Security Directory

A

ALUKON

alukon.lv

52

ALUKON is a Latvian company specializing in the design, manufacture, and installation of glass facades using Schüco aluminum and Jansen steel systems. Established in 1994, it has over 25 years of experience and a portfolio of more than 200 projects. The company operates its own production facilities equipped with modern machinery and serves both local and export markets. The website reflects a professional business with clear contact information and a focus on quality engineering and fabrication services. Technically, the website employs a modern technology stack including Bootstrap, jQuery, Google Analytics, and reCAPTCHA v3, ensuring a responsive and interactive user experience. The site is well-structured with good SEO practices and mobile optimization. Security measures include HTTPS and form protection via reCAPTCHA, though some security headers are missing. From a security perspective, the site shows a good baseline posture with encrypted connections and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policies, incident response information, and cookie consent mechanisms, which are important for GDPR compliance and user trust. Overall, ALUKON's website presents a credible and professional business presence with moderate technical maturity and a solid security foundation. The absence of WHOIS data limits full domain legitimacy verification, but the site content and business details align well with a legitimate manufacturing company in Latvia.

V

VSIA Traumatoloģijas un ortopēdijas slimnīca

tos.lv

43

VSIA Traumatoloģijas un ortopēdijas slimnīca is a specialized Latvian hospital providing comprehensive traumatology and orthopedic medical services including emergency care, diagnostics, surgery, rehabilitation, and telemedicine. The hospital holds an ISO 9001 quality certification, indicating a commitment to quality management and continuous improvement. The website targets patients in Latvia and offers detailed information about services, news, and job vacancies, reflecting an active and professional healthcare institution. Technically, the website uses modern frameworks such as Bootstrap and jQuery, with responsive design and multimedia content to enhance user experience. However, some areas such as privacy and cookie policies are lacking, and security headers are not evident, which could be improved to strengthen compliance and security posture. WHOIS data was unavailable due to query limits, limiting domain legitimacy verification. Overall, the website is functional, professional, and trustworthy but would benefit from enhanced privacy and security practices.

R

Riga Graduate School of Law

rgsl.edu.lv

38

Riga Graduate School of Law (RGSL) is an educational institution specializing in international and European law, offering bachelor, master, and specialized programmes. The website targets students interested in law, diplomacy, and business, positioning itself as a reputable regional law school in Latvia. The institution provides a range of academic programmes and capacity-building projects, supported by a professional online presence and active social media engagement. Technically, the website employs modern web technologies including jQuery, Google Analytics with privacy features, and cookie consent mechanisms, ensuring a user-friendly and GDPR-compliant experience. Security posture is moderate with privacy protections in place but lacks explicit security headers and incident response information. The absence of WHOIS data limits domain trust verification, but the website content and linked services indicate legitimacy. Overall, RGSL demonstrates a solid digital presence with room for security enhancements and WHOIS transparency.

S

SIA "Longo Latvia"

longo.lv

61

Longo.lv is a Latvian-based used car dealership operating under SIA "Longo Latvia", part of the international Longo Group. The company specializes in selling used and slightly used cars with verified mileage, service history, and warranty. Their business model includes sourcing vehicles primarily from the Netherlands, performing technical inspections, and offering financing options including leasing. The website is professionally designed, mobile-optimized, and provides comprehensive contact information and customer testimonials, positioning Longo.lv as a trusted player in the Latvian automotive market. Technically, the website leverages modern JavaScript frameworks such as Vue.js and Nuxt.js, integrates multiple analytics and marketing tools including Google Tag Manager and TikTok Analytics, and employs cookie consent management via Cookiebot. Performance is moderate with good SEO and mobile responsiveness. Security posture is strong with HTTPS enforced and standard security headers present, though no explicit security policy or incident response information is published. The absence of WHOIS data due to query limits restricts domain registration verification, but the website's structured data and consistent branding support legitimacy. Privacy and cookie policies are present and GDPR compliance is indicated. Overall, Longo.lv demonstrates a mature digital presence with solid business credibility and security practices. Strategic recommendations include publishing a dedicated security policy, establishing an incident response contact, enhancing accessibility features, and maintaining vigilance on third-party scripts to mitigate potential vulnerabilities.

Futurus Food is a Latvian company established in 1997 specializing in the production, packaging, import, export, and wholesale distribution of groats and other food products. The company serves a diverse clientele including state institutions, retail chains, HoReCa businesses, and international export markets. It manages a portfolio of approximately 1400 food products under various brands and maintains partnerships with major retailers such as Maxima and Rimi. The company emphasizes professional staff, modern logistics, and market-driven product offerings. Technically, the website employs legacy technologies like jQuery 1.8.3 and Bootstrap 3, with Google Analytics and Google Tag Manager for tracking. The site is accessible without WAF or blocking mechanisms but lacks modern security headers and updated libraries, which could pose risks. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the business presents a credible and established presence, but the digital infrastructure and security posture require improvements to align with best practices and regulatory requirements.

J

Jānis Roze

jr.lv

66

Jānis Roze is a well-established Latvian retail company specializing in books, stationery, and office supplies, operating a professional e-commerce platform targeting local consumers and businesses. The website demonstrates a solid technical infrastructure built on Magento with modern web technologies and performance optimizations. Privacy and cookie policies are implemented with consent mechanisms, reflecting GDPR compliance. Security posture is generally good with HTTPS enforcement, security headers, and monitoring tools like New Relic, though there is room for improvement in publishing explicit security policies and vulnerability disclosures. The absence of WHOIS data limits full domain trust assessment but the website content and technical indicators suggest a legitimate and professional business. Overall, the site is functional, secure, and compliant with relevant regulations, serving its target market effectively.

L

Latvijas Hokeja Federācija

lhf.lv

53

Latvijas Hokeja Federācija (LHF) is the national governing body for ice hockey in Latvia, providing comprehensive information about Latvian ice hockey including news, statistics, tournaments, teams, referees, and organizational details. The website targets ice hockey players, fans, coaches, and officials within Latvia and offers a centralized platform for updates and resources related to the sport. The business model is non-profit and focused on sports federation activities, supported by multiple sponsors and partners. Technically, the website employs modern JavaScript frameworks such as Vue.js and jQuery, integrates social media SDKs, and uses Google Analytics for visitor tracking. The site is mobile-optimized with good navigation and content relevance, though accessibility features are basic. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks some security headers and explicit privacy and terms policies. WHOIS data is unavailable due to query limits, but website content and contact details indicate legitimacy. Overall, the site is professional and trustworthy with room for improvement in privacy compliance and security best practices.

W

Webbpartner AB

mediapaper.se

44

MediaPaper is a Swedish company specializing in converting traditional print materials such as PDFs into interactive digital publications. Their platform offers an easy-to-use SaaS solution that enables users to quickly digitize and distribute content optimized for multiple devices. The company targets businesses and individuals seeking to enhance their print materials with interactive features like clickable links and embedded videos. The website is professionally designed, mobile-optimized, and provides clear contact information, reflecting a credible and customer-focused business. Technically, the site is built on ASP.NET WebForms with modern JavaScript libraries and integrates third-party marketing and analytics tools such as Google Analytics and Leadfeeder. Security posture is good with HTTPS enabled and secure form handling, though some security headers could be improved. Privacy compliance is basic with a cookie consent mechanism and a cookie policy page, but no explicit privacy or security policies are found. WHOIS data for the exact domain is unavailable, suggesting the domain may be a subdomain or registered differently, which slightly impacts trust but does not detract from the overall legitimacy. Strategic recommendations include enhancing security headers, publishing security and privacy policies, and improving accessibility features.

Riga Hockey Cup is a youth ice hockey tournament organizer based in Latvia, providing a platform for various age groups to compete in a well-structured European championship. The website offers multilingual support and comprehensive event information, targeting youth hockey teams, coaches, and fans. The digital infrastructure leverages common web technologies such as jQuery, Fancybox, and social media integrations, with moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though security headers and explicit incident response policies are absent. Privacy compliance is basic with a privacy policy and cookie consent implemented, reflecting GDPR awareness. The absence of WHOIS data limits domain legitimacy verification, but the site appears professional and trustworthy overall.

T

The Intercultural Innovation Hub

interculturalinnovation.org

57

The Intercultural Innovation Hub is a non-profit initiative established in 2011, operating as a partnership between UNAOC and the BMW Group. It focuses on supporting innovative grassroots projects that promote intercultural dialogue and cooperation globally. The website presents a professional and consistent brand image with good content quality targeting changemakers and organizations interested in social innovation. Technically, the site is built on WordPress with a modern tech stack including Yoast SEO, Google Analytics, and Facebook Pixel, hosted on Quadranet servers. Mobile optimization and SEO practices are well implemented, though accessibility is basic. Security posture is moderate with HTTPS enabled and domain protection in place, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and credible but would benefit from enhanced privacy and security disclosures.

J

Jazz Pesulad OÜ

jazzpesulad.ee

51

Jazz Pesulad OÜ operates a well-established car wash chain in Estonia, providing a variety of vehicle cleaning services including self-service, hand wash, and drive-through options. The company has a strong market presence with 23 locations across multiple cities and serves thousands of customers daily. Their business model includes loyalty and prepaid card programs to enhance customer retention and convenience. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Google reCAPTCHA Enterprise, ensuring a responsive and user-friendly experience. Security measures include HTTPS enforcement and standard security headers, although no explicit security policy or incident response contacts are published. Overall, the website is professional, trustworthy, and compliant with privacy regulations, supporting a positive digital maturity profile.

T

Toidutänavad

toidutanavad.ee

40

Toidutänavad is an event organization business hosting Estonia's largest street food festival, established in 2020. The website serves as a promotional platform targeting families and street food enthusiasts in Estonia, offering information about the festival and related events. The site is built on WordPress with modern SEO and multilingual support, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy or cookie policies, which are critical for GDPR compliance. Contact and incident response information are not present, limiting user trust and compliance transparency. Overall, the website is functional and professional but requires improvements in privacy, security policies, and contact transparency to enhance trust and compliance.

M

MTÜ Hiiukala

hiiukala.org

46

MTÜ Hiiukala is a small Estonian non-profit organization dedicated to supporting the sustainable development of the Hiiumaa fishing region and representing the interests of local professional fishermen. Founded in 2008, it has a solid history of managing European fisheries fund projects and engaging the local community. The website reflects a well-structured WordPress platform with good design and navigation, optimized for mobile devices and SEO. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is adequate with HTTPS enabled and domain registration consistent with the organization's identity, but could be improved by enabling DNSSEC and adding security headers. Contact information is clearly provided, and the organization maintains an active Facebook presence. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

S

Siseturvalisus

siseturvalisus.ee

44

Siseturvalisus.ee is a government-affiliated career portal dedicated to internal security in Estonia, providing job opportunities and career information across seven key security agencies. The website serves as a centralized platform for recruitment and career development in the Estonian internal security sector, targeting job seekers interested in contributing to national security. Technically, the site is built on WordPress with modern frontend libraries such as jQuery, Fancybox, and Splide.js, delivering a responsive and well-structured user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements can be made by adding security headers and explicit incident response contacts. Privacy compliance is adequate with privacy and cookie policies present, but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-aligned with its government sector mission.

The website 'Maardu 45' serves as a dedicated platform for celebrating the 45th anniversary of Maardu city in Estonia. It provides residents and visitors with information about the city's history, culture, events, and local government contacts. The site is positioned as a local government information portal aimed at community engagement and city promotion. Technically, the site leverages a modern tech stack including Alpine.js, jQuery, Leaflet for maps, and multiple analytics tools such as Google Analytics and Matomo, hosted likely by Telia Eesti AS. The website is mobile optimized and offers a good user experience with clear navigation and consistent branding. Security-wise, the site uses HTTPS and does not expose sensitive data, but lacks some security headers and formal policies such as privacy and cookie policies, which are important for GDPR compliance. The domain is very recently registered, which is somewhat unusual for a city site but may reflect a new dedicated event domain. Overall, the site is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices.

H

Havaş

havas.net

64

Havaş is a well-established Turkish transportation and ground services company, founded in 1999, specializing in airport ground handling, bus services, and cargo warehousing. The website reflects a professional and modern digital presence with a focus on service offerings relevant to airlines, airports, and passengers. The technical infrastructure leverages popular front-end frameworks like Bootstrap and integrates multiple analytics tools such as Google Analytics and Yandex Metrika, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks advanced DNS security (DNSSEC) and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms, which could pose regulatory risks. Overall, the website is functional and credible but would benefit from improvements in privacy transparency and security hardening.

M

Moniteur des Ventes

moniteurdesventes.com

65

Moniteur des Ventes operates a professional online auction platform specializing in live, online, and catalogued auctions of professional equipment, vehicles, and industrial materials primarily targeting French-speaking markets. The platform connects auction houses, public entities, and businesses with buyers, offering a comprehensive auction calendar and account-based bidding services. The website demonstrates a professional and consistent brand presence with clear navigation and relevant content for its target audience. Technically, the website employs a mature technology stack including jQuery, Bootstrap, and various UI and analytics libraries. It integrates secure payment gateways such as Ingenico and Lemonway, and uses Google Analytics and Tag Manager for traffic analysis. The site is mobile-optimized and shows good SEO practices, though accessibility features are basic. Hosting includes Azure Blob Storage for some assets. From a security perspective, the site enforces HTTPS and uses secure payment processors, with a cookie consent mechanism supporting GDPR compliance. However, no explicit security headers or incident response policies are evident, and no direct contact information is provided on the main site. The absence of WHOIS registration data is a notable concern, impacting domain legitimacy and trustworthiness. Overall, the platform presents a solid business and technical foundation but would benefit from enhanced transparency in security policies and domain registration details to improve trust and compliance posture.

V

VEPA

vepa.ee

40

VEPA is an Estonian educational initiative focused on evidence-based classroom management methodologies primarily targeting early school years. The website presents a professional and consistent brand supported by the Tervise Arengu Instituut, with clear educational content and training offerings. The digital infrastructure is based on WordPress with common JavaScript libraries and includes standard tracking and marketing tools such as Google Analytics and Mailchimp. Privacy and cookie policies are well implemented and GDPR compliant, enhancing user trust. Security posture is generally good with HTTPS enforced and secure form practices, though improvements in security headers and incident response transparency are recommended. Overall, the website is accessible, well-structured, and trustworthy, supporting its educational mission effectively.

S

Starptautisko izstāžu rīkotājsabiedrība BT 1

balttour.lv

52

Balttour.lv represents the Baltic region's premier international tourism exhibition organized by Starptautisko izstāžu rīkotājsabiedrība BT 1 in partnership with ALTA. The website showcases detailed event information, participant lists, news, and visitor guidance, targeting tourism professionals and general visitors interested in travel opportunities. The business holds a strong market position as a leading event organizer in the hospitality and tourism sector in Latvia. Technically, the website employs a mature technology stack including Bootstrap, jQuery, and various UI libraries, with integration of Google Analytics and Facebook Pixel for marketing and analytics purposes. The site is mobile-optimized and well-structured, though some older libraries like jQuery 1.11.2 are used, which may pose security risks. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and dedicated security or privacy policy pages. WHOIS data confirms domain legitimacy with consistent registrant information matching the business claims. Overall, the website is professional and trustworthy but could improve compliance and security practices.

C

Confido

confido.ee

41

Confido is a prominent Estonian medical center offering over 2500 healthcare services including preventive care, primary and specialist medical services, surgical and rehabilitation treatments, and aesthetic medicine. The company operates multiple physical clinics across Estonia and provides digital health services such as a digital clinic and online booking. The website is multilingual, targeting Estonian, English, and Russian speakers, reflecting a broad target audience within Estonia. The business model focuses on comprehensive healthcare delivery with both in-person and digital service channels, positioning Confido as a leading private healthcare provider in the region. Technically, the website is built on WordPress with modern plugins like Yoast SEO and WPML for multilingual support. It uses popular JavaScript libraries such as jQuery, Fancybox, and Owl Carousel for enhanced user experience. The site integrates Google Tag Manager and Facebook Pixel for analytics and marketing, and employs a cookie consent mechanism via cookie-script.com, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, though accessibility features are basic. From a security perspective, the site enforces HTTPS with an excellent SSL configuration and uses asynchronous loading for tracking scripts to minimize performance impact. However, there is no explicit privacy policy, terms of service, or security policy pages found, nor any incident response or vulnerability disclosure information. Cookie consent is implemented, but GDPR compliance indicators are limited. No critical vulnerabilities or suspicious activities were detected in the content provided. Overall, Confido's website demonstrates a strong business presence with good technical implementation and a solid security posture, though improvements in privacy compliance documentation and security transparency are recommended. The domain registration details align well with the business claims, supporting high legitimacy and trustworthiness.

S

SA Kiusamisvaba Kool

kiusamisvaba.ee

40

SA Kiusamisvaba Kool is a well-established Estonian non-profit organization dedicated to preventing bullying in schools through the implementation of the KiVa anti-bullying program developed in Finland. The organization provides training, resources, and support to schools, parents, and communities, positioning itself as the official representative of the KiVa program in Estonia. The website reflects a professional and consistent brand presence with comprehensive content targeting educators, parents, and socially responsible entities. Technically, the site is built on WordPress with modern plugins and integrations, including WooCommerce for e-commerce and Edwiser Bridge for LMS functionalities. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the site demonstrates good digital maturity and trustworthiness.

G

GS Venture

venture.gs

41

GS Venture is a corporate investment fund operating under the GS Group industrial holding, focusing on investments ranging from 1 to 5 billion rubles in established businesses primarily in manufacturing, agriculture, chemical, and medical equipment sectors. The fund targets entrepreneurs seeking capital for scaling and development, offering equity participation or full acquisition. The website is professionally designed, content-rich, and provides clear contact channels including a secured contact form with CAPTCHA. Technically, the site is built on Bitrix CMS with common JavaScript libraries and integrates Google Analytics and Yandex Metrika for user tracking. Security posture is adequate with HTTPS and CAPTCHA protections, but lacks advanced security headers and uses an outdated jQuery version. Privacy compliance is partial, with a privacy consent document available but no cookie consent mechanism. WHOIS data confirms domain legitimacy and consistency with business claims. Overall, the site presents a credible and professional front for the investment fund with room for security and privacy improvements.

B

Baltic Innovation Agency

bia.ee

40

Baltic Innovation Agency is a small Estonian innovation management company established in 2010, focused on connecting ideas, people, and funding to foster innovation in the Baltic region. Their key services include innovation consulting, analysis, management, and funding support, targeting startups, clusters, smart cities, and green deal initiatives. The website is built on WordPress with modern plugins and SEO tools, showing good digital maturity and mobile optimization. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks explicit security headers and formal privacy/cookie policies, indicating room for compliance improvement. Overall, the site is professional and trustworthy, with clear contact information and partner affiliations, but should enhance privacy compliance and security transparency to reduce risk.

J

Jülich Aachen Research Alliance

jara.org

46

JARA (Jülich Aachen Research Alliance) is a collaborative research initiative between RWTH Aachen University and Forschungszentrum Jülich, focusing on five key research areas including brain science, simulation and data sciences, energy, future information technology, and soft matter. The alliance aims to pool expertise to tackle grand societal challenges through joint research projects, training, and infrastructure sharing. The website reflects a mature and professional digital presence with clear navigation, multilingual support, and integration of partner logos and resources. Technically, the site uses modern JavaScript libraries and a CMS (Contao), with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers are not explicitly detected. The absence of WHOIS data limits domain trust verification, but the strong institutional affiliations and content quality support legitimacy. No direct contact emails or phone numbers are publicly visible, which may impact user engagement. Overall, the site is well-positioned as a reputable research alliance with room for improvement in transparency and security disclosures.

S

Scandium Kinnisvara AS

scandium.ee

43

Scandium Kinnisvara AS is a medium-sized Estonian real estate developer specializing in residential, rental, and commercial property development with a focus on quality and sustainability. The company operates notable projects such as the Marienholm peninsula development in Haapsalu and also engages in energy projects under Scandium Energia. The website is professionally designed, multilingual, and provides clear contact information and active content updates, positioning the company as a credible player in the Estonian real estate market. Technically, the site is built on WordPress with WooCommerce and uses modern libraries and analytics tools, ensuring a good user experience and moderate performance. Security posture is adequate with HTTPS and reCAPTCHA protection on forms, though improvements are recommended in DNSSEC and security headers. Privacy compliance is basic with cookie consent implemented but no visible privacy or security policies. Overall, the site reflects a trustworthy and professional business with room for enhanced security and compliance documentation.

F

FinEst-Hall Factory OÜ

pvc-halli.fi

43

FinEst-Hall Factory OÜ is a medium-sized manufacturing company specializing in the production and installation of PVC halls and awnings tailored to customer needs. Established in 2014, the company holds multiple ISO certifications, underscoring its commitment to quality and compliance. Its market position is solid within the regional manufacturing sector, serving businesses requiring durable and mobile storage solutions in Finland and neighboring countries. The company offers a comprehensive service model including manufacturing, installation, maintenance, and metal processing services such as plasma cutting and tube laser work. Technically, the website is built on a modern WordPress CMS platform with WooCommerce integration, leveraging popular libraries and tools such as jQuery, Google Analytics, Google Tag Manager, Hotjar, and Facebook Pixel. The site is well-optimized for mobile devices, accessible, and SEO-friendly, with a good performance profile. Privacy compliance is robust, featuring a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. From a security perspective, the site enforces HTTPS and employs consent blocking for tracking scripts, though it could improve by implementing additional security headers. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is transparent and consistent with the business profile, enhancing trustworthiness. Overall, the website reflects a professional and credible business presence with a strong focus on quality and customer service.

Semako Romulad OÜ is a small Estonian company specializing in vehicle dismantling, auto repair, 24-hour roadside assistance, towing services, spare parts sales, and equipment rental. The company targets vehicle owners and businesses in Estonia requiring these transportation-related services. Their market position is local/regional with partnerships with recognized organizations such as Autolammutuste Liit and the Estonian Police and Border Guard Board. The website content is relevant and well-structured, providing clear information about services and contact details. Technically, the website uses a modern but basic tech stack including Bootstrap, jQuery, Flexslider, and Google Analytics. The site is mobile-optimized and performs moderately well. Hosting and domain registration are consistent with the business location, registered through Zone Media OÜ in Estonia. However, no CMS is explicitly detected, and accessibility features are basic. From a security perspective, the website uses HTTPS but lacks advanced security headers and DNSSEC, which are recommended for improved security posture. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. No incident response or vulnerability disclosure policies are found. The site uses Google Analytics for tracking, with moderate user tracking levels but limited privacy compliance. Overall, the website is functional and professional but would benefit from enhanced security measures, privacy compliance improvements, and formalized policies to increase trust and regulatory adherence.

Mameta OÜ is a small Estonian automotive service provider specializing in vehicle repair, trailer services, and roadside assistance. Established in 2010, the company serves local customers with a focus on passenger cars, SUVs, and vans. Their website provides clear descriptions of services and contact information but lacks formal privacy, cookie, or security policies. Technically, the site uses older web technologies such as jQuery 1.11.1 and Bootstrap 3.3.6, with some resources loaded insecurely over HTTP, indicating a need for modernization and improved security practices. The absence of HTTPS and security headers reduces the site's security posture. Overall, the business appears legitimate and stable, but the website requires significant improvements in security and privacy compliance to meet modern standards.

A

Alma Career

careerexpo.cz

59

Career Expo is a major career opportunities festival organized by Alma Career Czechia s.r.o., targeting job seekers and employers primarily in the Czech Republic. The website presents a professional and content-rich platform promoting the event, workshops, and networking opportunities. The company positions itself as a leading organizer in the career event space with partnerships including Jobs.cz and Prace.cz. Technically, the site is built on WordPress with modern libraries and frameworks, ensuring a good user experience and mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA usage, though lacks some security headers and formal security policies. Privacy compliance is partial, with cookie consent implemented but no clear privacy or terms pages. WHOIS data is unavailable, which slightly impacts trust but the overall digital presence is consistent and professional.

S

Supernova

supernova.io

73

Supernova is a technology company providing a SaaS design system platform that integrates design and engineering data to accelerate product development. The platform targets design and engineering teams in medium to large enterprises, offering services such as design system management, code automation, and design tokens. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site uses modern web technologies including Webflow CMS, Google Tag Manager, and Hotjar for analytics and user behavior tracking. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, the inability to extract WHOIS data limits domain trust verification, slightly reducing overall business credibility. Overall, the website demonstrates a high level of professionalism and technical maturity with room for improvement in transparency of security and contact information.

C

CookTrade s.r.o.

cooktrade.cz

42

CookTrade s.r.o. operates a Czech e-commerce platform specializing in the retail of Tescoma kitchenware products. The company has a long-standing partnership with Tescoma and targets Czech domestic consumers seeking quality kitchen and household products. Their business model focuses on online sales supported by customer service and fast delivery. The website is built on PrestaShop and uses common web technologies such as jQuery and Bootstrap. While the site is functional and professionally designed, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security is generally good with HTTPS enforced, but the use of an outdated jQuery version and absence of security headers present some risks. Overall, the site is trustworthy and consistent with the business claims, but improvements in privacy compliance and security hardening are recommended.

R

RSJ

rsj.com

56

RSJ is a financial group operating primarily in the Czech Republic with a strong presence in global derivative markets including London, Chicago, New York, Frankfurt, and Tokyo. The company manages a diversified portfolio of investments spanning financial derivatives trading, real estate development, private equity, and emerging sectors such as biotechnology and healthy food production. The website clearly communicates its business scope and warns investors about fraudulent schemes misusing its brand. Technically, the site employs modern web technologies including Google Analytics and Tag Manager, with a cookie consent mechanism supporting GDPR compliance. Security posture is solid with HTTPS enforced, but lacks published security policies or incident response contacts. WHOIS data is missing, which raises concerns about domain registration legitimacy despite the professional website presence. Overall, RSJ presents as a credible financial entity with room for improvement in transparency and security disclosures.

N

Nadace OKD

nadaceokd.cz

44

Nadace OKD is a Czech non-profit foundation dedicated to supporting social, environmental, and community projects primarily through grant programs. The foundation targets non-profit organizations and local communities, aiming to improve social care, leisure activities, and environmental conditions. The website reflects a medium-sized organization with a consistent brand presence and active social media engagement. Technically, the site uses a custom CMS with older JavaScript libraries and Bootstrap for styling, indicating moderate digital maturity. While the site is accessible and well-structured, it lacks modern security headers and explicit privacy or cookie policies, which are critical for compliance and user trust. The absence of WHOIS data reduces domain trustworthiness, though partner and donor links support legitimacy. Overall, the security posture is moderate but can be improved by updating libraries, adding security headers, and enhancing privacy compliance.

N

Nadace Naše dítě

nasedite.cz

44

Nadace Naše dítě is a well-established Czech non-profit foundation dedicated to supporting handicapped, abused, and socially disadvantaged children. With over 31 years of operation, it provides financial aid, legal assistance, and runs awareness campaigns to improve children's lives. The website reflects a professional and consistent brand image, targeting donors and beneficiaries alike. Technically, the site uses modern JavaScript libraries and Google services, ensuring good mobile responsiveness and SEO optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. The absence of WHOIS data limits domain trust analysis but does not detract from the site's apparent legitimacy. Overall, the foundation demonstrates a strong commitment to transparency and user privacy.

M

Magnetico

magnetico.cz

58

Magnetico is a Czech freelance graphic design business specializing in functional and aesthetic graphic design services including branding, web design, photography, and video production. The website presents a professional portfolio showcasing diverse projects and client logos, targeting businesses and individuals seeking creative marketing solutions. The technical infrastructure is based on WordPress with Elementor and common JavaScript libraries, delivering a moderately performant and mobile-optimized experience. Security posture is solid with HTTPS and cookie consent implemented, though security headers and incident response details are lacking. The absence of WHOIS data reduces domain trustworthiness, but the website content and presentation suggest a legitimate and professional operation. Strategic recommendations include enhancing security headers, adding vulnerability disclosure mechanisms, and improving contact transparency.

O

OÜ Keskkonnaprojekt

keskkonnaprojekt.ee

51

OÜ Keskkonnaprojekt is an Estonian engineering and consulting company specializing in comprehensive design and project management services for buildings, infrastructure, and environmental facilities. The company serves primarily public sector clients and private enterprises within Estonia, offering integrated solutions from initial concept through technical execution. Their website reflects a professional and consistent brand presence with clear service offerings and client references. Technically, the website is built on WordPress with common plugins such as WPML for multilingual support and uses standard JavaScript libraries like jQuery and Flexslider. The site is HTTPS secured and moderately optimized for performance and mobile devices, though accessibility and SEO could be improved. Analytics are implemented via Google Analytics and WP Statistics, but no cookie consent or privacy policies are evident. From a security perspective, the site benefits from HTTPS and lacks visible vulnerabilities or exposed sensitive data. However, it lacks security headers and formal security policies such as incident response or vulnerability disclosure mechanisms. The WHOIS data aligns well with the business identity, supporting legitimacy and trustworthiness. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security best practices to improve trust and regulatory adherence.

O

Oribalt Group

oribalt.com

49

Oribalt Group is a regional pharmaceutical logistics and wholesale company operating in the Baltic states of Estonia, Latvia, and Lithuania. Established in 2017 following the acquisition of Baltic operations from Oriola Group, Oribalt continues a legacy dating back to the early 1990s. The company offers a broad range of services including logistics, wholesale, tenders, repackaging, clinical trials, marketing, and pharmacy operations, targeting businesses in the healthcare sector across the Baltics. The website reflects a professional and consistent brand presence with clear navigation and comprehensive contact information for multiple regional offices. Technically, the website employs modern web technologies such as Google Tag Manager, jQuery, and FontAwesome, with good mobile optimization and moderate performance. The site uses HTTPS with a valid SSL configuration and implements CSRF tokens for form security. Cookie consent is managed via an opt-in banner, indicating some level of privacy compliance. However, the absence of a dedicated privacy policy, terms of service, and security policy pages limits full compliance and transparency. From a security perspective, the site shows good practices like HTTPS enforcement and CSRF protection but lacks security headers and explicit incident response contacts. WHOIS data is transparent and consistent with the business claims, enhancing trustworthiness. No WAF or blocking mechanisms were detected, allowing full content accessibility. Overall, Oribalt's digital presence is solid with room for improvement in privacy and security policy disclosures. Strategic enhancements in these areas would strengthen compliance posture and stakeholder trust.

H

Harju Elekter AS

harjuelekter.ee

49

Harju Elekter AS is a well-established Estonian industrial group specializing in the design, manufacture, and installation of electrical distribution equipment for energy, industrial, and infrastructure sectors. The company has a strong market position supported by multiple awards and contracts with major entities such as Eesti Energia and CERN. Their website reflects a mature digital presence built on WordPress with modern plugins and frameworks, offering good SEO and mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements are recommended in security headers and privacy compliance mechanisms. Overall, the website and business demonstrate high professionalism and trustworthiness.

R

RangeForce

rangeforce.com

72

RangeForce is a cybersecurity training platform specializing in cloud-based cyber ranges and solo labs designed to empower security operations centers (SOCs) and threat hunters. The company positions itself as a provider of realistic, team-focused training environments that use real tools and networks to close technical and soft skills gaps. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting enterprise security teams. Technically, the site leverages HubSpot CMS, Google Analytics, and modern JavaScript libraries to deliver a responsive and engaging user experience. Security posture is solid with HTTPS enforced and privacy compliance evident through cookie consent mechanisms and detailed privacy policies. However, the absence of WHOIS data and explicit security headers slightly reduces trustworthiness. Overall, RangeForce presents as a credible and professional cybersecurity training provider with room for improvement in transparency and security best practices.

HugeDomains operates as a reputable domain marketplace specializing in premium domain name sales, offering flexible payment plans and guarantees such as a 30-day money back policy. The website RunwayBpo.com is presented as a domain for sale with clear pricing and purchase options, targeting individuals and businesses seeking premium domains. The company has been established since 2005 and maintains a consistent brand presence with customer testimonials and trust signals. Technically, the website employs modern JavaScript libraries, Google Analytics, and Google reCAPTCHA Enterprise for security and analytics, with a cookie consent mechanism in place to comply with privacy regulations. Security posture is strong with HTTPS enforced and secure forms, though some security headers are not explicitly detected. WHOIS data for the hugedomains.com domain is unavailable, likely due to privacy protection or query limitations, but the overall business credibility remains high. Contact is available via phone and a contact form, though no direct company emails are published.

The website pmt.ee represents a small manufacturing company specializing in industrial machines and structures, offering engineering, manufacturing, and assembly services. The company appears established since 2010 and targets industrial clients requiring specialized manufacturing solutions. The website is built on WordPress with basic SEO optimization via Yoast SEO plugin and uses legacy JavaScript libraries such as jQuery 1.8.3. The technical infrastructure is moderate with room for modernization and improved mobile optimization. Security posture is adequate with HTTPS enabled but lacks important security headers and uses outdated libraries, which could expose the site to vulnerabilities. Privacy compliance is minimal with no visible privacy or cookie policies and no consent mechanisms. Contact information is not explicitly provided on the homepage, which may affect user trust and compliance. Overall, the site is functional but requires improvements in security, privacy, and technical modernization to enhance trust and compliance.

T

TRAFF OÜ

traff.co

53

TRAFF OÜ operates a sophisticated online marketing platform that connects advertisers and publishers through its proprietary AdExchange system. The company focuses on delivering targeted advertising solutions using advanced audience analytics, campaign optimization, and a variety of digital marketing tools. Positioned as a medium-sized technology company based in Estonia, TRAFF OÜ serves a global audience with a strong emphasis on quality traffic and conversion metrics. The website reflects a professional and consistent brand image with comprehensive service offerings and clear contact channels. Technically, the website employs modern web technologies including jQuery, Google Analytics, Yandex Metrika, and Google reCAPTCHA to ensure both functionality and security. The site is mobile-optimized and demonstrates good SEO practices, although some improvements in accessibility and security headers could enhance its posture. The presence of multiple analytics and tracking tools indicates a moderate level of user tracking balanced with privacy compliance measures. From a security perspective, the site uses HTTPS exclusively and integrates CAPTCHA for form submissions, reducing the risk of automated abuse. However, the absence of explicit security headers and incident response information suggests room for improvement in security maturity. The WHOIS data is privacy protected, which is common for this business type, and the website provides sufficient company information to establish legitimacy. Overall, TRAFF OÜ presents a credible and professional online marketing platform with a solid technical foundation and good privacy compliance. Strategic enhancements in security policies and transparency could further strengthen trust and resilience against emerging threats.

Z

Zone Media OÜ

artist.ee

49

Artist.ee is a specialized Estonian marketing and media company operating since 2010 under Zone Media OÜ. The company focuses on retail and service environments, offering services such as marketing, media, audio design, studio production, technical audio solutions, and advertising screens. Their market position is strong within Estonia, targeting retail businesses and brands aiming for effective in-store and service environment communication. The website is professionally designed, mobile-optimized, and uses WordPress CMS with modern libraries and Google Analytics for tracking. However, it lacks explicit privacy and cookie policies, which impacts compliance and user trust. Security posture is good with HTTPS enabled and no exposed sensitive data, but missing security headers and vulnerability disclosure mechanisms indicate room for improvement. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

M

Marketex Offshore Constructions

moc.ee

60

Marketex Offshore Constructions is a specialized manufacturer of complex steel structures serving the Offshore Oil & Gas, Renewables, Infrastructure, and Industrial sectors. Founded in 2014 and operating under the parent company BLRT Grupp, the company emphasizes quality and compliance with industry standards such as NORSOK, DNV GL, ABS, and BV. Their modern facilities support large fabrication projects primarily targeting the North Sea region and beyond. The website reflects a professional digital presence with clear business information and a focus on safety and quality through their QHSE policies. Technically, the site is built on WordPress with modern libraries and includes Google Analytics and Tag Manager for tracking, complemented by a cookie consent mechanism.

D

Diivaniparadiis

paradiis.ee

41

Diivaniparadiis is a well-established Estonian furniture retailer operating since 1998, offering a wide range of home and office furniture through both online and physical stores. The website reflects a mature e-commerce platform with clear navigation, product listings, and customer account management features. The business targets Estonian consumers seeking quality furniture and home decor products. The domain age and WHOIS data align with the company's market presence, reinforcing its legitimacy. Technically, the website employs modern JavaScript libraries such as Swiper.js for sliders, Fancybox for image galleries, and integrates marketing tools like Google Tag Manager and Facebook Pixel for analytics and advertising. The presence of CSRF tokens and HTTPS indicates a reasonable security posture, although some security headers could be improved. Mobile optimization and SEO practices are adequately implemented, providing a good user experience across devices. Security-wise, the site uses HTTPS with a good SSL configuration and includes CSRF protection in forms. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in security transparency and compliance. Privacy compliance is basic but includes a cookie consent banner and a privacy policy page in Estonian. Overall, Diivaniparadiis presents a trustworthy and professional online presence with solid business credibility and technical implementation. Strategic enhancements in security policies, accessibility, and legal documentation would further strengthen its compliance and user trust.

W

Woodman

woodman.ee

41

Woodman is a medium-sized Estonian company specializing in the manufacturing and retail of designer furniture products. With over 16 years of professional service and sales in more than 20 countries, Woodman positions itself as a reliable and modern furniture producer collaborating with international designers. Their business model focuses on flexible production quantities and modern technologies to serve retailers and designers globally. The website reflects a professional brand image with good content quality and clear navigation, targeting furniture retailers and design professionals. Technically, the website is built on Joomla CMS and utilizes common web technologies such as jQuery, Google Analytics, Google reCAPTCHA, and bxSlider for interactive elements. The site is hosted by Radicenter OÜ, an Estonian hosting provider, and uses HTTPS with a valid SSL certificate, ensuring secure communication. Mobile optimization is good, though accessibility features are basic. SEO optimization is present but could be improved. From a security perspective, the site employs HTTPS and Google reCAPTCHA on its contact form, which are positive indicators. However, no security headers were detected, and there is no published privacy policy, cookie consent, or terms of service, which are important for GDPR compliance and user trust. No incident response or vulnerability disclosure information is available, indicating room for improvement in security transparency and readiness. Overall, the website is functional and professional but lacks critical privacy and security documentation. The domain registration is consistent with the business claims, enhancing trustworthiness. Strategic improvements in privacy compliance, security headers, and contact transparency would strengthen the site's security posture and user confidence.

W

Wageningen University & Research

wur.nl

69

Wageningen University & Research is a prominent educational and research institution based in the Netherlands, specializing in life sciences, food production, environment, and health. The website serves as a comprehensive portal for academic programs including bachelor, master, and professional courses, targeting students, researchers, and professionals in related fields. The institution holds a strong market position as a leading global university in its sector. Technically, the website employs a modern technology stack including GX WebManager CMS, JavaScript libraries such as jQuery, and integrates advanced analytics and marketing tools like Google Tag Manager, Google Analytics, and Visual Website Optimizer. The site demonstrates good performance, mobile optimization, and accessibility features, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS and implements several best practices such as opening external links in new tabs and asynchronous script loading. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are important for transparency and trust. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the website is professional, trustworthy, and technically sound but would benefit from enhanced privacy compliance and explicit security governance disclosures to improve user trust and regulatory adherence.

D

DECK Engineering OÜ

deckengineering.ee

40

DECK Engineering OÜ is a specialized engineering and EPC company based in Estonia, founded in 2013. The company focuses on mechanical engineering, structural calculations, and turnkey EPC solutions primarily for the Oil & Gas, Offshore, Marine, and Machine-building industries. Their website presents a professional image with detailed service descriptions, project references, and partner logos from recognized classification societies, indicating a credible market position within their niche. The target audience includes industrial clients requiring engineering design and manufacturing services in energy and manufacturing sectors. Technically, the website employs a modern frontend stack including jQuery, Bootstrap 4.3.1, and a proprietary Imperial CMS framework. The site is mobile optimized with good navigation and moderate performance. However, accessibility features are basic and SEO optimization is minimal. No analytics or tracking scripts were detected, suggesting a privacy-conscious or minimal tracking approach. From a security perspective, the site uses HTTPS with an excellent SSL configuration but lacks visible security headers and published security policies. No vulnerabilities or exposed sensitive data were found, but the absence of privacy and cookie policies represents a compliance gap, especially under GDPR. Incident response and vulnerability disclosure information are also missing, which could impact trust and readiness for security incidents. Overall, the website is professional and credible but would benefit from enhanced privacy compliance, improved security headers, and clearer contact information. These improvements would strengthen trust and align the site with best practices in security and privacy.

HugeDomains operates a professional domain marketplace specializing in premium domain sales with flexible payment plans. The website is well-structured, providing clear pricing, purchase options, and customer support channels. The technical infrastructure includes modern JavaScript libraries, Google Analytics for tracking, and Google reCAPTCHA Enterprise for bot mitigation, indicating a mature digital presence. Security posture is strong with HTTPS enforced and SSL encryption, though additional security headers and explicit security policies are absent. Privacy compliance is addressed with a comprehensive privacy policy and cookie consent mechanism. The absence of WHOIS data for the domain www.hugedomains.com suggests privacy protection or unregistered status, which is typical for domain marketplaces. Overall, the site presents a trustworthy and professional front for domain sales.