Security Directory

C

Confido

confido.ee

0

Confido is a prominent Estonian medical center offering over 2500 healthcare services including preventive care, primary and specialist medical services, surgical and rehabilitation treatments, and aesthetic medicine. The company operates multiple physical clinics across Estonia and provides digital health services such as a digital clinic and online booking. The website is multilingual, targeting Estonian, English, and Russian speakers, reflecting a broad target audience within Estonia. The business model focuses on comprehensive healthcare delivery with both in-person and digital service channels, positioning Confido as a leading private healthcare provider in the region. Technically, the website is built on WordPress with modern plugins like Yoast SEO and WPML for multilingual support. It uses popular JavaScript libraries such as jQuery, Fancybox, and Owl Carousel for enhanced user experience. The site integrates Google Tag Manager and Facebook Pixel for analytics and marketing, and employs a cookie consent mechanism via cookie-script.com, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, though accessibility features are basic. From a security perspective, the site enforces HTTPS with an excellent SSL configuration and uses asynchronous loading for tracking scripts to minimize performance impact. However, there is no explicit privacy policy, terms of service, or security policy pages found, nor any incident response or vulnerability disclosure information. Cookie consent is implemented, but GDPR compliance indicators are limited. No critical vulnerabilities or suspicious activities were detected in the content provided. Overall, Confido's website demonstrates a strong business presence with good technical implementation and a solid security posture, though improvements in privacy compliance documentation and security transparency are recommended. The domain registration details align well with the business claims, supporting high legitimacy and trustworthiness.

A

admin

monetti.ee

0

Monetti.ee operates as a leading personal loan consultancy and comparison platform in Estonia, providing users with access to a wide range of loan products including mortgage loans, refinancing loans, credit cards, and quick loans. The website positions itself as the number one loan consultant in Estonia since 2008, offering services that help consumers make informed financial decisions by comparing various financial products. The platform targets Estonian consumers seeking personal loans and related financial services, leveraging partnerships with multiple loan providers to offer comprehensive options. Technically, the website is built on WordPress CMS, utilizing popular libraries and plugins such as jQuery, Bootstrap, and WPBakery Page Builder, hosted behind Cloudflare DNS services. The site demonstrates good digital maturity with responsive design, SEO optimization, and integration of analytics and trust signals like Trustpilot reviews. Security posture is solid with HTTPS enforced, use of reCAPTCHA, and cookie consent mechanisms, although it lacks explicit security policies and advanced security headers. Overall, Monetti.ee presents a professional and trustworthy online presence with room for improvement in formal security disclosures and terms of service.

K

KVARK

kvark.ee

0

KVARK is a small Estonian company specializing in creating unique event experiences such as science theater, workshops, and technical event solutions. The website is built on the Wix platform and uses standard Wix technologies including Google Analytics and Leadfeeder for user tracking. The business presents itself professionally with consistent branding and clear contact information, targeting both adult and child audiences for educational and entertainment events. Technically, the site is moderately optimized with HTTPS enabled and some security hardening scripts, but lacks explicit privacy and cookie policies, which impacts compliance. Security posture is good with no visible vulnerabilities, but incident response information is missing. Overall, the website is functional and trustworthy but could improve privacy compliance and security transparency.

E

Eesti Füüsika Selts

fyysika.ee

0

FYYSIKA.EE is a specialized Estonian website operated by the Estonian Physical Society, focusing on physics, science, and technology news, seminars, and educational content. The site serves a niche audience of physics students, educators, and researchers primarily in Estonia. Technically, it is built on WordPress with a modern theme and uses standard web technologies such as jQuery and Google Fonts. The site is well-structured with semantic markup and schema.org data, enhancing SEO and accessibility. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies, which should be addressed to meet GDPR requirements. Overall, the site is professional and trustworthy but could improve in privacy transparency and security best practices.

L

Laen kinnisvara tagatisel

makerlab.ee

0

The website makerlab.ee operates as a small Estonian business focused on providing information and services related to real estate secured loans. It targets individuals and investors interested in financing options secured by property, offering detailed content on loan types, repayment methods, and amortization. The business appears to be recently established in 2022, with domain registration consistent with the website's country and business focus. Technically, the site is built on WordPress using WooCommerce and Elementor, leveraging modern web technologies such as jQuery and Bootstrap. The site is mobile optimized and performs moderately well, with good SEO practices evident through meta tags and structured data. Hosting details are not explicit, but Cloudflare DNS is used, enhancing DNS reliability. From a security perspective, the website uses HTTPS, which is mandatory and well configured. However, it lacks important security headers like Content-Security-Policy and HSTS, which could improve its security posture. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is weak due to the absence of privacy and cookie policies, and no consent mechanisms are present. Overall, the website presents a moderate risk profile with good business credibility but notable gaps in privacy compliance and security best practices. Strategic improvements in security headers and privacy disclosures are recommended to enhance trust and regulatory compliance.

S

ScienceMosaic

sciencemosaic.com

0

ScienceMosaic is an Estonia-based engineering company specializing in hardware design, embedded software development, big data and IoT solutions, and software development for businesses worldwide. Their website presents a professional image with clear navigation and detailed service descriptions, targeting OEMs and enterprises across multiple industries. The technical infrastructure leverages WordPress CMS with Bootstrap and jQuery frameworks, integrating analytics tools such as Google Analytics and Microsoft Clarity, alongside a robust cookie consent mechanism. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and explicit privacy or incident response policies suggests room for improvement. The lack of WHOIS data transparency is a notable concern, slightly impacting trustworthiness. Overall, the site is functional, professional, and moderately secure, suitable for its business purpose.

Limegrow is a small Estonian-based technology company specializing in ecommerce solutions, website development, and custom software services. Established in 2011, the company positions itself as a provider that brings a startup mindset to corporate clients, offering services such as WordPress, WooCommerce, Magento development, email marketing, and website maintenance. Their market presence is supported by a portfolio of clients and positive testimonials, indicating a trusted regional player in the web development space. Technically, the website is built on WordPress using common industry plugins like WPBakery, Yoast SEO, and Contact Form 7, with Cloudflare DNS and HTTPS enforced. The site demonstrates good mobile optimization and SEO practices, though performance is moderate. Security measures include HTTPS and Google Invisible reCAPTCHA on forms, but lack advanced security headers and published security policies. From a security perspective, the site shows a solid baseline with no visible vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies, lack of cookie consent mechanisms, and missing security headers represent compliance and security gaps. The WHOIS data confirms domain legitimacy with consistent registration details and no privacy protection, aligning with the business claims. Overall, Limegrow's website is professional and trustworthy but would benefit from enhanced privacy compliance and security hardening to meet modern standards and regulatory requirements.

E

Estonian Film Institute

filmi.ee

0

The Estonian Film Institute operates as a national cultural institution dedicated to supporting and promoting Estonian film production, distribution, and education. The website serves both film viewers and industry professionals, providing news, event information, and institutional details. The organization is well-established with a domain registered since 2014, consistent with its public presence. Technically, the website is built on a modern WordPress CMS platform with contemporary libraries such as Bootstrap and jQuery, ensuring a responsive and user-friendly experience. SEO practices are well implemented, and the site is mobile-optimized. However, some accessibility features could be improved. From a security perspective, the site uses HTTPS with good SSL configuration but lacks visible security headers and explicit privacy or cookie policies. There is no evidence of a vulnerability disclosure program or security contact channels, which could be areas for improvement. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and explicit contact information to improve user trust and regulatory adherence.

Ellington Printing OÜ is a well-established Estonian full-service printing and production agency with over 30 years of experience and a strong market position as the largest in its sector locally. The company leverages a cloud-based ordering platform to streamline client interactions with production providers, emphasizing sustainability and efficiency. The website reflects a professional digital presence built on WordPress with modern marketing and analytics tools integrated. However, the absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. Security posture is adequate with HTTPS and domain transfer protections but lacks advanced security headers and DNSSEC. Contact information is clearly presented, supporting business credibility. Overall, the website is functional, user-friendly, and professionally designed but requires improvements in privacy compliance and security hardening.

P

Põhjala Brewery

pohjalabeer.com

0

Põhjala Brewery is an established Estonian craft beer producer with a diverse portfolio of beers including lagers, IPAs, porters, and non-alcoholic options. The company leverages its heritage and local nature inspirations to create unique beer flavors, targeting craft beer enthusiasts and event attendees. The website reflects a medium-sized hospitality business with a professional and consistent brand presence. Technically, the website uses modern web technologies including jQuery, Google Tag Manager, and Facebook Pixel, with good mobile optimization and SEO practices. However, it lacks explicit privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enforced but missing DNSSEC and security headers. The domain registration is consistent and trustworthy, supporting the legitimacy of the business. Overall, the website is functional and professional but could improve privacy compliance and security hardening.

P

Paysera LT UAB

paysera.ee

0

Paysera LT UAB operates the Paysera payment services platform, offering a broad range of financial services including IBAN accounts, payment gateways, currency exchange, and mobile banking solutions. The company targets both individual and business customers primarily in Estonia and other European countries, positioning itself as a reliable and cost-effective alternative in the payment services market. The website is professionally designed, multilingual, and provides comprehensive information about services, legal compliance, and customer support. Technically, the site uses modern web technologies with responsive design and good SEO practices, although some security headers could be enhanced. Security posture is strong with HTTPS enforcement and dedicated security policies, but lacks a public vulnerability disclosure program. WHOIS data confirms the legitimacy of the domain and company, with consistent registration details and appropriate domain age. Overall, Paysera demonstrates a mature digital presence with solid business credibility and security awareness.

Z

Zone Media OÜ

tellimine.ee

0

Tellimine.ee is an Estonian e-commerce platform specializing in online subscriptions for newspapers and magazines. Operated by Zone Media OÜ since 2010, the website targets Estonian-speaking customers interested in print media subscriptions. The platform offers a range of products including newspapers, magazines, and gift subscriptions, positioning itself as a niche player in the local media subscription market. The website uses Magento 2 with a custom Olegnax theme and integrates GDPR compliance modules to manage cookie consent and user privacy. Technically, the site employs modern JavaScript libraries and frameworks such as jQuery, KnockoutJS, and RequireJS, and includes Google reCAPTCHA for bot protection on login forms. Security posture is generally good with HTTPS enforced and no exposed sensitive data, although some security headers are missing and DNSSEC is not enabled. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service found. Contact information is not directly available on the site, which may impact user trust. Overall, the website is functional, professionally designed, and moderately secure, but could improve transparency and compliance documentation.

G

Geenius Meedia OÜ

geeniusmeedia.ee

0

Geenius Meedia OÜ is a medium-sized Estonian media company founded in 2018, operating multiple specialized online portals and magazines focused on technology, automotive, finance, health, real estate, and investment topics. The company positions itself as a fact-based, independent platform for expert authors and aims to serve a broad Estonian audience interested in these sectors. Their business model revolves around content creation, advertising sales, and subscription services. Technically, the website employs modern frontend technologies such as Bootstrap, jQuery, Chart.js, and integrates Google Analytics and Tag Manager for user tracking and analytics. The site is mobile-optimized with good navigation and content relevance. Security posture is strong with HTTPS enforced and cookie consent implemented, though some security headers are missing and no explicit vulnerability disclosure or security.txt is present. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

W

Wallester AS

wallester.com

0

Wallester AS is a well-established fintech company founded in 2016 and headquartered in Tallinn, Estonia. It operates as a leading card issuing platform in Europe, specializing in white-label card issuing solutions and free expense management services targeted at businesses. The company holds significant trust indicators including PCI DSS Level 1 certification, Visa Principal Membership, and licensing by the Estonian Financial Supervisory Authority, positioning it strongly in the European financial services market. Wallester offers a comprehensive suite of services including virtual and physical card issuance, embedded finance APIs, and expense management platforms, catering primarily to B2B clients seeking to streamline corporate spending and payment processes. Technically, Wallester's website demonstrates a mature digital infrastructure leveraging modern technologies such as React for frontend development, Cloudflare for DNS and hosting, and integrates marketing and analytics tools like Google Tag Manager and Bing Ads. The site is well-optimized for performance, mobile responsiveness, and SEO, providing an excellent user experience. Security posture is robust with enforced HTTPS, appropriate security headers, and no visible vulnerabilities or exposed sensitive data. However, the site lacks a visible cookie consent mechanism and explicit terms of service, which are areas for improvement in privacy compliance. Overall, Wallester exhibits a strong security and compliance stance aligned with industry standards, supported by transparent WHOIS registration data consistent with its business claims. The company maintains active engagement through a regularly updated blog and is featured in reputable media outlets, enhancing its credibility. Strategic recommendations include implementing a cookie consent banner, publishing detailed security and incident response policies, and making terms of service more accessible to further strengthen trust and compliance.

P

PG Inkasso OÜ

pginkasso.ee

0

PG Inkasso OÜ is an Estonian private company specializing in debt collection and legal consulting services. The company positions itself as one of the largest players in Estonia's debt recovery market, offering both extrajudicial and judicial debt collection, legal advice, and client consultation. Their business model focuses on providing convenient and professional debt recovery services supported by qualified specialists and auditor-controlled financial processes. The website content is professionally presented and targets Estonian businesses and debtors needing collection services. Technically, the website uses a modern tech stack including Bootstrap, jQuery, and Google Analytics, hosted behind Cloudflare DNS and nameservers. The site is mobile optimized and has good SEO practices but lacks advanced accessibility features. The domain is very new (registered in 2024) which contrasts with the company's claimed founding year (2010), suggesting a recent domain acquisition or rebranding. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, it lacks DNSSEC, security headers, and any visible privacy or cookie policies, which are important for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided. Tracking is implemented via Google Analytics and Tag Manager without a visible consent mechanism. Overall, the website is functional and professional but could improve significantly in privacy compliance, security best practices, and transparency. The domain registration is consistent with the business location but the new domain age is a point to consider. Strategic improvements in security policies, contact information visibility, and compliance documentation are recommended.

T

Tallinna Hoiu-Laenuühistu

erahoius.ee

0

Tallinna Hoiu-Laenuühistu is a financial cooperative based in Estonia, founded in 2010, providing deposit and loan services primarily to physical and legal persons within Estonia. The website presents a professional and comprehensive digital presence, offering detailed product information, legal documents, and clear contact channels. The technical infrastructure includes modern JavaScript libraries, Google Tag Manager, and analytics tools, with a focus on user privacy and consent management. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response details are not published. Overall, the site reflects a trustworthy and compliant financial institution with a solid market position in Estonia.

P

Placet Group OÜ

smsraha.ee

0

Smsraha.ee is a well-established Estonian financial services provider specializing in consumer and business loans, credit lines, and credit cards. Operating since 2009, the company offers a range of flexible credit products tailored to both private individuals and businesses. The website reflects a professional and user-friendly design with clear navigation and comprehensive service descriptions, targeting the Estonian market. The business model focuses on providing accessible credit solutions with competitive terms and customer-centric features such as cashback and interest-free periods. The company positions itself as a reliable and modern partner in the Estonian lending market.

P

Palmako AS

construct.ee

0

Construct, operated by Palmako AS, is a specialized manufacturer of glued laminated timber products serving the construction industry with a focus on sustainability and quality. As part of the Lemeks Group, it benefits from a strong supply chain and international presence, exporting to over 30 countries. The website reflects a mature digital presence built on Drupal 10, with good mobile optimization and clear navigation. Privacy and cookie compliance are well implemented, supporting GDPR requirements. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. However, explicit security policies and incident response information are absent, which could be improved. Overall, the site projects professionalism and trustworthiness aligned with the company's market position.

L

Lemeks Grupp

lemeks.ee

0

Lemeks Grupp is a well-established Estonian industrial group specializing in sustainable forestry, wood processing, and agriculture since 1993. The company operates with a strong focus on environmental responsibility and local capital ownership, serving both domestic and international markets with exports to 50 countries. The website reflects a mature digital presence built on WordPress, incorporating modern web technologies and compliance mechanisms such as GDPR cookie consent. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though some areas like incident response and security policy documentation could be improved. Overall, the site demonstrates good professionalism, trustworthiness, and business credibility, supporting Lemeks Grupp's market position as a leading forestry and manufacturing group in Estonia.

I

Integration Foundation

integrationconference.ee

0

The Integration Foundation operates an informational website promoting an international conference on integration scheduled for November 2025 in Tallinn, Estonia. The conference targets academics, policy-makers, and practitioners focused on integration challenges in Europe. The website serves as a platform to share event details, workshops, and research collaborations. Technically, the site is built on WordPress with a modern but basic tech stack including Bootstrap and jQuery, hosted likely by Zone Media OÜ in Estonia. The site is mobile optimized and presents content in multiple languages. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is limited to an email address and social media links. Overall, the site is professional but could improve in privacy and security transparency.

S

SA Kiusamisvaba Kool

kiusamisvaba.ee

0

SA Kiusamisvaba Kool is a well-established Estonian non-profit organization dedicated to preventing bullying in schools through the implementation of the KiVa anti-bullying program developed in Finland. The organization provides training, resources, and support to schools, parents, and communities, positioning itself as the official representative of the KiVa program in Estonia. The website reflects a professional and consistent brand presence with comprehensive content targeting educators, parents, and socially responsible entities. Technically, the site is built on WordPress with modern plugins and integrations, including WooCommerce for e-commerce and Edwiser Bridge for LMS functionalities. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the site demonstrates good digital maturity and trustworthiness.

Tartuvald.ee is the official website of the Tartu vald municipality in Estonia, serving as a comprehensive portal for local government information, public services, news, and community resources. The site targets residents and visitors, providing extensive navigation to various municipal sectors such as social services, education, culture, and crisis preparedness. The business model is that of a government public service platform, with a medium-sized scope and founded in 2017. The website is built on the Liferay CMS platform and integrates common web technologies including jQuery, Google Analytics, and Facebook Pixel for analytics and marketing purposes. Hosting is provided by Zone Media OÜ, a reputable Estonian registrar and hosting provider.

W

Waldur

waldur.com

0

Waldur is a technology company specializing in an open-source hybrid cloud and HPC management platform. Their solution integrates private and public cloud resources, including OpenStack, AWS, and DigitalOcean, offering a self-service portal, billing, helpdesk, and marketplace functionalities. The company targets cloud service providers, enterprises, research institutions, and public sector organizations, positioning itself as a niche player with professional support services and a strong open-source community presence. The website content is well-structured, professionally designed, and provides comprehensive information about the product features, integrations, and documentation. Technically, the website uses a modern tech stack including ReactJS for the frontend, Jekyll for static site generation, and standard libraries like jQuery and Bootstrap. Hosting appears to be on AWS infrastructure. The site is mobile-optimized and SEO-friendly with proper meta tags and structured data. Analytics are implemented via Google Analytics and Google Tag Manager, though privacy compliance mechanisms such as cookie consent banners are missing. From a security perspective, the site enforces HTTPS and does not expose sensitive data or vulnerable libraries. However, it lacks important security headers and does not publish security policies or incident response contacts. The WHOIS data shows a consistent and long-term domain registration with no privacy protection, supporting legitimacy. Overall, the security posture is moderate but could be improved with better policy disclosures and technical hardening. The overall risk is low to moderate. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, adding security headers, publishing incident response and vulnerability disclosure information, and enabling DNSSEC for domain security. These steps will enhance trust, compliance, and security posture, supporting Waldur's professional market positioning.

S

Sportland

sportland.ee

0

Sportland is a leading sports retail company operating primarily in the Baltic region and Finland, with a strong e-commerce presence. Founded in 1997, it has grown to become the largest sports store chain in the Baltics, offering a wide range of sportswear, footwear, and equipment. The website reflects a mature digital infrastructure with modern technologies such as React-based ScandiPWA, Magento platform, and integrated performance and user behavior monitoring tools. Privacy and cookie policies are well implemented, indicating compliance with GDPR requirements. Security posture is solid with HTTPS enforcement, Cloudflare DNS, and monitoring via New Relic, although explicit security policies and incident response information are not publicly available. Overall, the website is professional, trustworthy, and well-optimized for user experience and SEO.

L

Liviko

liviko.eu

0

Liviko is a well-established international group specializing in premium alcoholic beverages, with a strong market presence in the Baltic region and distribution across 60 markets. The company offers a range of services including distillery tours, production, export, and brand representation. Their website reflects a mature digital presence built on WordPress with modern SEO and privacy compliance tools. The technical infrastructure is solid, leveraging popular plugins and analytics services, and the site is mobile-optimized with good user experience. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a professional and trustworthy online presence consistent with the company's business stature.

T

Tallink Grupp

tallink.ee

0

Tallink Grupp operates a comprehensive ferry and cruise service primarily in the Baltic Sea region, connecting Estonia with Finland, Sweden, and other destinations. The website offers ticket booking, hotel accommodations, cargo services, and a loyalty program, targeting leisure and business travelers. The digital platform is built on modern web technologies including Next.js and React, ensuring a responsive and user-friendly experience across devices. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms implemented, although explicit security policies and incident response contacts are not publicly available. The absence of WHOIS data for the domain introduces some uncertainty, but the professional presentation and consistent branding support the legitimacy of the business. Overall, the website demonstrates a mature digital presence with room for improvement in transparency around security and incident handling.

KOOS.io is a technology company founded in 2021 and registered in Estonia as Programmable Equity OU. The company offers a SaaS platform designed to motivate and reward contributors within platforms and marketplaces by sharing success through legal and technological solutions. Their key services include a company portal and shareholder app that enable tracking contributor impact and distributing rewards fairly. The website is professionally designed using modern frameworks such as Nuxt.js and Tailwind CSS, with integrations for analytics and user behavior tracking tools like Google Analytics, Hotjar, and Crazy Egg. Security is reasonably well implemented with HTTPS and domain transfer protections, but lacks published privacy, cookie, and security policies, which impacts compliance and trust. No WAF or blocking mechanisms were detected, and the domain registration data is consistent and transparent, supporting legitimacy.

E

Elkdata OÜ

mentornaut.ee

0

Mentornaut is an Estonian online platform founded in 2020 by Elkdata OÜ that connects students with private tutors for personalized learning sessions both online and in-person. The platform targets students and tutors across Estonia, offering flexible scheduling and a variety of subjects. The website is professionally designed using React and Material-UI, hosted behind Cloudflare DNS, and integrates social media channels for broader engagement. While the site provides essential business information and user testimonials, it lacks explicit contact details and a cookie consent mechanism, which are important for user trust and regulatory compliance. Security posture is moderate with HTTPS likely enabled but missing explicit security headers and vulnerability disclosures.

Vumonic Datalabs is a technology company specializing in AI-powered market intelligence and consumer transaction data analytics. Founded in 2016 and headquartered in Estonia, it leverages a large email receipts panel primarily in India with plans for global expansion. The company targets buy-side and sell-side funds, corporates, and brands seeking actionable insights to drive smarter decisions. The website reflects a modern, professional digital presence built on Next.js and React, with good performance and mobile optimization. Security posture is solid with HTTPS and domain registration protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is basic, lacking cookie consent mechanisms despite use of Google Analytics. Overall, the business demonstrates credibility with consistent WHOIS data and clear market positioning.

X

Xolo OÜ

xolo.io

0

Xolo OÜ is a technology company founded in 2015, specializing in providing comprehensive business solutions tailored for solopreneurs and freelancers globally. Their platform offers services including virtual company invoicing without registration (Xolo Go), e-Residency company formation and management (Xolo Leap), accounting, tax reporting, and compliance support. The company positions itself as a trusted partner for independent business owners seeking to simplify administrative burdens and operate remotely. The website demonstrates a strong market presence with over 130,000 users and invoicing clients from 150 countries, indicating a mature and scalable business model. Technically, the website employs a modern tech stack with integrations of Google Analytics, HubSpot, Freshchat, and other marketing and analytics tools, ensuring robust user engagement tracking and customer support capabilities. The site is well-optimized for mobile devices, features clear navigation, and uses structured data for SEO enhancement. Performance is moderate, with room for optimization in loading speed. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not visible in the HTML, the use of reputable third-party services and absence of exposed sensitive data indicate a solid security posture. However, the site could benefit from publishing a formal security policy and vulnerability disclosure program to enhance transparency and incident response readiness. Overall, Xolo presents a professional, trustworthy, and user-centric platform with strong business credibility and compliance awareness. The lack of WHOIS data transparency is mitigated by consistent website content and social proof. Strategic recommendations include enhancing security header implementation, formalizing security policies, and continuous monitoring of third-party integrations to maintain a high security standard.

S

Specialist VC

specialist.vc

0

Specialist VC is a venture capital fund focused on supporting early-stage technology startups primarily in Estonia, Latvia, Lithuania, Finland, Ukraine, and Belarus. The fund invests mainly in pre-seed to Series A rounds, with occasional secondary investments in later rounds. Their portfolio includes over 60 companies, many of which are recognized regional tech leaders. The website presents a professional and consistent brand image, with detailed team bios and clear contact information, positioning Specialist VC as a credible and established player in the regional VC ecosystem. Technically, the website is built on WordPress with modern plugins such as Rank Math for SEO and uses jQuery and Splide.js for interactive elements. The site is mobile-optimized and performs moderately well, with good SEO practices and accessibility features. HTTPS is enforced, ensuring secure communications. From a security perspective, the site has a solid SSL configuration but lacks some security headers and does not provide a vulnerability disclosure or incident response contact. Privacy compliance is partial, with an ESG policy page but no dedicated privacy or cookie policy pages, nor cookie consent mechanisms. Contact information is comprehensive, including multiple team emails and phone numbers. Overall, Specialist VC's website reflects a mature business with a strong market position and good technical implementation. However, improvements in privacy compliance and security best practices would enhance trust and regulatory adherence.

T

Telia Eesti AS

keila.ee

0

Keila.ee is the official municipal website for the city of Keila, Estonia, providing residents and visitors with comprehensive information about city services, news, events, and contact details. The website is managed under the domain registered by Telia Eesti AS since 2010, indicating a stable and legitimate online presence. The site targets local citizens and tourists, offering resources such as job postings, municipal announcements, and tourism information. Technically, the site is built on WordPress with Elementor and Ova Framework plugins, leveraging modern web technologies like Bootstrap and FontAwesome for design and functionality. The website demonstrates good mobile optimization and accessibility features, ensuring usability across devices.

T

Telia Eesti AS

kaustik.ee

0

Kaustik.ee is an Estonian information system platform primarily serving the education sector, offering document register services and secure user authentication including Estonian electronic ID methods. The platform is operated under the domain registered by Telia Eesti AS, a reputable telecom provider in Estonia, indicating a legitimate and regionally focused service. The website content is basic but functional, with a focus on user login and document access. Technically, the site uses a proprietary WebDesktop system with modern JavaScript libraries such as jQuery and Bootstrap, providing a moderate level of digital maturity. However, SEO and accessibility features are minimal, and no advanced analytics or marketing tools are detected. Security posture is adequate with HTTPS and secure login options but lacks important security headers and privacy policies, which are critical for GDPR compliance and user trust. Overall, the site is moderately trustworthy but would benefit from enhanced security and privacy measures.

Z

Zone Media OÜ

kooliraamatukogud.ee

0

The website kooliraamatukogud.ee serves as a digital catalog platform named RIKSWEB for Estonian school libraries, enabling users to search library collections, view item statuses, and access news literature and events. It targets educational institutions in Estonia, providing a niche service that supports library management and user engagement. The platform is operated by Zone Media OÜ, a known Estonian registrar and hosting provider, which aligns with the website's regional and sector focus. Technically, the website employs a modern yet simple technology stack including jQuery and Google Fonts, with multiple CSS stylesheets for styling and responsive design. The site is mobile-optimized and offers a clear navigation structure, although SEO optimization is minimal. No CMS or advanced frameworks are detected, indicating a custom or lightweight solution. Performance is moderate, with no evident blocking or WAF interference. From a security perspective, the site uses HTTPS and avoids exposing sensitive data or vulnerable libraries. However, it lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is available, and no contact details for security matters are provided. These gaps reduce the overall security posture and privacy compliance. Overall, the website is functional and professionally presented for its educational purpose but requires improvements in privacy compliance, security best practices, and contact transparency to enhance trust and regulatory adherence.

H

Harju Maakonnaraamatukogu

keilaraamatukogu.ee

0

Harju Maakonnaraamatukogu is a regional public library serving Harju County in Estonia, providing a range of library services including book lending, children's services, local history resources, and event hosting. The website targets local residents and library users, offering information and access to library resources and services. The business operates as a public institution with a focus on education and cultural enrichment. Technically, the website is built on WordPress using Elementor and Bootstrap frameworks, hosted under a reputable Estonian registrar. The site is mobile-optimized, accessible, and uses HTTPS for secure communication. Security posture is generally good with no visible vulnerabilities or exposed sensitive data, but lacks explicit security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

K

Keila Muusikakool

keilamuusikakool.ee

0

Keila Muusikakool is a small local music school based in Keila, Estonia, providing music education services primarily to students and parents in the local community. The website offers detailed information about competitions, study programs, schedules, events, and pricing. The business operates with a clear focus on education and community engagement. Technically, the website is built on WordPress using Elementor, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal policies such as privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the site is functional and professional but could improve in privacy compliance and security best practices.

T

Tervise Arengu Instituut

terviseinfo.ee

0

Terviseinfo.ee is a well-established Estonian health information portal managed by the Tervise Arengu Instituut, a government-affiliated health development institute. The website provides comprehensive health promotion content, news, and educational resources targeted primarily at health promotion specialists and the general public. It covers a broad range of health topics including alcohol, HIV/AIDS, nutrition, mental health, and more, positioning itself as a trusted national resource for health information. Technically, the site is built on Joomla CMS and utilizes common JavaScript libraries such as MooTools and jQuery, along with Google Fonts and Google Analytics for tracking. The site is served over HTTPS, ensuring secure communication, and includes CSRF tokens in forms to protect against cross-site request forgery. However, it lacks explicit security headers like Content-Security-Policy and HSTS, and does not have a visible cookie consent mechanism or privacy policy page, which are important for GDPR compliance. From a security perspective, the website demonstrates a moderate security posture with secure form handling and HTTPS usage but could improve by implementing additional HTTP security headers and publishing clear privacy and cookie policies. No WAF or blocking mechanisms were detected, and the site content is fully accessible. The WHOIS data aligns well with the website's governmental health mission, showing a consistent and legitimate registration since 2011. Overall, the website is professional, trustworthy, and serves its public health mission effectively, but should enhance privacy compliance and security headers to strengthen its security posture and regulatory adherence.

L

Liikuma Kutsuv Kool, TÜ liikumislabor

liikumakutsuvkool.ee

0

Liikuma Kutsuv Kool is an educational innovation program based in Estonia, affiliated with the University of Tartu's Movement Laboratory. The program aims to promote a more active school culture across Estonian schools by providing training, research, and networking opportunities. It is supported by government ministries and recognized as an evidence-based intervention by the Health Development Institute. The website is well-structured, professionally designed, and uses modern WordPress technologies with good SEO and mobile optimization. Contact information and social media presence are clearly provided, enhancing trust and accessibility. However, the site lacks explicit privacy and cookie policies, which impacts GDPR compliance and privacy posture. Security practices are generally good with HTTPS and standard security headers, but no dedicated security or incident response policies are published.

Stuudium operates an e-school platform primarily targeting students, parents, and teachers in Estonia. The website serves as a portal for users to select their school and log in to the platform. The business model is SaaS-based, providing educational institutions with digital tools for school management. The platform appears to have a moderate market position within the Estonian education sector, focusing on usability and accessibility for its target audience. Technically, the website uses standard web technologies including HTML5, CSS3, and JavaScript, with assets hosted on a dedicated CDN domain. The site is basic in design and functionality, with minimal content and limited SEO or accessibility features. Mobile optimization is present but basic. No advanced frameworks or CMS platforms are detected from the provided HTML. From a security perspective, the site uses HTTPS (assumed from external asset URLs), but no explicit security headers or policies are visible. The form disables autocomplete and autocorrect to enhance input security. However, the absence of privacy, cookie, and terms of service policies indicates gaps in compliance with GDPR and other regulations. No contact or incident response information is provided, limiting transparency and trust. Overall, the website is functional but basic, with moderate business credibility but limited privacy and security maturity. Strategic improvements in compliance documentation, security headers, and user trust signals are recommended to enhance the platform's security posture and regulatory adherence.

P

Placet Group OÜ

laen.ee

0

Laen.ee is a well-established Estonian financial services provider specializing in a variety of loan products including credit cards, credit lines, consumer loans, and business loans. The company targets both private individuals and businesses within Estonia, offering flexible and user-friendly loan solutions. The website reflects a mature digital presence with clear service descriptions, a modern UI, and localized content in Estonian. Technically, the site employs standard web technologies such as JavaScript, jQuery, and Google Tag Manager, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and headers could be enhanced. Overall, the domain registration data aligns well with the business claims, supporting high legitimacy and trustworthiness.

M

Moneyzen

moneyzen.ee

0

Moneyzen is an Estonian-based online financial platform specializing in providing personal loans and investment opportunities through a transparent and empathetic approach. The platform targets individuals seeking flexible loan options and investment avenues, operating primarily in the Estonian market with multilingual support. The business model centers on connecting borrowers and investors, offering various loan types including personal, renovation, travel, health, auto, education, and refinancing loans. Despite recent challenges leading to the cessation of new loan and investment applications as of June 6, 2025, Moneyzen remains committed to servicing existing contracts and investor accounts. Technically, the website is built on WordPress using Elementor and Yoast SEO, integrating modern web technologies such as Google Tag Manager, reCAPTCHA, Hotjar, and Facebook Pixel for analytics and marketing. The site demonstrates good mobile optimization, SEO practices, and basic accessibility features. Security posture is strong with HTTPS enforced, security headers present, and no exposed sensitive data, although explicit security policies and incident response information are absent. Overall, Moneyzen presents a professional and trustworthy online presence with clear business information and contact channels. The domain registration aligns well with the business claims, enhancing legitimacy. However, improvements in privacy compliance documentation, security policy transparency, and incident response readiness are recommended to strengthen trust and regulatory adherence.

B

Bondora

bondora.ee

0

Bondora is a well-established Estonian financial services company specializing in personal loans. The website presents a professional, user-friendly platform that facilitates quick loan applications with transparent terms and flexible repayment options. The company has a strong market presence with over 1.5 million applicants and 17 years of experience, positioning it as a trusted lender in the region. Technically, the site leverages WordPress with Bricks Builder, integrates modern web technologies, and employs robust cookie consent mechanisms to ensure GDPR compliance. Security posture is strong with HTTPS, anti-forgery tokens, and Cloudflare protections, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site demonstrates high professionalism, good privacy practices, and a mature digital infrastructure.

C

Creditea

creditea.ee

0

Creditea is a financial services provider offering transparent and flexible credit accounts primarily targeting consumers in Estonia and the Baltic region. The company is part of the IPF group and serves over 1.7 million customers across nine countries. Their services include credit lines and payment accounts accessible via web and mobile applications, emphasizing ease of use and transparency with no hidden fees. The website is professionally designed, mobile-optimized, and provides a user-friendly experience with clear navigation and relevant content in Estonian. Technical infrastructure leverages modern web technologies such as React and Next.js, with integrations for analytics and advertising through Google Tag Manager and Bing Ads. Security posture is strong with HTTPS enforcement, security headers, and GDPR-compliant cookie consent mechanisms. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy and ownership transparency. Overall, the website demonstrates a mature digital presence with good security and privacy practices but would benefit from clearer contact information and verified domain registration details.

M

Multitude Bank p.l.c.

ferratum.ee

0

Ferratum, operated by Multitude Bank p.l.c., is a well-established financial services provider specializing in quick and flexible online loans primarily targeting Estonian customers. The company is part of the larger Multitude Group, with a strong market presence since 2005 and operations in multiple countries. Their website offers a user-friendly experience with clear loan products, responsible lending information, and customer engagement through blogs and reviews. Technically, the site leverages modern frameworks such as Next.js and React, integrates third-party services like Salesforce chat and EmbedSocial reviews, and maintains good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and secure identification methods, although explicit security policies and incident response contacts are not published. Overall, the site demonstrates a mature digital presence with high trustworthiness and compliance with privacy regulations.

R

Raha.ee

raha.ee

0

Raha.ee is an Estonian financial advice platform established in 2016, offering practical guidance on earning, saving, and investing money. The website serves primarily individuals seeking to improve their personal finances through educational content and loan comparison tools. It holds a leading position in the Estonian market for financial advice websites, leveraging affiliate partnerships with multiple loan providers to monetize its services. Technically, the site is built on WordPress with modern web technologies, including JavaScript libraries and translation services, ensuring good mobile optimization and user experience. Security posture is solid with HTTPS and safe external linking practices, though explicit security headers and policies are absent. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

S

SmartPosti

smartpost.ee

0

SmartPosti is a leading parcel delivery service in Estonia, operating under the parent company Posti Group Oyj. The company offers a comprehensive range of parcel logistics services including parcel sending, receiving, self-service management, courier home delivery, and international shipments. Their extensive network and digital platform provide customers with flexible and convenient parcel handling options. The website demonstrates a mature digital infrastructure built on modern technologies such as Next.js and Contentful CMS, with good mobile optimization and accessibility. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the website reflects a professional and trustworthy business with strong compliance to privacy regulations and a clear market position in the transportation sector.

The website riigiteataja.ee serves as the official portal for Estonian legal publications, operated under the domain registered to Elkdata OÜ since 2010. It targets Estonian citizens, legal professionals, and government officials by providing access to legislation and legal documents. The business model is a government service focused on transparency and legal information dissemination. Technically, the site employs Cloudflare services including a Turnstile CAPTCHA for bot mitigation, indicating a focus on security and performance. However, the actual website content is currently inaccessible due to the Cloudflare security challenge, preventing a full analysis of content quality, user experience, and compliance features. Security posture benefits from Cloudflare's protection but lacks visible security headers and policies. Overall, the domain registration is consistent and legitimate, but the lack of accessible content and policies limits the assessment and lowers the AI score.

V

Valio Eesti AS

karjaarvalios.ee

0

Valio Eesti AS operates as a significant player in the Estonian dairy manufacturing sector, providing fresh dairy products and employment opportunities. The website serves as a career portal inviting potential employees to join their team, emphasizing training, fair pay, and a safe work environment. The company is part of the international Valio group, known for its innovative and sustainable food solutions. Technically, the website is built on WordPress with Elementor, offering a modern and responsive user experience. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy compliance mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security policies to meet compliance standards.

S

Sisustuskoda OÜ

sisuko.ee

0

Sisustuskoda OÜ is a small Estonian company specializing in custom furniture manufacturing, particularly kitchen furniture. Established in 2014, it serves local consumers seeking high-quality, tailor-made interior solutions. The website reflects a niche retail business model with a focus on craftsmanship and design. The company maintains an active online presence with social media integration and a WooCommerce-based e-commerce platform. Technically, the website is built on WordPress using Elementor and Astra theme, leveraging modern web technologies and Google services such as reCAPTCHA and Tag Manager. Security posture is adequate with HTTPS enabled and basic protections, but lacks explicit security headers and formal privacy or cookie policies. Overall, the site is professional and functional, though privacy compliance and security best practices could be enhanced to improve trust and regulatory adherence.

C

Connected Health

connectedhealth.ee

0

Connected Health is a small Estonian organization acting as a cluster and ecosystem connector for health innovation, focusing on IT and biotech companies, startups, and R&D partners. The website serves as a platform to showcase members, success stories, projects, and news related to Estonian health technology. Technically, the site is built on WordPress with modern plugins like Yoast SEO and uses Google Analytics and Google Maps API for analytics and mapping. The site is mobile optimized and has good SEO metadata and structured data, indicating a mature digital presence. Security posture is good with HTTPS enabled and no exposed sensitive data, but lacks security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanism. Business credibility is supported by consistent branding, partner association with Tehnopol, and EU funding logos. Overall, the site is professional and trustworthy but could improve privacy and security transparency.