Security Directory

Saku Õlletehas is a well-established Estonian brewery founded in 1820, operating as a subsidiary of the Carlsberg Group. The company specializes in manufacturing and retailing a wide range of beverages including beers, ciders, energy drinks, and soft drinks, serving both local and international markets. The website reflects a mature digital presence with comprehensive product listings, clear navigation, and consistent branding aligned with its parent company. Technically, the site uses a mix of legacy and modern JavaScript libraries, is mobile-optimized, and implements GDPR-compliant cookie consent mechanisms. Security posture is strong with HTTPS enforced and compliance scripts in place, though some security headers could be more explicitly defined. No blocking or WAF mechanisms interfere with content accessibility. Overall, the domain registration data aligns well with the business claims, supporting high legitimacy and trustworthiness.

Solaris is a well-established cultural and commercial center located in the heart of Tallinn, Estonia. Founded in 2010, it offers a diverse range of services including retail shops, restaurants, entertainment venues, office spaces, and parking facilities. The website reflects a professional and modern digital presence, targeting local visitors and shoppers with relevant content and event information. The business maintains a solid market position as a key destination for shopping and cultural activities in Tallinn.

The website mkm.ee is currently inaccessible beyond a Cloudflare security challenge page that requires human verification via Turnstile captcha. Due to this, no actual business content, policies, or contact information is available for analysis. The domain is registered since 2010 with Zone Media OÜ, an Estonian registrar, indicating a legitimate and stable domain ownership. The technical infrastructure relies on Cloudflare services for security and performance. However, the lack of accessible content and policies limits the ability to assess the business model, security posture, and compliance status. The site appears to be protected by a robust WAF, but this also restricts external analysis.

The Archimedes Foundation website serves as a minimal informational page indicating that as of January 1, 2021, its activities were transferred to the Estonian Education and Youth Board and the Erasmus+ and European Solidarity Corps Agency. The foundation historically managed European educational and youth programs such as Erasmus+. The website content is very limited, with no privacy, cookie, or terms of service policies, and no contact information provided. Technically, the site uses basic HTML and CSS with Google Fonts, hosted under an Estonian registrar. No advanced security headers or analytics tools are detected, and the site lacks modern SEO and accessibility features. Security posture is minimal but no critical vulnerabilities are evident. Overall, the site appears to be a legacy informational page rather than an active service platform.

T

Tripod

tripod.ee

0

Tripod is an Estonian service provider specializing in recruitment, testing, research, and coaching services. Established in 2010, the company targets businesses and professionals within Estonia, offering niche HR and development solutions. The website reflects a professional presence with clear branding and a focus on service offerings relevant to its market segment. The company maintains active social media profiles on Facebook and LinkedIn, enhancing its market visibility. Technically, the website is built on WordPress CMS, leveraging Yoast SEO for search optimization and Cookiebot for GDPR-compliant cookie consent management. The site uses modern web technologies including jQuery and integrates Google Tag Manager and Meta Pixel for marketing and analytics purposes. Hosting appears to be managed by Zone Media OÜ, consistent with the domain registration data. The website demonstrates good mobile optimization and moderate performance. From a security perspective, the site employs HTTPS with good SSL configuration and uses cookie consent mechanisms to comply with privacy regulations. However, explicit security headers such as Content-Security-Policy and X-Frame-Options are not detected, and no public security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the website presents a low-risk profile with strong compliance to privacy regulations and a solid technical foundation. Strategic recommendations include enhancing security headers, publishing a security policy and incident response contacts, and providing clearer contact information to improve business credibility and user trust.

S

Softrend

softrend.ee

0

Softrend is an established Estonian furniture company specializing in sofas, beds, and home accessories, with a strong emphasis on sustainability and quality craftsmanship. The company operates a professional e-commerce website built on WordPress, featuring modern technologies such as Google Tag Manager, reCAPTCHA, and performance optimizations via WP Rocket. The website is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. However, it lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security posture is strong with HTTPS and bot protection, but could be improved with additional security headers and a vulnerability disclosure policy. Overall, the domain registration data supports the legitimacy of the business, and the website reflects a credible and professional retail operation.

B

BB Finance OÜ

raha24.ee

0

Raha24, operated by BB Finance OÜ, is an Estonian online lending platform specializing in unsecured loans up to 10,000 EUR with quick approval processes. The company targets individuals in Estonia seeking fast and reliable credit solutions. The website demonstrates a mature digital presence with a domain registered since 2010, consistent with the business's operational history. Technical infrastructure is based on WordPress with modern SEO and consent management tools, indicating a moderate to good level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers appear missing. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with comprehensive privacy and cookie policies and GDPR-aligned consent mechanisms. Overall, the website is professional, trustworthy, and well-optimized for its target market.

H

Heateo Sihtasutus

heategu.ee

0

Heateo Sihtasutus operates as a non-profit organization in Estonia, focusing on promoting social change and charitable activities. The website serves as a platform to engage the Estonian community in good deeds and social initiatives. The organization has an established presence since 2010, supported by a professionally designed website built on WordPress and hosted by a reputable Estonian provider. The technical infrastructure is modern and secure, with HTTPS and security headers properly configured. However, the site lacks visible privacy and cookie policies, which impacts its compliance posture. No explicit contact information or incident response details are provided, limiting direct communication channels. Overall, the website demonstrates a solid business credibility and technical foundation but requires improvements in privacy compliance and transparency to enhance trust and regulatory adherence.

A

Adcash

adcash.com

0

Adcash is a well-established global online advertising platform founded in 2000, serving media buyers, affiliates, and publishers worldwide. The company offers a variety of advertising and monetization solutions including Pop-Under, Interstitial, Native, and Banner ads, supported by advanced targeting, anti-fraud technology, and real-time analytics. The website reflects a mature digital presence with comprehensive SEO, mobile optimization, and a professional design that supports user engagement and conversion. Technically, the site leverages modern tools such as Google Tag Manager, Matomo Analytics, and Cloudflare DNS, hosted on a WordPress CMS platform, ensuring fast performance and good accessibility. Security posture is solid with HTTPS enforced and domain registration protections, though improvements could be made by enabling DNSSEC and publishing explicit security policies. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms in place. Overall, Adcash demonstrates a high level of business credibility and digital maturity, positioning itself as a trusted player in the online advertising industry.

I

ITT Group

ittgroup.ee

0

ITT Group is a small Estonian company specializing in education-related innovative mechatronic products, training, and e-solution development, primarily targeting educational institutions in Estonia, Scandinavia, and Europe. With over 20 years of experience, the company has evolved to include consulting and development services in autonomous systems, collaborating with European and US higher-education institutions. The website is built on Joomla CMS, featuring a consistent and professional design with moderate performance and good mobile optimization. However, it lacks critical compliance documentation such as privacy and cookie policies, and no contact information is provided, which impacts trust and compliance perception. Security posture is basic with HTTPS enabled but missing advanced security headers and incident response details. Overall, the site is functional and informative but requires improvements in compliance and security transparency to enhance trustworthiness and regulatory adherence.

C

CYBERNETICA AS

cyber.ee

0

Cybernetica AS is a well-established Estonian technology company specializing in secure digital society technologies, including e-governance, cybersecurity, digital identity, and maritime surveillance. The company has a strong market position as the architect of e-Estonia and serves governments and enterprises globally. Their website reflects a mature digital presence with comprehensive content, clear navigation, and professional design. Technically, the site uses modern frameworks such as Nuxt.js and Vue.js, is mobile-optimized, and performs well. Security posture is strong with HTTPS enforced and privacy compliance evident through cookie consent and privacy policies. However, explicit security policies and vulnerability disclosure mechanisms are absent. Overall, Cybernetica demonstrates high business credibility and technical maturity, making it a trustworthy and professional entity in its sector.

The website www.esplan.ee is currently non-functional due to a fatal PHP error caused by an outdated WordPress plugin (wpml-string-translation). This prevents any content from being displayed, including business information, policies, or contact details. The domain is registered in Estonia with consistent WHOIS data, suggesting legitimacy, but the website itself lacks operational status and visible content. The technical infrastructure relies on WordPress CMS but suffers from plugin compatibility issues that must be addressed to restore functionality. Security posture is weak due to lack of visible security headers, unknown SSL status, and absence of privacy or cookie policies. Overall, the website presents a high risk due to inaccessibility and lack of compliance indicators.

A

AS Kevelt

kevelt.ee

0

AS Kevelt is an established Estonian pharmaceutical company specializing in the manufacturing, resale, and subcontracting of pharmaceuticals. The company emphasizes scientific approaches and strict quality controls to produce original and generic medicines, with ongoing research and innovation efforts to support long-term growth. The website targets healthcare industry stakeholders, partners, and investors, presenting a professional and consistent brand image with multilingual support in English, Russian, and Estonian. The business model focuses on pharmaceutical production and related services, positioning AS Kevelt as a reputable player in the Estonian healthcare sector. Technically, the website is built on WordPress CMS using a modern tech stack including Bootstrap, jQuery, Google Maps API, and several plugins such as Yoast SEO and Contact Form 7. The site is mobile-optimized with good SEO practices and moderate performance. Hosting and domain registration are managed by Zone Media OÜ, a legitimate Estonian registrar, with the domain active since 2010, aligning with the company's history. From a security perspective, the site enforces HTTPS and integrates Google reCAPTCHA v3 for form protection. However, it lacks several security headers and does not publish a security or incident response policy. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is partial, with no cookie consent mechanism or detailed privacy policy visible, which could be improved to meet GDPR standards fully. Overall, AS Kevelt's website demonstrates a solid business presence with good technical implementation and a moderate security posture. Strategic improvements in privacy compliance and security policy transparency would enhance trust and regulatory adherence, supporting the company's professional image and operational security.

D

DUX

dux.ee

0

DUX is a small, established UX and UI design studio based in Estonia, founded in 2014. They specialize in creating digital experiences including mobile and desktop applications, websites, e-commerce platforms, and SaaS products. Their portfolio showcases over 200 projects, targeting NGOs, startups, SMEs, and global/local leaders, positioning them as a reputable design partner in the technology sector. The website is professionally designed with excellent content quality and clear navigation, reflecting a mature digital presence. Technically, the site uses modern JavaScript libraries, Google Analytics, and Google Tag Manager, hosted by Elkdata OÜ, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and no exposed sensitive data, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

R

Riigi Kinnisvara AS

rkas.ee

0

Riigi Kinnisvara AS is a state-owned enterprise responsible for managing and developing Estonia's public real estate portfolio. The company focuses on efficient property management, environmental sustainability, and supporting public sector clients through various services including leasing, sales, and technical requirements for buildings. The website reflects a professional government entity with clear communication and comprehensive service offerings. Technically, the site is built on Drupal 10 with modern libraries ensuring good performance and accessibility. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the domain registration and website content align well, indicating a trustworthy and legitimate online presence.

Infonet AS is a well-established Estonian Internet Service Provider operating since 1993, offering a broad range of telecommunications services including high-speed internet, digital television, hosting, domain registration, virtual servers, and mobile telephony. The company targets both residential and business customers within Estonia, positioning itself as a reliable local ISP with a TIER 3 compliant data center partner. The website reflects this business focus with clear service offerings and contact information. Technically, the website uses legacy JavaScript libraries such as jQuery 1.5.2 and several jQuery plugins, indicating a need for modernization to improve security and performance. The site is served over HTTPS with no blocking mechanisms detected, but lacks advanced security headers and uses outdated libraries that pose potential vulnerabilities. Privacy compliance is addressed with a cookie consent banner and a privacy policy page, though GDPR compliance indicators could be enhanced. Business credibility is strong, supported by consistent WHOIS data and transparent contact details. Overall, the website is functional and trustworthy but would benefit from technical and security updates.

Sportlyzer LLC. operates a SaaS platform focused on player development and team management software tailored for youth and amateur sports clubs. The platform facilitates membership management, invoicing, attendance tracking, communication, and athlete homework assignments, serving coaches, managers, players, and parents globally. The company maintains a professional web presence with mobile apps on iOS and Android, and a consistent brand image emphasizing ease of use and comprehensive sports club management. The website content is well-structured, informative, and targets sports organizations seeking digital management solutions. Technically, the website employs modern JavaScript frameworks and integrates multiple marketing and analytics tools such as Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile-optimized and uses HTTPS exclusively, ensuring secure data transmission. However, some security best practices like security headers and cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. From a security perspective, the site shows no signs of vulnerabilities or exposed sensitive data. The lack of WHOIS data transparency is a moderate concern but does not outweigh the professional presentation and trust signals on the site. Privacy and terms of service pages are present and comprehensive, indicating attention to compliance, though explicit cookie consent is absent. Overall, the security posture is good but could benefit from additional transparency and policy disclosures. Strategically, Sportlyzer is positioned as a specialized SaaS provider in the sports management niche with a solid user base and positive testimonials. The company should focus on improving security headers, cookie consent, and publishing incident response policies to strengthen trust and compliance. Enhancing WHOIS transparency or providing verified domain registration details would also improve legitimacy perception.

B

Bellcom Estonia

bellcom.ee

0

Bellcom Estonia is a small but established technology service provider specializing in custom website development, hosting, and technical support. Founded in 2013, the company serves businesses and organizations seeking agile and innovative digital solutions. Their market position is supported by a portfolio of case studies and client testimonials, emphasizing their expertise in Drupal and other web technologies. Technically, the website is built on Drupal 8 with modern frontend libraries such as Bootstrap and jQuery, and integrates Google Analytics with IP anonymization for user tracking. The site is mobile optimized and presents a professional user experience. Security posture is moderate; while HTTPS usage is assumed but not confirmed, no security headers or explicit security policies are published, representing an area for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is credible and trustworthy but would benefit from enhanced security and privacy disclosures.

D

Delfi Meedia AS

ekspress.ee

0

Eesti Ekspress, operated by Delfi Meedia AS, is a leading Estonian investigative and analytical news portal targeting discerning readers who value in-depth journalism and diverse perspectives. The website leverages modern web technologies including Nuxt.js and Vue.js, and integrates multiple advertising and tracking services from reputable providers. The site is well-structured, mobile-optimized, and maintains a professional design with consistent branding. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response contacts are not prominently provided. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the website demonstrates a mature digital presence with high trustworthiness and business credibility.

H

HELMES

helmes.ee

0

Helmes is a well-established software development company specializing in custom software solutions, digital transformation, and consulting services. With over 30 years of experience and a global presence spanning 20 offices, Helmes serves more than 500 international clients including major organizations such as Airbus, Telia, OECD, and CERN. Their service portfolio includes mobile app development, legacy software modernization, data analytics, design, and cybersecurity services, positioning them as a comprehensive digital innovation partner for enterprises. Technically, the website is built on WordPress with modern SEO practices implemented via Yoast SEO. It integrates multiple analytics and consent management tools such as Google Analytics, Microsoft Clarity, Google Tag Manager, and Conseno for GDPR compliance. The site is mobile-optimized, accessible, and demonstrates good performance, although some security headers are not explicitly detected. The company holds ISO certifications (27001, 9001, 14001), reflecting a strong commitment to security and quality management. From a security perspective, Helmes employs HTTPS, Google reCAPTCHA, and a consent management platform to protect user data and ensure compliance. However, the absence of WHOIS registration data and lack of visible incident response contacts or security.txt file slightly reduce the overall trust score. No critical vulnerabilities or exposed sensitive data were detected in the analysis. Overall, Helmes presents a professional, trustworthy, and technically mature digital presence suitable for enterprise clients. Strategic recommendations include enhancing security headers, publishing incident response information, and verifying domain registration details to improve trust and compliance further.

D

Datanor OÜ

datanor.ee

0

Datanor OÜ is a specialized software company based in Estonia, delivering custom enterprise software, mobile applications, and Single Sign-On (SSO) solutions. With over 20 years of experience, the company serves leading Estonian enterprises, focusing on complex Java-based systems and modern mobile app frameworks such as React Native and Flutter. Their market position is that of a trusted, experienced provider in the Estonian technology sector, targeting businesses requiring tailored software solutions. The website reflects a professional and consistent brand image, with clear service offerings and client references including Telia, LHV, and Coop. Technically, the website is built using modern frameworks including SvelteKit for the frontend, and leverages React Native and Flutter for mobile app development. Hosting and performance are optimized with Cloudflare services, ensuring fast load times and mobile responsiveness. SEO and accessibility are well addressed, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and uses Cloudflare Insights for monitoring. However, explicit security headers and a published security policy are absent, representing areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well handled with clear cookie consent mechanisms and a privacy policy aligned with GDPR requirements. Overall, the website and business demonstrate a mature digital presence with strong credibility and security posture. Strategic recommendations include enhancing security headers, publishing a formal security policy and incident response contacts, and implementing a vulnerability disclosure program to further strengthen trust and compliance.

E

Elektrilevi

elektrilevi.ee

0

Elektrilevi is Estonia's largest electricity network company, delivering power to nearly all homes and businesses across the country. The company operates a comprehensive digital infrastructure including customer self-service portals, network status maps, and outage reporting tools. Their website demonstrates a mature digital presence with modern technologies such as React and Next.js, supported by Cloudflare DNS services. The site is well-structured, mobile-optimized, and provides clear navigation and professional content. Security measures include HTTPS enforcement, security headers, and a robust cookie consent mechanism compliant with GDPR. However, explicit security policies and incident response contacts are not publicly disclosed, representing an area for improvement. Overall, Elektrilevi presents a strong business and technical profile with high trustworthiness and compliance.

H

HOOANDJA MTÜ

hooandja.ee

0

Hooandja is a well-established Estonian non-profit crowdfunding platform that enables creative, cultural, social, and community projects to find funding through public support. It holds a strong market position in Estonia with a significant number of successfully funded projects and a large supporter base. The platform offers project discovery, community engagement, and crowdfunding services primarily targeting individuals and organizations within Estonia. Technically, the website is built on Drupal 7, utilizing common web technologies such as jQuery, Google Analytics, Facebook Pixel, and Google Maps API. The site demonstrates moderate performance and basic mobile optimization. Security-wise, HTTPS is enforced, and basic input validation is implemented; however, the absence of security headers and cookie consent mechanisms indicates room for improvement in security posture and privacy compliance. Overall, the website is professional, trustworthy, and content-rich, but it would benefit from enhanced security practices and GDPR compliance measures.

P

Proekspert

proekspert.ee

0

Proekspert is an established technology company founded in 2005, specializing in full-cycle software services for device and machine manufacturers. Their offerings include smart product development, device-to-cloud connectivity, and digital services, positioning them as a key player in digital business transformation within the technology sector. The company targets B2B clients, particularly manufacturers seeking to enhance their products with software and connectivity solutions. Technically, the website is built on WordPress with multilingual support, leveraging modern tools such as Google Analytics, Google Tag Manager, and Cookiebot for analytics and privacy compliance. The site demonstrates good design quality, mobile optimization, and SEO practices, although accessibility features are basic. Security-wise, the site enforces HTTPS, uses clientTransferProhibited domain status, and implements cookie consent mechanisms, but lacks DNSSEC and explicit security headers. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website reflects a mature digital presence with room for improvement in security policies and contact transparency.

H

Hotel Telegraaf

telegraafhotel.com

0

Hotel Telegraaf is a luxury 5-star hotel located in Tallinn’s Old Town, operating under the Marriott Autograph Collection brand. The hotel offers upscale accommodation, spa services, fine dining at Restaurant Tchaikovsky, and event hosting facilities. It targets luxury travelers and business guests seeking premium hospitality experiences. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern libraries and SEO best practices, supported by Google Analytics and cookie consent mechanisms ensuring GDPR compliance. Security posture is strong with HTTPS and no visible vulnerabilities, though security headers could be improved. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and registration transparency, which impacts overall business credibility. Strategic verification of domain registration is recommended to reinforce trust. Overall, the site demonstrates a solid business and technical foundation with room for security and compliance enhancements.

T

Timbeter

timbeter.com

0

Timbeter is a forest technology company specializing in digital supply chain management solutions for the timber industry. Their offerings include AI-powered mobile applications and a cloud-based dashboard that enable accurate timber measurement, inventory management, and logistics planning. The company has established a strong global presence with clients in over 50 countries and has made over 2.1 million measurements, positioning itself as a leader in sustainable forestry technology. The website reflects a professional and consistent brand image with comprehensive content tailored to forestry professionals and government entities. Technically, the website is built using modern frameworks such as Astro and Bootstrap, ensuring fast performance and excellent mobile optimization. The use of cloud platforms and integration with third-party services like Calendly and Mailjet indicates a mature digital infrastructure. SEO and accessibility are well addressed, contributing to a positive user experience. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but lacks DNSSEC and explicit security headers. There is no visible cookie consent mechanism or published security policies, which are areas for improvement. No direct contact emails or phone numbers are provided, relying instead on an embedded contact form. Overall, the security posture is good but could be enhanced with additional best practices. The overall risk assessment is moderate to low, with no critical vulnerabilities detected. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent, and publishing incident response and vulnerability disclosure information to strengthen trust and compliance.

T

Tammiste Personalibüroo OÜ

tammistepersonal.ee

0

Tammiste Personalibüroo OÜ is an established Estonian recruitment and training company with over 25 years of experience. The company specializes in recruitment services, training programs, emotional intelligence assessments, coaching, and outplacement services. Their website reflects a professional and consistent brand image, targeting Estonian businesses and job seekers. The technical infrastructure is based on WordPress with Elementor, leveraging modern web technologies and tracking tools such as Google Tag Manager and Facebook Pixel. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though some security headers are missing. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service detected. Overall, the website is trustworthy and well-positioned in its market segment, though improvements in privacy and security documentation are recommended.

B

BCS Itera

itera.ee

0

BCS Itera is a medium-sized Estonian technology company specializing in consulting and implementing business software solutions including ERP, HRM, CRM, and BI systems. The company has a solid market position in the Baltic region, supported by partnerships and certifications such as the LS Retail Platinum Partner status. Their website reflects a professional and consistent brand image with good content quality and active client engagement. Technically, the site is built on WordPress with modern SEO and analytics tools, and it demonstrates good performance and mobile optimization. Security posture is strong with HTTPS and consent management in place, though explicit security headers and policies could be improved. Overall, the domain registration aligns well with the business claims, indicating legitimacy and trustworthiness.

F

Fontes PMP OÜ

fontes.ee

0

Fontes PMP OÜ is a well-established Estonian company specializing in talent management, recruitment, mentoring, and consulting services. With 35 years of experience, it holds a strong market position as a trusted partner for organizations seeking to develop and retain talent. The website reflects a professional and comprehensive digital presence, leveraging WordPress CMS and modern web technologies to deliver a fast, mobile-optimized, and accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms in place, though explicit security policies and incident response details are absent. Overall, the site demonstrates high business credibility and privacy compliance, supporting Fontes' reputation as a leading talent management consultancy in Estonia.

DF / DESIGN FACTORY is a small Estonian consulting and design firm established in 1992, specializing in innovation acceleration, brand and business model overhauls, and product and service design. The company targets corporate intrapreneurship teams and businesses seeking transformative growth. Their website is built on WordPress with modern plugins such as Elementor and Yoast SEO, reflecting a moderate level of digital maturity. The site is well-designed, mobile-optimized, and uses privacy-respecting analytics. Security posture is adequate with HTTPS enabled but lacks explicit security headers and formal privacy and cookie policies. No incident response or vulnerability disclosure information is provided, indicating room for improvement in security governance. Overall, the website is professional and trustworthy, with a domain registration consistent with the business profile.

O

Online store Bauhof

bauhof.ee

0

Bauhof is a large Estonian retail company specializing in construction, garden, tools, and interior finishing products. The company operates an e-commerce platform built on Vue Storefront 2, offering customers fast pickup and delivery options, flexible payment terms, and a customer-friendly return policy. The website demonstrates a good level of digital maturity with modern frameworks and a responsive design optimized for mobile users. Security posture is solid with HTTPS enforced and cookie consent managed via Cookiebot, though explicit security policies and incident response contacts are absent. Overall, the site is professional and trustworthy, with room for improvement in privacy compliance and security transparency.

Universal Industries is a manufacturing and product development company based in Estonia, offering comprehensive services from product analysis and design to final manufacturing. The company positions itself as a competent partner with a global client base, leveraging modern technologies and years of expertise. The website is built on the Weebly platform and uses common web technologies including jQuery and Google Analytics. While the site is accessible and provides relevant business information, it lacks critical privacy and security documentation such as privacy policies and cookie consent mechanisms. The security posture is moderate, with HTTPS enabled but using an outdated jQuery version and missing security headers. Overall, the website presents a professional image but would benefit from enhanced security and privacy compliance measures.

D

DPD

dpd.ee

0

DPD Estonia operates as a key parcel delivery service provider within Estonia and across Europe, under the larger Geopost group umbrella. The company offers comprehensive parcel sending, receiving, and tracking services tailored for both business and private customers. Their digital presence is well-established with a modern WordPress-based website featuring multilingual support and customer self-service portals such as myDPD. The website demonstrates good technical maturity with responsive design, modern frameworks, and integration of marketing and analytics tools. Security posture is solid with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly disclosed. The absence of WHOIS data for the main domain suggests privacy protection or proxy usage, which slightly impacts transparency but is common for large enterprises. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

T

Telema AS

telema.com

0

Telema AS is a well-established technology company specializing in Electronic Data Interchange (EDI) and e-invoicing services, primarily serving the Baltic region. With over 25 years of market presence and a strong reputation as a market leader, Telema offers automated business document exchange solutions that enhance operational efficiency for its clients. The company maintains a robust partnership ecosystem with over 40 certified ERP providers and supports global roaming for document exchange. Technically, the website is built on WordPress with modern plugins and libraries, providing a good user experience and mobile optimization. Security-wise, Telema demonstrates a solid posture with ISO 27001 certification and HTTPS enforcement, although some security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. Overall, the website reflects a credible and professional business with strong trust indicators and a mature digital presence.

A

Advokaadibüroo Concordia

concordia.ee

0

Advokaadibüroo Concordia is an established Estonian law firm founded in 2010, providing legal services primarily in Estonia and across the European Union through its membership in the European Law Firm network. The firm targets clients requiring professional legal representation and consulting services with a cross-border reach within the EU. The website reflects a professional and consistent brand image with clear contact details and multilingual support (Estonian and English). Technically, the website employs a modern technology stack including Laravel Livewire, Alpine.js, jQuery, and integrates Google reCAPTCHA for bot protection. The site is hosted by Zone Media OÜ, a known Estonian hosting provider, and uses HTTPS with a valid SSL configuration. Performance and mobile optimization are good, though accessibility features are basic. SEO is implemented at a basic level with meta tags and Open Graph properties. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, CSRF token usage, and a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No security headers were detected in the provided data, which could be improved to enhance security posture. Overall, the website is trustworthy and professionally maintained with a strong domain registration history consistent with the business claims. Recommendations include enhancing security headers, publishing formal security and incident response policies, and adding a vulnerability disclosure page to improve transparency and security maturity.

A

Welcome!

aluminium.ee

0

The website aluminium.ee currently serves as a default placeholder page with no substantive business content or branding. The domain is registered to Compic OÜ, an Estonian registrar, with a creation date in 2013, indicating a legitimate and established domain. However, the lack of any customized content, contact information, or policies suggests the site is either inactive or under initial development. The technical infrastructure is minimal, relying on basic HTML and CSS served via ISPConfig hosting, with no detected CMS or advanced frameworks. Security posture is weak due to absence of HTTPS and security headers, and no privacy or cookie policies are present, indicating non-compliance with GDPR and other privacy regulations. Overall, the site lacks trust signals and professional presentation, limiting its credibility and user trust.

Liewenthal Electronics Ltd. is a small Estonian engineering and R&D company specializing in embedded systems, electronics, and software design. With over 15 years of experience, the company serves diverse sectors including telecom, medical, industrial, aerospace, and consumer electronics. Their website reflects a professional B2B service provider with a clear portfolio of key services such as system design, software and electronics design, FPGA/PLD design, testing, and small volume production. The company holds ISO 9001 certification and is recognized as an AMD Adaptive Computing Partner, enhancing its market credibility. Technically, the website is built on WordPress with modern plugins like Yoast SEO and Slider Revolution, and uses Google Analytics and Tag Manager for analytics. The site is mobile optimized and has good SEO practices, though performance is moderate. Cookie consent is implemented via Cookiebot, but a domain authorization error is present, indicating a configuration issue. No WAF or blocking mechanisms were detected, and the site uses HTTPS with good SSL configuration. Security posture is moderate; HTTPS is enforced but lacks explicit security headers and dedicated security or incident response policies. No vulnerability disclosure or security.txt files were found. Privacy compliance is basic with a privacy policy present but no strong GDPR compliance indicators. Contact information is clearly provided, supporting business credibility. Overall, the website is trustworthy and professional but could improve security practices and privacy compliance. Strategic recommendations include fixing Cookiebot errors, adding security headers, publishing security and incident response policies, and implementing vulnerability disclosure mechanisms.

G

Guardtime OÜ

guardtime.com

0

Guardtime OÜ is an established technology company founded in 2005, specializing in blockchain-based data integrity and cybersecurity solutions primarily targeting governments and enterprises. Their flagship KSI blockchain platform enables frictionless value exchange in decentralized digital economies. The company maintains a professional and consistent web presence with clear branding and a focus on enterprise clients. Technically, the website is built on the Voog CMS platform, uses modern tracking and analytics tools such as Google Tag Manager, and is hosted with Cloudflare DNS services. The site is mobile optimized and demonstrates good SEO practices. Security-wise, the site enforces HTTPS and includes a cookie consent mechanism, but lacks DNSSEC and explicit security or incident response policies. No privacy policy page was found, which is a notable compliance gap. Overall, the domain registration data aligns well with the company information, indicating high legitimacy and trustworthiness.

The website regionaalhaigla.ee is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks direct access to the actual content. The domain is registered since 2010 with an Estonian registrar, consistent with the domain's regional healthcare focus. No business content, contact information, or compliance policies are visible in the provided HTML, limiting the ability to perform a full analysis. The technical infrastructure relies on Cloudflare services for security and performance, but the lack of accessible content prevents evaluation of the website's design, user experience, and compliance posture. Security headers and policies are not visible, and no forms or data collection mechanisms are present beyond the security challenge. Overall, the site appears legitimate based on WHOIS data but is currently inaccessible for detailed review.

L

Lumi Capital

lumicapital.eu

0

Lumi Capital is a Baltic real estate company specializing in the development and management of residential rental apartment buildings across Tallinn, Riga, and Vilnius. Managing a portfolio of approximately 2000 apartments, the company partners with institutional investors such as insurance companies and pension funds. Their business model focuses on long-term rental housing with an emphasis on sustainability, innovation, and digital services, positioning themselves as a preferred brand for urban renters valuing flexibility and community. Technically, the website is built on Joomla CMS with Bootstrap and jQuery frameworks, integrating Google Analytics for user tracking. The site is mobile-optimized and presents a professional design with clear navigation. While performance is moderate, the technical stack is modern and well-maintained. From a security perspective, the site enforces HTTPS and obfuscates email addresses to reduce spam. However, it lacks explicit security headers and published security policies or incident response contacts. Privacy compliance is partial, with a cookie consent banner present but no dedicated privacy or terms of service pages. The WHOIS data is unavailable due to EURid privacy restrictions, but the website content and business information appear legitimate and consistent. Overall, Lumi Capital's digital presence reflects a professional real estate business with good technical implementation and moderate security posture. Enhancements in privacy documentation, security headers, and incident response transparency would strengthen trust and compliance.

S

Sihtasutus Tartu Ülikooli Kliinikum

kliinikum.ee

0

Tartu Ülikooli Kliinikum is a leading university hospital in Estonia providing comprehensive healthcare services including emergency care, specialist consultations, and patient digital services. The institution is well-positioned in the Estonian healthcare sector with recognized clinical quality, evidenced by awards such as the ESO Angels diamond status. The website targets patients, healthcare partners, and medical professionals, offering extensive information and digital tools for patient engagement. Technically, the site is built on WordPress with modern libraries and frameworks, ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS enforcement and CAPTCHA integration, though additional security headers and formal security policies could enhance protection. Privacy compliance is evident with clear privacy and cookie policies, though consent mechanisms could be improved. WHOIS data confirms the legitimacy and consistency of the domain registration with the organization's public identity. Overall, the website is professional, trustworthy, and functional, supporting the institution's mission effectively.

T

tõlkebüroo Interlex

interlex.ee

0

Tõlkebüroo Interlex is a well-established Estonian translation bureau founded in 2010, offering a wide range of professional translation and interpreting services including written, oral, AI-assisted, and sworn translations. The company holds internationally recognized certifications ISO 17100 and ISO 18587, underscoring its commitment to quality and industry standards. Their market position is strong within Estonia and internationally, supported by a diverse client base and subsidiary operations such as Dussan OÜ specializing in sworn interpreting. The website reflects a mature digital presence with multilingual support, professional design, and comprehensive service descriptions.

Credy operates as a financial affiliate network specializing in consumer loans and credit products across multiple countries. The company connects publishers and advertisers to lenders, facilitating lead generation and monetization in the consumer credit market. The website presents a professional and modern interface targeting publishers and advertisers, emphasizing its leadership in several international markets. Technical infrastructure is based on common frontend frameworks such as Bootstrap and jQuery, with mobile responsiveness and moderate performance. Security posture is moderate with HTTPS assumed but lacking explicit security headers and privacy policies. The absence of WHOIS registration data for the domain is a significant concern, impacting trust and legitimacy assessments. Overall, the website is functional and business-oriented but requires improvements in compliance and security transparency.

E

Eesti Rahva Muuseum

erm.ee

0

Eesti Rahva Muuseum (ERM) is a prominent national museum in Estonia dedicated to preserving and showcasing Estonian ethnography, culture, and history. Operated under the Estonian Ministry of Education and Research, ERM offers a wide range of exhibitions, educational programs, events, and visitor services including a restaurant and retail shop. The museum targets a broad audience including the general public, educators, researchers, and cultural enthusiasts, positioning itself as a leading cultural institution in Estonia. Technically, the website is built on Drupal CMS with modern web technologies such as jQuery, Bootstrap, and various JavaScript libraries for enhanced user experience. It integrates analytics and marketing tools like Google Analytics, Google Tag Manager, and Facebook Pixel, demonstrating a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS and employs Google reCAPTCHA on forms to prevent abuse. However, it lacks some security headers that could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is evident through a GDPR-compliant privacy policy, though a cookie consent mechanism is not clearly present. Overall, ERM's website reflects a professional, trustworthy, and well-maintained digital presence suitable for a government cultural institution. The domain registration aligns with the official entity, reinforcing legitimacy. Strategic improvements in security headers and cookie consent transparency could further strengthen the site's security and compliance posture.

B

BLRT Grupp

blrt.ee

0

BLRT Grupp is a leading industrial holding company in the Baltic Sea region, managing over 50 subsidiaries across multiple countries including Estonia, Latvia, Lithuania, Poland, Ukraine, Finland, and Norway. The company operates in diverse sectors such as shipbuilding, ship repair, manufacturing of high-tech equipment, metal processing, mechanical engineering, transport services, equipment rental, port and stevedoring services, industrial and medical gas production, casting production, and real estate development. Their market position as the largest industrial holding in the Baltics is supported by a broad portfolio and extensive regional presence. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery, Swiper.js, and Fancybox, and integrates Google Tag Manager and Google Analytics for marketing and analytics purposes. The site is hosted with Cloudflare DNS and uses HTTPS with good SSL configuration, providing a secure browsing experience. Mobile optimization and SEO practices are implemented at a good level, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA v3 to protect forms. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no published security or incident response policies are found. Cookie consent mechanisms are in place, indicating GDPR compliance, but more comprehensive privacy and security documentation could enhance trust. Overall, the website reflects a professional and credible industrial business with a solid digital presence. The domain registration data aligns well with the business claims, reinforcing legitimacy. Strategic improvements in security policy transparency and enhanced security headers are recommended to strengthen the security posture and compliance.

T

Telia Eesti AS

telekom.ee

0

Telia Eesti AS operates as a leading telecommunications provider in Estonia, offering a comprehensive range of services including mobile telephony, home internet, TV packages, and IT solutions for both private individuals and businesses. The website reflects a mature digital presence with multi-language support and a strong brand identity consistent with Telia's corporate standards. The company targets a broad audience encompassing both consumers and enterprises, positioning itself as a one-stop-shop for telecommunications and digital services in Estonia. Technically, the website leverages modern web technologies such as React, integrates advanced consent management via Cookiebot, and employs Google Tag Manager and Telia's own RUM agent for analytics and performance monitoring. The site is well-optimized for mobile devices and demonstrates good SEO and accessibility practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS with strong SSL configurations and implements key security headers to protect users. Cookie consent mechanisms are in place, aligning with GDPR requirements. However, explicit security policies, incident response procedures, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement in transparency and security maturity. Overall, the website and business exhibit a high level of professionalism, trustworthiness, and compliance with privacy regulations. The absence of blocking mechanisms or WAF challenges allows for full content accessibility and analysis. Strategic recommendations include publishing detailed security policies, establishing clear incident response contacts, and enhancing vulnerability disclosure practices to further strengthen security posture and stakeholder trust.

F

Footshop a.s.

footshop.ee

0

Footshop a.s. operates a professional e-commerce platform specializing in sneakers, sportswear, and accessories, targeting consumers interested in popular brands such as adidas, Nike, Converse, and Vans. The company holds a strong market position in Estonia and several European countries, offering a broad product range with features like free returns and a loyalty program. The website is well-branded, consistent, and designed to provide a good user experience with clear navigation and mobile optimization. Technically, the site leverages modern technologies including Google Tag Manager, Cookiebot for consent management, Typekit fonts, and React components, likely built on the PrestaShop CMS platform. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response contacts are not clearly published. Privacy compliance is robust, with a comprehensive privacy policy and cookie consent banner adhering to GDPR standards. Overall, the site demonstrates a mature digital presence with good business credibility and trust indicators.

E

Ellex Raidla Advokaadiburoo OU

ellex.legal

0

Ellex Raidla Advokaadiburoo OU is a leading international law firm based in the Baltic region, with a strong presence in Estonia, Latvia, and Lithuania. The firm offers a wide range of legal services including transactional, disputes, regulatory, and industry-specific advisory, supported by over 30 years of experience and a team of more than 250 professionals. Their market position is reinforced by international recognition and comprehensive service offerings tailored to diverse sectors such as banking, energy, technology, and real estate. The website reflects a professional and modern digital presence, leveraging WordPress CMS with advanced cookie consent management and multi-language support to cater to their regional audience. The technical infrastructure is robust, with fast performance, mobile optimization, and SEO best practices implemented effectively. Security posture is strong with HTTPS enforced, cookie consent mechanisms, and obfuscated contact details, though there is room for improvement in security headers and explicit security policies. Overall, the site demonstrates high business credibility and compliance with GDPR, supporting trust and transparency. Strategic recommendations include enhancing security headers, publishing a dedicated security policy, and establishing incident response contacts to further strengthen security and compliance frameworks.

P

Pineparks Technologies

blueglass.ee

0

Pineparks Technologies is a professional web development and e-commerce service provider based in Estonia, founded in 2015. The company offers a broad range of services including custom software development, web development, WordPress solutions, mobile app development, and UX/web design. They maintain a strong market position with international business entities in London and Switzerland, supported by recognized industry awards. Their website reflects a mature digital presence with modern technologies and a focus on performance and user experience. Security practices include HTTPS enforcement, CAPTCHA protection on forms, and consent management for cookies, although explicit security policies and incident response details are not publicly available. Overall, Pineparks demonstrates a high level of professionalism, technical maturity, and business credibility.

N

NoCliche OÜ

nocliche.dev

0

NoCliche OÜ is a small Estonian web studio specializing in custom website design, web application development, and progressive web apps. They target small and medium businesses, offering premium, tailor-made web products with a focus on human creativity and avoiding templates or AI-generated content. The company leverages outsourcing and a lean business model to offer competitive pricing. Technically, the website uses a modern tech stack including HTML5, CSS3, JavaScript frameworks like React and Vue, and backend technologies such as PHP, NodeJS, and Python. The site is well-structured, mobile-optimized, and includes multiple contact channels and portfolio links. Security posture is good with HTTPS and secure forms, but lacks some security headers and cookie consent mechanisms. Overall, the site is professional, trustworthy, and compliant with GDPR through a privacy policy. WHOIS data confirms the legitimacy of the company with consistent registration details matching the website's claims.