transparency.

T

Tickmill Europe Ltd

tickmill.com

69

Tickmill Europe Ltd operates as a regulated online forex and CFD broker targeting European clients. The company offers a range of trading instruments including forex, cryptocurrencies, stocks, indices, bonds, and commodities through popular platforms such as MetaTrader 4 and 5. The website demonstrates a strong market position with emphasis on low spreads, fast execution, and comprehensive client support. The digital infrastructure leverages modern technologies including Google Analytics, HubSpot, and Cloudflare, ensuring robust performance and user experience. Security posture is solid with HTTPS enforcement, bot management, and cookie consent mechanisms, although explicit security headers and incident response contacts could be enhanced. The absence of WHOIS domain registration data introduces some uncertainty in domain legitimacy, but the professional presentation and regulatory references mitigate this concern. Overall, the website is well-designed, compliant with GDPR, and employs extensive analytics and advertising tools to support its business model.

Y

Yolla Calls International OÜ

yollacalls.com

75

Yolla Calls International OÜ operates a telecommunications service focused on providing affordable international calling and texting through its mobile app and web platform. Founded in 2014 and based in Estonia, Yolla targets international callers, expatriates, and travelers seeking cost-effective communication solutions. The company offers free calls between Yolla users and low-cost calls to any mobile or landline worldwide, supported by subscription offers and a reseller program. The website is professionally designed with clear navigation, mobile optimization, and comprehensive content including FAQs, offers, and social proof via Trustpilot reviews. Technically, the site uses modern frameworks such as Next.js and Material UI, integrates Google Tag Manager for analytics, and employs CookieYes for cookie consent management. Security posture is good with HTTPS enforced and no evident vulnerabilities, though some security headers could be improved and a formal security policy is absent. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Overall, the site presents a trustworthy and mature business with a solid digital presence.

R

Route One

routeone.co.uk

70

Route One is a specialized retailer focusing on skateboarding, snowboarding, and streetwear apparel and accessories, targeting youth and young adults in Europe. The company operates a professional e-commerce platform built on Shopify, offering a broad product range and a user-friendly shopping experience. The website demonstrates good digital maturity with modern technologies, mobile optimization, and integrated marketing tools. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though formal security policies and incident response information are absent. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the business appears legitimate and professionally managed with a solid market position in its niche.

S

Saarioinen Oy

saarioinen.fi

60

Saarioinen Oy is a well-established Finnish food manufacturer specializing in popular ready meals and traditional Finnish foods. The company engages consumers through its website by offering product information, recipes, and a community platform. The website reflects a strong brand presence with consistent branding and multiple trust certifications such as Avainlippu and Sydänmerkki. The target audience primarily consists of Finnish consumers interested in convenient and traditional food products. Technically, the website is built on a modern stack including Vue.js and Episerver CMS, with integrations for Google Tag Manager and Cookiebot for analytics and consent management. The site is mobile-optimized and SEO-friendly, providing a good user experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit security policies. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, supporting the company's market position as a leading Finnish food brand.

S

Salva Kindlustuse AS

salva.ee

54

Salva Kindlustuse AS is an established Estonian insurance company founded in 1993, offering a range of insurance products to the local market. The website reflects a mature business with consistent branding and a focus on providing insurance services to Estonian customers. The technical infrastructure is modern, leveraging React and Material-UI frameworks, integrated with Google Tag Manager for analytics and Apple MapKit for mapping services. The presence of a chat widget indicates customer engagement capabilities. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit privacy and terms of service documentation are missing, which impacts compliance confidence. Overall, the website is professional and trustworthy, with room for improvement in privacy transparency and contact information clarity.

V

Valio Eesti AS

valio.ee

56

Valio Eesti AS is a well-established dairy manufacturing company founded in 1992, operating primarily in Estonia. It produces and markets fresh dairy products and cheeses sourced mainly from Central and Southern Estonian farms. The company holds a strong market position as one of the largest local dairy producers, supported by a professional and content-rich website targeting Estonian consumers. The website demonstrates a mature digital infrastructure using modern technologies such as React, Azure hosting, and integrated analytics tools including Google Analytics and Hotjar. Security posture is robust with HTTPS enforcement, security headers, and no visible vulnerabilities. Privacy and cookie policies are present and GDPR compliant, with clear contact information and social media presence enhancing trust. Overall, the website reflects a high level of professionalism and business credibility.

T

The Institute of World Politics

iwp.edu

58

The Institute of World Politics is a specialized graduate school focused on educating future leaders in national security, intelligence, diplomacy, and military strategy. It offers a range of graduate degree programs, certificates, and continuing education opportunities tailored to professionals and students seeking careers in statecraft and international affairs. The institution positions itself as a niche leader with a strong emphasis on scholar-practitioner faculty and practical skills development. Technically, the website is built on WordPress with Elementor, leveraging modern web technologies and integrations such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag for analytics and marketing. The site is hosted likely on SiteGround, with good mobile optimization, accessibility, and SEO practices. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS, employs standard security headers, and does not expose sensitive data in the HTML. However, there is no publicly visible security policy or incident response page, and no vulnerability disclosure mechanism was found. The WHOIS data is unavailable or restricted, typical for .edu domains, but the domain's legitimacy is supported by the content and .edu status. Overall, the site demonstrates a strong professional presence with good security hygiene, though it could improve transparency around security policies and incident response. The business is credible and well-positioned in its educational niche, with a clear target audience and robust digital infrastructure.