Security Directory

U

United Nations Alliance of Civilizations (UNAOC)

forsafeworship.org

0

The website forsafeworship.org represents the United Nations Alliance of Civilizations (UNAOC) initiative titled '#forSafeWorship - UN Plan of Action to Safeguard Religious Sites'. It serves as a platform to advocate for the protection and respect of religious sites worldwide, emphasizing peace and harmony. The target audience includes global communities, religious groups, governments, and peace organizations. The site operates as a non-profit advocacy platform under the United Nations umbrella, with a small organizational size and a founding year of 2020. Technically, the website is built on WordPress using the Divi theme and Yoast SEO plugin, hosted on Quadranet servers. It employs modern web technologies such as JavaScript and jQuery, and the site is moderately optimized for performance and mobile responsiveness. SEO practices are good, with comprehensive metadata and structured data enhancing search visibility. From a security perspective, the site uses HTTPS with a good SSL configuration and domain status protections. However, it lacks several security headers and does not provide explicit security or incident response policies. No vulnerability disclosure or security.txt files are present, and privacy compliance is minimal due to the absence of privacy and cookie policies. The domain registration is privacy protected but consistent with the nature of a UN-affiliated non-profit. Overall, the website is trustworthy and professional in its presentation and content but would benefit from enhanced privacy compliance, security headers, and explicit contact information to improve user trust and regulatory adherence.

C

Conviva

conviva.com

0

Conviva operates a leading real-time performance analytics platform focused on digital experience monitoring for media, streaming, and related industries. The company leverages full-census client-side telemetry to provide actionable insights that improve app performance, user engagement, and operational efficiency. Their market position is strong, supported by customer testimonials, industry awards, and extensive use of modern web technologies. The website is professionally designed, mobile optimized, and SEO friendly, reflecting a mature digital presence. However, the absence of WHOIS registration data raises questions about domain registration status, though the active and rich website content suggests legitimate business operations. Security posture is good with HTTPS and no exposed sensitive data, but lacks explicit security policies and vulnerability disclosures. Privacy compliance is basic with cookie consent but no visible privacy policy. Overall, Conviva presents as a credible and professional technology company with room to improve transparency in privacy and security documentation.

The Outdoor Industries Association (OIA) CIC is a UK-based non-profit membership organization representing over 200 entities in the outdoor recreation sector. It provides advocacy, representation, promotion, and leadership services to unite the industry with a common voice. The website is professionally designed using WordPress with modern plugins for SEO, performance, and membership management. It targets industry members, retailers, NGOs, and related organizations in the UK outdoor recreation market. The site features comprehensive content including news, events, membership information, and resources. Technically, the site uses a modern tech stack with performance optimizations and is mobile responsive. Security posture is good with HTTPS enforced and some security headers present, though explicit privacy and cookie policies are missing. Analytics tracking is implemented with Google Analytics and PixelYourSite, with moderate user tracking. WHOIS data for the queried domain 'www.theoia.co.uk' is unavailable due to domain naming rules, indicating a possible misconfiguration or incorrect domain query, which slightly impacts trust. Overall, the site is credible and professional but would benefit from enhanced privacy compliance and published security policies.

R

Running Industry Alliance

runningindustryalliance.com

0

Running Industry Alliance (RIA) is a UK and Ireland focused member-based trade organization dedicated to advancing the running industry through networking, education, and collaboration. The website presents a professional and consistent brand image, targeting businesses and professionals within the running sector. Technically, the site is built on WordPress with the Divi theme, uses modern web fonts, and integrates Google Analytics for visitor tracking. Security posture is generally good with HTTPS enabled and no obvious vulnerabilities, but lacks important security headers and published policies. The absence of WHOIS data for the domain is a notable concern, suggesting either privacy protection or data unavailability, which impacts trustworthiness. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and transparency.

NEXTING s.r.l. is an Italian media company specializing in TV content production, broadcast services, OTT solutions, communication, and innovative technologies such as AR and VR. The company operates internationally with ENG crews and offers multimedia OTT platforms focused on cultural heritage. Their business model is service-oriented, supported by European and regional funding for research and development projects. The website presents a professional image with clear contact information and social media presence, targeting media and broadcast clients. Technically, the website uses common web technologies including jQuery, FontAwesome, and Google Fonts. The site is mobile-optimized with good navigation and content relevance. However, no CMS or hosting provider information is evident. Performance is moderate, and accessibility is basic. No analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the website lacks visible security headers and published privacy or cookie policies, which impacts compliance and trust. The WHOIS data is missing or indicates the domain is unregistered, which is a significant concern for legitimacy. No forms or incident response contacts are present, limiting data protection and security readiness. Overall, the site is functional and professional but requires improvements in security posture, privacy compliance, and domain registration transparency to enhance trust and reduce risk.

A

ANOC Association of National Olympic Committees

anoc.tv

0

The ANOC.tv website serves as the official digital platform for the Association of National Olympic Committees, a Swiss-based non-profit organization dedicated to supporting and promoting Olympic committees worldwide. The site offers comprehensive coverage of sporting events, news, and specialized programs such as sustainability workshops, targeting Olympic committees, sports professionals, and enthusiasts. The business model focuses on media dissemination and informational services within the Olympic sports ecosystem. Technically, the website leverages modern web technologies including React, Google Tag Manager, Stripe.js, and push notification SDKs, indicating a mature digital infrastructure. The site is mobile-optimized with good design quality and user experience, although some accessibility and SEO aspects could be enhanced. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks advanced security headers and explicit security policies or incident response contacts. WHOIS data is transparent and consistent with the organization's identity, supporting domain legitimacy. Overall, the website presents a professional and trustworthy front with moderate privacy compliance and security posture. Strategic improvements in privacy policy publication, security headers, and incident response transparency would enhance compliance and user trust.

C

Coopalsa + Nadal

bus.ad

0

Coopalsa + Nadal operates as a primary public transportation service provider in Andorra, offering regular bus lines and related services. The website serves residents and visitors by providing schedules, ticket sales information, and route details. The company maintains a consistent brand presence and engages users through social media platforms such as Facebook, Twitter, and Instagram. The business model focuses on essential transportation services within the country, positioning itself as a key local operator.

The website represents the official Olympics merchandise e-commerce platform focused on LA28 Olympics apparel and gear. It targets Olympics fans and sports merchandise buyers, offering licensed products under the official Olympics brand. The site demonstrates a professional design and consistent branding aligned with the Olympic movement, positioning itself as a trusted retailer in the sports merchandise market. Technically, the site uses modern web technologies including JavaScript, web fonts, and SPA architecture, providing a good user experience with mobile optimization and SEO best practices. However, the site lacks visible privacy and cookie policies, and no explicit contact information is provided in the analyzed content. Security posture is moderate with no detected security headers or advanced protections, and WHOIS data for the subdomain is unavailable, which is typical for subdomains but limits direct domain verification. Overall, the site is functional and credible but would benefit from enhanced privacy compliance and security measures.

The website apek.ee is currently inaccessible, returning a 503 Service Unavailable error indicating maintenance or capacity issues. Due to this, no business content, metadata, or contact information is available for analysis. The domain is registered since 2016 with Zone Media OÜ, a reputable Estonian registrar, suggesting legitimacy of the domain ownership. The technical infrastructure is basic, running on an Apache server hosted by Zone Media OÜ. Security posture is weak as no security headers or policies are detected, and the site lacks privacy and cookie policies. Overall, the site is not currently functional for end users, which severely limits its business and security effectiveness.

The website estonia.ee is currently inaccessible due to a Cloudflare Turnstile security challenge, which blocks content access and prevents detailed analysis of the site's business, security, and compliance posture. The domain is registered with Zone Media OÜ, an Estonian registrar, since 2010, indicating a legitimate and established presence likely related to the Estonian government. The technical infrastructure leverages Cloudflare services for security and performance, but no direct content or metadata is accessible to evaluate privacy policies, contact information, or business details. Due to the WAF challenge, the overall AI score is low, reflecting the inability to perform a full assessment.

E

Estiko Grupp

estiko.ee

0

Estiko Grupp is a well-established Estonian enterprise group primarily operating in Tartu, with diversified business interests in packaging production, real estate development and management, accommodation services, and energy production. The company has a medium-sized footprint with numerous subsidiaries and a strong local market presence, supported by government recognition and a professional digital presence. The website reflects a solid business model targeting both corporate clients and local communities, emphasizing sustainability and community engagement. Technically, the website is built on the Voog CMS platform, leveraging modern JavaScript libraries such as jQuery, TweenMax, and Slick slider for interactive and responsive user experience. The site is mobile-optimized and includes standard SEO and accessibility features, although some accessibility aspects could be improved. Hosting and domain registration are consistent and transparent, with no blocking or WAF interference detected. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks advanced security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected, but improvements such as enabling DNSSEC and publishing a security.txt file would enhance the security posture. Privacy compliance is basic but present, with a privacy policy and cookie banner aligned with GDPR requirements. Overall, Estiko Grupp's website demonstrates a good balance of business credibility, technical implementation, and privacy compliance, scoring an overall AI rating of 81. Strategic improvements in security policies and technical security controls are recommended to further strengthen trust and resilience.

R

RAMIRENT BALTIC AS

ramirent.ee

0

Ramirent Baltic AS operates as the largest tool and construction equipment rental service provider in the Baltic region, offering a comprehensive range of rental products and services including 24-hour technical support and modular factory solutions. The company is part of the Loxam Group, a recognized leader in equipment rental, which enhances its market position and credibility. The website reflects a professional and user-friendly digital presence with clear navigation and localized content tailored for Estonian customers. Technically, the website is built on a modern WordPress CMS platform with WooCommerce integration, leveraging popular libraries such as jQuery and Google Tag Manager for analytics and marketing. The site demonstrates good mobile optimization and moderate performance, with a GDPR-compliant cookie consent mechanism and structured data enhancing SEO and user experience. From a security perspective, the site enforces HTTPS and uses Cloudflare bot management cookies, indicating a proactive approach to security. However, some security headers are not explicitly detected, and there is no publicly available security policy or incident response contact, which could be improved to strengthen trust and compliance. Overall, the website presents a trustworthy and professional image with strong business credibility and compliance posture. Strategic improvements in security policy transparency and enhanced accessibility could further elevate the site's maturity and user trust.

C

Churnkey

churnkey.co

0

Churnkey is a technology company founded in 2020, specializing in SaaS solutions aimed at reducing customer churn and enhancing subscriber retention for subscription-based businesses. The website presents a professional and modern design, leveraging advanced frontend frameworks such as Vue.js and Nuxt.js, and is hosted with Cloudflare for performance and security benefits. The company integrates multiple marketing and analytics tools including HubSpot, Dreamdata, Google Tag Manager, and Facebook Pixel, indicating a mature digital marketing approach. However, the site lacks explicit privacy and cookie policies, as well as visible contact information, which impacts its privacy compliance and user trust. Security posture is generally good with HTTPS enabled and Cloudflare protection, but could be improved by enabling DNSSEC and publishing security policies. Overall, the website is functional and professional but would benefit from enhanced transparency and compliance documentation.

S

Stackpile

stackpile.io

0

Stackpile is a technology company founded in 2016, offering a SaaS platform that simplifies the installation of third-party integrations and unified analytics tracking for websites. Positioned as a niche provider, Stackpile targets website owners and developers seeking to streamline their analytics and integration management through a single API. The website presents a professional and consistent brand image with good content quality and clear navigation. Technically, the site employs modern JavaScript libraries and integrates multiple analytics and marketing tools such as Google Analytics, Hotjar, Mixpanel, and New Relic, hosted via Cloudflare ensuring good performance and security. Security posture is solid with HTTPS enforced and domain registration protected by privacy services, though improvements are recommended in security headers and explicit security policies. Privacy compliance is basic with privacy and terms pages present but lacking cookie consent mechanisms. Overall, the site is trustworthy with no blocking or suspicious indicators detected.

A

Art Media Agency OÜ

elundidoonorlus.ee

0

The website elundidoonorlus.ee serves as an informational platform dedicated to organ, tissue, and cell donation and transplantation in Estonia. It is operated by Art Media Agency OÜ and provides educational content, registration links for organ donors, and related legal and statistical information. The site targets Estonian residents interested in organ donation and transplantation, positioning itself as a niche public health resource. Technically, the site uses legacy JavaScript libraries such as jQuery 1.4.4 and integrates Google Analytics and Facebook Pixel for user tracking. The hosting is provided by Zone Media OÜ, an Estonian registrar, and the domain has been active since 2011, indicating a stable presence. Security-wise, the site uses HTTPS but lacks visible security headers and employs outdated libraries that may pose vulnerabilities. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms, despite the use of tracking technologies. Contact information is not explicitly provided on the main page, limiting direct user engagement. Overall, the site is functional and informative but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

Ravijuhend.ee is a healthcare information portal coordinated by Tartu Ülikool and funded by Tervisekassa, providing evidence-based medical guidelines and patient instructions primarily for Estonian healthcare professionals and patients. The website serves as a trusted source for treatment guidelines, patient care instructions, and related educational content, positioning itself as a key national resource in Estonia's healthcare sector. Technically, the site employs modern web standards including HTTPS, Cloudflare DNS, and uses popular web fonts and iconography, delivering a professional and accessible user experience with good mobile optimization and SEO practices. Security-wise, the site benefits from HTTPS and secure form handling but lacks advanced DNS security (DNSSEC) and security headers, and does not publish privacy or cookie policies, which are important for GDPR compliance. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced privacy disclosures and security hardening to improve compliance and user trust.

A

AS Arstikeskus Confido

1220.ee

0

The website 1220.ee serves as the official Estonian health advice line platform, providing telephone and web chat medical consultation services. It targets Estonian residents and callers abroad, offering guidance on medical issues, prescription renewals, and emergency care decisions. The service operates under the auspices of the Estonian Health Insurance Fund (Tervisekassa) and collaborates with healthcare providers and pharmacies. The site is professionally designed with consistent branding and clear navigation, supporting multiple languages (Estonian and Russian). Technical infrastructure includes modern JavaScript libraries, CDN-hosted resources, and integration with Facebook SDK and Google Tag Manager for analytics and marketing purposes. The site uses HTTPS and shows no signs of blocking or WAF interference, indicating good accessibility and security basics. However, it lacks visible privacy and cookie policies, which impacts GDPR compliance and privacy posture. Contact information is limited to phone numbers with no email or physical address disclosed. No forms collecting personal data are present on the main page, reducing immediate data protection concerns. Overall, the site demonstrates a solid business credibility and technical foundation but requires improvements in privacy compliance and security policy transparency.

S

Sõeluuring.ee

soeluuring.ee

0

Sõeluuring.ee is a health screening awareness website focused on early detection of cellular changes and pre-cancerous conditions in Estonia. The website provides informational content aimed at encouraging participation in health screenings to improve treatment outcomes. Technically, the site is built on WordPress using the Divi theme, with integrations for Google Analytics and Facebook Pixel for tracking user interactions. The site is hosted with DNS managed by Cloudflare, providing good performance and security benefits. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a significant gap given the use of tracking technologies. Business credibility is moderate, with consistent branding and good content quality, but no explicit contact information or certifications are provided. Overall, the site is functional and professionally designed but would benefit from enhanced privacy compliance and security transparency.

S

SYNLAB International

synlab-notes.com

0

SYNLAB International's investor website synlab-notes.com serves as a portal for investors and registered users to access company information and conference calls. The site is built on TYPO3 CMS and employs modern web technologies, providing a professional and consistent user experience. The business focus is on healthcare laboratory services with an international presence. Technically, the site is moderately optimized with good mobile responsiveness and basic SEO features. Security posture is adequate with HTTPS and secure login forms, but lacks explicit security headers and published incident response policies. Privacy compliance is supported by clear privacy and cookie policies with consent mechanisms. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Overall, the site is functional and professional but would benefit from enhanced transparency and security disclosures.

Piiriveekogu.ee is a government-related service platform managed by Elkdata OÜ, established in 2015. The website appears to provide information and assistance related to border water bodies in Estonia. The platform uses AngularJS and Material Design for its user interface, indicating a moderate level of technical maturity. However, the website lacks visible privacy, cookie, and terms of service policies, which are critical for compliance and user trust. Security posture is weak due to the absence of security headers and incident response information. Overall, the site is functional but requires improvements in security and compliance to enhance trustworthiness and user protection.

N

NürnbergMesse GmbH

chillventa.de

0

Chillventa is a globally recognized exhibition specializing in refrigeration technology, organized by NürnbergMesse GmbH in Germany. The website serves as a comprehensive platform for industry experts, exhibitors, and visitors to connect, showcasing the latest innovations and providing detailed event information. The company holds a leading market position in the energy sector, particularly in refrigeration and related technologies. Technically, the website is built on modern frameworks such as Next.js and Sitecore CMS, hosted on Microsoft Azure infrastructure, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, although explicit security policies and incident response contacts are not published. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR regulations.

E

Euroheat & Power

ehpcongress.org

0

Euroheat & Power operates the EHP Congress, the largest European event dedicated to district heating and cooling, focusing on the heating transition and decarbonisation. The event attracts over 450 participants, 80+ speakers, and 30+ exhibitors, providing industry insights, networking, and technology showcases. The website is well-branded and professionally designed, targeting industry professionals and stakeholders in the energy sector. Technically, the site is built on WordPress, uses modern JS libraries, and is hosted behind Cloudflare with HTTPS enabled, ensuring good performance and security. However, it lacks explicit privacy and cookie policies, and no security headers were detected, indicating room for improvement in privacy compliance and security hardening. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, enabling DNSSEC, adding security headers, and publishing incident response and vulnerability disclosure information to enhance trust and compliance.

I

Izglītības pārvalde

tnip.lv

0

The website www.tnip.lv serves as the official online presence of the Education Department (Izglītības pārvalde) of Talsi Municipality in Latvia. It provides educational news, event information, regulatory documents, and contact details primarily targeting local residents, educators, and students. The site is built on WordPress with a range of plugins supporting social media integration, event calendars, and SEO optimization. The content is well-structured and relevant to its audience, though it lacks comprehensive privacy and cookie policies. Technically, the site uses HTTPS with a valid SSL certificate and modern web technologies, but it could improve by implementing security headers and accessibility features. The absence of WHOIS data due to query limits limits the ability to fully verify domain legitimacy, but the domain's ccTLD and content alignment suggest authenticity. Overall, the site demonstrates a good balance of content quality and technical implementation suitable for a small public sector entity.

V

Visit Talsi

visittalsi.com

0

Visit Talsi is a regional tourism information center website dedicated to promoting the Talsi region in Latvia. The site provides comprehensive information about local attractions, events, accommodations, and dining options, targeting tourists and visitors interested in exploring the area. The business operates as a small entity focused on hospitality and regional tourism promotion, with a clear market position as a trusted local information source. The website is multilingual, primarily in Latvian, with options for English, German, Estonian, Lithuanian, and French, enhancing accessibility for international visitors. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, Google Maps API, and Google Fonts. It uses common plugins such as MonsterInsights for Google Analytics tracking. The site is mobile-optimized and accessible, with good SEO practices and clear navigation. Hosting is via name servers cloudns1.hostnet.lv and cloudns2.hostnet.lv, though the exact hosting provider is not explicitly identified. From a security perspective, the site uses HTTPS with a valid SSL configuration and has domain transfer protection enabled. However, DNSSEC is not enabled, and no advanced security headers were detected. There is no visible privacy policy, cookie policy, or terms of service, and no consent mechanism for tracking cookies, which poses compliance risks under GDPR. Incident response and security policies are not published, indicating a low maturity in security governance. Overall, the website is professional, trustworthy, and serves its business purpose well but requires improvements in privacy compliance and security best practices to reduce risk and enhance user trust. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, enabling DNSSEC, adding security headers, and publishing incident response contacts.

T

Talsi novads

talsunovads.lv

0

The website www.talsunovads.lv serves as the official digital presence of Talsi Municipality in Latvia, providing comprehensive information about local government operations, public services, cultural events, education, social support, and community engagement. It targets residents, local businesses, and visitors, offering structured navigation and multilingual support primarily in Latvian. The site is built on Drupal CMS with modern web technologies and demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforcement and security headers, though explicit incident response and vulnerability disclosure policies are absent. Privacy compliance is well addressed with a detailed privacy policy and cookie consent mechanism aligned with GDPR requirements. WHOIS data could not be retrieved due to query limits, but the domain appears legitimate and consistent with a government entity. Strategic recommendations include publishing security policies, incident response contacts, and vulnerability disclosure information to enhance trust and compliance.

R

Rebelcreations AG

epeeglobal.org

0

EPEE is a European industry association representing the refrigeration, air conditioning, and heat pump sectors. The organization focuses on policy advocacy, sustainable heating and cooling solutions, and industry representation. The website reflects an established presence with a domain registered since 2000 and hosted by OVH in Germany. Technically, the site is built on WordPress with modern libraries such as Bootstrap and jQuery, providing a good user experience and mobile optimization. However, the site lacks explicit privacy and cookie policies, and no consent mechanisms are detected, which may pose compliance risks. Security posture is moderate with HTTPS enabled but missing security headers and DNSSEC. Overall, the website is professional and credible but would benefit from enhanced privacy compliance and security best practices.

The website healthybuildingsdesigncompetition.com currently returns a 404 error page indicating that the site is not configured or accessible. There is no visible business content, contact information, or policies available. The domain is newly registered in March 2023 and hosted by OVH sas, a reputable registrar and hosting provider. The site uses TYPO3 CMS technology but lacks any active content or configuration. Due to the lack of content and accessibility, the technical maturity and security posture cannot be fully assessed. No security headers or HTTPS information was provided, and no privacy or cookie policies are present. Overall, the site appears to be inactive or under development, resulting in a low trust and credibility score.

A

Andmik

andmik.ee

0

Andmik is a specialized platform focused on providing data visualization and budget tracking services for Estonian municipalities. The website presents detailed geographic and demographic data for various local governments, targeting municipal officials and stakeholders. The platform leverages modern web technologies including Vue.js and Leaflet for interactive maps, supported by Google Analytics and Tag Manager for user tracking. The domain is registered with a reputable Estonian registrar, Zone Media OÜ, and was created in 2021, aligning with the platform's apparent recent launch. Technically, the website employs a modern JavaScript framework and mapping libraries, ensuring a responsive and interactive user experience. However, there is room for improvement in accessibility and SEO optimization. Security-wise, the site lacks visible security headers and does not enable DNSSEC, which could be enhanced to improve overall security posture. Privacy compliance is weak, with no visible privacy or cookie policies, and no consent mechanisms, which is a significant gap given the use of tracking technologies. Overall, the website is functional and professionally designed but requires improvements in privacy compliance, security best practices, and contact transparency to enhance trust and regulatory adherence. Strategic recommendations include implementing comprehensive privacy and cookie policies, enabling DNSSEC, adding security headers, and providing clear contact and incident response information.

E

Euroopa rändevõrgustiku Eesti kontaktpunkt

emn.ee

0

The website www.emn.ee serves as the official Estonian contact point for the European Migration Network, providing comprehensive migration and asylum policy reports, applied research, and urgent information exchange. It targets policymakers, researchers, and migration professionals, positioning itself as a trusted government-related entity with a focus on migration statistics and policy analysis. The site is well-structured, content-rich, and regularly updated with news, events, and publications relevant to migration topics. Technically, the website is built on WordPress with Yoast SEO and integrates Google Analytics and Tag Manager for tracking. It demonstrates good mobile optimization and moderate performance. The use of HTTPS and cookie consent mechanisms reflects a solid privacy posture, although some security headers and explicit incident response information are missing. Security-wise, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks published security policies and vulnerability disclosure mechanisms, which could enhance trust and compliance. No WAF or blocking mechanisms were detected, indicating full accessibility. Overall, the website scores well on content quality, technical implementation, security posture, privacy compliance, and business credibility, making it a reliable and professional resource in its domain. Strategic improvements in security headers, incident response transparency, and accessibility could further strengthen its position.

S

Siseministeeriumi infotehnoloogia- ja arenduskeskus

smit.ee

0

Siseministeeriumi infotehnoloogia- ja arenduskeskus (SMIT) is the largest governmental IT institution in Estonia focused on developing and managing critical information systems for internal security and emergency services. It serves key government agencies such as the Police and Border Guard Board, Rescue Board, and Ministry of the Interior, providing vital communication and ICT services nationwide. The website reflects a professional government entity with clear service offerings and a strong market position as a trusted IT service provider for public safety. Technically, the site uses modern frameworks like Vue.js and Nuxt.js, ensuring a responsive and moderately performant user experience. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and policies could be enhanced. Privacy compliance is basic with cookie policy present but lacking explicit consent mechanisms. Overall, the site is trustworthy and well-aligned with its government mission.

SoftExpert OÜ is an Estonian IT company specializing in the development and maintenance of mission-critical and complex web-based systems. Established since 2000, it has contributed to several major Estonian web services such as CV-Online and various photo and video platforms. The company offers a broad range of IT services including consulting, system creation, and maintenance, targeting Estonian businesses requiring reliable IT partnerships. The website content is primarily in Estonian with an English option, reflecting a local market focus. Technically, the website uses legacy technologies such as PHP, Perl, and C, hosted on Unix/Linux platforms. The site lacks modern frameworks and shows basic SEO and accessibility features. Performance is moderate, but mobile optimization is poor. The site includes Google Analytics and Tag Manager scripts for user tracking but lacks visible privacy or cookie policies, which is a compliance gap. From a security perspective, no HTTPS confirmation or security headers were detected in the provided data, indicating potential vulnerabilities. No forms or input fields are present, reducing attack surface but also limiting user interaction. The WHOIS data is consistent and transparent, with a domain age appropriate for the business history. Overall, the security posture is moderate but requires improvements in SSL/TLS implementation and security headers. The overall risk is moderate with recommendations to implement HTTPS, add privacy and cookie policies, improve mobile responsiveness, and enhance security headers. These steps will improve compliance, user trust, and security resilience.

M

Medicover

medicover.com

0

Medicover is a large healthcare provider specializing in diagnostic and healthcare services primarily in Central and Eastern Europe, with recent expansion into India. The company operates through two main divisions, Diagnostic Services and Healthcare Services, targeting patients and healthcare consumers in these regions. The website presents a professional and consistent brand image with comprehensive corporate governance and financial information, indicating a mature business presence. Technically, the website is built on Drupal CMS with Bootstrap framework and integrates modern analytics tools such as Google Analytics and Google Tag Manager. It is mobile optimized and includes a cookie consent mechanism compliant with GDPR. However, explicit security headers are not detected, and there is no visible security policy or incident response information published. From a security perspective, the site enforces HTTPS and uses privacy-compliant analytics configurations. The absence of WHOIS data raises concerns about domain registration legitimacy, which requires further investigation. No critical vulnerabilities or exposed sensitive data were found in the content. Overall, the website demonstrates a good security posture but could improve transparency and security best practices. The overall risk is moderate due to the missing WHOIS data and lack of explicit security policies. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and verifying domain registration details to strengthen trust and compliance.

S

SYNLAB AG

synlab.ag

0

SYNLAB AG is a leading European medical diagnostics and specialty testing company providing a comprehensive range of innovative and reliable diagnostic services to patients, healthcare providers, governments, and corporates. The company positions itself as a partner of choice for routine and specialty diagnostics, emphasizing customer-centric medical excellence. The website reflects a mature corporate presence with detailed financial reporting, corporate governance disclosures, and investor relations information. Technically, the site is built on TYPO3 CMS, uses modern web technologies, and includes privacy and cookie consent mechanisms aligned with GDPR requirements. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. Overall, the domain and website present a trustworthy and professional image consistent with a large healthcare enterprise.

UploadKit Demo is a specialized e-commerce solution integrated with the Shopify platform, providing advanced file upload capabilities tailored for personalized product stores. The website showcases various product demos highlighting features such as Google Drive synchronization, post-purchase uploads, and built-in malware protection. The business targets Shopify merchants seeking enhanced file upload functionality to improve customer experience and operational efficiency. Technically, the site leverages Shopify's Dawn theme, JavaScript, and Shopify's CDN infrastructure, ensuring good performance and mobile optimization. Security measures include HTTPS enforcement, malware scanning, and form protection via hCaptcha, although explicit privacy and cookie policies are absent, which impacts compliance posture. Overall, the domain registration data is consistent with the business claims, indicating a legitimate and established presence since 2018.

O

Overcode.bg

affiliatly.com

0

Affiliatly is a SaaS provider specializing in affiliate marketing program management software tailored for e-commerce businesses. The platform offers a comprehensive suite of features including multiple affiliate tracking methods, affiliate management, payment integrations, marketing asset management, and performance analytics. With over 11 years of experience and more than 2500 registered clients, Affiliatly positions itself as a reliable and established player in the affiliate marketing technology space. The website targets e-commerce store owners and affiliate marketers seeking to launch and manage affiliate programs efficiently. Technically, the website employs modern frontend technologies such as Bootstrap, jQuery, and various JavaScript libraries for UI enhancements and analytics. It integrates with a broad range of popular e-commerce platforms, demonstrating a mature and flexible technical infrastructure. The site is mobile-optimized and uses Matomo for privacy-conscious analytics tracking. Performance is moderate with good SEO and basic accessibility features. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms, privacy policies, and incident response documentation, reflecting a solid security posture. However, the absence of WHOIS data and lack of explicit security headers indicate areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the security maturity is good but could benefit from enhanced header configurations and clearer security contact information. The overall risk assessment is moderate with a trustable business presence but some transparency concerns due to missing WHOIS data. Strategic recommendations include improving security headers, providing explicit security contact channels, enhancing accessibility, and maintaining regular audits of third-party scripts to sustain security and compliance standards.

The analyzed content corresponds to an internal Chrome browser error page (chrome-error://chromewebdata/) which serves as a local offline or error display, including the embedded Chrome Dino game. No external website content, business information, or contact data is present. The page is not a public website but a browser internal resource, thus no typical business or compliance information is available. The technical infrastructure is minimal, relying on Chromium's internal scripts and styles. Security posture is limited to the browser's internal environment with no external SSL or headers applicable. Overall, this page cannot be evaluated as a commercial or organizational website.

The website rtk.ee is currently inaccessible due to a Cloudflare Turnstile human verification challenge, which blocks access to actual content. The domain is registered since 2012 by Zone Media OÜ, an Estonian registrar, indicating a legitimate and stable registration. However, no business, contact, or policy information is accessible on the challenged page. The technical infrastructure relies heavily on Cloudflare's security and analytics services, but no further CMS or platform details are available. Due to the blocking, the security posture cannot be fully assessed, but the use of Cloudflare indicates a baseline security measure. Overall, the site cannot be properly evaluated until the WAF challenge is passed.

Z

Zone Media OÜ

kiiskshooting.ee

0

The website kiiskshooting.ee represents Team KiiskShooting, a small Estonian business focused on sport shooting mental toughness literature and related content. The primary offering is a book titled "Sisekümne Seisund" which addresses mental strength in sport shooting, targeting athletes and enthusiasts in this niche. The site also provides team information and uses social media channels such as Facebook and X (Twitter) for outreach. The business is registered under Zone Media OÜ, consistent with the domain registration data, and the domain age supports the legitimacy of the business. Technically, the website is built on WordPress using the OceanWP theme and Elementor page builder, with SEO enhancements via Yoast SEO and analytics through Jetpack Stats. The site is hosted with a registrar Zone Media OÜ and uses Cloudflare for DNS. Performance and mobile optimization are good, though accessibility is basic. The site uses HTTPS with a valid SSL certificate but lacks advanced security headers and explicit privacy or cookie policies. From a security perspective, the site has a moderate posture with HTTPS enabled and no visible vulnerabilities or exposed sensitive data. However, it lacks security headers and formal security or incident response policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Contact information is limited to a contact form without direct emails or phone numbers, which may impact user trust. Overall, the website is functional and professional for its niche but would benefit from enhanced privacy compliance, security hardening, and clearer contact information to improve trust and regulatory adherence.

O

OÜ Tervise Paradiis

veekeskus.eu

0

OÜ Tervise Paradiis operates the largest water center in Estonia, located in Pärnu, offering a wide range of recreational and sports facilities including pools, saunas, bowling, and fitness services. The website is well designed, multilingual, and provides comprehensive information and booking forms for various customer segments such as families, schools, and groups. Technically, the site is built on WordPress with modern plugins and frameworks, and it integrates Google Analytics and Tag Manager for tracking. Security posture is good with HTTPS and secure form handling, though some security headers could be improved and no explicit security policies are published. Privacy compliance is addressed with a privacy policy and cookie consent mechanism. Overall, the domain registration is consistent with the business location and sector, indicating legitimacy and trustworthiness.

J

Jazz Pesulad OÜ

jazzpesulad.ee

0

Jazz Pesulad OÜ operates a well-established car wash chain in Estonia, providing a variety of vehicle cleaning services including self-service, hand wash, and drive-through options. The company has a strong market presence with 23 locations across multiple cities and serves thousands of customers daily. Their business model includes loyalty and prepaid card programs to enhance customer retention and convenience. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Google reCAPTCHA Enterprise, ensuring a responsive and user-friendly experience. Security measures include HTTPS enforcement and standard security headers, although no explicit security policy or incident response contacts are published. Overall, the website is professional, trustworthy, and compliant with privacy regulations, supporting a positive digital maturity profile.

T

Toyota Eesti

toyota.ee

0

Toyota Eesti operates as the official Toyota brand presence in Estonia, offering a comprehensive range of automotive products including hybrid and electric vehicles, SUVs, commercial vehicles, and special offers. The website serves as a digital storefront and information hub for Estonian consumers and businesses interested in Toyota's mobility solutions. It reflects Toyota's global brand standards and local market adaptation. Technically, the site is built on Adobe Experience Manager, leveraging modern web technologies such as Adobe Launch for tag management, Datadog for real user monitoring, and OneTrust for cookie consent management. The infrastructure is robust, with CDN usage and integration with Toyota Europe services. Security posture is strong, with HTTPS enforced, privacy-conscious tracking, and no visible vulnerabilities or exposed sensitive data. However, explicit privacy policy and terms of service documents are not detected in the provided content, which is a compliance gap. Overall, the website is professional, trustworthy, and well-optimized for performance and user experience.

I

Invaru OÜ

invaru.ee

0

Invaru OÜ operates as a specialized provider of assistive devices and healthcare-related products in Estonia, offering a comprehensive range of mobility aids, incontinence products, rehabilitation equipment, and personal care items. The company supports its customers through both online e-commerce and multiple physical store locations, providing sales, rental, repair, and consultation services. Their market position is that of a trusted regional player catering to individuals with special needs, elderly customers, and healthcare providers. Technically, the website is built on the nopCommerce platform, integrating modern analytics and marketing tools such as Google Analytics, Facebook SDK, and Klevu Search, reflecting a mature digital infrastructure with good mobile optimization and accessibility features. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though the absence of explicit security policies and vulnerability disclosure reduces transparency. Overall, the site demonstrates moderate to good professionalism and trustworthiness, with room for improvement in privacy compliance and security communication.

E

ENRE OÜ

oakohv.ee

0

ENRE OÜ operates the website oakohv.ee, an Estonian e-commerce platform specializing in the retail and wholesale of coffee products including coffee beans, capsules compatible with Dolce Gusto, Nespresso, and Senseo machines, as well as coffee machines and accessories. The company targets both individual consumers and businesses within Estonia, offering a broad product range with options for bulk purchases and subscription services. The website is professionally designed with clear navigation, product categorization, and detailed product information, supporting a positive user experience.

K

Kääriku Spordikeskus

kaariku.ee

0

Kääriku Spordikeskus is an established Estonian sports training and conference center with a history dating back to 1947. It offers a wide range of services including sports facilities, accommodation, conference hosting, and leisure activities, targeting athletes, sports teams, and event organizers. The website is built on WordPress with modern technologies such as Bootstrap, jQuery, and Three.js, providing a good user experience with multilingual support and accessibility features. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks published privacy and cookie policies, and security headers. Contact information is clearly provided with official registration details, enhancing business credibility. Overall, the site is professional and trustworthy but would benefit from improved privacy compliance and security best practices.

F

Foundation for Environmental Education

greenkey.global

0

Green Key is a globally recognized environmental certification program operated by the Foundation for Environmental Education, focusing on sustainable operation within the tourism and hospitality industry. The website presents a professional and comprehensive overview of the program, its benefits, and participation process, targeting hospitality businesses and environmentally conscious travelers. The digital infrastructure is built on Squarespace, leveraging modern web technologies and analytics tools such as Google Analytics and Hotjar for user insights. Security posture is strong with HTTPS and HSTS enabled, though additional security headers and incident response information could enhance trust. Privacy compliance is well addressed with clear GDPR and cookie policies. WHOIS data is privacy protected but consistent with the organization's profile, supporting legitimacy. Overall, the website is a credible and effective platform for promoting sustainable tourism certification.

T

Tervisekassa

haigekassa.ee

0

Tervisekassa is a government-related healthcare organization in Estonia responsible for managing national health insurance and providing various health-related benefits and services to insured individuals. The website serves a broad audience including individuals, employers, healthcare providers, and vulnerable groups such as Ukrainian refugees. It offers comprehensive information on health insurance, medical services, preventive screenings, and related administrative procedures. The site is well-structured, multilingual, and integrates modern digital tools to enhance user experience and accessibility. Technically, the website is built on the Drupal CMS platform and leverages several third-party services including Google Analytics, Google Tag Manager, Google reCAPTCHA, Siteimprove, and tawk.to for analytics, marketing, security, and user support. The site is hosted behind Cloudflare DNS, uses HTTPS, and implements a robust cookie consent mechanism compliant with GDPR. Performance and accessibility are rated good, with mobile optimization and clear navigation. From a security perspective, the site enforces HTTPS and uses bot protection mechanisms. However, it lacks explicit security headers and a published security policy or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website's governmental and Estonian identity, supporting legitimacy. Overall, Tervisekassa's website demonstrates a mature digital presence with strong business credibility and privacy compliance. Strategic improvements could include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and security posture.

L

Liikumistervise innovatsiooni klaster SportEST

sportest.eu

0

Liikumistervise innovatsiooni klaster SportEST is a small Estonian cluster organization focused on fostering innovation in the field of movement health. The website presents the cluster as a recognized European-level partner with a bronze certification from the European Cluster Excellence program. The business model centers on collaboration among sector organizations and companies to develop innovative solutions in movement health. The website content is primarily in Estonian with language options for English and Russian, targeting regional and international stakeholders in the health innovation sector. Technically, the website is built on WordPress 4.7.29, utilizing common JavaScript libraries such as jQuery and plugins for slideshows and lightboxes. Google Analytics and Google Tag Manager are implemented for user tracking. The site is served over HTTPS, ensuring encrypted communication. However, the WordPress version is outdated, and minor PHP warnings are visible, indicating backend issues that could pose security risks. Accessibility and SEO optimizations are basic but functional, and mobile responsiveness is good. From a security perspective, the site lacks important security headers and does not publicly disclose privacy or cookie policies, which impacts GDPR compliance. No incident response or vulnerability disclosure information is available. The WHOIS data is unavailable due to EURid privacy policies, but the domain appears legitimate based on website content and certifications. Overall, the security posture is moderate but could be improved by addressing backend errors, updating software, and enhancing privacy compliance. The overall risk is moderate with recommendations to improve backend stability, implement security headers, publish privacy and cookie policies, and update the CMS to a supported version. These steps will enhance trust, compliance, and security posture for the cluster and its stakeholders.

J

Jocs dels Petits Estats d'Europa

gsse-andorra2025.com

0

The website gsse-andorra2025.com serves as the official digital platform for the Games of the Small States of Europe (GSSE) event hosted by Andorra in 2025. It provides comprehensive information about the event, including schedules, venues, media resources, and transport details. The site targets athletes, officials, media, and fans interested in this biennial multi-sport event featuring small European states. The business model focuses on event promotion and information dissemination, positioning itself as the authoritative source for GSSE 2025 in Andorra. Technically, the website is built on WordPress with Elementor page builder, leveraging modern web technologies such as jQuery, Swiper, and SEO tools like Rank Math. The site demonstrates good mobile optimization, SEO practices, and moderate performance. It uses HTTPS and includes a cookie consent mechanism, reflecting a mature digital infrastructure suitable for event promotion. From a security perspective, the site enforces HTTPS and employs domain transfer protection. However, it lacks explicit security headers and dedicated security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies aligned with GDPR requirements. Contact information is limited, with no direct emails or phone numbers found on the main pages. Overall, the website presents a low-risk profile with a professional appearance and solid privacy compliance. Strategic recommendations include enhancing security headers, publishing explicit security policies, and providing clearer contact channels to improve trust and incident response readiness.