Security Directory

Lailio Solutions SIA is a Latvian-based full-stack IT service provider specializing in ERP, CRM, HRM systems, and infrastructure management with 24/7 support. The company targets sectors such as telecommunications, fintech, logistics, and transportation, offering tailored IT solutions leveraging DevOps and AI methodologies. The website is currently under maintenance but presents a professional image with clear contact channels and business information. Technically, the site uses the Odoo CMS platform, Cloudflare DNS, and modern web technologies, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS and CSRF protections, but lacks DNSSEC and security headers, and no privacy or cookie policies are published, indicating room for compliance improvements. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in privacy compliance and security headers would enhance trust and reduce risk.

F

FirstHost

firsthost.lv

59

FirstHost is a Latvia-based technology company specializing in high-performance web hosting, dedicated servers, and cloud VPS solutions primarily targeting European businesses. With over 18 years of experience and a client base exceeding 9,000, the company positions itself as a reliable and scalable IT infrastructure provider. Their services include dedicated servers, cloud hosting, domain registration, SSL certificates, and virtual desktop infrastructure, catering to enterprises seeking robust and flexible hosting solutions. The website reflects a mature digital presence with multilingual support and multiple currency options, indicating a broad regional focus. Technically, the website leverages modern web technologies including Bootstrap, jQuery, and various JavaScript libraries for enhanced user experience and performance. Integration with analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and Yandex Metrika demonstrates a data-driven approach to customer engagement. The site is mobile-optimized and exhibits good SEO practices, contributing to its accessibility and reach. From a security standpoint, the site enforces HTTPS and uses reputable third-party services for live chat and analytics. However, explicit security policies, incident response details, and vulnerability disclosure mechanisms are absent, representing areas for improvement. The lack of WHOIS data due to query limits restricts full domain trust verification, though the website content and business indicators suggest legitimacy. Overall, FirstHost presents a solid business and technical profile with room to enhance transparency around security and compliance. Strategic improvements in security documentation and WHOIS data availability would strengthen trust and compliance posture.

RADIO SKONTO is a Latvian media company specializing in radio broadcasting and digital media services. It operates multiple radio stations and offers live streaming, podcasts, interviews, news, and contests primarily targeting Latvian-speaking audiences. The company is actively engaged in digital transformation projects supported by European Union funding, aiming to modernize its radio broadcasting infrastructure and develop new digital platforms such as an e-commerce radio store. Technically, the website employs modern JavaScript libraries, responsive design, and integrates multiple third-party analytics and marketing tools, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though some security headers are missing and no explicit incident response or security policy pages were found. The absence of WHOIS data due to query limits limits full domain trust assessment, but the website content and EU project affiliations support legitimacy. Overall, RADIO SKONTO presents as a professional media entity with a strong digital presence and ongoing modernization efforts.

Elektronikas un datorzinātņu institūts (EDI) is a Latvian research institute specializing in electronics and computer science. The organization focuses on innovative research and technological solutions in sectors such as smart transport, smart manufacturing, healthcare, space technologies, and security. The website presents a professional and content-rich platform targeting researchers, industry partners, and students, with multiple ongoing projects and services showcased. Technically, the site is built on WordPress with popular plugins like WPBakery and Slider Revolution, indicating a mature but somewhat dated infrastructure. Security posture is adequate with HTTPS enforced but lacks modern security headers and uses outdated libraries, which could pose risks. Privacy compliance is basic, with no visible cookie consent mechanisms or detailed privacy policies. Overall, the site reflects a credible research entity but would benefit from technical and security updates to enhance trust and compliance.

Y

Your Social

yoursocial.nl

53

Your Social is a small Dutch media website focused on delivering business and financial news, marketing insights, and local business content. The site uses WordPress CMS with a modern tech stack including Yoast SEO, Bootstrap, and jQuery, providing a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and explicit security policies. The domain is privacy protected but consistent with the business profile. Overall, the website is professional and trustworthy for its niche, though improvements in security and compliance documentation are recommended.

E

EGEC - European Geothermal Energy Council

egec.org

57

EGEC - European Geothermal Energy Council is a well-established non-profit organization founded in 1998 that promotes the geothermal energy sector across Europe and globally. It serves as a key industry voice, providing policy advocacy, research support, event organization, and member networking services. The website reflects a mature digital presence with comprehensive content including news, policy documents, events, and membership information targeted at industry professionals, policymakers, and researchers. Technically, the site is built on WordPress with modern plugins and libraries, offering good mobile responsiveness and SEO optimization. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers and explicit policies could be improved. The absence of WHOIS data limits domain trust analysis, but the professional content and EU transparency registration support legitimacy. Overall, the site is a credible and authoritative platform in the geothermal energy sector.

COGEN Europe is a well-established European association dedicated to promoting cogeneration technologies and policies across Europe. The organization collaborates with EU institutions and industry stakeholders to advocate for energy efficiency and emission reduction through cogeneration. The website reflects a medium-sized association with a solid membership base of national associations and corporate members, positioning itself as a key player in the energy sector focused on cogeneration. Technically, the website is built on WordPress using popular page builders and plugins, indicating a moderate level of digital maturity. The site is mobile-optimized, uses HTTPS, and includes structured data for SEO enhancement. However, some technical improvements are possible, such as adding security headers and fully configuring analytics tools. From a security perspective, the site benefits from HTTPS and does not expose sensitive data. However, it lacks visible security headers and formal privacy and cookie policies, which are important for GDPR compliance and user trust. The absence of incident response and vulnerability disclosure information suggests room for improvement in security governance. Overall, the website is professional and credible but would benefit from enhanced privacy compliance and security best practices to strengthen trust and regulatory adherence.

A

Armstrong Fluid Technology

armstrongfluidtechnology.com

64

Armstrong Fluid Technology is a well-established manufacturer specializing in intelligent fluid flow equipment such as pumps, valves, and heat exchangers, targeting commercial and industrial HVAC markets globally. The company emphasizes energy efficiency and sustainability, supported by a comprehensive website offering detailed product information, case studies, and resources. The technical infrastructure is modern, leveraging ASP.NET, Bootstrap, and various JavaScript libraries, with good mobile optimization and accessibility. Security posture is solid with HTTPS enforcement and domain transfer protection, though improvements like DNSSEC and enhanced security headers are recommended. Privacy policies are comprehensive and GDPR compliant, reflecting a mature approach to data protection. Overall, the website projects a professional and trustworthy image aligned with its business objectives.

T

Two Daughters Entertainment Ltd

moleyofficialstore.com

67

Moley Store is an e-commerce website operated by Two Daughters Entertainment Ltd, specializing in sustainable children's apparel made from organic cotton. The brand leverages character-driven designs inspired by Moley and related characters, targeting families and children interested in eco-friendly clothing. The business is relatively new, with domain registration in early 2024, aligning with the company's founding year. The website is built on modern technologies including Vue.js and the Teemill platform, providing a clean and user-friendly shopping experience. While the site demonstrates good design and navigation, it lacks some advanced privacy and security features such as cookie consent mechanisms and security headers. The domain registration is consistent and trustworthy, with no privacy protection used, which is appropriate for a retail business. Overall, the website presents a moderate risk profile with room for improvement in privacy compliance and security hardening.

D

Danir Group

expectabettertomorrow.com

45

Expect a Better Tomorrow is a Swedish non-profit initiative focused on annual charitable campaigns that promote social and environmental causes, supported and guaranteed by Danir Group. The website presents multiple past and current initiatives aimed at improving lives, such as supporting children in southern Africa and promoting gender equality in technology. The site is built on WordPress and uses common web technologies including Google Analytics and Tag Manager for tracking. While the site is well designed, mobile optimized, and professionally presented, it lacks explicit privacy, cookie, and security policies, which are important for compliance and user trust. The domain registration is consistent and transparent, supporting the legitimacy of the organization.

H

Hi Bro

hibro.co

64

Hi Bro is a Turkish digital marketing and creative agency specializing in web design, SEO, social media management, PPC advertising, and production services. The company targets businesses primarily in Kocaeli, Kıbrıs, İstanbul, and Ankara, offering tailored digital solutions with over 15 years of experience. Their website demonstrates a professional design with modern technologies and interactive content, reflecting a mature digital presence. The technical infrastructure includes Bootstrap, jQuery, Google Tag Manager, Facebook Pixel, and Cloudflare DNS, supporting a moderate performance and good mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA usage, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. WHOIS data shows domain privacy protection typical for agencies, with domain age consistent with business claims. Overall, the website is functional, professional, and credible but could improve privacy transparency and security practices.

E

European Chess Union

europechess.org

49

The European Chess Union (ECU) operates as the continental governing body for chess in Europe, organizing championships, supporting member federations, and promoting chess education. The website serves as an information hub for news, events, commissions, and official communications. The organization targets chess players, federations, and enthusiasts across Europe, positioning itself as a key non-profit sports federation in the chess domain. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and various plugins for event management and media embedding. The site is mobile-optimized with good navigation and content structure, though accessibility features are basic. Performance is moderate, with room for improvement in SEO and accessibility. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and a public vulnerability disclosure policy. The absence of a privacy policy and WHOIS data reduces compliance and trust scores. No blocking or WAF mechanisms were detected, indicating full content accessibility. Overall, the site is professional and trustworthy from a content and business perspective but would benefit from enhanced privacy disclosures, security headers, and transparent domain registration information to improve compliance and trustworthiness.

B

Bauer Hockey, LLC

bauer.com

76

Bauer Hockey, LLC is a well-established company specializing in hockey equipment and apparel with over 90 years of market presence. The company operates a professional e-commerce website primarily targeting hockey players and enthusiasts, offering a wide range of products including sticks, gloves, pads, helmets, skates, base layers, bags, and apparel. The website is built on the Shopify platform, leveraging modern web technologies and multiple third-party marketing and analytics tools to enhance user experience and business intelligence. The technical infrastructure is robust, featuring a modern tech stack with integrations such as Google Tag Manager, Yotpo, Klaviyo, and Visual Website Optimizer. The site demonstrates good performance, mobile optimization, and SEO practices. Security posture is strong with HTTPS enforced, comprehensive security headers, and cookie consent mechanisms in place. However, the absence of publicly available WHOIS data for the main domain introduces some uncertainty regarding domain registration legitimacy. Overall, the website presents a secure and professional front for Bauer Hockey's e-commerce operations, with strong privacy compliance and extensive user tracking for marketing optimization. The lack of direct contact information and security policy pages suggests areas for improvement in transparency and customer trust. Strategic recommendations include publishing explicit security and incident response policies, enhancing accessibility, and maintaining vigilant third-party script audits to mitigate potential vulnerabilities.

M

Monaco Info

monacoinfo.com

57

Monaco Info is a small media company focused on delivering news, video content, and live streaming services centered around Monaco. The website is well-structured, professionally designed, and targets residents and visitors interested in local news and events. The technical infrastructure is based on WordPress with modern web technologies, providing a good user experience and mobile responsiveness. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and DNSSEC. No explicit privacy or security policies are published, which is a compliance gap. The domain is long-established and consistent with the business claims, enhancing trustworthiness.

R

Refrion

refrion.com

70

Refrion is a leading company specializing in industrial refrigeration and ventilated equipment for industrial use worldwide. As part of the LU-VE Group, it holds a strong market position in the energy and manufacturing sectors, offering a range of products including dry coolers, condensers, and batteries. The website reflects a professional B2B business model targeting industrial clients requiring advanced cooling solutions. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates key marketing and analytics tools such as Google Analytics and Cookiebot for privacy compliance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the site is well-structured, mobile-optimized, and SEO-friendly, supporting a good user experience and trustworthiness. The lack of WHOIS data for the subdomain is consistent with it being a subdomain of luvegroup.com, which aligns with the corporate structure. Strategic recommendations include enhancing security headers, expanding contact information visibility, and maintaining compliance with evolving privacy regulations.

T

Tervise Paradiis

terviseparadiis.ee

54

Tervise Paradiis is a well-established 4-star spa hotel and water center located in Pärnu, Estonia, offering a comprehensive range of leisure and wellness services including accommodation, water park facilities, sports complex, bowling, and dining options. The business targets spa and wellness tourists, families, and leisure travelers, positioning itself as a leading hospitality provider in the region. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress CMS, leveraging modern SEO tools and cookie consent management, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks some advanced security headers and published security policies. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. Strategic improvements in privacy compliance and security transparency would enhance trust and compliance.

NEXTING s.r.l. is an Italian media company specializing in TV content production, broadcast services, OTT solutions, communication, and innovative technologies such as AR and VR. The company operates internationally with ENG crews and offers multimedia OTT platforms focused on cultural heritage. Their business model is service-oriented, supported by European and regional funding for research and development projects. The website presents a professional image with clear contact information and social media presence, targeting media and broadcast clients. Technically, the website uses common web technologies including jQuery, FontAwesome, and Google Fonts. The site is mobile-optimized with good navigation and content relevance. However, no CMS or hosting provider information is evident. Performance is moderate, and accessibility is basic. No analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the website lacks visible security headers and published privacy or cookie policies, which impacts compliance and trust. The WHOIS data is missing or indicates the domain is unregistered, which is a significant concern for legitimacy. No forms or incident response contacts are present, limiting data protection and security readiness. Overall, the site is functional and professional but requires improvements in security posture, privacy compliance, and domain registration transparency to enhance trust and reduce risk.

U

United Nations Alliance of Civilizations (UNAOC)

unaoc.org

59

The United Nations Alliance of Civilizations (UNAOC) is a United Nations entity dedicated to fostering intercultural dialogue, understanding, and cooperation globally. It serves as a convener and facilitator to promote harmony among diverse cultures and religions, aiming to prevent conflict and enhance social cohesion. UNAOC operates through various programs, global forums, youth engagement initiatives, and campaigns against hate speech and antisemitism, positioning itself as a key player in international peacebuilding and cultural diplomacy. Technically, the UNAOC website is built on the WordPress CMS platform, utilizing a modern tech stack including jQuery, Yoast SEO, and various plugins for enhanced functionality such as responsive sliders, mega menus, and media embedding. The site demonstrates good mobile optimization, accessibility, and SEO practices, supported by structured data markup and social media integration. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS with excellent SSL configuration and avoids exposing sensitive data. However, it lacks explicit security headers and a cookie consent mechanism, which are areas for improvement to enhance compliance and security posture. No vulnerabilities or suspicious activities were detected in the visible content. Overall, UNAOC's digital presence reflects a professional, trustworthy, and authoritative organization aligned with United Nations standards. The domain's WHOIS data is privacy protected, which is typical for UN domains, and the domain age aligns with the organization's history. Strategic recommendations include implementing security headers, adding a cookie consent banner for GDPR compliance, and publishing incident response and vulnerability disclosure policies to further strengthen trust and security.

K

kalateave.ee

kalateave.ee

42

The website kalateave.ee serves as the Fisheries Information Centre for Estonia, focusing on enhancing knowledge and sustainability in fisheries, aquaculture, and aquatic resource utilization. It targets industry professionals, non-profits, research institutions, and the general public interested in fisheries. The site offers informational content, research publications, educational materials, and event announcements, positioning itself as a central knowledge hub in the Estonian fisheries sector. Technically, the site is built on Joomla CMS with modern web technologies including jQuery, Bootstrap, and FontAwesome, and integrates Google Analytics for visitor tracking. The site is mobile-optimized and has good SEO practices but lacks some accessibility features and security headers. Security posture is solid with HTTPS enforced and CSRF protections, but there is room for improvement in privacy compliance and explicit security policies. Overall, the site is professional and trustworthy but should enhance privacy transparency and security headers to align with best practices.

V

V360 agency

v360.ee

43

V360 Agency OÜ is a small Estonian digital agency specializing in web development, e-commerce solutions, branding, and full digital marketing services. The company positions itself as a smart solution for digital success, targeting businesses seeking to elevate their online presence through comprehensive marketing and branding strategies. Their website showcases a professional design with clear navigation, client testimonials, and a portfolio of projects, indicating a trusted market presence. Technically, the site is built on WordPress with modern JavaScript libraries such as Swiper.js and Tippy.js, and integrates Google Tag Manager and reCAPTCHA for tracking and security. The hosting and domain registration are managed by Zone Media OÜ, a reputable Estonian registrar and hosting provider. Security posture is adequate with HTTPS and reCAPTCHA implemented, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Overall, the website is professional and credible, though improvements in privacy and security policies are recommended.

S

SA Saare Arenduskeskus

sasak.ee

40

SA Saare Arenduskeskus is a regional development foundation based in Estonia, focused on supporting local municipalities, entrepreneurs, and civic organizations in Saare County. The organization provides professional consulting, project management, and training services aimed at fostering regional growth and community development. The website reflects a small-sized, government/non-profit entity with a clear regional focus and a business model centered on service provision rather than commercial sales. Technically, the website is built on the concrete5 CMS platform and utilizes modern web technologies including Bootstrap, jQuery, FontAwesome, and AOS for animations. It integrates Google Analytics and Facebook SDK for tracking and social media functionalities. The site is mobile-optimized and demonstrates good design and navigation clarity, though accessibility features are basic. Hosting appears to be managed by Zone Media OÜ, an Estonian registrar and hosting provider. From a security perspective, the site enforces HTTPS and includes minimal security headers such as X-Content-Type-Options. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of comprehensive security headers and lack of published security or incident response policies indicate room for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible consent mechanisms, which could pose regulatory risks under GDPR. Overall, the website is functional, professional, and trustworthy with moderate digital maturity. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, enhancing security headers, and publishing incident response contacts to improve compliance and security posture.

Airwave OÜ is a well-established Estonian company specializing in the import and wholesale of heating, ventilation, and air conditioning (HVAC) equipment, serving primarily the Baltic region and Finland since 1999. The company positions itself as one of the largest HVAC importers and wholesalers in the Baltics, offering a broad range of products including heat pumps, ventilation systems, and climate control devices. Their business model focuses on wholesale distribution supported by professional sales and after-sales services, catering to both commercial and residential customers. Technically, the website is built on the Odoo CMS platform, leveraging modern web technologies such as Bootstrap and FontAwesome for UI components. The site demonstrates good mobile optimization and SEO practices, with a clear navigation structure and professional design. Performance is moderate, and accessibility is basic but functional. The absence of advanced analytics or tracking scripts suggests a minimal user tracking approach. From a security perspective, the website enforces HTTPS with a valid SSL configuration and includes CSRF tokens in its scripts, indicating awareness of basic web security practices. However, it lacks several security headers and does not publicly disclose security policies or incident response procedures. There is no visible cookie consent mechanism, which may impact GDPR compliance. The presence of a privacy policy and terms of service pages indicates some level of compliance and transparency. Overall, Airwave OÜ's website reflects a credible and professional business with a solid market presence in the HVAC sector. Security posture is adequate but could be improved with enhanced headers, explicit policies, and cookie consent. The site is trustworthy with consistent WHOIS data and clear contact information. Strategic improvements in privacy compliance and security transparency would further strengthen their digital maturity and customer trust.

L

LCC PRODUKT OÜ

lccprodukt.ee

41

LCC PRODUKT OÜ is an Estonian company specializing in energy-efficient and modern ventilation solutions, including calculation, analysis, and distribution of ventilation equipment. Founded in 2012, the company positions itself as a professional partner to architects, designers, builders, and developers in Estonia, offering innovative European ventilation products and high-tech energy solutions. The website is built on WordPress with WooCommerce, featuring a modern and responsive design, integrated project search functionality, and active social media presence. Security posture is solid with HTTPS enabled and no exposed sensitive data, though it lacks some advanced security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site reflects a trustworthy and professional business with room for improvement in security and privacy transparency.

S

Spordimeditsiini SA

sportmed.ee

38

Spordimeditsiini SA is an established Estonian sports medicine foundation providing specialized health examinations, treatments, and consultations for amateur, youth, and professional athletes. With over 25 years of experience, it holds a strong market position in Estonia's healthcare sector, focusing on sports-related medical services including physiotherapy, cardiology diagnostics, nutrition counseling, and advanced physiotherapy procedures. The website is well-structured, multilingual, and professionally designed, reflecting the organization's credibility and service quality. Technically, it is built on WordPress with modern plugins and SEO optimizations, though some performance and security enhancements are advisable. Security posture is solid with HTTPS and no visible vulnerabilities, but lacks explicit security headers and incident response policies. Privacy compliance is partially met with privacy and cookie policies present, but missing active consent mechanisms. Overall, the site demonstrates a mature digital presence with room for improvements in security and privacy transparency.

T

treenerikutse.ee

treenerikutse.ee

46

The website treenerikutse.ee serves as a portal for coaching certification and related educational services primarily targeting the Estonian market. It offers functionalities such as application control, certification verification, self-training campaigns, and registers related to education and sports disciplines. The business operates in a niche sector focused on professional coaching and sports education within Estonia, with a domain registered in 2019 and hosted by Spin TEK AS, an Estonian registrar and hosting provider. Technically, the website employs a variety of common web technologies including jQuery, Bootstrap, FlexSlider, and DataTables, indicating a moderate level of digital maturity. The site is structured with responsive design elements but lacks advanced SEO optimization and accessibility features. The absence of CMS detection suggests a custom or lightweight platform. Performance is moderate, with no explicit indicators of slow loading but also no advanced optimization. From a security perspective, the site lacks visible security headers and does not provide explicit HTTPS status in the provided data, which is a concern. The cookie consent mechanism is implemented, indicating some awareness of privacy compliance, but no privacy policy or terms of service are present, limiting GDPR compliance. No contact information or incident response channels are provided, reducing transparency and trust. Overall, the website presents a basic but functional service portal with moderate business credibility. Security and privacy practices require significant improvement to meet modern standards. Strategic recommendations include implementing HTTPS with strong SSL/TLS, publishing comprehensive privacy and security policies, adding security headers, and providing clear contact information to enhance trust and compliance.

R

Rapla vald

rapla.ee

45

Rapla vald operates as a local government entity serving the Rapla region in Estonia, providing a broad range of municipal services including social support, education, cultural activities, infrastructure management, and community engagement. The website serves as an official portal for residents and visitors, offering news, event information, and access to various public services. The organization maintains a clear and consistent brand presence with a well-structured website in Estonian, targeting local community members and stakeholders. Technically, the website is built on WordPress CMS, leveraging modern plugins and frontend technologies such as jQuery, FontAwesome, and Google Tag Manager. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Hosting and domain registration are managed by a reputable Estonian registrar, Telia Eesti AS, with domain age consistent with the organization's history. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks explicit security headers, published security policies, and incident response contact information. No vulnerability disclosure or security.txt files are present, indicating room for improvement in transparency and security maturity. Overall, the website presents a trustworthy and professional digital presence for a government entity, with moderate technical and security posture. Strategic enhancements in security headers, incident response readiness, and vulnerability disclosure would strengthen its security and compliance stance.

V

Valgeranna Seikluspark

valgerannaseikluspark.ee

44

Valgeranna Seikluspark is an Estonian adventure park offering active outdoor recreational activities primarily targeting families, children, and groups near Pärnu. The website presents a professional and consistent brand image with clear descriptions of services such as adventure trails, group bookings, and special events. Technically, the site is built on WordPress with Elementor and Yoast SEO, integrating Google Analytics and Tag Manager for tracking. Cookie consent is implemented with detailed user controls, reflecting a basic level of privacy compliance. Security posture is solid with HTTPS and no visible vulnerabilities, though formal security and incident response policies are absent. Overall, the site is functional, trustworthy, and well-positioned regionally, but could improve transparency by publishing privacy and terms policies and enhancing contact information visibility.

S

Spordikoolituse ja -Teabe SA

sport.ee

50

Sport.ee is a government-affiliated Estonian sports information portal managed by Spordikoolituse ja -Teabe SA. It serves as a comprehensive platform providing data on sports training, coaching qualifications, sports organizations, events, and statistics. The site targets sports organizations, coaches, athletes, and enthusiasts within Estonia, positioning itself as a key national resource for sports-related information and management. The business model revolves around offering informational services and integration with official sports registers and government bodies. Technically, the website employs a modern tech stack including Bootstrap, jQuery, AngularJS, and various libraries for UI and data visualization, ensuring a responsive and user-friendly experience. Performance is moderate with good mobile optimization and basic accessibility features.

E

Eesti Planeerijate Ühing

planeerijad.ee

48

Eesti Planeerijate Ühing is a professional non-profit association focused on spatial planning practices in Estonia. The organization provides certification for spatial planners, organizes events such as seminars and webinars, and engages in knowledge dissemination and international cooperation. The website is well-structured, professionally designed, and regularly updated with relevant news and events, reflecting an active and credible organization within its sector. Technically, the website is built on WordPress with modern plugins including Elementor and Yoast SEO, ensuring good SEO and mobile responsiveness. The site uses HTTPS with an excellent SSL configuration, but lacks some advanced security headers and explicit privacy and cookie policies, which are areas for improvement. No blocking or WAF mechanisms interfere with content accessibility. Security posture is solid with HTTPS and no exposed sensitive data, but the absence of published incident response or vulnerability disclosure policies and security.txt reduces transparency. Privacy compliance is weak due to missing privacy and cookie policies and consent mechanisms. Business credibility is high given the consistent domain registration, professional content, and clear organizational purpose. Overall, the site is trustworthy and functional but would benefit from enhanced privacy compliance and security transparency to align with best practices and regulatory requirements.

P

Planeerimine.ee

planeerimine.ee

46

Planeerimine.ee is an Estonian government-related informational website dedicated to spatial planning. It provides comprehensive materials including legal documents, guidelines, FAQs, and training information to support planners and stakeholders in Estonia. The site targets professionals and public officials involved in spatial planning and related regulatory processes. The business model is primarily informational and educational, positioning itself as an authoritative resource within the Estonian government sector. Technically, the website is built on WordPress 6.8.1 with a modern tech stack including jQuery, Google Analytics, and accessibility tools. The site is mobile-optimized, uses HTTPS, and implements cookie consent mechanisms. SEO and accessibility features are well integrated, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA for form protection. However, some security headers are not explicitly present, suggesting room for improvement. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with cookie consent present but no visible privacy policy or terms of service pages. Overall, the website demonstrates a solid security posture and technical maturity suitable for a government informational portal. Strategic recommendations include enhancing security headers, publishing privacy and incident response policies, and maintaining up-to-date software to mitigate risks.

K

Kodutütred

kodututred.ee

41

Kodutütred is a well-established Estonian youth organization affiliated with the Kaitseliit (Estonian Defence League), focusing on patriotic education and voluntary activities for girls aged 7 to 18. The website serves as an informational and engagement platform, showcasing news, events, organizational structure, and membership opportunities. The organization has a strong national presence with thousands of members and active participation across all counties in Estonia. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, FontAwesome, and Google Analytics for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Hosting and domain registration are consistent with the organization's location and purpose. From a security perspective, the site uses HTTPS and secure forms but lacks advanced security headers and DNSSEC, which could be improved. Privacy compliance is weak due to the absence of explicit privacy and cookie policies or consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy compliance and security hardening to meet modern standards and regulatory requirements.

Z

Zone Media OÜ

inimene.ee

45

Inimene.ee is an established Estonian health portal operated by Zone Media OÜ since 2010. It provides comprehensive health-related content including disease catalogs, symptoms, treatments, and health news. The site targets Estonian-speaking individuals seeking reliable health information and offers interactive features such as a question submission form answered by medical professionals. The business model relies on content provision combined with advertising partnerships, notably with Apotheka e-pharmacy. Technically, the site uses a modern CMS (Greativ), integrates multiple third-party analytics and advertising services, and is optimized for mobile devices with good SEO practices. Security posture is solid with HTTPS enforced and secure form handling, though it lacks some advanced headers and published incident response policies. Overall, the site is trustworthy and professionally maintained, with room for improvement in security transparency and direct contact information.

Õ

Õigusbüroo HUGO.legal õigusabi

hugo.legal

53

Õigusbüroo HUGO.legal is an Estonian legal services platform offering fast, accessible legal advice through professional jurists. The website provides multiple consultation channels including in-office, video, web, and phone, targeting residents of Estonia. The platform also offers legal applications to help users resolve debt and other legal issues efficiently. The business is positioned as a trusted local legal aid provider with a strong digital presence and content marketing through blogs and testimonials. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and WP Rocket, ensuring good performance, SEO optimization, and mobile responsiveness. The site uses HTTPS with a valid SSL certificate and integrates Google Analytics for user tracking. However, DNSSEC is not enabled, and security headers are missing, indicating room for security enhancements. From a security perspective, the site demonstrates good baseline practices including HTTPS and cookie consent mechanisms. There is no evidence of exposed sensitive data or vulnerable libraries. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure reduces transparency. The domain registration is stable but shows partial privacy in WHOIS data, which is reasonable for this business type. Overall, the website is professional, trustworthy, and well-optimized for its target audience. Strategic improvements in security headers, DNSSEC, and published security policies would enhance its security posture and compliance. The business appears credible and well-established with a medium-sized market presence in Estonia.

R

Raven OÜ

ravenou.ee

45

Raven OÜ is a small Estonian company specializing in water utility services, including water supply, water-saving advice, and infrastructure development. The company targets local residents and businesses in the Harju maakond region, providing essential water-related services and customer support. The website is professionally designed using Joomla CMS and offers clear navigation and relevant content focused on water conservation and service notifications. Technically, the website employs a standard Joomla stack with modern JavaScript and CSS assets. It is hosted by Elkdata OÜ, consistent with the domain registration data. The site is mobile-optimized and performs moderately well, though accessibility features could be improved. No advanced analytics or tracking technologies are detected, indicating a privacy-conscious approach but also a lack of marketing sophistication. From a security perspective, the website uses HTTPS with a valid SSL configuration and includes CSRF tokens in scripts, which is positive. However, it lacks important security headers and does not publish privacy, cookie, or security policies, which are critical for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, representing a compliance and security gap. Overall, the website is legitimate and trustworthy based on domain age and registration consistency. The main risks relate to privacy compliance and security best practices. Strategic improvements in these areas would enhance the company's digital maturity and user trust.

Z

Zone Media OÜ

vaktsineeri.ee

63

vaktsineeri.ee is a public health information website focused on vaccination awareness and education in Estonia. It provides comprehensive information on immunization schedules, vaccine safety, travel vaccinations, and related news. The site targets the general Estonian population including parents, adults, and travelers, positioning itself as an official or semi-official government-affiliated resource. The business model is informational and supported by partnerships with Estonian health and government institutions. Technically, the site is built on Drupal 10 with modern web technologies, offering good mobile optimization and accessibility features. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and policies could be improved. Privacy compliance is weak due to missing privacy and cookie policies and lack of consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

S

Spordikoolituse ja -Teabe SA

spordiregister.ee

58

Eesti Spordiregister, operated by Spordikoolituse ja -Teabe SA under the Estonian Ministry of Culture, serves as the official national registry and information portal for sports organizations, schools, facilities, and coaches in Estonia. It provides comprehensive data services including statistics, data submission portals, and public access to sports-related information, targeting sports entities and the general public. The platform is well-positioned as a trusted governmental resource in the Estonian sports sector. Technically, the website employs a mature technology stack including jQuery, Bootstrap, Highcharts, Leaflet, and other modern JavaScript libraries, ensuring a responsive and accessible user experience. The site is mobile-optimized and implements basic SEO and accessibility features. The infrastructure appears custom-built without reliance on popular CMS platforms, indicating tailored development for specific governmental needs. From a security perspective, the site enforces HTTPS and uses secure form inputs, but lacks some advanced security headers and does not publicly disclose a security policy or incident response contacts. No vulnerabilities or malware were detected, and cookie consent mechanisms are in place, supporting GDPR compliance. The WHOIS data aligns well with the website's governmental nature, reinforcing legitimacy. Overall, the website demonstrates a solid security posture and technical maturity suitable for its governmental role, with room for improvement in security header implementation and transparency around security policies. The business credibility is high given its official status and clear contact information.

R

Rakvere Spordikeskus

rakverespordikeskus.ee

48

Rakvere Spordikeskus is a well-established public sports center located in Rakvere, Estonia, founded in 2010. It serves as a key regional hub for sports facilities, events, and training programs targeting local residents, sports clubs, and event organizers. The website reflects a professional and community-focused organization with clear contact information and active social media engagement. Technically, the site is built on WordPress with modern plugins and frameworks, offering good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although formal security policies and incident response information are not published. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent banner. Overall, the site demonstrates a mature digital presence suitable for its public service role.

R

Rakvere Raamatukogu

lvkrk.ee

39

Rakvere Raamatukogu is a regional public library in Estonia providing a range of library and community services including book lending, e-catalog access, home delivery for vulnerable populations, and educational events. The website is built on Joomla CMS and integrates common web technologies such as Bootstrap, jQuery, and FontAwesome. It uses HTTPS and includes Google Analytics and Tawk.to live chat for user engagement and analytics. The site is well-branded and consistent with its public service mission, targeting local residents and library users. Security posture is moderate with HTTPS enabled but lacks advanced security headers and explicit security policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. WHOIS data confirms domain legitimacy and long-term registration consistent with the institution's history.

Tapa Perearstikeskus OÜ operates as a local healthcare provider in Estonia, offering primary care services including general practitioners, nurses, midwifery, and physiotherapy. The website presents comprehensive contact details and staff information, positioning itself as a trusted community medical center. Technically, the site is built on the Odoo CMS platform with standard web technologies and demonstrates good mobile optimization and user experience. However, the absence of privacy and cookie policies indicates potential compliance gaps with GDPR requirements. Security posture is moderate with some best practices like CSRF tokens but lacks visible security headers and explicit HTTPS enforcement details. Overall, the site is functional and credible but would benefit from enhanced privacy and security measures.

E

eHost OÜ

arenduskeskus.ee

40

Investor.ee is a small Estonian educational website focused on providing information and guidance about investing and financial growth. The site targets individuals and organizations interested in learning about investment strategies, risk management, and financial planning. The business operates primarily as an informational resource with content in Estonian, positioning itself as a niche player in the finance education sector. The website is built on WordPress using modern themes and plugins, with a moderate level of technical maturity and good mobile optimization. Security measures include HTTPS enforcement and Google reCAPTCHA integration, although some security best practices such as security headers and explicit privacy policies are missing. Overall, the site demonstrates a moderate security posture with room for improvement in privacy compliance and security transparency.

G

Goldcar

goldcarhelp.com

54

Goldcar is a well-established car rental company operating primarily in Spain with a strong presence in major tourist destinations. The company offers a variety of car rental services, including innovative features like the Key'n Go automatic key pickup system and a loyalty program called GO Club. The website serves as a comprehensive help center supporting customers with FAQs, booking assistance, and contact options. Technically, the website uses modern frontend technologies such as Bootstrap, jQuery, and Google Tag Manager, hosted on a CDN likely provided by Akamai, ensuring moderate performance and good mobile optimization. Security posture is generally good with HTTPS enforced and secure forms, but lacks some security headers and explicit cookie consent mechanisms. The absence of WHOIS registration data is a notable concern, impacting trust and legitimacy assessments. Overall, the site is professional and functional but would benefit from enhanced security and privacy compliance measures.

A

Anija vald

anija.ee

42

Anija.ee is the official website of Anija vald, a local government entity in Estonia. The site serves as a comprehensive portal for municipal information, including news, services, contacts, and community resources. It targets residents and stakeholders within the Anija vald municipality, providing essential public service information and facilitating communication between the government and its constituents. The website is well-structured with clear navigation and a consistent branding approach, reflecting its role as a trusted government resource. Technically, the website is built on WordPress CMS, utilizing modern plugins such as Max Mega Menu, Complianz GDPR Cookie Consent, and Carousel Block. It employs jQuery and FontAwesome for enhanced UI/UX. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate and could benefit from further optimization. The presence of Google Tag Manager indicates usage of analytics and tracking, balanced with a GDPR-compliant cookie consent mechanism. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks explicit security headers like Content-Security-Policy and X-Frame-Options, which are recommended for enhanced protection. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data confirms a consistent and legitimate domain registration aligned with the website's governmental purpose. Overall, Anija.ee presents a secure, compliant, and professionally maintained digital presence for the Anija vald municipality. Strategic recommendations include enhancing security headers, adding explicit incident response contacts, and maintaining regular updates to CMS and plugins to sustain security and compliance.

D

Digi- ja väestötietovirasto

avoindata.fi

58

The website avoindata.fi serves as the official Finnish government open data portal managed by Digi- ja väestötietovirasto. It consolidates all open data published in Finland, providing datasets, APIs, producer information, and showcases of applications leveraging open data. The portal targets developers, public sector entities, and citizens interested in accessing and utilizing open data. Its business model is that of a public service, offering free and centralized access to government data resources. Technically, the site is built on Drupal 10 with Bootstrap and FontAwesome for UI components, and it integrates Matomo for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Hosting appears to be government-managed with external analytics hosted on suomi.matomo.cloud. From a security perspective, the site enforces HTTPS and employs secure form handling with CSRF tokens. However, it lacks explicit security headers and does not publicly disclose a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Contact information is limited to email and contact forms, with no phone or physical address listed. Overall, avoindata.fi is a trustworthy, well-maintained government portal with good technical and privacy standards. Strategic improvements include publishing a security policy, adding security headers, and providing incident response contacts to enhance transparency and security posture.

Valtiovarainministeriö is the Finnish Ministry of Finance responsible for stabilizing public finances, ensuring sustainable economic growth, and enhancing the effectiveness and productivity of public services and administration. The website serves as an official government portal providing news, publications, and information relevant to Finnish citizens, government officials, and stakeholders in public finance. The site is well-branded, consistent, and professionally maintained, reflecting its authoritative position in the Finnish government. Technically, the website is built on the Liferay Portal CMS platform, utilizing modern JavaScript libraries including React and jQuery, and incorporates accessibility and SEO best practices. The site is mobile-optimized and performs moderately well, hosted likely on Finnish government infrastructure. Security posture is strong with HTTPS enforced, cookie consent implemented, and no exposed sensitive data detected. However, DNSSEC is not enabled, and explicit security policies or incident response contacts are not prominently published. Overall, the website demonstrates a mature digital presence with strong business credibility and technical implementation. Security practices are solid but could be enhanced by publishing formal security policies and enabling DNSSEC. Privacy compliance is good with visible cookie consent and a comprehensive privacy policy. No blocking or WAF interference was detected, allowing full content access and analysis.

P

Puolustusministeriö

defmin.fi

59

Puolustusministeriö is the Finnish Ministry of Defence responsible for national defence policy, international cooperation, and administrative oversight. The website serves as an authoritative government portal providing comprehensive information on defence themes, current news, licensing, and organisational details. It targets Finnish citizens, government officials, and defence sector stakeholders, positioning itself as a key national government entity. Technically, the site employs modern web standards including HTML5, CSS3, jQuery, and FontAwesome, with responsive design and accessibility features ensuring good user experience across devices. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, supporting its role as a government information source.

B

Bestmarketing.ee

balticbest.eu

56

BalticBest is a specialized advertising competition targeting the Baltic region, organized in partnership with EPICA Awards. The competition is conducted online with live judging sessions, providing entrants with immediate feedback and transparency. The website serves as a hub for competition information, news, submission details, and agency rankings. The business is positioned as a niche media entity focused on marketing and advertising professionals in Estonia and neighboring Baltic countries. Technically, the site is built on WordPress using Elementor, with modern web technologies and a moderate performance profile. Security posture is solid with HTTPS and secure forms, though it lacks some security headers and formal privacy and cookie policies, which are compliance gaps. Contact information is comprehensive, including emails, phone numbers, and physical address, enhancing business credibility. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

T

Tervise Arengu Instituut

nutridata.ee

50

NutriData is a government-operated nutrition information system managed by the Estonian Health Development Institute (Tervise Arengu Instituut). It offers a suite of nutrition-related applications including diet analysis programs, food composition databases, product calculation tools, and nutrition survey software. The platform serves a broad audience ranging from individual users and healthcare professionals to food producers and researchers, positioning itself as an authoritative national resource for nutrition data and analysis in Estonia. The website is well-structured, content-rich, and provides comprehensive information about its services, training, and team members. Technically, the website is built as a modern Angular single-page application leveraging Google Analytics, Google Tag Manager, and Google reCAPTCHA for analytics and security. The site is mobile-optimized and uses standard web fonts and icons for a professional appearance. While the site uses HTTPS and some security best practices, it lacks certain HTTP security headers and a cookie consent mechanism, which are recommended for enhanced security and privacy compliance. From a security perspective, the site demonstrates good practices such as encrypted connections and form protection via reCAPTCHA. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data confirms the domain's legitimacy and consistency with the official institution managing the site. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure mechanisms indicates room for improvement in security transparency and incident readiness. Overall, NutriData presents a trustworthy, professional, and functional nutrition information platform with strong government backing. Strategic enhancements in privacy compliance, security headers, and incident response documentation would further strengthen its security posture and user trust.

T

The Options Clearing Corporation

optionseducation.org

50

The Options Industry Council (OIC) is a well-established educational resource operated by The Options Clearing Corporation (OCC), providing comprehensive options trading education to investors, financial advisors, and institutional participants globally. The website offers a rich array of educational materials including webinars, podcasts, strategy guides, and real-time options quotes, positioning itself as a trusted industry leader since 1992. The business model is non-profit and supported by major participant exchanges, reinforcing its credibility and market position. Technically, the website is built on the Kentico CMS platform and leverages a modern technology stack including Google Tag Manager, Google Analytics, Facebook Pixel, and Microsoft Clarity for analytics and marketing. The site demonstrates good performance, mobile optimization, and accessibility, with a professional and consistent design that enhances user experience and trustworthiness. From a security perspective, the site enforces HTTPS and employs secure form handling with hashed data submissions. While no critical vulnerabilities were detected, the absence of explicit security headers such as Content-Security-Policy and lack of published security or incident response policies represent areas for improvement. Privacy compliance is partially addressed with a comprehensive privacy policy, but the lack of a cookie consent mechanism and GDPR-specific disclosures suggests room for enhancement. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include implementing additional security headers, publishing security policies, enhancing privacy compliance with cookie consent, and improving WHOIS transparency to further strengthen trust and compliance.

A

AMR Europe

amreurope.com

62

AMR Europe is a specialized distributor of high-end 3D printing systems, serving industrial, educational, and general 3D printing markets primarily in the Netherlands and Europe. The company offers a broad portfolio including 3D printers, scanners, filament, accessories, and parts, supported by a showroom and e-commerce platform. Their market position is that of a trusted niche technology provider with a focus on professional additive manufacturing solutions. Technically, the website is built on a modern WordPress CMS with WooCommerce and Divi theme, integrating common web technologies and optimization tools. The site is mobile-optimized and SEO-friendly, providing a good user experience. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and some advanced security headers are missing. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the business credibility is high with transparent contact information and social media presence. No blocking or WAF interference was detected, allowing full content access and analysis.