Security Directory

A

AS Arstikeskus Confido

1220.ee

45

The website 1220.ee serves as the official Estonian health advice line platform, providing telephone and web chat medical consultation services. It targets Estonian residents and callers abroad, offering guidance on medical issues, prescription renewals, and emergency care decisions. The service operates under the auspices of the Estonian Health Insurance Fund (Tervisekassa) and collaborates with healthcare providers and pharmacies. The site is professionally designed with consistent branding and clear navigation, supporting multiple languages (Estonian and Russian). Technical infrastructure includes modern JavaScript libraries, CDN-hosted resources, and integration with Facebook SDK and Google Tag Manager for analytics and marketing purposes. The site uses HTTPS and shows no signs of blocking or WAF interference, indicating good accessibility and security basics. However, it lacks visible privacy and cookie policies, which impacts GDPR compliance and privacy posture. Contact information is limited to phone numbers with no email or physical address disclosed. No forms collecting personal data are present on the main page, reducing immediate data protection concerns. Overall, the site demonstrates a solid business credibility and technical foundation but requires improvements in privacy compliance and security policy transparency.

V

Visit Talsi

visittalsi.com

44

Visit Talsi is a regional tourism information center website dedicated to promoting the Talsi region in Latvia. The site provides comprehensive information about local attractions, events, accommodations, and dining options, targeting tourists and visitors interested in exploring the area. The business operates as a small entity focused on hospitality and regional tourism promotion, with a clear market position as a trusted local information source. The website is multilingual, primarily in Latvian, with options for English, German, Estonian, Lithuanian, and French, enhancing accessibility for international visitors. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, Google Maps API, and Google Fonts. It uses common plugins such as MonsterInsights for Google Analytics tracking. The site is mobile-optimized and accessible, with good SEO practices and clear navigation. Hosting is via name servers cloudns1.hostnet.lv and cloudns2.hostnet.lv, though the exact hosting provider is not explicitly identified. From a security perspective, the site uses HTTPS with a valid SSL configuration and has domain transfer protection enabled. However, DNSSEC is not enabled, and no advanced security headers were detected. There is no visible privacy policy, cookie policy, or terms of service, and no consent mechanism for tracking cookies, which poses compliance risks under GDPR. Incident response and security policies are not published, indicating a low maturity in security governance. Overall, the website is professional, trustworthy, and serves its business purpose well but requires improvements in privacy compliance and security best practices to reduce risk and enhance user trust. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, enabling DNSSEC, adding security headers, and publishing incident response contacts.

M

MTÜ Eesti Kütte- ja Ventilatsiooniinseneride Ühendus

ekvy.ee

53

MTÜ Eesti Kütte- ja Ventilatsiooniinseneride Ühendus (EKVÜ) is a well-established non-profit professional association in Estonia, founded in 2010, serving heating and ventilation specialists. The organization provides professional training, certification services, and collaborates with governmental and industry bodies. The website reflects a medium-sized organization with over 400 members and multiple industry partners, positioning itself as a key player in the Estonian energy sector. The site is professionally designed, mobile responsive, and uses Joomla CMS with modern frontend technologies.

B

Baltic Sea Culinary Routes

balticseaculinary.com

44

Baltic Sea Culinary Routes is a regional cultural project website dedicated to promoting the culinary heritage and traditions of countries surrounding the Baltic Sea. The site offers rich content including country-specific culinary descriptions, recipes, chef testimonials, and project documentation aimed at strengthening regional identity and supporting rural vitality through culinary tourism. The target audience includes tourists, culinary enthusiasts, chefs, and cultural stakeholders interested in Baltic Sea cuisine. Technically, the website employs a traditional tech stack with jQuery 1.8.1, jQuery UI, and several JavaScript libraries for UI components and sliders. The site is mobile responsive and has a clear navigation structure, but uses outdated JavaScript libraries that pose security risks. SEO and accessibility are basic but functional. No CMS or hosting provider details are explicitly detected. From a security perspective, the site uses HTTPS and has domain transfer protections, but lacks DNSSEC and security headers such as Content-Security-Policy or X-Frame-Options. The use of outdated jQuery versions introduces potential vulnerabilities. No privacy or cookie policies are present, indicating compliance gaps with GDPR. No contact emails or incident response information is provided, limiting transparency and user trust. Overall, the website is functional and content-rich with moderate business credibility but has notable security and privacy compliance shortcomings. Strategic improvements in security headers, library updates, and privacy policy implementation are recommended to enhance trust and compliance.

S

Sisekaitseakadeemia

sisekaitse.ee

58

Sisekaitseakadeemia is a key Estonian governmental educational institution specializing in internal security education, research, and professional training. It serves students, professionals, and government officials with a broad portfolio of academic programs, seminars, and research activities. The website reflects a well-established institution with a clear focus on internal security sectors including police, rescue, prison, finance, and security studies. The institution holds a strong market position as the national authority in its domain. Technically, the website is built on Drupal 9 with modern web technologies such as Bootstrap, jQuery, and lazy loading for images. It integrates analytics tools like Matomo and Google Tag Manager, indicating a mature digital infrastructure. The site is mobile optimized, accessible, and SEO friendly, providing a good user experience. From a security perspective, the site uses HTTPS and employs some best practices like Do Not Track in analytics. However, explicit security headers and incident response policies are not evident. Privacy compliance is partially addressed with privacy and cookie policies present, though lacking a consent mechanism. Contact information is clearly provided, enhancing trust. Overall, the website is professional, trustworthy, and serves its educational and governmental purpose effectively. Strategic improvements in security headers, incident response transparency, and cookie consent would further strengthen its posture.

T

The Hertz Corporation

dollar.co.uk

64

Dollar Car Rental UK, operated under The Hertz Corporation, provides car hire and rental services across Europe with over 400 locations. The website offers a user-friendly booking platform, special offers, and comprehensive customer support. The brand is well-established since 1965 and targets travelers seeking budget-friendly and flexible car rental options. Technically, the site uses modern web technologies including jQuery, Bootstrap, and Google Tag Manager, with good mobile optimization and SEO practices. Security posture is strong with HTTPS, CSRF tokens, and cookie consent mechanisms, though some security headers could be improved. The WHOIS data for the domain 'www.dollar.co.uk' is unavailable or invalid, but the website content and branding strongly indicate legitimacy as part of the Hertz group. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

T

The Hertz Corporation

thrifty.lu

67

Thrifty Car Rental, a brand under The Hertz Corporation, operates a comprehensive car rental service across Europe with over 400 locations. The website offers a user-friendly booking platform, extensive fleet options including electric vehicles, and promotional offers targeting cost-conscious travelers. The company leverages its strong brand recognition and parent company backing to maintain a competitive market position. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Google Tag Manager, ensuring a responsive and functional user experience. Privacy and cookie consent mechanisms are well implemented, reflecting compliance with GDPR and related regulations. Security posture is solid with HTTPS enforcement and CSRF protections, though some security headers and explicit vulnerability disclosures are absent. Overall, the site presents a professional and trustworthy digital presence aligned with an established transportation business.

T

The Hertz Corporation

thrifty.be

67

Thrifty Belgium is a car rental service website operated under The Hertz Corporation, a well-established global transportation company founded in 1958. The website offers a comprehensive range of rental vehicles targeting cost-conscious travelers and business clients in Belgium and Europe. The business model focuses on providing flexible, affordable car rental options with a strong online booking platform and physical locations across Europe. The site is well-branded, consistent, and provides clear service offerings with multiple language and location options. Technically, the website uses modern web technologies including Bootstrap 5, jQuery, and Google Tag Manager, with a cookie consent mechanism powered by Securiti.ai. The site is mobile-optimized and SEO-friendly, though some accessibility features could be enhanced. Performance is moderate with a good user experience and clear navigation. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and a published security.txt file. The WHOIS data is restricted due to DNS Belgium policies, limiting domain registration transparency, which slightly impacts trust. However, the overall digital maturity and security practices align with industry standards for a large transportation company. Overall, the website presents a trustworthy and professional front for Thrifty Car Rental in Belgium, with recommendations to improve security headers, publish vulnerability disclosure information, and enhance accessibility to further strengthen its security and compliance posture.

T

The Hertz Corporation

thrifty.it

66

Thrifty, operated by The Hertz Corporation, is a well-established car rental service provider founded in 1958, targeting cost-conscious travelers primarily in Italy and Europe. The website offers a comprehensive range of rental vehicles including electric and hybrid options, supported by a network of over 1000 locations. The digital platform is modern, mobile-optimized, and integrates advanced tracking and consent management tools, reflecting a mature technical infrastructure. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and CSRF protections, though some security headers could be enhanced. Privacy compliance is robust with clear policies and GDPR adherence. Overall, the site projects a professional and trustworthy image aligned with its parent company's reputation.

T

The Hertz Corporation

thrifty.de

64

Thrifty.de is the German localized website of Thrifty Car Rental, a well-established car rental brand founded in 1958 and a subsidiary of The Hertz Corporation. The website offers comprehensive car rental services across Germany and Europe, targeting price-conscious business and leisure travelers. It provides a user-friendly booking interface, detailed fleet information, and multiple language and country options, reflecting a mature digital presence. The technical infrastructure leverages modern frontend technologies such as Bootstrap, jQuery, and slick-carousel, combined with a robust cookie consent mechanism powered by securiti.ai and Google Tag Manager for analytics and marketing. Security posture is strong with HTTPS enforcement and CSRF protections, though explicit security headers and a dedicated security policy page are absent. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR adherence. The domain registration aligns with the brand's legitimacy and history, reinforcing trust. Overall, the website demonstrates a professional, secure, and user-centric platform suitable for an enterprise-level transportation service provider.

T

The Hertz Corporation

thrifty.es

67

Thrifty.es is the Spanish localized website for Thrifty Car Rental, a well-established car rental brand operating under The Hertz Corporation. The website offers comprehensive car rental services across Spain and Europe, targeting travelers seeking affordable and flexible vehicle rentals. The site is professionally designed with a clear focus on user experience, featuring booking forms, promotional offers, and multilingual support. Technically, the website employs modern web technologies including jQuery, Bootstrap 5, and Google Tag Manager, ensuring a responsive and functional user interface. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR requirements, although some security headers could be improved. The WHOIS data is unavailable due to .es domain restrictions but the domain and branding strongly align with the parent company, indicating legitimacy. Overall, the site demonstrates a mature digital presence with good privacy and security practices, suitable for its large-scale commercial operations.

T

The Hertz Corporation

thrifty.fr

70

Thrifty.fr is the French localized website of Thrifty Car Rental, a brand under The Hertz Corporation, a major player in the global car rental industry. The website offers car rental services primarily in France and Europe, targeting both leisure and business travelers. It provides a comprehensive booking system, special offers, and a diverse fleet including electric vehicles. The site is well-branded, consistent with corporate identity, and includes multilingual support and regional targeting. Technically, the site uses modern frontend frameworks such as Bootstrap and jQuery, integrates Google Tag Manager and Visual Website Optimizer for analytics and marketing, and implements cookie consent mechanisms compliant with GDPR. Security posture is solid with HTTPS, CSRF tokens, and no visible vulnerabilities, though security headers could be improved. WHOIS data is unavailable, which slightly impacts trust but is mitigated by strong brand presence and content quality. Overall, the site is professional, user-friendly, and compliant with privacy regulations.

P

Planeerimine.ee

planeerimine.ee

46

Planeerimine.ee is an Estonian government-related informational website dedicated to spatial planning. It provides comprehensive materials including legal documents, guidelines, FAQs, and training information to support planners and stakeholders in Estonia. The site targets professionals and public officials involved in spatial planning and related regulatory processes. The business model is primarily informational and educational, positioning itself as an authoritative resource within the Estonian government sector. Technically, the website is built on WordPress 6.8.1 with a modern tech stack including jQuery, Google Analytics, and accessibility tools. The site is mobile-optimized, uses HTTPS, and implements cookie consent mechanisms. SEO and accessibility features are well integrated, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA for form protection. However, some security headers are not explicitly present, suggesting room for improvement. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with cookie consent present but no visible privacy policy or terms of service pages. Overall, the website demonstrates a solid security posture and technical maturity suitable for a government informational portal. Strategic recommendations include enhancing security headers, publishing privacy and incident response policies, and maintaining up-to-date software to mitigate risks.

K

Keskkonnaagentuur

keskkonnaportaal.ee

53

Keskkonnaportaal.ee is an Estonian government environmental data portal managed by Keskkonnaagentuur. It consolidates key environmental datasets and information to provide quality and up-to-date data for environmental stakeholders and the public. The portal uses Drupal 10 CMS and integrates modern frontend libraries and Google Tag Manager for analytics. The website is well-structured, mobile-optimized, and provides clear navigation through extensive environmental themes and data sources. Security posture is solid with HTTPS enforced, but lacks advanced security headers and published security policies. Privacy compliance is partial with a cookie consent mechanism but no explicit privacy policy or terms of service found. Overall, the site is credible, professional, and trustworthy, serving as a key government resource for environmental information in Estonia.

H

Harjumaa Omavalitsuste Liit

hol.ee

51

Harjumaa Omavalitsuste Liit is a regional non-profit organization established in 2010 to foster cooperation and joint project development among local governments in Harjumaa, Estonia. The website serves as an information hub for governance, education, culture, health, safety, and regional development initiatives. It targets local government representatives, educational and cultural institutions, and the general public within the Harjumaa region. The organization positions itself as a key regional cooperation leader with a focus on community well-being and development. Technically, the website is built on a modern stack including Laravel Livewire, jQuery, and various JavaScript libraries for UI enhancements. It employs Google reCAPTCHA v3 for form security and implements cookie consent mechanisms, reflecting a moderate level of digital maturity. The site is mobile-optimized with good navigation and content structure, though some accessibility features could be improved. From a security perspective, the site enforces HTTPS and includes CSRF tokens and reCAPTCHA to protect user inputs. However, some security headers are not explicitly detected, and there is no public incident response or vulnerability disclosure policy. No critical vulnerabilities were found in the analysis. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website presents a trustworthy and professional digital presence for a regional government entity. Recommendations include enhancing security headers, publishing incident response information, and considering a vulnerability disclosure policy to further strengthen security posture and transparency.

D

Dollar Car Rental

dollar.com

66

Dollar Car Rental operates a professional and user-friendly website offering car rental services across Europe with over 400 locations. The company targets budget-conscious travelers and provides flexible rental options with an emphasis on ease of booking and management. The website demonstrates a mature digital presence with modern technologies and compliance mechanisms such as cookie consent and privacy policies. However, the domain WHOIS data is missing, which raises concerns about domain registration legitimacy despite the professional branding and content. The site uses HTTPS and includes CSRF tokens in forms, but lacks explicit security headers and published incident response policies. Overall, the website is functional and trustworthy from a user perspective but would benefit from improved transparency on domain registration and enhanced security practices.

T

Thrifty Car Rental

thrifty.com

66

Thrifty Car Rental operates a professional and user-friendly website offering car rental services primarily across Europe. The company targets both business and leisure travelers with a broad fleet including electric and economy vehicles. The website demonstrates a mature digital presence with responsive design, clear navigation, and integration of modern technologies such as Google Tag Manager and cookie consent management via Securiti.ai. However, the absence of WHOIS registration data for the domain www.thriftycars4rent.com raises concerns about domain legitimacy, despite the website's strong branding alignment with the parent company Hertz. Security posture is generally good with HTTPS enforced and CSRF tokens in forms, but lacks explicit security headers and published security policies. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is functional and trustworthy from a user perspective but requires verification of domain registration and enhancement of security transparency.

A

AS PASAŽIERU VILCIENS

vivi.lv

54

AS Pasažieru Vilciens operates as the primary passenger rail service provider in Latvia, offering scheduled train routes including international connections such as Vilnius-Riga-Tallinn. The website serves as a portal for ticket purchases, route schedules, passenger information, and tourism-related content, targeting travelers and commuters in Latvia and neighboring countries. The business model centers on public transportation services with a focus on passenger convenience and digital ticketing via a mobile app. Technically, the website employs modern JavaScript libraries and UI components, ensuring good mobile optimization, accessibility, and SEO practices. The presence of cookie consent mechanisms and privacy policies indicates compliance with GDPR requirements. Security posture is adequate with HTTPS enabled and form validation scripts, though explicit security headers and incident response policies are not publicly visible. Overall, the website is professional, trustworthy, and well-aligned with the business's public transportation mission.

R

RP9 OÜ

rp9.ee

43

RP9 OÜ operates a pub named Pubi RP9 located at Raekoja Plats 9 in Tartu, Estonia. The business focuses on hospitality services including food and beverage offerings, sports event broadcasting, and table reservations. The website provides a comprehensive menu with detailed descriptions and pricing, targeting local residents and visitors interested in social dining and sports entertainment. The company is a small-sized entity founded in 2017, with a consistent brand presence and clear contact information. Technically, the website is built on the concrete5 CMS platform, utilizing common web technologies such as jQuery, Bootstrap, and Google Analytics. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and avoids exposing sensitive data, but lacks important security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the domain registration is transparent and consistent with the business claims, indicating legitimacy.

T

Taararing OÜ

taararing.ee

42

Taararing OÜ is an Estonian company specializing in full solutions for deposit points and cleaning services for businesses, operating since 2006. The company serves retail stores and enterprises by managing deposit acceptance and providing cleaning services, employing approximately 50 people. Their market position is that of a trusted local service provider with a solid client base and over 16 years of experience in deposit acceptance management. Technically, the website is built on Concrete CMS with modern frontend technologies including Bootstrap 5 and jQuery, and integrates Google Analytics and Tag Manager for tracking. The site is mobile optimized and has good SEO practices, though accessibility is basic. Security posture is adequate with HTTPS enabled but lacks security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanism. Overall, the website is professional and credible but could improve in compliance and security transparency.

M

Międzynarodowy Festiwal Komiksu i Gier w Łodzi

komiksfestiwal.com

67

The Międzynarodowy Festiwal Komiksu i Gier w Łodzi website represents a well-established cultural event focused on comics and games, primarily targeting creators and enthusiasts in Poland and Central-Eastern Europe. The festival is the largest of its kind in the region, with a history dating back to 2006 for the domain and earlier for the event itself. The site offers multilingual support, event information, contests, and partner links, reflecting a mature digital presence. Technically, the site is built on WordPress with common plugins and tracking tools such as Google Analytics and Facebook Pixel, indicating a standard but effective infrastructure. Security posture is adequate with HTTPS enabled but could be improved by adding DNSSEC and security headers. Privacy compliance is basic but present, with cookie and privacy policies accessible and a consent mechanism implemented. Business credibility is strong due to the festival's reputation, social media presence, and consistent branding. Overall, the site is professional and trustworthy with room for security enhancements.

A

AS PASAŽIERU VILCIENS

pv.lv

54

AS Pasažieru Vilciens operates as the primary passenger rail service provider in Latvia, offering train schedules, ticketing (including mobile e-tickets), and real-time train tracking. The website www.vivi.lv serves as a comprehensive portal for passengers, providing timely updates, accessibility options, and multilingual support (Latvian and English). The company targets local commuters and tourists, positioning itself as a key player in Latvia's transportation sector. Technically, the website employs modern JavaScript frameworks and UI libraries such as jQuery UI and Slick Carousel, ensuring a responsive and accessible user experience. The site includes cookie consent mechanisms and privacy policies aligned with GDPR requirements, reflecting a mature digital infrastructure. Performance is moderate with good mobile optimization and SEO practices. From a security perspective, HTTPS is enforced, and client-side form validations are implemented. However, the absence of explicit security headers and a published security policy or incident response contact indicates room for improvement. No critical vulnerabilities or suspicious activities were detected, and WHOIS data confirms the domain's legitimacy and consistency with the business identity. Overall, the website demonstrates a solid security posture and compliance with privacy regulations, supporting the company's credibility and trustworthiness. Strategic enhancements in security transparency and policy publication would further strengthen its risk management and user trust.

M

Moncera OU

moncera.com

65

Moncera OU operates an investment platform based in Estonia that enables investors to invest in assigned loan claims with buyback guarantees, offering returns up to 12%. The platform is part of the Placet Group, a financial services conglomerate with over 15 years of experience and multiple subsidiary brands across Estonia, Lithuania, and Poland. Moncera targets retail investors seeking passive income through diversified loan investments. Technically, the website employs modern JavaScript libraries such as jQuery and Handlebars, integrates Google Analytics and Facebook Pixel for tracking, and provides a responsive, well-structured user experience. Security posture is solid with HTTPS enforced and domain transfer protections, though some security headers and formal security policies are absent. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, Moncera presents a trustworthy and professional online presence with strong business credibility and moderate technical sophistication.

H

Avaleht - Hiv

hiv.ee

40

The website hiv.ee serves as an informational and support portal focused on HIV awareness, prevention, testing, and living with HIV in Estonia. It targets Estonian-speaking individuals, including those living with HIV and at-risk populations, providing educational content, testing locations, and counseling resources. The site is positioned as a trusted health information source, likely operated or supported by public health entities or non-profit organizations. Technically, the site is built on WordPress, utilizing common libraries such as jQuery and Slick Carousel, and integrates marketing and analytics tools like Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile-optimized with good navigation and content relevance. Security-wise, the site enforces HTTPS and uses cookie consent banners but lacks visible security headers and explicit privacy policies, which are areas for improvement. Overall, the site is functional, professional, and moderately secure, with room to enhance privacy compliance and security posture.

Z

Zone Media OÜ

digioskused.ee

47

Digioskused.ee is an Estonian educational platform offering free AI and digital skills training, developed in partnership with Google and Estonian government agencies. The website serves individuals and businesses aiming to enhance their digital competencies through practical, accessible online courses. The platform leverages modern web technologies including WordPress, jQuery, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. Security measures include HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers are missing. The domain registration is consistent with the business purpose and geographic location, supporting legitimacy. Overall, the site presents a professional and trustworthy digital presence with good content quality and user experience.

E

Eesti Tervisemuuseum

tervishoiumuuseum.ee

43

Eesti Tervisemuuseum is a small, non-profit educational museum based in Tallinn, Estonia, focused on health and the human body. The museum offers a variety of services including exhibitions, educational programs, workshops, event hosting, and a podcast. It targets a broad audience including children, families, and adults interested in health education. The website is professionally designed with consistent branding and rich content, supporting multiple languages (Estonian, Russian, English). The museum maintains a clear online presence with social media channels and provides accessible contact information. Technically, the site is built on WordPress with WooCommerce and uses modern web technologies and SEO best practices. The hosting and domain registration are consistent with the museum's Estonian identity.

A

Anvol

anvol.ge

55

Anvol is a well-established private company specializing in the distribution and retail of toys and children's products, operating primarily in the Baltic Sea region and Georgia. The company has a professional team and a significant market presence with over 2000 customers and multiple retail chains. The website is built on WordPress with multilingual support, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and explicit privacy or cookie policies. Contact information is primarily email-based, with no phone or physical address explicitly provided on the site. Overall, the website presents a professional image but could improve in privacy compliance and security best practices.

A

Anvol

anvol.lt

50

Anvol is a well-established private company specializing in wholesale and retail distribution of toys and children's products across the Baltic region and selected international markets. Founded in 1995, it operates a retail chain and maintains strong supplier relationships with major global brands. The website reflects a professional business presence with consistent branding and clear market positioning. Technically, the site is built on WordPress, uses modern JavaScript libraries, and integrates Google Analytics for tracking. Security posture is adequate with HTTPS and Cloudflare DNS, but lacks published security policies and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and credible but would benefit from enhanced privacy and security disclosures.

A

Anvol

anvol.lv

52

Anvol is a well-established private company specializing in the wholesale and retail distribution of toys and children's products across the Baltic Sea region and selected countries in Eastern Europe and Central Asia. Founded in 1995 and headquartered near Tallinn, Estonia, it operates multiple country-specific websites and retail chains, serving over 2000 clients with a strong portfolio of global toy brands. The website reflects a professional digital presence built on WordPress, with moderate performance and good mobile optimization. However, it lacks critical privacy and cookie policies, which are essential for GDPR compliance. Security posture is generally good with HTTPS enabled and no visible vulnerabilities, but missing security headers and incident response information indicate room for improvement. Overall, the site is trustworthy and credible but should enhance privacy compliance and security transparency to reduce risk and build greater user trust.

A

Anvol

anvol.ee

50

Anvol is a well-established Estonian company specializing in the wholesale distribution and retail of toys, games, and trend products across the Baltic and Nordic regions. With over 30 years of experience and a large portfolio of more than 400 brands, Anvol serves a broad client base including retailers and consumers. The company operates both wholesale and retail channels, including a franchise model and online presence. Technically, the website is built on WordPress with modern JavaScript libraries and integrates Google Analytics and Tag Manager for marketing insights. The site is mobile-optimized and professionally designed, supporting multiple languages for regional markets. Security posture is solid with HTTPS and Cloudflare DNS, but lacks some security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the business appears credible and trustworthy with consistent WHOIS data and domain registration.

A

Anvol Oy

anvol.fi

53

Anvol Oy is a well-established family-owned company specializing in the distribution and retail of toys and children's products across multiple countries in the Baltic Sea region and beyond. The company operates a large network of retail stores under the XS Lelut brand and maintains strong partnerships with major toy manufacturers. The website reflects a mature business with a professional online presence, leveraging WordPress CMS and Cloudflare DNS services. Security posture is solid with HTTPS enabled and Cloudflare usage, though improvements can be made by implementing security headers and privacy compliance features. The domain registration data is consistent with the company's business claims, enhancing trustworthiness. Overall, Anvol presents a credible and stable business with room for enhanced privacy and security practices.

T

Tervise Arengu Instituut

tai.ee

48

Tervise Arengu Instituut (TAI) is a leading Estonian national research and development institution focused on public health, disease prevention, and health promotion. The website reflects a well-established government-affiliated organization with a strong market position in healthcare research and public health services. It offers extensive resources including research publications, statistics, training events, and health registries, targeting health professionals, policymakers, and the general public. The site is professionally designed, content-rich, and well-structured, supporting multiple languages with a focus on Estonian.

P

Pinest AS

pinest.ee

45

Pinest AS is an Estonian manufacturing company founded in 2005 specializing in finger-jointed and laminated wood components. The company emphasizes flexibility in raw materials and production to serve large and medium-sized industrial clients, primarily using domestic pine wood. Their production facility is located in Himmaste village, Põlvamaa. The website reflects a professional and consistent brand presence with clear business and contact information, supported by recognized certifications such as FSC and PEFC. Technically, the site is built on WordPress with modern libraries and tools, including Google Analytics and Tag Manager for tracking, and uses SEO best practices via Yoast. Security posture is generally good with HTTPS enabled and secure forms, though some improvements are needed in script handling and security headers. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the website is trustworthy and well-positioned in its market segment.

P

Placet Group OÜ

placetgroup.com

55

Placet Group OÜ is a financial services company established in 2005, specializing in secured and unsecured loans, credit cards, and related financial products. Operating primarily in Estonia and Lithuania, with additional brands in Poland, the company serves private individuals and legal entities, emphasizing fast, convenient, and reliable financing solutions. Their market position is supported by a broad customer base and multiple subsidiaries, with a focus on individual customer approach and quality service. Technically, the website employs a modern JavaScript stack including jQuery, Google Analytics, and various carousel libraries, hosted under a domain registered since 2010. The site is mobile optimized and presents a professional design with clear navigation. However, some accessibility features are basic, and no CMS or advanced frameworks are detected. From a security perspective, the site uses HTTPS and Google reCAPTCHA on its contact form, but lacks DNSSEC, security headers, and published security or privacy policies. The WHOIS data is consistent with the business claims, indicating legitimacy. No WAF or blocking mechanisms are detected, allowing full content access. Overall, the website demonstrates a moderate to good security posture and business credibility but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

M

Mohawk College

mohawkcollege.ca

65

Mohawk College is a well-established Canadian educational institution offering a wide range of programs including certificates, diplomas, degrees, apprenticeships, and continuing education. The website targets a diverse audience including future and current students, indigenous and international students, alumni, and industry partners. The institution positions itself as a comprehensive provider of post-secondary education with strong community and industry ties. Technically, the website is built on Drupal 10 and incorporates a modern technology stack including various analytics and marketing tools such as Google Tag Manager, Facebook Pixel, TikTok Pixel, and CrazyEgg. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate rather than fast. From a security perspective, the site uses HTTPS with good SSL configuration and follows several best practices including privacy and security policy disclosures. However, it lacks a visible cookie consent mechanism and explicit incident response contact details. The absence of WHOIS data reduces transparency but does not detract significantly from the site's legitimacy given the institutional nature and content quality. Overall, Mohawk College's website reflects a mature digital presence with strong business credibility and a good security posture. Enhancements in privacy compliance and transparency around domain registration would further strengthen trust and compliance.

P

Palmako AS

construct.ee

48

Construct, operated by Palmako AS, is a specialized manufacturer of glued laminated timber products serving the construction industry with a focus on sustainability and quality. As part of the Lemeks Group, it benefits from a strong supply chain and international presence, exporting to over 30 countries. The website reflects a mature digital presence built on Drupal 10, with good mobile optimization and clear navigation. Privacy and cookie compliance are well implemented, supporting GDPR requirements. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. However, explicit security policies and incident response information are absent, which could be improved. Overall, the site projects professionalism and trustworthiness aligned with the company's market position.

L

Lemeks Grupp

lemeks.ee

51

Lemeks Grupp is a well-established Estonian industrial group specializing in sustainable forestry, wood processing, and agriculture since 1993. The company operates with a strong focus on environmental responsibility and local capital ownership, serving both domestic and international markets with exports to 50 countries. The website reflects a mature digital presence built on WordPress, incorporating modern web technologies and compliance mechanisms such as GDPR cookie consent. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though some areas like incident response and security policy documentation could be improved. Overall, the site demonstrates good professionalism, trustworthiness, and business credibility, supporting Lemeks Grupp's market position as a leading forestry and manufacturing group in Estonia.

Communications Test Design India Pvt. Ltd. (CTDI India) is a large, established subsidiary of the global company Communications Test Design Inc., specializing in repair, engineering, and logistics services primarily for telecom carriers, cable companies, and OEMs. The company operates multiple facilities in India and worldwide, serving a broad target audience in telecommunications and related technology sectors. The website reflects a professional and consistent brand presence with clear business information and service offerings. Technically, the site uses modern frontend technologies such as Bootstrap, jQuery, and Axios, providing a responsive and user-friendly experience. However, the site lacks explicit privacy and cookie policies, which impacts compliance and user trust. Security posture is moderate with HTTPS enforced and CSRF tokens present, but missing security headers and vulnerability disclosure mechanisms are notable gaps. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

E

Elfag

elfag.no

49

Elfag is a Norwegian electrical service provider targeting both private and business customers. The company offers a range of electrical services including smart home solutions, electrical safety checks, and electric vehicle charging installations. The website positions Elfag as a trusted local electrician chain with a 5-year warranty and partnerships with reputable Norwegian companies such as Lampehuset and Huseiernes landsforbund. Technically, the website is built on WordPress with modern SEO and analytics tools, including Yoast SEO and Google Analytics. The site is well-structured, mobile-optimized, and uses HTTPS with a valid SSL certificate, indicating a good security baseline. However, explicit security headers and detailed security policies are not present. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy page, though more comprehensive GDPR documentation could improve compliance. Overall, the website demonstrates a professional and trustworthy online presence with moderate technical sophistication and a solid security posture.

Т

Технополис GS

technopolis.gs

47

Technopolis GS is a leading private innovation cluster in Russia specializing in the radio-electronics manufacturing sector. Established in 2012, it supports multiple subsidiary companies and offers a comprehensive ecosystem including production facilities, residential areas, and infrastructure services. The website reflects a mature digital presence with a professional design and clear navigation, targeting industry professionals, investors, and partners within the Russian technology sector. Technopolis GS leverages modern web technologies including Bitrix CMS and integrates analytics tools such as Google Analytics and Yandex Metrika to monitor user engagement. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks advanced DNS security and published security policies. Privacy compliance is weak due to absence of explicit privacy and cookie policies. Overall, the site demonstrates a solid business credibility and technical foundation but requires improvements in privacy and security transparency.

C

Chudovo

chudovo.de

56

Chudovo is a medium-sized German-based software development company with over 15 years of market presence, specializing in custom software solutions, dedicated development teams, and IT consulting services. The company targets businesses seeking scalable, high-quality software development and maintenance, leveraging modern technologies and AI tools to enhance delivery and performance. Their market position is supported by a professional website, client testimonials, and a presence on reputable platforms like Clutch. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and SEO optimization via Yoast. Hosting and DNS are managed through Cloudflare, providing CDN and security benefits. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. From a security perspective, the site enforces HTTPS and uses Cloudflare for protection but lacks explicit security headers and formal security policies or incident response disclosures. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent mechanism, and GDPR adherence. Overall, the website and business demonstrate a solid risk posture with minor areas for improvement in security policy transparency and accessibility. The domain WHOIS data aligns well with the business claims, supporting legitimacy and trustworthiness.

P

Puratos

puratos-ethiopia.com

67

Puratos Ethiopia is a localized website of Puratos, a global company dedicated to providing high-quality bakery, patisserie, and chocolate ingredients and products. The website targets professional bakers, pastry chefs, and chocolatiers in Ethiopia, offering a range of products, recipes, and services to improve baked goods quality. The site is built on Adobe Experience Manager CMS and uses modern web technologies including Google Tag Manager and FontAwesome. The website is well-structured, mobile-optimized, and provides a professional user experience with clear navigation and rich content. However, the absence of WHOIS data raises questions about domain registration legitimacy, although the active and professional website presence suggests a legitimate business operation. Security posture is generally good with HTTPS enabled, but lacks visible security headers and formal privacy or cookie policies. Contact information and incident response details are not explicitly provided, which may impact user trust and compliance. Overall, the site demonstrates a mature digital presence but would benefit from enhanced transparency and compliance documentation.

P

Puratos

puratos.ee

64

Puratos is an established international company specializing in bakery, patisserie, and chocolate ingredients and solutions, targeting professional bakers and chocolatiers. The website reflects a mature digital presence with localized content for Estonia, leveraging modern technologies such as Adobe Experience Manager and React components. Security posture is solid with HTTPS and secure login mechanisms, though some improvements in security headers and visible privacy policies are recommended. The business credibility is high, supported by consistent WHOIS data and professional content. Overall, the site is functional, well-branded, and serves its B2B audience effectively.

P

Puratos

puratos-konding.hr

58

Puratos-konding.hr is a regional Croatian website for Puratos, a global leader in bakery, patisserie, and chocolate ingredients. The site provides product information, recipes, and company commitments tailored to Croatian customers. The technical infrastructure is modern, leveraging Adobe Experience Manager CMS and common web technologies such as Google Tag Manager and FontAwesome. The website is well-branded, mobile-optimized, and offers a good user experience with clear navigation and relevant content. However, explicit privacy and cookie policies are not found, and contact information is not clearly presented, which impacts privacy compliance and user trust. Security posture is moderate with HTTPS usage but lacks visible security headers and incident response contacts. The domain registration is consistent with the Puratos Group's global presence, registered through a reputable Croatian registrar, and the domain age aligns with a regional site launch. Overall, the website is professional and credible but would benefit from enhanced privacy compliance and security transparency.

P

Puratos

puratos.at

69

Puratos.at is the Austrian localized website of Puratos, a large international manufacturer specializing in bakery, patisserie, and chocolate products. The company offers a broad portfolio of innovative ingredients and solutions aimed at professional customers in the food manufacturing sector. The website is well-structured, professionally designed, and provides extensive product information, recipes, and sustainability commitments, targeting B2B clients in Austria. Technically, the site is built on Adobe Experience Manager with modern frontend technologies and includes GDPR-compliant privacy and cookie policies. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. The absence of WHOIS data limits domain trust assessment, but the website content and structure strongly indicate a legitimate and professional business presence.

P

Puratos

puratos.lv

67

Puratos is a well-established international supplier specializing in raw materials for the bakery, pastry, chocolate, and dairy industries, targeting manufacturers and catering service providers primarily in Latvia through this localized website. The site offers product catalogs, recipes, and an e-commerce platform called 'Mans Puratos' for registered customers. Technically, the website is built on Adobe Experience Manager CMS with React components and uses modern web technologies including Google Tag Manager for analytics. The security posture is solid with HTTPS and OAuth2-based authentication, but lacks explicit security headers and visible security policies. Privacy compliance is weak due to missing privacy and cookie policies and no visible consent mechanisms. Overall, the website is professional and credible but could improve transparency and compliance aspects.

P

Puratos

puratos.do

66

Puratos is a global supplier of ingredients specializing in bakery, patisserie, and chocolaterie products, targeting professional bakers, pastry chefs, and chocolatiers primarily in the Dominican Republic market. The website is well-structured, multilingual, and powered by Adobe Experience Manager, indicating a mature digital infrastructure. The content is rich with product categories, recipes, and consumer insights, supporting a B2B business model focused on ingredient supply and innovation. Technically, the site uses modern libraries and frameworks, including Google Tag Manager and FontAwesome, and shows good mobile optimization and SEO practices. However, explicit privacy, cookie, and terms of service policies are not detected in the provided content, which may impact compliance and user trust. Security posture appears moderate with HTTPS implied but lacks visible security headers or incident response information. WHOIS data is unavailable or not published, which raises concerns about domain registration transparency and legitimacy verification. Overall, the site presents a professional and trustworthy front but would benefit from enhanced privacy disclosures and security transparency.

P

Puratos

puratos.fi

67

Puratos is a well-established international company specializing in providing high-quality raw materials for bakers, confectioners, and chocolate masters. The Finnish localized website demonstrates a mature B2B business model focused on manufacturing and retail sectors, offering a broad range of bakery, patisserie, and chocolate products along with recipe inspiration. The site is built on Adobe Experience Manager, indicating enterprise-grade digital infrastructure with moderate performance and good mobile optimization. Security posture is adequate with HTTPS usage and no exposed sensitive data, but lacks explicit security headers and incident response information. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

P

Puratos

puratos.ch

76

Puratos is a well-established Swiss company specializing in manufacturing and supplying innovative bakery, patisserie, and chocolate ingredients. The website reflects a professional and consistent brand presence with a clear focus on B2B customers in the food manufacturing sector. The company offers a broad product range and supports customers with tailored solutions and an online ordering platform called My Puratos. Technically, the website is built on Adobe Experience Manager CMS with modern JavaScript frameworks and integrates Google Tag Manager for analytics. The site is mobile-optimized and provides a good user experience with clear navigation and rich content. Security posture is solid with HTTPS enforced and secure login mechanisms, although some security headers are missing and no explicit privacy or cookie policies were detected. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.