Security Directory

S

Swedbank Group

ektornetgroup.com

68

Swedbank Group is a major financial institution rooted in Sweden’s savings bank tradition, serving millions of private and corporate customers primarily in Sweden and the Baltic countries. The website reflects a mature and professional banking entity with comprehensive investor relations, sustainability initiatives, and customer services. The technical infrastructure is modern, leveraging Adobe Experience Manager CMS, Adobe Analytics, and Google reCAPTCHA, indicating a well-maintained digital presence. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security headers and vulnerability disclosure information are absent. The WHOIS data is missing, which is unusual for a bank of this scale, suggesting privacy protection or registrar restrictions. Overall, the site is trustworthy and professionally managed but could improve transparency in domain registration and security headers.

P

PNB print Ltd

pnbprint.eu

56

PNB Print Ltd is a Latvian printing house specializing in high-quality book and magazine printing, binding, and finishing services. The company targets publishers and businesses across Europe, offering premium printing solutions with a focus on craftsmanship and sustainability. Their website reflects a professional and well-established business with international clientele and certifications such as ISO 9001, FSC, and PEFC. Technically, the website is built on WordPress with modern JavaScript libraries and includes Google reCAPTCHA for form security. While HTTPS is properly configured, the site lacks some security headers and a cookie consent mechanism, which are recommended for enhanced security and privacy compliance. Overall, the security posture is good, with no visible vulnerabilities or exposed sensitive data. The business credibility is high, supported by client testimonials, certifications, and a consistent brand presence. WHOIS data is privacy protected, which is typical and justified for this business type. Strategic recommendations include implementing security headers, adding a cookie consent banner, and publishing security and incident response policies to improve compliance and trust.

K

KNK MEFAB

mefab.lv

60

KNK MEFAB is a Latvian-based full-cycle metal processing company offering a wide range of high-quality metal fabrication services. The website presents a professional image with multi-language support and emphasizes delivering consistent quality to its customers. The company targets businesses and individuals requiring precise metal solutions. Technically, the website is built on WordPress using the Astra theme and Elementor page builder, incorporating modern web technologies and analytics tools such as Google Analytics and Google Tag Manager. Security measures include HTTPS and Google reCAPTCHA for bot protection, alongside a comprehensive cookie consent mechanism that aligns with GDPR requirements. However, the absence of an explicit privacy policy and terms of service pages, as well as unavailable WHOIS data, slightly limit the overall trust and compliance assessment. The website demonstrates good design quality, user experience, and SEO optimization, making it a credible digital presence for the company.

L

Lido Advisors, LLC

lidoadvisors.com

64

Lido Advisors, LLC is a well-established private wealth management and advisory firm targeting high net worth individuals, families, charities, and institutions. The company emphasizes a family office style of wealth management, offering services such as financial and estate planning, investment management, tax consulting, and trust services. With over $25 billion in regulatory assets under management and a presence across multiple U.S. offices, Lido positions itself as a sophisticated and trusted advisor in the wealth management sector. The website reflects a professional and polished brand image, with clear messaging and comprehensive service descriptions. Technically, the website is built on Drupal 9 with modern frameworks like Bootstrap 5, and integrates analytics and monitoring tools such as Google Analytics, Google Tag Manager, and New Relic. The site is mobile-optimized, accessible, and performs well, providing a seamless user experience. Security measures include HTTPS enforcement and CAPTCHA on forms, though explicit security headers and policies could be improved. The security posture is solid with no evident vulnerabilities or exposed sensitive data. However, the absence of WHOIS registration data for the domain is a notable anomaly that slightly impacts trustworthiness. The site includes privacy and cookie policies with consent mechanisms, indicating good privacy compliance. Overall, the website and business present a low-risk profile with strong professionalism but would benefit from enhanced transparency in domain registration and security disclosures.

O

Ober Haus

ober-haus.lv

42

Ober Haus is a Latvian real estate agency specializing in residential and commercial property sales, rentals, market analysis, and property valuation. The company targets individuals and businesses seeking real estate services within Latvia, maintaining a strong market presence with multiple offices and a comprehensive service portfolio. The website is professionally designed, multilingual, and optimized for SEO and mobile devices, reflecting a mature digital infrastructure. Technically, the site is built on WordPress with modern libraries such as jQuery, Select2, and Slick Carousel. It integrates Google Tag Manager and Google reCAPTCHA for analytics and security. The website employs HTTPS with good SSL configuration and security headers, although some advanced security policies like a published security.txt or incident response contacts are absent. Security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a clear privacy policy, cookie consent mechanism, and GDPR adherence. Contact information is comprehensive and consistent with WHOIS data, enhancing business credibility. Overall, the site presents a trustworthy and professional image with minor areas for improvement in security policy transparency and accessibility enhancements.

P

Proof IT

proofit.lv

63

Proof IT is a European software engineering company specializing in delivering tailored, customizable, and easy-to-integrate software products and solutions. The company emphasizes quality and security, demonstrated by its ISO 27001 and ISO 9001 certifications. Its key services include insurance solutions, custom software development, AI-powered legacy modernization, and AI integration services, targeting businesses seeking advanced technology solutions. The company maintains a professional online presence with clear contact information and active social media channels.

R

Rosme

rosme.lv

55

Rosme is an e-commerce retailer specializing in high quality lingerie designed for everyday comfort, targeting women seeking comfortable and elegant underwear. The website presents a professional and consistent brand image with a good quality content and user experience. The technical infrastructure is based on the OpenCart platform with a modern tech stack including Google Tag Manager, Hotjar, and other marketing and analytics tools, indicating a mature digital presence. Security posture is adequate with HTTPS enforced and use of reCAPTCHA, but lacks visible security headers and explicit privacy and terms of service documentation, which are areas for improvement. The absence of WHOIS data raises concerns about domain legitimacy and trustworthiness, impacting the overall risk profile. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and terms policies, and improving domain registration transparency.

E

Euroaptieka

euroaptieka.lv

70

Euroaptieka.lv is a prominent Latvian online pharmacy and health product retailer offering a wide range of cosmetics, body care, dietary supplements, over-the-counter medicines, and hygiene products. The website targets Latvian consumers seeking convenient online access to pharmaceutical and wellness products. The business model focuses on e-commerce retail with a strong emphasis on promotions and brand variety, positioning Euroaptieka as a leading player in the Latvian health retail market. Technically, the website employs modern web technologies including React for frontend rendering, Google Tag Manager for analytics and marketing tag management, Cookiebot for GDPR-compliant cookie consent, and Google reCAPTCHA for bot protection. The site demonstrates good mobile optimization and SEO practices, though accessibility features could be enhanced. Performance is moderate with room for improvement. From a security perspective, the site enforces HTTPS with strong SSL configuration and integrates security best practices such as reCAPTCHA and cookie consent management. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly evident. No critical vulnerabilities or exposed sensitive data were detected. Overall, Euroaptieka.lv presents a trustworthy and professional online retail platform with a solid security posture and compliance awareness. Strategic improvements in privacy policy transparency, accessibility, and security documentation would further enhance trust and compliance.

B

Baltic International Bank SE

bib.eu

65

Baltic International Bank SE is a Latvian financial institution specializing in banking and investment services with a focus on sustainable growth and ESG principles. The bank currently is undergoing insolvency proceedings, with active asset sales and creditor notifications. The website provides comprehensive information about the bank's services, asset auctions, and contact channels, targeting individual and corporate clients within Latvia and the EU. The business model centers on financial products and investment solutions, with a medium-sized market presence in the Latvian banking sector. Technically, the website employs modern analytics and tracking technologies including Google Analytics, Facebook Pixel, Hotjar, and Google Tag Manager, alongside reCAPTCHA for form security. The site is well-structured, mobile-optimized, and includes a cookie consent mechanism compliant with GDPR. However, there is room for improvement in accessibility and security headers implementation. From a security perspective, the site enforces HTTPS and uses consent-based tracking, but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the business claims, indicating a legitimate domain registration. Overall, the website demonstrates a good balance of content quality, technical implementation, and privacy compliance, with moderate business credibility. Strategic improvements in security policy transparency and technical security headers would enhance trust and compliance further.

P

Pastelle

pastelle.fr

53

Pastelle is a French communication agency with over 35 years of experience, specializing in creative and serious communication services. The company targets businesses seeking marketing and communication expertise, positioning itself as an established and creative agency in the media sector. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, including phone numbers and physical address. Social media presence on LinkedIn, Instagram, and YouTube supports its brand visibility. Technically, the website is built on WordPress using Bootstrap and jQuery, with Google Analytics and Google reCAPTCHA integrated for analytics and security. The site uses HTTPS with good SSL configuration, though additional security headers could enhance protection. Cookie consent mechanisms are implemented, supporting GDPR compliance. However, no explicit security policy or incident response information is published. Security posture is solid with HTTPS and reCAPTCHA, but the absence of WHOIS data limits domain trust verification. No critical vulnerabilities or exposed sensitive data were detected. The website lacks a terms of service page and security.txt file, which could improve transparency and security readiness. Overall, Pastelle presents a trustworthy and professional online presence with moderate technical sophistication and good privacy compliance. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would enhance trust and security posture.

5

54blue

54blue.com

52

54blue is a Calgary-based design studio specializing in print, fabrication, and retail build-outs, serving a diverse clientele ranging from local startups to large national chains. The company offers key services including brand consulting, design, print, and fabrication, positioning itself as a regional leader in retail experience creation. The website reflects a professional and consistent brand image with a focus on showcasing client projects and services. Technically, the site is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. HTTPS is properly configured, and Google reCAPTCHA is employed to protect forms, enhancing security. However, the absence of privacy and cookie policies, lack of explicit contact information, and missing security headers represent compliance and security gaps. The WHOIS data is unavailable, which raises some concerns about domain registration transparency but does not negate the professional presentation of the business. Overall, the site demonstrates good digital maturity with room for improvement in privacy compliance and security best practices.

P

Post Service B.V.

postservice.nl

56

Post Service B.V. is a well-established Dutch company specializing in postal delivery, house-to-house distribution, printing, and parcel shipping services. With nearly 30 years of experience, it serves businesses and organizations across the Netherlands, offering competitive pricing and comprehensive service solutions. The website reflects a professional and trustworthy business with clear contact information and client references. Technically, the website is built on the Webflow platform, leveraging modern technologies such as Google Tag Manager, Google Analytics, reCAPTCHA, and Cookiebot for consent management. The site is well-optimized for performance and mobile use, with good SEO and accessibility basics in place. From a security perspective, the site enforces HTTPS, uses reCAPTCHA to protect forms, and implements cookie consent mechanisms. However, explicit security headers like Content-Security-Policy and incident response policies are not published, representing areas for improvement. No vulnerabilities or suspicious activities were detected. Overall, the website and domain registration data indicate a legitimate, professional business with a solid security posture and good privacy compliance. The risk level is low, but enhancements in security policy transparency and header implementation would strengthen the security posture further.

F

FDT System AB

fdt.se

48

FDT System AB is a Swedish company specializing in retail business and point-of-sale systems, with a strong focus on the Nordic market. Founded in 1979, the company offers cloud-based, flexible, and integrated solutions designed to streamline retail operations across multiple channels. Their flagship product, FDT Sellus, combines backoffice and POS functionalities with modern features and real-time data access. The company positions itself as a leading provider for specialty retail chains in the Nordic region, supported by partnerships with major payment processors like Klarna and Nets. Technically, the website is built on WordPress using popular plugins such as WPBakery Page Builder, Slider Revolution, and Contact Form 7. It employs modern frontend technologies including Bootstrap and jQuery, and integrates Google Maps and Google reCAPTCHA for enhanced user experience and security. The site is mobile-optimized and includes cookie consent mechanisms, reflecting GDPR compliance efforts. From a security perspective, the site enforces HTTPS and uses reCAPTCHA on forms to mitigate spam. However, no explicit HTTP security headers were detected, and there is no visible security policy or incident response information. The absence of WHOIS data for the domain www.fdt.se is a notable concern, potentially indicating privacy protection or domain registration under a different name. Despite this, the website content, business information, and external trust signals support the company's legitimacy. Overall, FDT System AB demonstrates a mature digital presence with good content quality and technical implementation. To enhance trust and security posture, it is recommended to implement standard security headers, publish a security policy, and clarify domain registration details. These steps will strengthen compliance and reassure customers and partners about the company's commitment to security and transparency.

S

Sentinel Marine -

sentinel-marine.com

51

Sentinel Marine Aberdeen operates as a provider of offshore support vessels (OSVs) and emergency response and rescue vessels (ERRVs), serving clients primarily in the North Sea and related energy, marine, and government sectors. The company emphasizes a modern fleet of 14 high-specification vessels and focuses on safety, sustainability, and long-term partnerships. The website is built on WordPress with common plugins for SEO and user experience, showing a moderate level of digital maturity. Security posture is adequate with HTTPS and reCAPTCHA but lacks advanced security headers and explicit privacy policies. The absence of WHOIS registration data raises concerns about domain legitimacy, impacting overall trust. Strategic recommendations include improving transparency with privacy and security policies and verifying domain registration details.

B

Balarama

balarama.eu

47

Balarama is a French manufacturer specializing in the production of custom food bars, including cereal bars, protein bars, fruit bars, and organic options. Established since 1985, the company leverages extensive R&D and nutritional expertise to serve B2B clients seeking tailored food solutions. The website reflects a mature business with a strong market position in the French manufacturing sector, supported by certifications such as IFS 2024-2025. Technically, the site is built on WordPress with modern plugins and scripts, including Yoast SEO and Contact Form 7, and employs Google reCAPTCHA for form security. The site is well-optimized for SEO and mobile devices, with a good user experience and professional design. Security posture is solid with HTTPS and consent mechanisms, though some security headers and policies could be improved. Overall, the site is trustworthy and compliant with GDPR, providing clear contact information and business details.

S

Sintex Textile Private Limited

sintex.in

48

Sintex Industries Limited is a well-established Indian manufacturing company specializing in yarns, textiles, prefab, and custom moulding solutions. With a rich history spanning over 85 years, the company maintains a strong global footprint and serves a diverse clientele including prominent international brands. The website reflects a mature business with comprehensive content covering investor relations, press releases, and corporate information. Technically, the site is built on WordPress using modern plugins and libraries such as jQuery, Bootstrap, and Google reCAPTCHA, indicating a moderate level of digital maturity. However, the absence of HTTPS and security headers represents a critical security gap that undermines user trust and data protection. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or terms of service clearly identified. Overall, the website is professional and credible but requires urgent security enhancements to align with best practices.

M

Magnetiq

lpb.lv

63

Magnetiq is a newly established banking infrastructure provider focused on delivering licensed banking products and Banking as a Service (BaaS) solutions primarily targeting FinTech companies, payment institutions, and eCommerce businesses. The company leverages modern technology and partnerships with major payment networks like VISA and MasterCard to offer a comprehensive suite of payment and account management services. The website reflects a professional and modern digital presence with detailed product offerings and customer testimonials, positioning Magnetiq as an innovative player in the banking technology sector. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, Swiper.js, and Google Tag Manager, hosted behind Cloudflare DNS. The site is mobile-optimized and SEO-friendly, though performance is moderate. Security posture is good with HTTPS and reCAPTCHA usage, but lacks DNSSEC and explicit security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, Magnetiq demonstrates a solid business and technical foundation with room for improvement in privacy compliance and security best practices. The domain registration data supports the legitimacy of the business with consistent WHOIS information and no privacy protection, appropriate for a regulated financial entity.

Z

Zemgales plānošanas reģions

zemgale.lv

54

Zemgales plānošanas reģions operates as the official regional planning authority for the Zemgale region in Latvia, providing comprehensive information on regional development, social services, tourism, culture, and education. The website serves residents, local governments, businesses, and tourists with detailed planning documents, project updates, and public participation opportunities. Technically, the site is built on Drupal CMS, leveraging modern web technologies including Google reCAPTCHA and Google Analytics for security and analytics. The site is well-structured, mobile-optimized, and accessible, reflecting a mature digital presence. Security measures include HTTPS enforcement and CAPTCHA integration, though explicit security policies and incident response information are absent. Overall, the site demonstrates a solid security posture and compliance with privacy regulations, including GDPR, supported by a detailed cookie consent mechanism and privacy policy. However, the lack of WHOIS data limits domain legitimacy verification. Strategic recommendations include enhancing security headers, publishing security policies, and implementing vulnerability disclosure mechanisms.

B

Baltic Scientific Instruments

bsi.lv

46

Baltic Scientific Instruments (BSI) is a specialized company established in 1994 with historical roots dating back to 1966. The company focuses on the development and manufacturing of spectrometric devices and detectors used in nuclear energy, ecology, geology, medicine, and security. Their product portfolio includes HPGe detectors, scintillation detectors, nuclear electronics, and analytical software, serving a niche market with technical expertise. The website reflects a professional and consistent brand image with clear product and application information, targeting scientific and industrial customers. Technically, the website employs modern web technologies including Bootstrap for responsive design, Google Fonts, Google Analytics for tracking, and Google reCAPTCHA for form security. The site is mobile-optimized and offers good navigation and content relevance. However, some security best practices such as security headers are missing, and there is no explicit cookie consent mechanism despite having a cookie policy page. From a security perspective, the site uses HTTPS and standard bot protection, but lacks visible security policies or incident response information. The absence of WHOIS data due to query limits limits the ability to fully verify domain legitimacy, though the website content and business information appear consistent and trustworthy. Overall, the site demonstrates a solid security posture with room for improvement in transparency and compliance. The overall risk is moderate with no critical vulnerabilities detected. Strategic recommendations include enhancing security headers, implementing explicit cookie consent, publishing security and incident response policies, and improving WHOIS transparency to strengthen trust and compliance.

D

DDSTUDIO

ddstudio.com

54

DDSTUDIO is a boutique design consultancy specializing in industrial design, user experience (UX), and user interface (UI) design. Established in 1997, the company positions itself as a premier partner for industry innovators seeking strategic, business-driven design solutions that empower people, influence positive change, and drive commercial success. Their services focus on human-centered design methodologies to create compelling, market-ready products. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content including case studies and client testimonials, indicating a strong market position in the technology sector. Technically, the website is built on WordPress using the Enfold theme and Avia framework, incorporating modern JavaScript libraries such as Swiper.js and Tippy.js, and integrates analytics tools like HubSpot and Google Analytics. The site is mobile-optimized and accessible, with good SEO practices and performance rated as moderate. Security posture is adequate with HTTPS enforced and use of reCAPTCHA, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is strong, with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, DDSTUDIO demonstrates a solid security and compliance posture with no critical vulnerabilities detected. The domain registration is consistent with the business history, enhancing trustworthiness. Strategic recommendations include enhancing DNS security, publishing a security.txt file, and improving security header implementation to further strengthen the security posture.

AGroup is a technology company specializing in Human Capital Management solutions, offering a comprehensive suite of HR digitalization services and software modules including payroll, core HR, time and attendance, performance evaluations, recruitment, and more. The company targets businesses primarily in Latvia, Estonia, Lithuania, and Poland, positioning itself as a regional leader in HR management technology. The website is built on WordPress CMS with modern technologies and provides a professional, content-rich user experience. Security posture is solid with HTTPS and reCAPTCHA implemented, though some security headers and explicit privacy policies are missing. Tracking is done via Google Analytics and Facebook Pixel (commented out), with cookie consent managed by CookieYes. WHOIS data is unavailable due to query limits, limiting full domain trust assessment. Overall, the site is professional and trustworthy with room for improvement in privacy and security transparency.

TCA is a French company specializing in the manufacturing and distribution of ventilation and air conditioning equipment, with physical locations in Nice, Marseille, and Montpellier. The company offers a comprehensive range of HVAC products and services including fabrication, assembly, logistics, and after-sales support. Their market position is strong regionally, supported by partnerships such as with HYDRONIC. The website is professionally designed, mobile-optimized, and provides clear navigation and rich content tailored to industry professionals. Technically, the site is built on WordPress with modern libraries and includes security features like HTTPS and Google reCAPTCHA. Privacy compliance is well addressed with detailed policies and cookie consent mechanisms. However, the absence of WHOIS registration data raises concerns about domain legitimacy, impacting overall trustworthiness. Security posture is good but could be improved with additional HTTP security headers and a published security policy. Overall, the site reflects a mature business with solid digital presence but requires domain registration verification to enhance credibility.

L

Latvijas Sporta federāciju padome

lsfp.lv

60

Latvijas Sporta federāciju padome (LSFP) is a Latvian non-profit organization dedicated to uniting all recognized sports federations in Latvia to achieve the highest sporting goals. The website serves as a central hub for news, certification information, sports federation registries, and event updates relevant to the Latvian sports community. The organization maintains active social media channels and provides contact information including a physical address and phone number. Technically, the website employs a range of JavaScript libraries such as jQuery, Chosen, LightSlider, and integrates Google Analytics and reCAPTCHA for analytics and security. The site is served over HTTPS with a valid SSL certificate and includes a GDPR-compliant cookie consent mechanism. However, WHOIS data could not be retrieved due to query limits, limiting domain registration verification.

H

Hi Bro

hibro.co

64

Hi Bro is a Turkish digital marketing and creative agency specializing in web design, SEO, social media management, PPC advertising, and production services. The company targets businesses primarily in Kocaeli, Kıbrıs, İstanbul, and Ankara, offering tailored digital solutions with over 15 years of experience. Their website demonstrates a professional design with modern technologies and interactive content, reflecting a mature digital presence. The technical infrastructure includes Bootstrap, jQuery, Google Tag Manager, Facebook Pixel, and Cloudflare DNS, supporting a moderate performance and good mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA usage, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. WHOIS data shows domain privacy protection typical for agencies, with domain age consistent with business claims. Overall, the website is functional, professional, and credible but could improve privacy transparency and security practices.

E

European Bridge League

eurobridge.org

42

The European Bridge League (EBL) is a non-profit organization dedicated to administering the mind sport Bridge across Europe. The website serves as a central hub for governance, competitions, education, and community engagement for bridge players and national federations. The site is well-structured with clear navigation and consistent branding, targeting bridge enthusiasts, youth, and women players. Technically, the website is built on WordPress with a modern plugin stack including WPBakery, Slider Revolution, and EventON, and integrates Google Analytics and reCAPTCHA for analytics and security. While the site is accessible and mobile-optimized, it lacks explicit privacy and terms of service pages, and no direct contact information is found in the provided content. Security posture is moderate with some best practices like reCAPTCHA and cookie consent implemented, but missing security headers and unknown SSL status present risks. The WHOIS data is unavailable or malformed, limiting domain trust analysis. Overall, the website is functional and professional but would benefit from enhanced security measures and clearer privacy compliance documentation.

N

Net Affinity Ltd.

netaffinity.io

62

Net Affinity Ltd. operates an application platform accessible at app.netaffinity.io, likely serving the hospitality or travel technology sector. The website is primarily a login portal with minimal public-facing content, indicating a focus on existing customers or internal users. The technical infrastructure includes modern iconography via Font Awesome and bot mitigation through Google reCAPTCHA, reflecting a baseline digital maturity. However, the absence of visible privacy, cookie, or terms of service policies, along with no contact information, limits transparency and user trust. The WHOIS data is unavailable due to a malformed request or privacy protection, which further constrains trust assessment. Security measures are basic but include HTTPS and reCAPTCHA, though security headers and advanced protections are not evident. Overall, the site presents a moderate risk profile with room for improvement in transparency, compliance, and security hardening.

E

Exposure Labs Inc.

exposure.co

66

Exposure Labs Inc. operates Exposure.co, a specialized visual storytelling platform designed for photographers and visual storytellers to create and share photo and video stories. The company targets a diverse audience including hobbyists, professionals, brands, nonprofits, and sports teams, positioning itself as a niche leader in media publishing with a subscription-based SaaS business model. The platform offers rich features such as unlimited photo uploads, media embedding, custom Exposure sites, and audience-building tools, supported by a clean, modern, and mobile-optimized website design.

T

Twistoo SIA

twistoo.co

64

Twistoo SIA operates a specialized SaaS platform focused on gamification and video marketing solutions tailored for e-commerce businesses. Their platform enables clients to engage users through gamified promotions, educational short videos, and offline QR code games, supported by a user dashboard for campaign management and analytics. The company appears to be a small but professional entity founded in 2021, with a clear market focus on enhancing e-commerce marketing KPIs. Technically, the website is built with modern web technologies including Cloudflare DNS, Google reCAPTCHA for form security, and interactive JavaScript libraries like Swiper.js. The site is mobile-optimized and presents content with good design and navigation clarity, although accessibility and SEO could be further improved. Hosting and DNS are managed via Cloudflare, but DNSSEC is not enabled, representing a minor security gap. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms from bots. Domain registration is privacy protected but consistent with the business profile. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of published security policies or incident response contacts suggests room for maturity in security governance. Overall, Twistoo presents a credible and professional online presence with a moderate security posture and good business credibility. Strategic improvements in DNS security, security headers, and transparency around security policies would enhance trust and compliance.

P

Peace and Sport

peace-sport.org

45

Peace and Sport is an established international non-profit organization founded in 2007, dedicated to promoting peaceful, inclusive, and equitable communities through sport. The organization leverages a network of high-profile sports champions and global partnerships to advance peacebuilding initiatives worldwide. Their website reflects a professional and consistent brand image, with clear messaging and active engagement channels including social media and event forums. Technically, the site is built on WordPress with modern plugins and themes, providing good mobile responsiveness and SEO optimization. Security posture is strong with HTTPS and reCAPTCHA integration, though explicit security headers and privacy policies are lacking. The absence of WHOIS data limits domain trust verification but does not detract significantly from the organization's credibility given its public profile and external trust signals. Overall, the website serves as an effective platform for advocacy and stakeholder engagement in the peace through sport sector.

V

V360 agency

vvunk.ee

43

V360 Agency OÜ is a small Estonian digital agency specializing in web development, e-commerce solutions, branding, and full digital marketing services. The company positions itself as a creative and professional partner for businesses seeking to elevate their digital presence. Their website showcases a portfolio of projects and client testimonials, indicating a trusted market position within their niche. Technically, the website is built on WordPress with modern JavaScript libraries such as Swiper.js and Tippy.js, and integrates Google Tag Manager and reCAPTCHA for analytics and security. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Security posture is adequate with HTTPS and reCAPTCHA, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Overall, the domain registration is consistent and transparent, supporting the legitimacy of the business.

E

Ettevõtlusnädal 2025

ettevotlusnadal.ee

39

Ettevõtlusnädal 2025 is a prominent Estonian nationwide entrepreneurship event organized annually by regional development centers to foster entrepreneurial spirit and support business startups. The website serves as an information hub for event programs, regional trainings, and inspirational content targeting entrepreneurs and aspiring business owners. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and security, including Google Tag Manager and reCAPTCHA. The site is well-optimized for mobile and SEO, with structured data enhancing search visibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were found. Overall, the site reflects a trustworthy and professional digital presence for a non-profit event organization.

T

Tartumaa Omavalitsuste Liit

tartumaa.ee

51

Tartumaa Omavalitsuste Liit is a regional governmental association representing municipalities in Tartu County, Estonia. The organization focuses on local governance, regional cooperation, education, welfare, culture, and strategic development. Their website serves as an information hub for residents, officials, and partners, providing news, event updates, and resources relevant to the county's municipalities. The association operates as a non-profit entity with a clear regional focus and a small organizational size. Technically, the website is built on the Voog CMS platform and utilizes modern web technologies including jQuery, Vue.js, Axios, Google Fonts, and Google Maps API. The site is mobile-optimized with a clear navigation structure and moderate performance. Security measures include HTTPS enforcement and Google reCAPTCHA integration on the contact form, though additional security headers and policies could enhance the security posture. From a security perspective, the site shows good baseline practices but lacks comprehensive privacy and cookie policies, as well as vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website's governmental nature, supporting legitimacy and trustworthiness. Overall, the website is professional, trustworthy, and serves its intended audience effectively. However, improvements in privacy compliance and security hardening are recommended to align with best practices and regulatory requirements.

E

Eurochild AISBL

eurochild.org

55

Eurochild AISBL operates as the largest network of organizations and individuals dedicated to child rights advocacy across Europe. Founded in 2003 and headquartered in Belgium, Eurochild focuses on influencing policies, building civil society capacity, and facilitating knowledge exchange underpinned by the UN Convention on the Rights of the Child. The website reflects a mature digital presence with a WordPress CMS, modern front-end libraries, and a moderate performance profile. Security posture is strong with HTTPS enforced, reCAPTCHA integration, and GDPR-compliant cookie consent, though improvements are recommended in DNSSEC and security headers. Overall, the organization demonstrates high legitimacy and trustworthiness with consistent WHOIS data and active social media engagement.

T

Tervisekassa

haigekassa.ee

66

Tervisekassa is a government-related healthcare organization in Estonia responsible for managing national health insurance and providing various health-related benefits and services to insured individuals. The website serves a broad audience including individuals, employers, healthcare providers, and vulnerable groups such as Ukrainian refugees. It offers comprehensive information on health insurance, medical services, preventive screenings, and related administrative procedures. The site is well-structured, multilingual, and integrates modern digital tools to enhance user experience and accessibility. Technically, the website is built on the Drupal CMS platform and leverages several third-party services including Google Analytics, Google Tag Manager, Google reCAPTCHA, Siteimprove, and tawk.to for analytics, marketing, security, and user support. The site is hosted behind Cloudflare DNS, uses HTTPS, and implements a robust cookie consent mechanism compliant with GDPR. Performance and accessibility are rated good, with mobile optimization and clear navigation. From a security perspective, the site enforces HTTPS and uses bot protection mechanisms. However, it lacks explicit security headers and a published security policy or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website's governmental and Estonian identity, supporting legitimacy. Overall, Tervisekassa's website demonstrates a mature digital presence with strong business credibility and privacy compliance. Strategic improvements could include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and security posture.

A

Anija Mõis

anijamois.ee

42

Anija Mõis is a historic manor and cultural site located in Northern Estonia, offering a wide range of services including a permanent exhibition, visitor programs, event hosting such as weddings and seminars, workshops, a manor café, and a gift shop. The website reflects a well-established cultural tourism business targeting families, tourists, and event organizers. The site is built on WordPress using the Avada theme and Fusion Builder, integrating modern plugins like Slider Revolution and Contact Form 7 with Google Analytics and reCAPTCHA for security and analytics. Security posture is good with HTTPS and reCAPTCHA, though some security headers are missing and no privacy policy page was found, indicating room for compliance improvement. Overall, the website is professional, content-rich, and trustworthy, with clear contact information and active social media presence.

V

Visit Otepää

visitotepaa.com

44

Visit Otepää is a regional tourism promotion website dedicated to showcasing the attractions, events, accommodation, and culinary experiences of Otepää, Estonia's winter capital. The site targets tourists and visitors interested in exploring the natural beauty and cultural offerings of the region. It provides comprehensive information and interactive features such as maps, event listings, and a newsletter subscription to engage its audience. Technically, the website is built on WordPress with modern front-end technologies including Bootstrap and JavaScript libraries, and integrates Google Maps for location services. SEO is enhanced through Rank Math plugin and structured data markup is implemented for better search engine understanding. Security-wise, the site uses HTTPS with a valid SSL certificate and employs Google reCAPTCHA on its contact form to mitigate spam. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Overall, the website is professional, user-friendly, and trustworthy, but could improve its privacy compliance and security headers to enhance its security posture.

V

V360 agency

v360.ee

43

V360 Agency OÜ is a small Estonian digital agency specializing in web development, e-commerce solutions, branding, and full digital marketing services. The company positions itself as a smart solution for digital success, targeting businesses seeking to elevate their online presence through comprehensive marketing and branding strategies. Their website showcases a professional design with clear navigation, client testimonials, and a portfolio of projects, indicating a trusted market presence. Technically, the site is built on WordPress with modern JavaScript libraries such as Swiper.js and Tippy.js, and integrates Google Tag Manager and reCAPTCHA for tracking and security. The hosting and domain registration are managed by Zone Media OÜ, a reputable Estonian registrar and hosting provider. Security posture is adequate with HTTPS and reCAPTCHA implemented, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Overall, the website is professional and credible, though improvements in privacy and security policies are recommended.

H

Hiiumaa Arenduskeskus

hiiumaaarenduskeskus.ee

41

Hiiumaa Arenduskeskus is a regional development center based in Hiiumaa, Estonia, focused on supporting local entrepreneurs, NGOs, tourism clusters, and community initiatives. The organization provides consulting, training, event hosting, and facilities such as remote offices and seminar rooms. Their market position is that of a key regional coordinator and promoter of economic and social development in Hiiumaa. The website reflects a small-sized, government or non-profit entity founded recently in 2022, with a clear focus on local community and business support services. Technically, the website is built on WordPress with a modern plugin ecosystem including WooCommerce, Yoast SEO, and booking/event management tools. It uses HTTPS with good SSL configuration and integrates analytics tools like Google Analytics and Microsoft Clarity. The site is mobile optimized and SEO friendly, though accessibility features are basic. Performance is moderate, with room for improvement in security headers and accessibility. From a security perspective, the site uses HTTPS and reCAPTCHA for form protection but lacks explicit security policies, incident response contacts, or vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and GDPR compliant, supporting user consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with the organization's mission. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility compliance to strengthen trust and resilience.

A

AS FEB

feb.ee

54

AS FEB is a leading Estonian company specializing in the sale of sanitary technology, electrical systems, heating, tools, and ventilation products. The company operates a comprehensive e-commerce platform complemented by multiple physical stores across Estonia, targeting both retail consumers and business clients. Their market position is strong within Estonia, supported by a broad product range and a dedicated B2B portal. The website is professionally designed, mobile-optimized, and integrates modern e-commerce technologies such as Magento 2, Google Tag Manager, and Facebook SDK for marketing and analytics purposes. Security measures include HTTPS enforcement and Google reCAPTCHA on login forms, ensuring a secure user experience. However, the absence of explicit privacy and terms of service pages indicates room for improvement in compliance and transparency. Overall, the website demonstrates a mature digital presence with good business credibility and technical implementation.

T

Tallinna Vesi

tallinnavesi.ee

42

Tallinna Vesi is a well-established water utility company based in Estonia, primarily serving the Tallinn region with water supply and wastewater treatment services. The company demonstrates a strong market position supported by comprehensive service offerings including water purification, meter installation, and customer self-service portals. Their website reflects a professional digital presence with multilingual support and investor relations, indicating a mature business model focused on transparency and customer engagement. Technically, the site is built on WordPress with modern plugins and scripts, ensuring good performance and SEO optimization. Security posture is robust with HTTPS enforcement and ISO certifications, although improvements can be made in security headers and incident response transparency. Privacy compliance is mostly adequate but lacks a visible cookie consent mechanism, which should be addressed to fully comply with GDPR requirements. Overall, the website and domain data indicate a trustworthy and credible organization with a solid digital infrastructure.

S

Smiltenes novada pašvaldība

smiltenesnovads.lv

63

Smiltenes novada pašvaldība is the official local government authority for Smiltene Municipality in Latvia. The website serves as a comprehensive portal providing residents and stakeholders with access to municipal services, administrative information, social and cultural resources, and community news. The site is well-structured with clear navigation and covers a broad range of local government functions including education, social services, culture, tourism, and public safety. The target audience primarily consists of local residents and businesses seeking municipal information and services. Technically, the website is built on the Drupal CMS platform, utilizing modern web technologies such as Bootstrap for responsive design and Google services like reCAPTCHA and Analytics for security and user behavior insights. The site demonstrates good mobile optimization and accessibility features, ensuring usability across devices. Performance is moderate, with proper meta tags and SEO considerations implemented. From a security perspective, the website enforces HTTPS and includes several security headers to protect against common web vulnerabilities. The use of Google reCAPTCHA on forms helps mitigate automated abuse. However, the site lacks a publicly accessible privacy policy and terms of service, which are important for GDPR compliance and user trust. No explicit incident response or vulnerability disclosure information is provided, which could be improved to enhance security posture. Overall, the website is a credible and professional government portal with strong business credibility and technical implementation. The main areas for improvement include publishing comprehensive privacy and terms policies, enhancing transparency around data protection and incident response, and expanding direct contact information. These steps would strengthen compliance and user trust while maintaining a secure and user-friendly digital presence.

Eesti Paralümpiakomitee is the official Estonian Paralympic Committee, a non-profit organization dedicated to supporting Paralympic athletes and promoting Paralympic sports within Estonia. The website serves as a hub for news, event calendars, athlete information, and organizational details, targeting athletes, supporters, and the general public interested in Paralympic sports. The organization maintains a clear national presence with sponsorships and social media engagement. Technically, the website employs a modern JavaScript stack including jQuery, Google reCAPTCHA, Axios, and sliders for dynamic content presentation. It uses HTTPS with a valid SSL configuration and integrates Google Analytics for visitor tracking. The site is moderately optimized for mobile and accessibility, with room for improvement in SEO and accessibility features. From a security perspective, the site benefits from HTTPS and CSRF token usage in forms, but lacks explicit security headers and detailed security or incident response policies. No privacy or cookie policies are present, which is a compliance gap. Contact information is clearly provided, enhancing trust and user engagement. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security hardening to align with best practices and regulatory requirements.

E

Eesti Maaturismi Ühing

saunatee.ee

26

Saunatee.ee is a specialized Estonian website dedicated to promoting sauna culture, tourism, and related products. Operated by Eesti Maaturismi Ühing, it serves as a comprehensive portal listing various sauna types, sauna packages, and educational content about sauna traditions in Estonia. The website targets sauna enthusiasts and tourists interested in authentic Estonian sauna experiences, positioning itself as a niche cultural and tourism information platform. The business model focuses on information dissemination and promotion of sauna-related services and products, supported by a small but consistent content base and community engagement through newsletters and social media.

T

The Hertz Corporation

hertz.ie

70

The website www.hertz.ie is the Irish regional portal for The Hertz Corporation, a globally recognized car rental company. It offers car and van rental services across Ireland with a focus on quality and convenience, including electric vehicle options. The site supports multiple languages and internationalization, reflecting a mature digital presence. Technically, the site employs modern JavaScript frameworks, asynchronous script loading, and integrates Google services such as Tag Manager and Analytics, alongside Stripe for payments and reCAPTCHA for bot protection. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers and incident response information are not evident. Privacy compliance is well addressed with a comprehensive privacy policy and GDPR-aligned cookie consent. Business credibility is supported by consistent branding and professional content, though direct contact details are not prominently displayed on the analyzed page. Overall, the site is professionally designed, functional, and secure, suitable for enterprise-level operations in the transportation sector.

M

MTÜ Eesti Pagulasabi

pagulasabi.ee

49

Eesti Pagulasabi is a well-established Estonian non-profit humanitarian organization founded in 2011, dedicated to supporting refugees and displaced persons both in Estonia and internationally. The organization provides a broad range of services including humanitarian aid, social and economic wellbeing programs, mental health support, and integration assistance. Their website reflects a professional and consistent brand presence with comprehensive content and multiple language support, targeting refugees, donors, volunteers, and partners. The donation infrastructure is robust, offering multiple payment options and detailed forms to facilitate contributions. Technically, the website is built on Drupal 9, leveraging modern analytics and consent management tools, and is hosted by a reputable Estonian registrar and hosting provider. Security posture is good with HTTPS enforced and reCAPTCHA implemented, though some security headers could be improved. Privacy compliance is strong with clear cookie consent and privacy policy documentation. Overall, the website is trustworthy, accessible, and professionally maintained, supporting the organization's mission effectively.

S

SA Harju Ettevõtlus- ja Arenduskeskus

heak.ee

43

SA Harju Ettevõtlus- ja Arenduskeskus (HEAK) is a regional non-profit foundation based in Estonia focused on supporting local development through consulting, training, and partnership initiatives. The organization targets entrepreneurs, civic associations, and tourism sector participants, offering free advisory services and organizing events to foster regional growth. The website reflects a stable and professional presence with clear business objectives and a consistent brand identity. Technically, the site is built on WordPress with common plugins for event management, multilingual support, and analytics integration, demonstrating a moderate level of digital maturity. Security posture is solid with HTTPS enforced and reCAPTCHA protecting forms, though improvements could be made by adding security headers and formal incident response contacts. Overall, the website is trustworthy and well-maintained, supporting the organization's mission effectively.

E

Ettevõtlik kool

evkool.ee

44

Ettevõtlik Kool is a non-profit educational network in Estonia focused on promoting entrepreneurial learning and providing a quality mark for modern education. The website serves as a portal for schools and kindergartens to access training, tools, and certification processes. It targets educational institutions and professionals within Estonia, supporting over 221 schools and more than 41,000 students. The business model revolves around educational services and network collaboration rather than commercial sales. Technically, the website is built on WordPress with modern enhancements such as lazy loading, Google Tag Manager, and reCAPTCHA for security. The site is mobile-optimized and includes accessibility features, reflecting a mature digital presence. SEO and metadata are well implemented, supporting discoverability and user engagement. From a security perspective, the site enforces HTTPS, uses reCAPTCHA on forms, and avoids exposing sensitive data. However, it lacks explicit security policies and incident response contacts, which could be improved. Privacy and cookie policies are present and appear GDPR compliant, enhancing user trust. Overall, the website presents a trustworthy and professional image with good content quality and technical implementation. The domain registration data aligns with the business claims, supporting legitimacy. Strategic improvements in security policy transparency and additional compliance documentation would further strengthen the site's posture.

S

Sihtasutus Ida-Viru Investeeringute Agentuur (IVIA)

ivia.ee

52

Sihtasutus Ida-Viru Investeeringute Agentuur (IVIA) is a public sector development organization based in Estonia, specializing in the creation and management of modern industrial and business parks in the Ida-Viru region. The agency facilitates investment by offering land plots with established infrastructure and provides free support services to investors, including administrative assistance and networking. The website reflects a well-established regional development entity with a clear focus on industrial real estate and investment promotion. Technically, the site is built on WordPress with modern plugins and frameworks, optimized for SEO and mobile use, and integrates Google Maps and reCAPTCHA for enhanced user experience and security. Security posture is strong with HTTPS, security headers, and consent mechanisms in place, though formal security policies and incident response contacts are absent. Overall, the site presents a credible, professional, and trustworthy digital presence aligned with its public sector mission.

L

Lastekaitse Liidu Lastelaagrite OÜ

lastelaagrid.eu

41

Lastekaitse Liidu Lastelaagrite OÜ is a small Estonian non-profit organization dedicated to providing educational and recreational youth camps and programs aligned with the mission of Lastekaitse Liit. The organization operates recognized youth camps such as Pivarootsi and Remniku and offers educational programs during school time. Their target audience includes children, youth, schools, municipalities, and entrepreneurs within Estonia. The website is built on a modern WordPress CMS with WooCommerce integration, supporting online interactions and registrations. The technical infrastructure includes standard web technologies and third-party services such as Google Analytics and CookieYes for consent management. Security posture is solid with HTTPS and reCAPTCHA implemented, though some security headers are missing and no formal security or privacy policies are published. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional, well-branded, and trustworthy, but could improve privacy compliance and security transparency.

T

Tervisekassa

tervisekassa.ee

64

Tervisekassa is the official Estonian national health insurance portal, providing information and services related to state health insurance, medical benefits, and healthcare access. The website targets insured individuals, employers, healthcare providers, and partners within Estonia. It offers comprehensive content on insurance coverage, medical services, reimbursements, and public health initiatives. The site is well-positioned as a government-backed service with a clear mission to facilitate healthcare access and information dissemination. Technically, the website is built on Drupal CMS, leveraging modern analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and Siteimprove. It employs Cloudflare for DNS and CDN services, ensuring good performance and security. Accessibility and mobile optimization are well addressed, with features like contrast toggling and skip links. Security posture is strong with HTTPS, cookie consent mechanisms, and bot protection via Google reCAPTCHA. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust, with clear privacy and cookie policies and GDPR-aligned consent management. Contact information is transparent, including official email and phone numbers, and social media presence is active on major platforms. Overall, the website demonstrates a mature digital infrastructure suitable for a public healthcare service, balancing usability, security, and compliance effectively.