Security Directory

A

AirProxy AS

airproxy.eu

0

AirProxy AS is a specialized General Sales and Service Agent (GSSA) company with 30 years of experience serving passenger and cargo airlines in the Baltic region through offices in Tallinn, Riga, and Vilnius. The company focuses on providing representation and support services to airlines, positioning itself as a trusted partner in the transportation sector. The website is built on WordPress and employs standard web technologies, offering a professional and consistent user experience with good mobile optimization and navigation clarity. However, the site lacks critical privacy and cookie policies, contact information, and security headers, which impacts its overall security posture and privacy compliance. HTTPS is properly implemented, ensuring secure communication. The absence of analytics and tracking scripts suggests minimal user tracking, aligning with privacy best practices. Overall, the website reflects a credible small business with room for improvement in security and compliance documentation.

C

Cargo Handling AS

ch.ee

0

Cargo Handling AS is an Estonian-based small transportation and logistics company specializing in cargo handling and storage services for international air and road carriers, freight forwarders, and companies engaged in international trade. The company also offers customs warehouse and excise warehouse services. The website is built on WordPress using the Divi theme, indicating a moderate level of digital maturity with a focus on clear presentation and multilingual support (Estonian and English). Security posture is adequate with HTTPS enabled, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and functional but could improve in privacy and security transparency to enhance trust and compliance.

O

Opetus- ja kulttuuriministeriö

minedu.fi

0

Opetus- ja kulttuuriministeriö (OKM) is the Finnish Ministry of Education and Culture responsible for national policies in education, science, culture, sports, youth work, archives, museums, libraries, and religious affairs. The ministry serves Finnish citizens, educational institutions, cultural organizations, and researchers by providing policy guidance, funding, and regulatory oversight. The website reflects a mature digital presence with a modern CMS (Liferay), responsive design, and multilingual support, indicating a high level of digital maturity. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and no evident vulnerabilities, although DNSSEC is not implemented. Overall, the site is trustworthy, professionally maintained, and compliant with privacy regulations.

K

KiVa / Tenz

kivaschool.be

0

The website www.kivaschool.be represents the KiVa anti-bullying program operated by Tenz in Belgium, supported by recognized educational institutions. It provides comprehensive information about the program, resources for schools, parents, and educators, and includes a webshop and training offerings. The site is well-structured with consistent branding and clear navigation, targeting educational stakeholders in Flanders. Technically, the site uses a custom CMS (Ambacht CMS) with common web technologies such as jQuery, Bootstrap 3, and Select2, and integrates Google Analytics and ReadSpeaker for accessibility. Security posture is moderate with no visible security headers and unknown SSL configuration, but it implements a detailed cookie consent mechanism. WHOIS data is unavailable due to registry restrictions, which reduces transparency but the site content and contact details support legitimacy. Overall, the site is professional and functional with room for improvement in security and privacy policy disclosures.

K

KiVa

kivaschool.nl

0

KiVa is an established educational program focused on promoting social safety and positive group dynamics in schools, primarily in the Netherlands. The website presents a comprehensive and scientifically backed anti-bullying program, supported by certified trainers and a large network of schools and teachers. The digital infrastructure leverages modern web technologies including jQuery, Bootstrap, Google Maps API, and tracking tools such as Google Analytics and Facebook Pixel, indicating a mature digital presence. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-positioned in the education sector.

Lemonway is a French licensed payment institution specializing in providing modular and compliant payment solutions tailored for marketplaces and crowdfunding platforms. Established since 2012 and trusted by over 400 marketplaces including major clients like Decathlon and SNCF Connect & Tech, Lemonway offers a comprehensive suite of services including Pay-In, Identification (KYC), Wallet management, Pay-Out, and an intuitive Dashboard. Their API-centric approach enables seamless integration and control over payment flows, supporting multiple currencies and payment methods. The company emphasizes security, compliance, and user experience, backed by ACPR licensing and PCI DSS compliance. Technically, the website leverages modern frameworks such as Next.js and React, with robust analytics and tracking tools implemented responsibly with user consent. Security posture is strong with HTTPS, security headers, and secure forms, although explicit security policies and incident response details are not publicly disclosed. WHOIS data is missing or obscured, likely due to privacy protection, which slightly impacts trust but is common in regulated financial sectors. Overall, Lemonway presents a professional, secure, and mature digital presence aligned with its business objectives.

F

FinanceEstonia

financeestonia.eu

0

FinanceEstonia is a well-established umbrella organization representing the Estonian financial sector, with over 90 members from both private and public sectors. The organization focuses on advocacy, fostering innovation, and supporting the growth of fintech and capital markets in Estonia. The website reflects a mature digital presence built on WordPress, with good SEO and mobile optimization. Security posture is solid with HTTPS and secure forms, though it lacks explicit security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy, supporting FinanceEstonia's role as a key industry player.

M

Moncera OU

moncera.com

0

Moncera OU operates an investment platform based in Estonia that enables investors to invest in assigned loan claims with buyback guarantees, offering returns up to 12%. The platform is part of the Placet Group, a financial services conglomerate with over 15 years of experience and multiple subsidiary brands across Estonia, Lithuania, and Poland. Moncera targets retail investors seeking passive income through diversified loan investments. Technically, the website employs modern JavaScript libraries such as jQuery and Handlebars, integrates Google Analytics and Facebook Pixel for tracking, and provides a responsive, well-structured user experience. Security posture is solid with HTTPS enforced and domain transfer protections, though some security headers and formal security policies are absent. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, Moncera presents a trustworthy and professional online presence with strong business credibility and moderate technical sophistication.

S

Suomi (fi)

kivakoulu.fi

0

KiVa Koulu is an anti-bullying program developed by the University of Turku, widely adopted in Finnish primary schools and internationally in over 20 countries. The website serves as an educational and informational platform targeting schools, teachers, students, and parents, providing resources, research, and program participation information. The business model is non-profit and education-focused, with strong institutional backing and a reputable market position in the education sector. Technically, the website is built on WordPress with modern frontend technologies including jQuery and DustPress JS. It demonstrates good mobile optimization, accessibility, and SEO practices. Cookie consent is managed via Cookiebot, indicating GDPR compliance. Performance is moderate with no blocking or WAF detected, and HTTPS is enforced. Security posture is solid with HTTPS and cookie consent mechanisms in place, but lacks explicit security headers and incident response contact information. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with a comprehensive privacy policy and cookie consent. Overall, the website is trustworthy, professional, and well-maintained, with minor recommendations to enhance security headers and incident response transparency to further strengthen its security and compliance posture.

A

ACE Logistics Group AS

acegroup.ee

0

ACE Logistics Group AS is a well-established logistics company operating primarily in the Baltic states and neighboring countries. Founded in 1992, the group comprises multiple subsidiaries specializing in logistics, freight forwarding, cargo handling, sales agency, and real estate services. The company positions itself as a regional leader in logistics services, targeting businesses requiring comprehensive logistics solutions in Estonia, Latvia, Lithuania, and Ukraine. The website reflects a professional and consistent brand image with clear business information and contact details. Technically, the website is built on WordPress using Visual Composer, leveraging common libraries such as jQuery and Bootstrap. The site is mobile-optimized and performs moderately well, with good SEO practices and accessibility at a basic level. HTTPS is enforced, ensuring secure communications, though the absence of security headers and cookie consent mechanisms indicates room for improvement in security and privacy compliance. From a security perspective, the site demonstrates a solid baseline with HTTPS but lacks advanced security headers and incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy policies exist but lack explicit GDPR consent mechanisms. The absence of terms of service and incident response contacts suggests gaps in compliance and security readiness. Overall, the website is credible and trustworthy, with a strong business presence and good technical implementation. Strategic improvements in security headers, privacy compliance, and incident response transparency would enhance the security posture and regulatory adherence.

A

ACE Logistics Ukraine LLC

acelogistics.ua

0

ACE Logistics Ukraine LLC is a small transportation and logistics company based in Ukraine, specializing in international freight forwarding services including road, air, and sea transport, customs brokerage, cargo insurance, and warehousing. The company targets businesses requiring efficient and professional logistics solutions with a focus on individual customer needs. Their website is built on WordPress using common plugins and libraries, providing a good user experience with clear navigation and relevant content. However, the site lacks critical compliance documentation such as privacy and cookie policies, and does not disclose security or incident response policies. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosure mechanisms. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. The website uses Google Analytics and Google Tag Manager for tracking, indicating moderate user tracking without clear privacy compliance disclosures.

The website ace.lt appears to be a small Lithuanian domain registered since 1997 under the registrar UAB "BALTNETOS KOMUNIKACIJOS". The site is built on WordPress but currently suffers from visible PHP warnings and errors related to the revslider plugin, indicating outdated or incompatible code. There is no accessible business content, contact information, or privacy and cookie policies, which significantly limits the ability to assess the business model or services offered. The technical infrastructure shows signs of neglect with poor performance and no visible security best practices implemented. Security posture is weak due to exposed PHP warnings and lack of security headers or HTTPS confirmation. Overall, the site is accessible but of very low quality and professionalism, with critical issues that impact trust and compliance.

A

ACE Logistics Latvia SIA

ace.lv

0

ACE Logistics Latvia SIA is a medium-sized logistics and freight transportation company based in Latvia, operating as part of the ACE Logistics Group with subsidiaries in Estonia, Lithuania, and Ukraine. The company offers a broad range of transportation services including road, air, sea, and rail freight, complemented by customs documentation, warehousing, and cargo insurance. Their market position is that of an established regional player with international reach, supported by ISO 9001 and ISO 14001 certifications that demonstrate commitment to quality and environmental standards. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive service information. Technically, the website is built on WordPress using popular plugins such as WPBakery Page Builder and Slider Revolution. It integrates Google Analytics and Facebook SDK for tracking and marketing purposes. The site performs moderately well with good SEO practices and basic accessibility features. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though security headers could be enhanced and legacy jQuery usage updated to reduce risk. No explicit incident response or vulnerability disclosure mechanisms are present, which could be improved to enhance security transparency. Contact information is clearly provided, including phone numbers, email, and physical address, supporting business credibility. Overall, the site reflects a trustworthy and professional logistics provider with room for security and compliance enhancements. Strategic recommendations include implementing stronger security headers, updating legacy scripts, publishing incident response contacts and vulnerability disclosure policies, and continuing to enhance privacy compliance and user trust through transparent communication.

A

AS Äripäev

raamatupidaja.ee

0

Raamatupidaja.ee is a well-established Estonian media portal specializing in accounting, tax, and labor law news. Operated by AS Äripäev, it serves professionals in accounting and finance sectors with news, expert advice, podcasts, and training services. The website demonstrates a mature digital infrastructure using modern web technologies such as React and Next.js, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response information are not publicly available. The site complies with GDPR and provides clear privacy and cookie policies. Overall, Raamatupidaja.ee presents a trustworthy and professional online presence with a solid market position in Estonia's business media landscape.

E

Eesti Väike- ja Keskmiste Ettevõtjate Assotsiatsioon

evea.ee

0

EVEA (Eesti Väike- ja Keskmiste Ettevõtjate Assotsiatsioon) is a well-established non-profit business association founded in 1988, representing the interests of small and medium-sized enterprises in Estonia. The organization provides a broad range of services including legal advice, financial consulting, and networking opportunities, positioning itself as the largest SME advocacy group in Estonia. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its target audience of Estonian SMEs. Technically, the website is built on WordPress with WooCommerce and uses modern frameworks such as UIkit and analytics tools like Google Analytics via MonsterInsights. The site is hosted by Elkdata OÜ, an Estonian hosting provider, and demonstrates good mobile optimization and SEO practices. Performance is moderate with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for forms, but lacks explicit security headers and documented security policies or incident response plans. Privacy and cookie policies are present and GDPR compliant, indicating a basic level of privacy compliance. No critical vulnerabilities or suspicious patterns were detected. Overall, the website presents a trustworthy and credible digital presence for EVEA, with a solid foundation in business credibility and technical implementation. Strategic improvements in security headers, accessibility, and formal security policies would enhance the security posture and compliance maturity.

O

Online Solution (supported by SAVEALITY)

ano-phone.de

0

ANO-PHONE is a German-based small technology business specializing in secure, encrypted Android smartphones with integrated private VPN services. The company targets privacy-conscious consumers seeking enhanced mobile security and anonymity. Their product offers hardware encryption, secure communication channels, and control without backdoors or remote access. The website is built on WordPress with WooCommerce, featuring good content quality and a professional design. Technical infrastructure includes Cloudflare DNS and common analytics and advertising tools. Security posture is solid with HTTPS and no exposed sensitive data, though explicit security headers and policies are lacking. Privacy compliance is partial, with cookie consent implemented but no dedicated privacy policy page found. Contact information is limited to an email address, with no phone or physical address provided. Overall, the domain and website appear legitimate and consistent with the business claims.

O

Online Solution 360 GmbH

ano-phone.com

0

ANO-PHONE is a specialized provider of secure encrypted smartphones integrated with private VPN services, targeting privacy-conscious users and security-focused consumers. The company operates an e-commerce platform selling purified Android-based smartphones with hardware encryption, secure communication tools, and cryptocurrency wallet support. The business is positioned as a niche player in the technology sector, emphasizing privacy and security. The website is professionally designed, mobile-optimized, and includes essential business and contact information, although phone numbers and physical addresses are not explicitly listed. Technically, the site uses WordPress with WooCommerce, Google Analytics, and Cloudflare DNS, delivering moderate performance and good SEO optimization. Security posture is solid with HTTPS and client transfer protection on the domain, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is supported by a cookie consent mechanism and a privacy policy indicating GDPR adherence. Overall, the website and domain registration data indicate a legitimate and trustworthy business presence.

O

Online Solution 360 GmbH

securecommerce.eu

0

SecureCommerce, operated by Online Solution 360 GmbH, is a specialized cybersecurity service provider focused on protecting online stores and e-commerce platforms. The company offers managed firewall, DDoS protection, malware scanning, and monitoring services tailored to popular e-commerce systems such as Magento, WooCommerce, and Shopware. Their market position is that of a niche provider delivering Security-as-a-Service solutions to online merchants primarily in Germany. The website is professionally designed using WordPress and modern web technologies, providing a good user experience and clear navigation. Contact information and cookie consent mechanisms are well implemented, though privacy and terms policies are missing. Technically, the site uses reputable hosting via OVH SAS and integrates Google Analytics and Tag Manager for tracking. Security posture is moderate with room for improvement in security headers and published policies. Overall, the domain registration and business information are consistent and legitimate, supporting a trustworthy online presence.

O

Online Solution 360 GmbH

cdn-solution.net

0

Online Solution 360 GmbH operates the website cdn-solution.net, providing full service hosting, cyber security, and content delivery network solutions with a focus on eco-friendly data centers. The company targets businesses requiring advanced hosting and CDN services, emphasizing sustainability and innovative technologies such as GeoDNS, load balancing, and AI-driven energy efficiency. The website is professionally designed using WordPress CMS, hosted on Linode infrastructure, and includes a cookie consent mechanism compliant with GDPR. Contact information and company registration details are clearly presented, enhancing business credibility. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though DNSSEC is not enabled and security headers are missing, representing areas for improvement. No WAF or blocking mechanisms were detected, allowing full content access and analysis.

N

Noatum Logistics

noatumlogistics.com

0

Noatum Logistics operates as a global transport and logistics solutions provider, positioned among the top 50 freight forwarders worldwide. Their services encompass air, ocean, road, and rail freight, along with customs brokerage, warehousing, and value supply chain services. The website reflects a professional and consistent brand presence targeting businesses requiring comprehensive logistics solutions. Technically, the site is built on WordPress with modern plugins and SEO tools, ensuring good performance and mobile optimization. Security measures include HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers and explicit privacy policies are missing. The absence of WHOIS registration data raises concerns about domain legitimacy, though the website content and infrastructure appear credible. Overall, the site demonstrates a mature digital presence with room for improvement in transparency and security best practices.

M

Miami International Holdings, Inc.

miaxoptions.com

0

Miami International Holdings, Inc. operates a global exchange group providing access to U.S. and international capital markets through multiple electronic exchanges specializing in options, equities, futures, and international securities. The company leverages award-winning technology platforms to deliver superior customer service tailored to financial market participants. The website reflects a mature business with a broad market presence and a diverse product portfolio. Technically, the website is built on Drupal CMS with modern frameworks like Bootstrap and uses advanced charting libraries such as Highcharts. It integrates Google Tag Manager and Analytics for tracking and marketing purposes. The site is mobile-optimized and offers good navigation and content quality, although some accessibility features could be improved. From a security perspective, the site enforces HTTPS and uses secure forms with CSRF tokens. However, there is a lack of visible security headers and no published security or incident response policies. Privacy compliance is minimal with no explicit privacy or cookie policies detected on the main page. The absence of WHOIS data raises concerns about domain registration transparency, which impacts trustworthiness. Overall, the website presents a professional and credible business front but should improve transparency around domain registration and privacy compliance to enhance trust and security posture.

MEMX is a U.S.-based financial technology company operating regulated securities exchanges for equities and options. The company also offers a customizable exchange technology platform delivered as a SaaS solution, enabling other market operators to launch exchanges quickly. Positioned as an innovative alternative exchange operator, MEMX emphasizes efficiency, transparency, and cost reduction in capital markets trading. The website reflects a professional and consistent brand with clear messaging targeted at market participants and exchange members. Technically, the website leverages modern JavaScript frameworks such as Vue.js, integrates analytics and marketing tools like Google Tag Manager and Mailchimp, and is hosted on infrastructure associated with GoDaddy. The site is mobile-optimized, accessible, and SEO-friendly, with good performance metrics. Security is well implemented with HTTPS and no exposed sensitive data, though some security headers are missing and DNSSEC is not enabled. From a security posture perspective, MEMX demonstrates strong fundamentals but lacks explicit public security policies, incident response contacts, and cookie consent mechanisms, which may impact privacy compliance, especially under GDPR. The WHOIS data confirms a long-established domain with consistent registration details, supporting the legitimacy of the business. Overall, MEMX presents a credible and professional online presence with solid technical infrastructure and a good security baseline. Enhancements in privacy compliance and security transparency would further strengthen trust and regulatory alignment.

C

Cboe Global Markets

cboe.com

0

Cboe Global Markets operates as a leading global financial market infrastructure provider, offering a broad range of tradable products including equities, options, futures, and volatility indices. The company serves a diverse audience of market participants, including traders, investors, and financial institutions, with a strong market position in the U.S. and international markets. Their business model centers on operating multiple exchanges, providing market data, clearing services, and listing opportunities for corporates and ETFs. Technically, the website employs modern web technologies such as React, Google Tag Manager, and Highcharts, ensuring a responsive and accessible user experience. The site is well-optimized for SEO and mobile devices, with comprehensive content and clear navigation. Privacy and cookie policies are implemented with consent mechanisms, reflecting good privacy compliance. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes security headers. However, explicit security policies, incident response information, and vulnerability disclosure mechanisms are absent, representing areas for improvement. The lack of WHOIS registration data reduces transparency but does not significantly detract from the site's legitimacy given the professional presentation and extensive business information. Overall, the website demonstrates a mature digital presence with strong business credibility and security posture, though enhancements in transparency and direct contact information would further strengthen trust and compliance.

B

BOX Options

boxoptions.com

0

BOX Options Market LLC operates a fully automated electronic options exchange specializing in trading OCC issued standardized options on equities and ETFs. The company emphasizes technological innovation and transparency to provide a reliable marketplace for options traders. The website reflects a mature business with a domain age of approximately 8 years and a clear market presence in the financial sector. The target audience includes institutional investors, market participants, and potential members interested in options trading technology and services. The business model centers on providing exchange services, membership access, and market data dissemination.

C

Caotica OÜ

caotica.ee

0

Caotica OÜ is a specialized web design and development agency based in Estonia, operating since 2008. The company offers a comprehensive suite of digital services including website design, web development across platforms like WordPress, Webflow, and Wix, e-commerce solutions with WooCommerce and Shopify, as well as ongoing website management and SEO optimization. Their market position is that of a trusted, experienced small business serving both local and international clients, with over 200 projects completed and 80+ clients served. The website reflects a professional and consistent brand image with clear service offerings and client testimonials, supporting their credibility. Technically, the website is built on WordPress using the Avia Framework and Yoast SEO plugin, leveraging modern web technologies such as jQuery and Google Fonts. The site is mobile-optimized and demonstrates good SEO practices with structured data and meta tags. Hosting and domain registration are managed by Zone Media OÜ, consistent with the company's Estonian base. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS with anonymized IP tracking in Google Analytics and implements a cookie consent mechanism, indicating awareness of privacy compliance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no formal security or incident response policies are published. There is no vulnerability disclosure or security.txt file, which could be areas for improvement. Overall, Caotica OÜ presents a low-risk profile with a solid business foundation, professional web presence, and basic privacy compliance. Strategic enhancements in security headers, incident response transparency, and accessibility could further strengthen their security posture and trustworthiness.

The website ria.ee is currently inaccessible due to a Cloudflare security challenge page requiring human verification. This prevents access to any substantive content, business information, or policies. The domain is registered since 2010 with an Estonian registrar, indicating a legitimate and established domain. The technical infrastructure relies on Cloudflare services including Turnstile captcha and Cloudflare Insights for security and analytics. Due to the blocking, no privacy, cookie, or terms of service policies are visible, nor is any contact or business information. The security posture cannot be fully assessed, but the use of Cloudflare indicates a baseline of protection. Overall, the site cannot be fully analyzed until the WAF challenge is passed, limiting the ability to provide a comprehensive risk assessment or business intelligence.

V

VEPA

vepa.ee

0

VEPA is an Estonian educational initiative focused on evidence-based classroom management methodologies primarily targeting early school years. The website presents a professional and consistent brand supported by the Tervise Arengu Instituut, with clear educational content and training offerings. The digital infrastructure is based on WordPress with common JavaScript libraries and includes standard tracking and marketing tools such as Google Analytics and Mailchimp. Privacy and cookie policies are well implemented and GDPR compliant, enhancing user trust. Security posture is generally good with HTTPS enforced and secure form practices, though improvements in security headers and incident response transparency are recommended. Overall, the website is accessible, well-structured, and trustworthy, supporting its educational mission effectively.

T

Tervise Arengu Instituut

tubakainfo.ee

0

Tubakainfo.ee is an official Estonian government public health website managed by the Tervise Arengu Instituut (Health Development Institute). It provides comprehensive educational content on the harms of tobacco use, passive smoking, and supports tobacco cessation efforts. The site targets Estonian-speaking tobacco users, their families, and healthcare professionals, offering interactive tools, videos, and guidance. The website is well-structured, professionally designed, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins such as Yoast SEO, Google Tag Manager, and Facebook Pixel for analytics and marketing. It uses HTTPS with good SSL configuration but lacks some security headers. The site does not display a privacy or cookie policy, which is a notable compliance gap, especially given the use of tracking pixels. Contact information is clearly provided, enhancing business credibility. From a security perspective, the site shows good practices like HTTPS and nonce usage for AJAX but could improve by adding security headers and publishing explicit security and incident response policies. No vulnerabilities or suspicious patterns were detected. WHOIS data confirms the domain is registered to the official Estonian health institute, supporting legitimacy. Overall, the site is trustworthy and professional but should address privacy compliance and security policy transparency to improve its security posture and regulatory adherence.

T

Tervise Arengu Instituut

toitumine.ee

0

The website toitumine.ee is an official Estonian government health information portal managed by the Tervise Arengu Instituut under the Haridus- ja Teadusministeerium (EENet). It provides comprehensive nutrition guidelines, health advice, and tools such as a BMI calculator targeted at Estonian residents across various life stages and health conditions. The site is well-structured with rich content and expert contributions, positioning it as a trusted national resource for healthy eating information. Technically, the site is built on WordPress with modern libraries like jQuery, Bootstrap, and integrates Google Analytics and Facebook SDK for tracking. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and explicit incident response or vulnerability disclosure information. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the site is credible and trustworthy but would benefit from enhanced privacy and security practices.

T

Tervise Arengu Instituut

nutridata.ee

0

NutriData is a government-operated nutrition information system managed by the Estonian Health Development Institute (Tervise Arengu Instituut). It offers a suite of nutrition-related applications including diet analysis programs, food composition databases, product calculation tools, and nutrition survey software. The platform serves a broad audience ranging from individual users and healthcare professionals to food producers and researchers, positioning itself as an authoritative national resource for nutrition data and analysis in Estonia. The website is well-structured, content-rich, and provides comprehensive information about its services, training, and team members. Technically, the website is built as a modern Angular single-page application leveraging Google Analytics, Google Tag Manager, and Google reCAPTCHA for analytics and security. The site is mobile-optimized and uses standard web fonts and icons for a professional appearance. While the site uses HTTPS and some security best practices, it lacks certain HTTP security headers and a cookie consent mechanism, which are recommended for enhanced security and privacy compliance. From a security perspective, the site demonstrates good practices such as encrypted connections and form protection via reCAPTCHA. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data confirms the domain's legitimacy and consistency with the official institution managing the site. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure mechanisms indicates room for improvement in security transparency and incident readiness. Overall, NutriData presents a trustworthy, professional, and functional nutrition information platform with strong government backing. Strategic enhancements in privacy compliance, security headers, and incident response documentation would further strengthen its security posture and user trust.

N

Narko

narko.ee

0

The website www.narko.ee serves as a comprehensive informational and support platform focused on narcotics, risk reduction, and assistance options primarily targeting the Estonian population. It provides extensive educational content, community resources, and guidance for drug users, their relatives, and the broader community. The site is positioned as an authoritative resource, likely supported by government or non-profit entities, with a clear focus on public health and harm reduction. Technically, the website is built on WordPress with a modern plugin ecosystem including Yoast SEO and GDPR compliance tools. It employs Google Analytics for user tracking and demonstrates good mobile responsiveness and SEO optimization. However, some technical debt is noted with the use of an older jQuery version, which could pose security risks. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR. While no critical vulnerabilities or exposed sensitive data were detected, the absence of a published security policy, incident response contacts, and security.txt file indicates room for improvement in transparency and readiness. Security headers are not explicitly confirmed, and updating libraries is recommended. Overall, the website presents a trustworthy and professional front with good content quality and compliance posture. Strategic enhancements in security policies, technical updates, and contact transparency would further strengthen its security posture and user trust.

H

Avaleht - Hiv

hiv.ee

0

The website hiv.ee serves as an informational and support portal focused on HIV awareness, prevention, testing, and living with HIV in Estonia. It targets Estonian-speaking individuals, including those living with HIV and at-risk populations, providing educational content, testing locations, and counseling resources. The site is positioned as a trusted health information source, likely operated or supported by public health entities or non-profit organizations. Technically, the site is built on WordPress, utilizing common libraries such as jQuery and Slick Carousel, and integrates marketing and analytics tools like Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile-optimized with good navigation and content relevance. Security-wise, the site enforces HTTPS and uses cookie consent banners but lacks visible security headers and explicit privacy policies, which are areas for improvement. Overall, the site is functional, professional, and moderately secure, with room to enhance privacy compliance and security posture.

Z

Zone Media OÜ

alkoinfo.ee

0

Alkoinfo.ee is a well-established Estonian public health informational website focused on reducing alcohol consumption and providing support and education to individuals and their families. Operated by Zone Media OÜ and affiliated with the Estonian Health Development Institute (Tervise Arengu Instituut), it offers a range of services including educational content, self-assessment tests, and a Q&A advice section. The site targets Estonian and Russian speaking audiences concerned about alcohol use. Technically, the site is built on WordPress using the Understrap theme and integrates modern web technologies such as Google Analytics and Facebook Pixel for tracking. Security posture is good with HTTPS and CAPTCHA on forms, but lacks some security headers and explicit privacy and cookie policies. The domain is legitimate, registered since 2010, and consistent with the business identity.

P

Paya, Inc.

paya.com

0

Paya, Inc. is a well-established payment solutions provider offering integrated payment technologies and services primarily targeting businesses across multiple sectors including B2B, education, insurance, government, healthcare, nonprofits, and ERP providers. The company operates under the parent company Nuvei and has a strong market position with a large customer base and extensive partner network. Their website reflects a mature digital presence with professional design, comprehensive content, and clear navigation. Technically, the site is built on WordPress with modern marketing and analytics integrations, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and domain protections, though there is room for improvement in DNSSEC and security headers. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, Paya demonstrates high business credibility and digital maturity.

V

Visionest Institute

invicta.ee

0

Visionest Institute is an Estonian education and training organization formed by the merger of Marketingi Instituut, Invicta, and Director. It offers a wide range of professional development programs, including corporate training, personal development plans, and a digital magazine. The company targets businesses and individual learners, focusing on leadership, marketing, sales, and export sectors. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support. Technically, it is built on WordPress with WooCommerce and integrates advanced marketing and analytics tools such as Google Tag Manager, HubSpot, and Facebook Pixel. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response information are absent. Overall, the domain registration details align well with the business profile, indicating legitimacy and consistency.

The website chartwells.com currently serves as a parked domain with a clear notice that it is for sale. There is no active business content, product or service information, or company branding beyond the domain name itself. The site primarily displays advertising scripts from Google and a banner linking to Afternic for domain purchase inquiries. The domain is registered with GoDaddy Online Services Cayman Islands Ltd. since 2001, indicating a long registration history but no active operational presence at this URL. From a technical perspective, the site uses basic HTML and CSS with minimal modern web technologies. It includes Google Adsense and Google Ad Services scripts for monetization but lacks advanced frameworks, CMS, or structured data. The site is moderately optimized for mobile devices but has poor SEO and accessibility features. No forms or user input fields are present, reducing data collection risks but also limiting user engagement. Security posture is minimal with no DNSSEC enabled and no security headers detected in the HTML content. The domain status includes multiple prohibitions to prevent unauthorized changes, which is a positive control. However, the lack of HTTPS enforcement details and absence of privacy or cookie consent mechanisms indicate a low maturity level in security and privacy compliance. Overall, the site presents a low-risk profile due to its parked status but offers no business credibility or trust signals. Strategic recommendations include enabling DNSSEC, adding security headers, implementing privacy and cookie policies with consent mechanisms, and providing clear contact and incident response information if the domain is to be developed into an active business site.

H

HOK-Elanto Liiketoiminta Oy

alepa.fi

0

Alepa.fi is the official website of Alepa, a well-established Finnish grocery retail chain operated by HOK-Elanto Liiketoiminta Oy. The company has a strong market presence in Finland, offering both physical grocery stores and an online grocery shopping platform with delivery options. The website reflects a mature digital infrastructure built on modern technologies such as React and Next.js, hosted on AWS infrastructure. The site is well-optimized for mobile devices and provides a professional user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent managed via Usercentrics, though explicit security headers and detailed privacy policies are not prominently disclosed. Overall, the domain registration data aligns well with the business claims, indicating a legitimate and trustworthy entity.

S

SOK

skaupat.fi

0

S-kaupat.fi is the official online grocery store platform for the Finnish S-ryhmä retail group, operated by SOK. It offers a comprehensive range of grocery products from multiple store brands including Prisma, S-market, Alepa, Sale, and Herkku. The platform targets Finnish consumers seeking convenient and flexible online grocery shopping with various delivery options and integrated customer bonus programs. The website is well-branded, professionally designed, and localized primarily in Finnish with multilingual support. Technically, it leverages modern web technologies such as React and Next.js, integrates with Contentful CMS, and uses Usercentrics for cookie consent management. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, compliant with GDPR, and provides a good user experience.

The website crex.lv is currently inaccessible beyond a security challenge page that performs a browser integrity check and automatic redirect. The visible content is minimal, showing only a loading animation and a countdown timer. The site appears to be running very outdated content management systems, specifically Joomla 1.5 and WordPress 2.5, which are known to have multiple security vulnerabilities. There is no visible business or contact information, privacy or cookie policies, or terms of service. The only external link is to BitNinja.IO, indicating the use of a third-party security service to protect the site. Due to the security challenge and lack of accessible content, a full analysis of the website's business model, services, and compliance posture is not possible.

I

IZSTĀŽU RĪKOTĀJSABIEDRĪBA BT 1

rigaexpo.lv

0

The website represents an international exhibition center based in Latvia, operated by IZSTĀŽU RĪKOTĀJSABIEDRĪBA BT 1. It offers venue rental for various events such as conferences, sports competitions, concerts, and corporate gatherings. Additional services include catering through Expo Cafe and equipment rental for event needs. The business targets event organizers and corporate clients within the Latvian market. The website content is basic but functional, providing essential information and links to partner services. Technically, the site uses older but stable technologies like Bootstrap 3 and jQuery 3.1.1, with moderate mobile optimization and basic accessibility features. Security posture is limited, with no visible HTTPS enforcement or security headers, and no cookie consent mechanism implemented. Privacy and terms of service documents exist but are basic and lack explicit GDPR compliance indicators. Overall, the site is moderately trustworthy but would benefit from improved security and privacy practices.

Techindustry.lv is the official website for the largest and most significant industry exhibition in the Baltic region, focusing on machine building, metal processing, automation, electronics, and related technologies. The event is organized by BT 1, a leading Baltic exhibition organizer, and targets industry professionals and companies seeking to showcase and discover innovations. The website provides comprehensive information about exhibitors, news, and event details, supported by partner organizations and ticketing platforms. Technically, the site uses modern tracking and analytics tools, including Google Analytics and Facebook Pixel, and implements cookie consent mechanisms. However, it lacks explicit privacy and terms of service pages, and security headers are not detected, which are areas for improvement. The site is accessible without WAF or blocking mechanisms, and contact information is clearly provided with named personnel.

R

RIGA COMM

rigacomm.com

0

RIGA COMM is a well-established Baltic business technology event organizer hosting annual exhibitions and multiple conferences in Riga, Latvia. The platform targets business and technology professionals, entrepreneurs, and institutional leaders, offering a comprehensive event experience with specialized conferences covering cybersecurity, fintech, e-commerce, and more. The website reflects a mature digital presence with a WordPress CMS, modern marketing and analytics tools, and a cookie consent mechanism, indicating awareness of privacy compliance requirements. However, explicit privacy policies and terms of service are missing, which could be improved to enhance compliance and user trust. Security posture is generally good with HTTPS and reCAPTCHA usage, but could benefit from enhanced security headers and DNSSEC implementation. Overall, the site is professional, content-rich, and well-positioned in its market niche.

S

Starptautisko izstāžu rīkotājsabiedrība BT 1

balttour.lv

0

Balttour.lv represents the Baltic region's premier international tourism exhibition organized by Starptautisko izstāžu rīkotājsabiedrība BT 1 in partnership with ALTA. The website showcases detailed event information, participant lists, news, and visitor guidance, targeting tourism professionals and general visitors interested in travel opportunities. The business holds a strong market position as a leading event organizer in the hospitality and tourism sector in Latvia. Technically, the website employs a mature technology stack including Bootstrap, jQuery, and various UI libraries, with integration of Google Analytics and Facebook Pixel for marketing and analytics purposes. The site is mobile-optimized and well-structured, though some older libraries like jQuery 1.11.2 are used, which may pose security risks. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and dedicated security or privacy policy pages. WHOIS data confirms domain legitimacy with consistent registrant information matching the business claims. Overall, the website is professional and trustworthy but could improve compliance and security practices.

N

Nullist OÜ

nullist.ee

0

Nullist OÜ operates a well-established Estonian online marketing education platform, offering practical training and courses for beginners and advanced learners. The company has a strong market presence with over 3000 business clients and targets entrepreneurs, social media managers, and marketing professionals. Their business model focuses on digital education through webinars, workshops, and masterclasses. Technically, the website is built on WordPress with WooCommerce integration, leveraging modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Plausible Analytics, ensuring GDPR compliance and user consent mechanisms. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the site is professional, fast, mobile-optimized, and trustworthy, reflecting a mature digital infrastructure and credible business operations.

P

Pärnumaa infovärav

parnumaa.ee

0

Pärnumaa.ee is a well-established regional information portal serving the Pärnumaa county in Estonia. It provides comprehensive information for residents and visitors including news, job listings, educational resources, real estate offers, and business environment insights. The website is professionally designed using WordPress with Elementor and Yoast SEO plugins, ensuring good content management and search engine optimization. The site is bilingual with Estonian as the primary language and English as an alternate option. Technically, the site employs modern web technologies and integrates analytics and marketing tools such as Google Tag Manager, Hotjar, and Facebook Pixel, while maintaining GDPR compliance through a robust cookie consent mechanism.

A

AS Äripäev

ituudised.ee

0

ITuudised is a leading Estonian news portal focused on the ICT sector, operated by AS Äripäev. It provides comprehensive news, success stories, lessons, results, and plans related to the Estonian IT industry, supplemented by IT training and technology-themed radio shows. The portal targets IT professionals, business leaders, and technology enthusiasts in Estonia, positioning itself as a key information source in the local technology media landscape. Technically, the website leverages modern web technologies including React and Next.js, ensuring a responsive and well-structured user experience. The site is well-optimized for SEO and mobile devices, with a professional design and clear navigation. Security-wise, the site enforces HTTPS, includes essential security headers, and avoids exposing sensitive data, reflecting a mature security posture. However, explicit security policies and incident response contacts are not publicly available, indicating room for improvement in transparency. Overall, the website demonstrates strong business credibility and privacy compliance, with clear contact information and GDPR-aligned policies. The domain registration details align well with the business identity, reinforcing trustworthiness.

A

AS Äripäev

aripaev.ee

0

AS Äripäev operates a leading Estonian business media platform providing comprehensive economic and business news, analysis, and multimedia content. The website targets business professionals and investors, offering subscription-based access to premium content including PRO packages and investor-specific services. The company is part of the Nordic media conglomerate Bonnier Group, reinforcing its market position and credibility. Technically, the site is built on modern web technologies including React and Next.js, delivering a responsive and accessible user experience with good SEO practices. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response details are not publicly available. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a mature digital presence with high trustworthiness and professional content delivery.

A

AS Äripäev

bestmarketing.ee

0

Best Marketing is a leading Estonian marketing news portal and event organizer, operated by AS Äripäev. The website delivers comprehensive marketing, advertising, and communication industry news, targeting marketing professionals in Estonia. It offers subscription-based content, podcasts, videos, and organizes marketing conferences, positioning itself as a key media player in the Estonian marketing sector. The site is well-branded, professionally designed, and maintains consistent content quality. Technically, the site is built on modern frameworks such as Next.js and React, with good mobile optimization and SEO practices. Security posture is strong with HTTPS, security headers, and consent management in place, although no explicit security policy or incident response information is published. Privacy and cookie policies are present and GDPR compliant. Contact information is clearly provided, enhancing business credibility. Overall, the site demonstrates a mature digital presence with a solid foundation for content delivery and user engagement.