Security Directory

I

International Virotherapy Center Limited

virotherapy.eu

50

International Virotherapy Center Limited operates a professional website dedicated to oncolytic virotherapy, a novel cancer treatment approach using live viruses. The site provides extensive educational content, clinical publications, treatment and prevention information, and a contact center for patient inquiries. The company targets cancer patients, healthcare professionals, and researchers globally, positioning itself as a niche healthcare information provider. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, RoyalSlider, and Swiper.js, with integrated analytics and marketing tools such as Google Analytics, Google Tag Manager, and Facebook Pixel. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. Security posture is moderate; HTTPS is used but no explicit security headers or published security policies are found. Privacy compliance is weak due to absence of privacy and cookie policies. WHOIS data is missing or unavailable, raising concerns about domain legitimacy despite the professional website presence. Overall, the site is functional and credible but would benefit from enhanced security and compliance transparency.

W

Walldorf Consulting GmbH

walldorfconsulting.com

58

Walldorf Consulting GmbH is a medium-sized German consulting firm specializing in SAP Cloud Transformation. The company positions itself as a leading specialist in transforming business processes and implementing them in the cloud, leveraging SAP technologies. Their market position is reinforced by multiple SAP certifications and awards, and they operate as part of the Timetoact Group. The website is professionally designed with good content quality and clear navigation, targeting businesses seeking SAP cloud transformation services. Technically, the site uses modern web technologies including Cloudflare DNS, FontAwesome, and Swiper.js, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is weak due to the absence of visible privacy or cookie policies. Overall, the website is trustworthy and credible but could improve transparency on privacy and security policies.

P

Paynt

paydoo.com

67

Paynt is a payment solutions provider offering a fully integrated payment infrastructure with services including POS systems, acquiring, merchant services, and capital funding. The company targets businesses across retail, hospitality, digital commerce, and service sectors, positioning itself as an innovative and award-winning player in the payment processing industry. The website is built on WordPress and uses modern web technologies such as jQuery, Google Tag Manager, and Swiper.js, hosted via Cloudflare, indicating a mature technical infrastructure. Security posture is adequate with HTTPS enforced and domain transfer protections, but lacks DNSSEC and visible security headers. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is limited to a contact form with no direct emails or phone numbers publicly listed. Overall, the site is professional and trustworthy but could improve transparency and security practices.

C

COALTECH

coaltech.com.br

42

COALTECH is a Brazilian company specializing in engineering consultancy, automation, and monitoring solutions, serving industrial, forestry, and agrarian sectors. The company offers proprietary systems such as CARBONTECH for carbonization monitoring, SYSFOREST for forest and agrarian monitoring, and COALTRACK for GPS and satellite tracking. Their business model focuses on B2B services including equipment rental and technical support, positioning them as a niche provider with innovative technological solutions. The website reflects a medium-sized enterprise with a professional online presence and active social media engagement. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and Swiper.js for UI components. Hosting is provided by HostGator Brazil, and analytics tools such as Google Analytics and LinkedIn Insight Tag are integrated. The site is mobile-optimized with good SEO practices but lacks some accessibility features. Performance is moderate with room for improvement. From a security perspective, the site uses HTTPS and avoids exposing sensitive data but lacks explicit security headers and incident response information. No privacy or cookie policies were found, indicating compliance gaps with GDPR and other privacy regulations. Forms exist for newsletter subscription and support ticketing but lack visible anti-CSRF protections. Overall, the security posture is moderate but could be enhanced with standard best practices. The overall risk is moderate with no critical vulnerabilities detected. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, adding security headers, and publishing incident response contacts to improve trust and compliance. The domain registration data is consistent with the business claims, supporting legitimacy and trustworthiness.

E

EMPRESA BRASIL DE COMUNICACAO S.A. - EBC

ebc.com.br

62

Empresa Brasil de Comunicação (EBC) is a Brazilian government-owned media company that operates multiple public communication channels including news agencies, radio stations, and television networks. The website serves as a central portal for accessing these services and provides rich content including news highlights, live streaming, and institutional information. The company holds a strong market position as a national public media entity with a large audience in Brazil. Technically, the website is built on the Plone CMS platform and leverages modern web technologies such as Clappr for video playback, Swiper.js for carousels, and Microsoft Clarity for analytics. The site is well-structured, mobile-optimized, and uses HTTPS with appropriate security headers, indicating a mature digital infrastructure. From a security perspective, the site demonstrates good practices including HTTPS enforcement and security headers. However, it lacks explicit cookie consent mechanisms and a comprehensive privacy policy prominently displayed, which are areas for improvement in privacy compliance. No critical vulnerabilities or blocking mechanisms were detected, and WHOIS data confirms the domain's legitimacy and consistency with the organization's identity. Overall, the website is professional, trustworthy, and serves its public service mission effectively. Strategic enhancements in privacy compliance and vulnerability disclosure would further strengthen its security posture and user trust.

H

Hexaware Technologies Pvt Ltd

hexaware.com

83

Hexaware Technologies Pvt Ltd is a well-established global IT consulting and services company founded in 1996, with a strong market presence and $1.4 billion in annual revenue. The company offers a broad portfolio of technology services including digital software solutions, cloud services, data analytics, AI-driven automation, and business process outsourcing, targeting enterprise clients across multiple industries. Their website reflects a mature digital infrastructure with modern technologies, responsive design, and comprehensive content showcasing their expertise and client success stories. Security posture is robust with HTTPS, clientTransferProhibited domain status, CAPTCHA-protected forms, and reputable analytics tools, though there is room for improvement in DNSSEC and security headers. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, Hexaware demonstrates high business credibility and professionalism, supported by consistent branding and trust indicators.

Flight Consulting Group is a well-established business aviation holding company based in Latvia, founded in 2000. It offers a broad range of aviation services including flight support, ground handling, VIP charter flights, trip support, and aviation consulting. The company operates a major business aviation center, FBO RIGA, and has several subsidiaries specializing in dispatch, travel agency services, and aviation infrastructure development. The website is professionally designed with good content quality and clear navigation, supporting its market position as a leading aviation service provider in Europe and the Baltics. Technically, the site uses modern analytics and tracking tools, is mobile optimized, and employs HTTPS with some security best practices, though it lacks some security headers and privacy compliance documentation. The WHOIS data is incomplete and lacks transparency, which slightly reduces trust but does not negate the legitimacy supported by the detailed business information and certifications. Overall, the site presents a credible and professional business presence with room for improvement in privacy and security disclosures.

S

Saliena

saliena.eu

60

Saliena is a real estate business focused on offering residential properties including apartments, houses, land plots, and rentals primarily in Latvia. The website positions itself as a premium community with developed infrastructure and convenient location advantages. Technically, the site is built on WordPress with a modern tech stack including jQuery, Swiper.js, and multiple analytics and marketing tools such as Google Analytics, Microsoft Clarity, and Facebook Pixel. The site is well-optimized for SEO and mobile devices, with good content quality and clear navigation. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although security headers could be improved and incident response information is absent. The WHOIS data is unavailable due to EURid privacy policies, but the website content and professionalism indicate a legitimate business. Overall, the site demonstrates a mature digital presence suitable for its real estate market niche.

L

Laflora

laflora.lv

51

Laflora is a major Latvian company specializing in the extraction and processing of peat products, targeting professional gardeners and related industries. The website presents a comprehensive product catalog, sustainability initiatives, and ongoing projects in renewable energy, positioning Laflora as a leader in its sector within Latvia. The digital infrastructure includes modern web technologies and a cookie consent mechanism aligned with GDPR requirements. Security posture is moderate with room for improvement in headers and explicit policies. The absence of WHOIS data limits domain trust verification, but the presence of multiple certifications and partner organizations supports legitimacy. Overall, the website is professional, content-rich, and user-friendly, with minimal tracking and good privacy compliance.

A

ASYAD

asyad.om

70

ASYAD is a leading integrated logistics and maritime group based in Oman, providing comprehensive services across ports, free zones, shipping, and public services. The company positions itself as a gateway to global trade routes, targeting businesses and investors in the MENA region and beyond. Their business model focuses on developing and operating strategic infrastructure such as ports (Sohar, Duqm, Salalah), free zones, and logistics solutions including cold chain and e-commerce. The website reflects a mature digital presence with multilingual support and active social media engagement. Technically, the website leverages modern web technologies including jQuery, Swiper.js, HubSpot CMS and marketing tools, Google Tag Manager, and OneSignal for push notifications. The site is mobile optimized with good SEO and accessibility features, though some accessibility aspects are basic. Performance is moderate with a professional design and clear navigation. Security posture is solid with HTTPS enforced and use of reCAPTCHA on forms, but lacks some advanced HTTP security headers and a published security policy or vulnerability disclosure. Privacy compliance is basic; a privacy policy is present but no cookie consent mechanism or GDPR-specific disclosures were found. Contact information is comprehensive and trustworthy, enhancing business credibility. Overall, ASYAD's website is professional and trustworthy, supporting its position as a major logistics player in Oman and the MENA region. Strategic improvements in privacy compliance and security transparency would further enhance trust and compliance.

S

Superhero Capital

superherocapital.com

48

Superhero Capital is a Denmark-registered venture capital fund specializing in seed investments for software-driven startups primarily in the New Nordics region. The fund offers up to 1 million euros in initial funding and emphasizes founder support without micromanagement. Their website is professionally designed using WordPress and Elementor, featuring clear navigation and mobile optimization. The technical infrastructure includes modern libraries and consent management tools, hosted likely on Azure App Service. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking explicit privacy and terms of service pages and security headers. Contact is facilitated mainly through an external Pipedrive form, with no direct emails or phone numbers published. The domain registration is consistent and legitimate, supporting the business claims.

V

Vendon

vendon.net

63

Vendon is a technology company specializing in IoT, telemetry, and payment solutions for coffee and vending businesses. Founded in 2010, the company offers remote management platforms and services that enable businesses to monitor and control their vending operations efficiently. Their market position is that of a specialized B2B SaaS and IoT provider targeting vending operators and coffee machine businesses. The website reflects a professional and consistent brand image with multi-language support and a clear focus on their core services. Technically, the website is built on WordPress using Elementor, with integrations including Google Tag Manager and reCAPTCHA v3 for security and analytics. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and policies could be improved. From a security perspective, the site shows good practices such as HTTPS, reCAPTCHA, and cookie consent, but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business age and shows no suspicious patterns, enhancing trustworthiness. Overall, Vendon’s website is a well-structured, professional platform that supports their business model effectively. Strategic improvements in security policy transparency and contact information could further enhance trust and compliance.

M

Magnetiq

lpb.lv

63

Magnetiq is a newly established banking infrastructure provider focused on delivering licensed banking products and Banking as a Service (BaaS) solutions primarily targeting FinTech companies, payment institutions, and eCommerce businesses. The company leverages modern technology and partnerships with major payment networks like VISA and MasterCard to offer a comprehensive suite of payment and account management services. The website reflects a professional and modern digital presence with detailed product offerings and customer testimonials, positioning Magnetiq as an innovative player in the banking technology sector. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, Swiper.js, and Google Tag Manager, hosted behind Cloudflare DNS. The site is mobile-optimized and SEO-friendly, though performance is moderate. Security posture is good with HTTPS and reCAPTCHA usage, but lacks DNSSEC and explicit security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, Magnetiq demonstrates a solid business and technical foundation with room for improvement in privacy compliance and security best practices. The domain registration data supports the legitimacy of the business with consistent WHOIS information and no privacy protection, appropriate for a regulated financial entity.

V

VALPRO SIA

valpro.lv

42

VALPRO SIA is a well-established Latvian metalworking company with a history dating back to 1944. The company manufactures and distributes metal products such as metal cans and fire extinguisher cylinders, serving clients in over 33 countries. The website reflects a professional and consistent brand image with clear contact information and international certifications, positioning VALPRO as a large player in the manufacturing sector. Technically, the website uses a mix of legacy and modern JavaScript libraries and is optimized for performance and mobile use. However, some outdated libraries like jQuery 1.7.2 are present, which could pose security risks. Security posture is moderate with HTTPS usage and no visible vulnerabilities, but lacks security headers and incident response information. Privacy compliance is weak due to absence of privacy and cookie policies. WHOIS data could not be retrieved, limiting domain trust assessment. Overall, the website is functional and professional but would benefit from enhanced security and privacy measures.

P

Public ID - Agence de Communication Créative

public-id.fr

44

Public ID is a creative communication agency based in Lille, France, specializing in graphic identity, logo design, website development, print and web graphic creations, emailing campaigns, SEO audits, and event management. The agency targets businesses and organizations seeking tailored communication solutions and has established a portfolio with notable clients, indicating a solid regional market presence. The website is built on WordPress using modern plugins and frameworks, reflecting a mature digital infrastructure. Security posture is generally good with HTTPS enabled and no visible sensitive data exposure, though security headers and formal policies are lacking. The absence of WHOIS data reduces transparency but the website content and client testimonials support legitimacy. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, and adding a vulnerability disclosure mechanism to enhance trust and compliance.

U

UXDA

uxdesignagency.com

62

UXDA is a specialized UX design agency focused exclusively on financial services, fintech, and banking products. With over 10 years of experience and more than 150 projects delivered globally, UXDA positions itself as a leader in strategic UX design for the financial sector. Their website showcases a rich portfolio of case studies, client testimonials, and industry awards, reflecting a strong market presence and credibility. The company targets financial brands and fintech companies seeking innovative UX/UI solutions to drive market leadership and customer engagement. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Hotjar, and social media integrations, ensuring good performance and user tracking capabilities. The site is mobile-optimized and features multimedia content such as videos and interactive carousels, enhancing user experience. SEO and accessibility are addressed at a good level, though some accessibility features could be improved. From a security perspective, the site uses HTTPS and asynchronous loading of tracking scripts, but lacks visible security headers and explicit privacy or cookie policies. No contact emails or phone numbers are directly available on the site, which may impact user trust and compliance. The WHOIS data is missing or unavailable, raising concerns about domain registration legitimacy despite the professional appearance of the website. Overall, UXDA demonstrates a mature digital presence with strong business credibility in the fintech UX design niche. However, improvements in transparency regarding privacy, security policies, and domain registration verification are recommended to enhance trust and compliance.

S

SIA Rīgas ūdens

rigasudens.lv

53

SIA Rīgas ūdens is the largest water supply and sewage service provider in the Baltic region, serving residents and businesses primarily in Riga, Latvia. The company offers a comprehensive range of water-related utility services including water supply, sewage management, water quality testing, and connection services. Their market position is strong as a key municipal utility provider with a large customer base. The website is professionally designed using Drupal CMS and modern JavaScript libraries, providing good user experience and mobile optimization. The technical infrastructure includes integration with mapping services and analytics tools such as ContentSquare and Facebook Pixel, indicating a mature digital presence. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit security policies are missing. Overall, the website and business information reflect a legitimate and professional utility provider with good privacy compliance and user trust indicators.

XTM is a well-established construction company specializing in concrete structures with over 20 years of experience and a strong presence in Scandinavia, particularly Norway and Sweden. The company emphasizes client trust, quality, environmental responsibility, and employee well-being, supported by internationally recognized ISO certifications. Their website is professionally designed, mobile-optimized, and provides comprehensive information about their projects and quality standards, although it lacks explicit privacy and cookie policies. Technically, the site runs on WordPress with modern JavaScript libraries and is hosted by a reputable registrar. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks advanced security headers and incident response information. Overall, the website reflects a credible and professional business with room for improvement in privacy compliance and security transparency.

S

SIA „Skrīveru saldumi”

skriverusaldumi.lv

49

SIA „Skrīveru saldumi” is a Latvian confectionery manufacturer specializing in traditional sweets such as the iconic "Skrīveru Gotiņa" and premium chocolates including "Aspasia". The company targets consumers seeking high-quality, traditional Latvian sweets, as well as corporate clients interested in branded gifts. Their business model combines manufacturing with an online retail presence, positioning them as a recognized player in the Latvian confectionery market. The website is professionally designed with a clear focus on product promotion and e-commerce functionality, supporting multiple languages and featuring a cookie consent mechanism to address privacy concerns. Technically, the site uses modern frontend technologies like Bootstrap, jQuery, and Swiper.js, and integrates Google Analytics for visitor tracking. Security posture is adequate with HTTPS enabled and cookie consent implemented; however, the absence of security headers and explicit privacy and terms of service pages indicates room for improvement. WHOIS data could not be retrieved due to query limits, limiting domain legitimacy verification. Overall, the site presents a trustworthy and professional front for a small-sized confectionery business in Latvia.

D

DDSTUDIO

ddstudio.com

54

DDSTUDIO is a boutique design consultancy specializing in industrial design, user experience (UX), and user interface (UI) design. Established in 1997, the company positions itself as a premier partner for industry innovators seeking strategic, business-driven design solutions that empower people, influence positive change, and drive commercial success. Their services focus on human-centered design methodologies to create compelling, market-ready products. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content including case studies and client testimonials, indicating a strong market position in the technology sector. Technically, the website is built on WordPress using the Enfold theme and Avia framework, incorporating modern JavaScript libraries such as Swiper.js and Tippy.js, and integrates analytics tools like HubSpot and Google Analytics. The site is mobile-optimized and accessible, with good SEO practices and performance rated as moderate. Security posture is adequate with HTTPS enforced and use of reCAPTCHA, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is strong, with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, DDSTUDIO demonstrates a solid security and compliance posture with no critical vulnerabilities detected. The domain registration is consistent with the business history, enhancing trustworthiness. Strategic recommendations include enhancing DNS security, publishing a security.txt file, and improving security header implementation to further strengthen the security posture.

S

SIDC GROUP

sidcgroup.com

42

SIDC GROUP is a specialized recruitment agency with over 25 years of experience, focusing on staffing for VIP clients, luxury yachts, private residences, and the hospitality sector in the Baltic States and Europe. The company offers a broad range of services including executive search, career coaching, and personalized training, positioning itself as a trusted partner for high-end staffing needs. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting both employers and job seekers in the luxury recruitment market. Technically, the site uses modern frameworks such as Bootstrap and jQuery, with good mobile optimization and moderate performance. Security practices include HTTPS enforcement, CSRF tokens, and captcha on forms, but lack some standard security headers and cookie consent mechanisms. The WHOIS data aligns well with the business claims, showing consistent registration details and domain age appropriate for the company's history. Overall, the website is functional, professional, and moderately secure but could improve privacy compliance and security posture.

D

DTS LTD

dts.lv

67

DTS LTD operates a professional e-commerce platform specializing in original OEM auto spare parts for a wide range of car manufacturers. With over 25 years of experience and more than 500 active B2B clients, the company positions itself as a reliable supplier offering fast worldwide deliveries and technical expertise. The website is well-structured, multilingual, and provides comprehensive catalogs and inquiry services to assist customers in finding genuine parts efficiently. Technically, the website employs modern JavaScript libraries such as jQuery, Flatpickr, Font Awesome, Alpine.js, and Swiper.js, alongside analytics tools like Google Analytics and Microsoft Clarity. The site is mobile-optimized, accessible, and SEO-friendly, with a cookie consent mechanism implemented via Usercentrics CMP. HTTPS is enforced, ensuring secure communications. From a security perspective, the site demonstrates good practices including secure forms with CSRF tokens and no exposed sensitive data. However, there is a lack of explicit security policies, incident response information, and vulnerability disclosure mechanisms. The absence of WHOIS data due to query limits limits full domain legitimacy verification, but the website content and trust indicators suggest a legitimate and established business. Overall, DTS LTD presents a strong digital presence with professional design, solid technical infrastructure, and good privacy compliance. Strategic improvements in security transparency and WHOIS data availability would further enhance trust and compliance.

襄樊富仕纺织服饰有限公司 is a large Chinese textile manufacturing company established in 2001, specializing in spinning and weaving with significant production capacity. The company holds multiple provincial and national certifications, positioning it as a reputable player in the manufacturing sector. The website presents a professional design with clear navigation and relevant business content targeting industry clients and partners. Technically, the site uses a SaaS platform with common web technologies like jQuery and Swiper.js, but mobile optimization and accessibility are basic. Security posture is weak due to lack of security headers and unclear SSL configuration. Privacy compliance is poor, with no visible privacy or cookie policies. The domain WHOIS data is unavailable, raising concerns about domain legitimacy. Suspicious external domains embedded in scripts and iframes further reduce trust. Overall, the site is functional and business-oriented but requires improvements in security, privacy, and domain registration transparency.

E

European Federation of Intelligent Energy Efficiency Services (EFIEES)

efiees.eu

53

The European Federation of Intelligent Energy Efficiency Services (EFIEES) is a professional federation focused on representing and promoting the interests of energy efficiency service providers within the European Union. Their core mission is to advocate for Energy Efficiency Services Companies (EESCs) by influencing European policies and providing a platform for member engagement. The website reflects a well-structured and professional presence with relevant content about their activities, events, and projects, targeting stakeholders in the energy efficiency sector. Technically, the website is built on WordPress using the Astra theme, incorporating modern JavaScript libraries such as Swiper.js for interactive elements. The site is mobile-optimized and demonstrates good SEO practices with structured data and meta tags. However, some technical improvements could be made in accessibility and performance optimization. From a security perspective, the site uses HTTPS, ensuring encrypted communication. However, it lacks visible security headers and explicit privacy or cookie policies, which are important for compliance and user trust. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of contact information and incident response details limits transparency. Overall, the website presents a moderate risk profile with good business credibility but room for improvement in privacy compliance and security best practices. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, publishing incident response and vulnerability disclosure information, and enhancing accessibility features.

I

International Ice Hockey Federation

iihf.com

66

The International Ice Hockey Federation (IIHF) operates as the global governing body for ice hockey and inline hockey, organizing major international tournaments such as World Championships and Olympic events. The website serves as a comprehensive portal for fans, players, officials, and member associations, offering news, event schedules, development resources, and media streaming services. The IIHF maintains strong partnerships with recognized brands like Nike and Tissot, enhancing its market position and credibility. Technically, the website employs modern JavaScript libraries and tracking tools including Google Tag Manager and Azure Application Insights, indicating a mature digital infrastructure. The site is mobile-optimized with good navigation and content quality, though accessibility features could be improved. Performance is moderate, with a custom framework powering the site. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms, but lacks visible security headers and a published vulnerability disclosure policy. The absence of WHOIS data reduces transparency but does not detract significantly from the site's legitimacy given its professional presentation and official partnerships. Overall, the IIHF website demonstrates a solid security posture and compliance with privacy regulations, providing a trustworthy and professional user experience. Strategic improvements in security header implementation and explicit incident response contacts would further enhance its security maturity.

S

Sigma Software

sigma.software

74

Sigma Software is a well-established global technology consulting and software development company founded in 2002, with a strong market position among the top 100 outsourcing companies worldwide. The company offers a broad range of services including custom software development, IT consulting, dedicated teams, cybersecurity, AI consulting, and legacy system modernization. Their target audience includes enterprises, product houses, and startups seeking reliable technology partners. The website reflects a mature digital presence with professional design, comprehensive content, and multiple global offices, primarily in Ukraine and Europe. Technically, the website is built on WordPress with modern frameworks and integrates Google Tag Manager, Google Analytics, and cookie consent mechanisms, indicating a good level of digital maturity. The site is mobile-optimized, accessible, and SEO-friendly, although performance is moderate. Security posture is solid with HTTPS and cookie consent but lacks explicit security headers and published security policies. No WAF or blocking mechanisms were detected, and the domain registration is privacy-protected but consistent with the business profile. Overall, the security posture is good but could be improved by publishing security policies, incident response contacts, and implementing security headers. Privacy compliance is basic due to the absence of a visible privacy policy and terms of service. Business credibility is high with clear contact information, social proof, and trust indicators. The risk level is moderate with recommendations to enhance transparency and security best practices.

The World Karate Federation (WKF) is a globally recognized international sports federation dedicated to promoting karate as a sport. It is the only karate organization recognized by the International Olympic Committee and boasts 198 member countries and over a hundred million members worldwide. The organization operates primarily as a non-profit entity focused on organizing karate events, managing rankings, accrediting approved brands, and running educational programs. The website reflects a professional and authoritative presence consistent with a large international sports federation headquartered in Spain. Technically, the WKF website employs modern web technologies including Blazor, Bootstrap 5, and various JavaScript libraries for enhanced user experience and performance. The site is mobile-optimized, accessible, and SEO-friendly, with structured data and comprehensive metadata supporting discoverability and rich search results. Privacy and cookie policies are clearly presented with consent mechanisms, indicating good compliance with GDPR and related regulations. From a security perspective, the site uses HTTPS with strong SSL configuration and implements cookie consent. While explicit security headers are not fully confirmed, no vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response information is noted as an area for improvement. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain registration legitimacy; however, the website content and social media presence strongly support the authenticity of the organization. Overall, the WKF website demonstrates a high level of professionalism, technical maturity, and compliance with privacy standards. The main risk factor is the lack of WHOIS transparency, which should be investigated further to ensure domain legitimacy and trustworthiness.

P

ParaVolley EUROPE - Sitting & Standing Volleyball in Europe

paravolley.eu

51

ParaVolley Europe is a regional sports organization dedicated to promoting and organizing sitting and standing volleyball competitions across Europe. The website serves as a hub for news, competitions, and member federations, targeting athletes, sports enthusiasts, and stakeholders in the ParaVolley community. The organization positions itself as a key promoter of inclusive sports within the European region. Technically, the website is built on a modern stack using Vue.js and Nuxt.js frameworks, styled with Tailwind CSS, and incorporates popular libraries such as Swiper.js and Font Awesome. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. No contact emails or phone numbers are explicitly provided, which may impact user trust and compliance. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security practices.

V

V360 agency

vvunk.ee

43

V360 Agency OÜ is a small Estonian digital agency specializing in web development, e-commerce solutions, branding, and full digital marketing services. The company positions itself as a creative and professional partner for businesses seeking to elevate their digital presence. Their website showcases a portfolio of projects and client testimonials, indicating a trusted market position within their niche. Technically, the website is built on WordPress with modern JavaScript libraries such as Swiper.js and Tippy.js, and integrates Google Tag Manager and reCAPTCHA for analytics and security. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Security posture is adequate with HTTPS and reCAPTCHA, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Overall, the domain registration is consistent and transparent, supporting the legitimacy of the business.

A

Aermec

aermec.co.uk

49

Aermec UK Ltd. is a well-established company specializing in Heating, Ventilation, and Air Conditioning (HVAC) solutions for industrial and commercial sectors. With over 60 years of market presence in Europe, they position themselves as market leaders in systems engineering, offering a broad range of HVAC products, servicing, repairs, and comprehensive system testing. Their website reflects a professional and detailed presentation of their products and services, targeting industry and commercial enterprises requiring HVAC solutions. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The site is mobile-optimized and includes SEO best practices such as structured data and meta tags. Performance is moderate, with standard use of JavaScript libraries and tracking tools like Google Analytics and Tag Manager. From a security perspective, the site uses HTTPS with good SSL configuration but lacks visible security headers and explicit privacy or cookie policies, which are important for GDPR compliance. No incident response or vulnerability disclosure information is present, which could be improved to enhance trust and security posture. Overall, the website is professional and credible, but the domain WHOIS data is unavailable and flagged as invalid by the registry, which raises concerns about domain legitimacy or configuration. This discrepancy should be addressed to ensure full trustworthiness and compliance.

S

Sigma Technology Group

sigmatechnology.com

62

Sigma Technology Group is a well-established global technology company founded in 1999, specializing in software and embedded systems development, IT infrastructure, cloud services, and digital transformation. The company targets businesses seeking advanced digital and engineering solutions, positioning itself as a trusted partner with a strong presence in Sweden and international offices. Their key services include software development, AI consulting, DevOps, cloud technology, and automotive solutions, supported by a professional and comprehensive online presence. Technically, the website is built on WordPress with modern JavaScript libraries and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enabled and no exposed sensitive data, though improvements can be made by enabling DNSSEC and publishing explicit security policies. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the website reflects a high level of professionalism, trustworthiness, and business credibility.

E

Euroopa rändevõrgustiku Eesti kontaktpunkt

emn.ee

44

The website www.emn.ee serves as the official Estonian contact point for the European Migration Network, providing comprehensive migration and asylum policy reports, applied research, and urgent information exchange. It targets policymakers, researchers, and migration professionals, positioning itself as a trusted government-related entity with a focus on migration statistics and policy analysis. The site is well-structured, content-rich, and regularly updated with news, events, and publications relevant to migration topics. Technically, the website is built on WordPress with Yoast SEO and integrates Google Analytics and Tag Manager for tracking. It demonstrates good mobile optimization and moderate performance. The use of HTTPS and cookie consent mechanisms reflects a solid privacy posture, although some security headers and explicit incident response information are missing. Security-wise, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks published security policies and vulnerability disclosure mechanisms, which could enhance trust and compliance. No WAF or blocking mechanisms were detected, indicating full accessibility. Overall, the website scores well on content quality, technical implementation, security posture, privacy compliance, and business credibility, making it a reliable and professional resource in its domain. Strategic improvements in security headers, incident response transparency, and accessibility could further strengthen its position.

M

MTÜ Sibulatee

sibulatee.ee

44

Sibulatee is a non-profit organization dedicated to promoting the cultural and tourism assets of the Peipsimaa region in Estonia. The website serves as a comprehensive portal for events, local businesses, cultural heritage, and educational opportunities, targeting tourists and local communities interested in authentic regional experiences. The platform leverages WordPress and WooCommerce to provide event listings, e-commerce for local products, and seminar information, supported by active social media engagement and newsletter subscriptions. Technically, the site uses modern JavaScript libraries and tracking tools such as Google Analytics, Facebook Pixel, and Hotjar, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enforced and cookie consent implemented, though improvements in security headers and policies are recommended. Privacy compliance is addressed with a clear privacy policy and cookie banner, aligning with GDPR requirements. Overall, the site is professionally designed, user-friendly, and trustworthy, with clear contact information and consistent branding. No critical vulnerabilities or blocking mechanisms were detected, supporting a positive risk profile.

O

OÜ Veinimõisnik

veinivilla.ee

25

Valgejõe Veinivilla is a small Estonian winery operating since 2014, positioned as the northernmost winery in Estonia. They produce fruit, berry, and grape wines using local ingredients, offering retail sales through their online wine shop and on-site services including tours, tastings, and events. The business targets wine enthusiasts and tourists seeking authentic local experiences. Technically, the website is built on WordPress with WooCommerce and Elementor, supported by a reputable hosting provider. The site is well-structured, mobile-optimized, and SEO-friendly, though some accessibility features could be improved. Security posture is good with HTTPS and no visible vulnerabilities, but lacks explicit security headers and incident response information. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy with room for compliance and security enhancements.

V

V360 agency

v360.ee

43

V360 Agency OÜ is a small Estonian digital agency specializing in web development, e-commerce solutions, branding, and full digital marketing services. The company positions itself as a smart solution for digital success, targeting businesses seeking to elevate their online presence through comprehensive marketing and branding strategies. Their website showcases a professional design with clear navigation, client testimonials, and a portfolio of projects, indicating a trusted market presence. Technically, the site is built on WordPress with modern JavaScript libraries such as Swiper.js and Tippy.js, and integrates Google Tag Manager and reCAPTCHA for tracking and security. The hosting and domain registration are managed by Zone Media OÜ, a reputable Estonian registrar and hosting provider. Security posture is adequate with HTTPS and reCAPTCHA implemented, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Overall, the website is professional and credible, though improvements in privacy and security policies are recommended.

Valgamaa Arenguagentuur is a regional development agency based in Estonia, focused on fostering cooperation among local development organizations and providing professional support services to businesses, non-profits, and local governments. The agency aims to enhance the economic and living environment of Valgamaa county, positioning itself as a key facilitator in regional development with a focus on entrepreneurship, education, and community welfare. The website reflects this mission with clear service offerings and active engagement channels. Technically, the website employs modern frontend technologies including Tailwind CSS, Swiper.js, and Plyr.js, managed through the Greativ CMS platform. It integrates analytics and social media tools such as Google Analytics and Facebook SDK, indicating a moderate level of digital maturity. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not provide visible privacy or cookie policies, which are critical for GDPR compliance. There is no incident response or vulnerability disclosure information, which could be improved to enhance trust and security posture. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices to reduce risk and improve user trust.

Sihtasutus RAEK is a regional development foundation based in Rapla County, Estonia, focused on supporting balanced regional growth by providing professional development services to private, public, and third sector organizations. The website clearly targets entrepreneurs, citizen associations, youth, and local governments with a variety of support services including training, mentoring, and consulting. The organization is well-established with a domain age since 2010 and is part of a national network of county development centers. The website is built on a modern WordPress platform with common web technologies and SEO optimizations, providing a good user experience and mobile responsiveness. Security posture is solid with HTTPS and no visible vulnerabilities, though it lacks advanced security headers and formal incident response or vulnerability disclosure information. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site presents a professional and trustworthy image consistent with a government/non-profit entity.

1

1Kelvin

kelvin.ee

50

1Kelvin is an Estonian-based company specializing in technical system planning, design, and installation with a strong focus on energy efficiency and related services. With over 20 years of experience, the company positions itself as a reliable partner for large and complex projects in Estonia, targeting primarily business clients requiring engineering and energy consultancy services. The website reflects a professional and consistent brand image, offering clear information about services and company expertise. Technically, the site is built on WordPress with modern front-end technologies and integrates Google Analytics and Tag Manager for user tracking. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and explicit incident response information. Privacy compliance is partially addressed with references to cookie and privacy policies but lacks an explicit consent mechanism. Overall, the site is trustworthy and credible with room for improvement in security and privacy transparency.

E

E-varamu

e-varamu.ee

55

E-varamu is a key Estonian cultural heritage digital platform that aggregates materials from multiple datasets and integrates with the Europeana digital library. It serves researchers and the general public interested in Estonian culture, operating as a non-profit government-related entity. The website is built on WordPress with modern plugins and technologies, offering good SEO, accessibility, and mobile optimization. Security posture is solid with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response information are not published. The domain registration data aligns well with the website's purpose, indicating legitimacy. Overall, the platform is professional, trustworthy, and technically sound.

T

Tallinna Vesi

tallinnavesi.ee

42

Tallinna Vesi is a well-established water utility company based in Estonia, primarily serving the Tallinn region with water supply and wastewater treatment services. The company demonstrates a strong market position supported by comprehensive service offerings including water purification, meter installation, and customer self-service portals. Their website reflects a professional digital presence with multilingual support and investor relations, indicating a mature business model focused on transparency and customer engagement. Technically, the site is built on WordPress with modern plugins and scripts, ensuring good performance and SEO optimization. Security posture is robust with HTTPS enforcement and ISO certifications, although improvements can be made in security headers and incident response transparency. Privacy compliance is mostly adequate but lacks a visible cookie consent mechanism, which should be addressed to fully comply with GDPR requirements. Overall, the website and domain data indicate a trustworthy and credible organization with a solid digital infrastructure.

The website www.visitsaulkrasti.lv serves as an official regional tourism portal for Saulkrasti municipality in Latvia. It provides comprehensive visitor information including local attractions, events, accommodation options, dining, and useful tips for tourists. The site targets visitors and tourists interested in exploring the Saulkrasti region, positioning itself as a key local tourism information hub. The business model focuses on promoting local tourism services and events, supporting the hospitality and government sectors. The content is well-structured, visually appealing, and consistent with the brand identity of Saulkrasti tourism. Technically, the website is built on WordPress CMS and utilizes modern JavaScript libraries such as jQuery, Swiper.js for sliders, and Magnific Popup for galleries. It integrates Google Tag Manager and Google Analytics for tracking and marketing purposes. The site demonstrates good mobile optimization and basic accessibility features, with moderate performance. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the website enforces HTTPS with excellent SSL configuration. However, it lacks explicit security headers and does not provide a dedicated security or incident response policy. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism, aligned with GDPR requirements. Contact information is transparent and professionally presented, enhancing business credibility. Overall, the website is trustworthy, professionally maintained, and serves its purpose effectively. Strategic improvements could include implementing additional security headers, publishing a security policy or incident response contact, and adding a security.txt file to facilitate vulnerability disclosures. These steps would further strengthen the site's security posture and trustworthiness.

V

Visit Tartu

visittartu.com

42

Visit Tartu operates as the official tourism portal for Tartu and Southern Estonia, providing comprehensive travel information, event promotion, and business-to-business services such as MICE and conference venues. The website targets tourists, event organizers, and business visitors, positioning itself as a key regional tourism authority. The business is well-established with a domain age dating back to 2005, reflecting a mature presence in the hospitality sector. Technically, the site leverages WordPress with Elementor and WP Rocket for performance optimization, and integrates social media and multimedia content effectively. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy or terms of service pages detected. Overall, the site is professional, user-friendly, and trustworthy, though improvements in security headers and privacy documentation are recommended.

T

The European Olympic Committees

eurolympic.org

50

The European Olympic Committees (EOC) is a well-established non-profit organization dedicated to promoting the fundamental principles of Olympism across Europe. The website serves as the official digital presence for the EOC, providing comprehensive information about its activities, events, awards, and news. It targets Olympic committees, athletes, sports organizations, and the general public interested in European Olympic sports. The organization holds a strong market position as the continental association for European Olympic Committees and organizes major sports events such as the European Games and the European Youth Olympic Festival. Technically, the website is built on a modern WordPress platform with popular plugins like WPBakery Page Builder and integrates Bootstrap for responsive design. It employs Google Analytics for traffic analysis and Mailchimp for newsletter subscriptions. The site is well-optimized for mobile devices and offers good SEO and accessibility features, though some improvements in accessibility could be made. From a security perspective, the site uses HTTPS with strong security headers and secure forms that include consent checkboxes. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit cookie consent mechanisms and does not publish a security incident response or vulnerability disclosure policy, which are areas for improvement. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations such as GDPR. The lack of WHOIS data limits domain registration insights, but the website's branding, content quality, and external partnerships strongly support its legitimacy. Strategic recommendations include implementing cookie consent, publishing security policies, and enhancing accessibility to further strengthen the site's security posture and user trust.

R

Rohelise Jõemaa Koostöökogu

joemaa.ee

39

Rohelise Jõemaa Koostöökogu is a small regional cooperative organization based in Estonia, focused on sustainable rural economic development, cultural heritage preservation, and tourism promotion. The website serves as an informational and promotional platform highlighting the organization's mission, events, and regional identity. The technical infrastructure is based on WordPress with common plugins such as Yoast SEO and Contact Form 7, supported by standard web technologies like jQuery and Bootstrap. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility features. Security posture is basic with HTTPS enabled but missing important security headers and policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is functional and professional but requires improvements in privacy, security, and compliance to enhance trust and user protection.

E

Eesti Kergejõustikuliit

ekjl.ee

42

Eesti Kergejõustikuliit is the national athletics federation of Estonia, providing organizational support, event management, and athlete services within the Estonian athletics community. The website serves as a comprehensive portal for news, competition calendars, results, rankings, and educational materials targeting athletes, coaches, clubs, and fans. It holds a strong market position as the official governing body for athletics in Estonia. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery and Swiper.js, and uses Bootstrap for responsive design. The site demonstrates good digital maturity with structured data, SEO optimization, and mobile responsiveness, although some accessibility features could be improved. Performance is moderate with room for optimization. From a security perspective, the site enforces HTTPS and uses standard libraries without visible vulnerabilities. However, it lacks some security headers and does not provide explicit security or incident response policies. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with its business purpose. Strategic improvements in privacy compliance, security policy transparency, and accessibility would enhance its security posture and user trust.

E

Eesti Planeerijate Ühing

planeerijad.ee

48

Eesti Planeerijate Ühing is a professional non-profit association focused on spatial planning practices in Estonia. The organization provides certification for spatial planners, organizes events such as seminars and webinars, and engages in knowledge dissemination and international cooperation. The website is well-structured, professionally designed, and regularly updated with relevant news and events, reflecting an active and credible organization within its sector. Technically, the website is built on WordPress with modern plugins including Elementor and Yoast SEO, ensuring good SEO and mobile responsiveness. The site uses HTTPS with an excellent SSL configuration, but lacks some advanced security headers and explicit privacy and cookie policies, which are areas for improvement. No blocking or WAF mechanisms interfere with content accessibility. Security posture is solid with HTTPS and no exposed sensitive data, but the absence of published incident response or vulnerability disclosure policies and security.txt reduces transparency. Privacy compliance is weak due to missing privacy and cookie policies and consent mechanisms. Business credibility is high given the consistent domain registration, professional content, and clear organizational purpose. Overall, the site is trustworthy and functional but would benefit from enhanced privacy compliance and security transparency to align with best practices and regulatory requirements.

N

NOVOT Agentuur

novot.ee

56

NOVOT Agentuur is a well-established full-service marketing agency based in Estonia, founded in 2006. The company offers a broad range of marketing services including branding, website development, campaign management, social media, and media planning. Their website reflects a professional and consistent brand image, targeting businesses seeking comprehensive marketing solutions. The digital infrastructure is built on WordPress with modern plugins and tools such as Yoast SEO, Google Tag Manager, and CookieYes for privacy compliance. The site is mobile-optimized and demonstrates good SEO practices. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. WHOIS data confirms domain legitimacy and consistency with the business history. Overall, the website presents a trustworthy and professional digital presence.

The website 'Maardu 45' serves as a dedicated platform for celebrating the 45th anniversary of Maardu city in Estonia. It provides residents and visitors with information about the city's history, culture, events, and local government contacts. The site is positioned as a local government information portal aimed at community engagement and city promotion. Technically, the site leverages a modern tech stack including Alpine.js, jQuery, Leaflet for maps, and multiple analytics tools such as Google Analytics and Matomo, hosted likely by Telia Eesti AS. The website is mobile optimized and offers a good user experience with clear navigation and consistent branding. Security-wise, the site uses HTTPS and does not expose sensitive data, but lacks some security headers and formal policies such as privacy and cookie policies, which are important for GDPR compliance. The domain is very recently registered, which is somewhat unusual for a city site but may reflect a new dedicated event domain. Overall, the site is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices.

S

Sillamäe Muuseum

sillamae-muuseum.ee

45

Sillamäe Muuseum is a small cultural and educational institution based in Estonia, providing guided tours, educational programs, workshops, and children's entertainment rentals. The website is professionally designed using WordPress with a modern theme and includes multilingual support. It demonstrates compliance with GDPR through a cookie consent mechanism and provides clear contact information. The technical infrastructure is solid, leveraging common web technologies and plugins, with good mobile optimization and moderate performance. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and policies could be improved. Overall, the website is trustworthy and serves its target audience effectively.

K

Koigi Kool

koigikool.ee

49

Koigi Kool is a small educational institution located in Koigi village, Estonia, providing primary and kindergarten education services. The website serves as an information portal for students, parents, and staff, offering news, event updates, school life details, and contact information. The site is built on Drupal 10 and incorporates modern web technologies and accessibility features, reflecting a moderate to good level of digital maturity. The presence of Matomo analytics indicates a privacy-conscious approach to user tracking. Security posture is adequate but could be improved by enabling DNSSEC and implementing security headers. No privacy policy or explicit security policies are published, which is a gap in compliance. Overall, the domain is legitimate and stable, with clear contact details and partner affiliations.