Security Directory

Estfilm Production OÜ is a small Estonian film production company established in 2006, specializing in cultural, nature, and regional films to promote Estonia. They serve both public and private sector clients and offer a range of services including aerial filming, time-lapse filming, 3D animations, and video editing. The company maintains a consistent brand presence and showcases its portfolio via a YouTube channel. Technically, the website is built on WordPress using older jQuery and Google Analytics for tracking, with basic mobile optimization and accessibility. Security posture is moderate but could be improved by updating libraries and implementing security headers. Privacy compliance is weak due to the absence of privacy and cookie policies and lack of consent mechanisms. Overall, the website is functional and professional but requires enhancements in security and privacy to meet modern standards.

S

Spring

springadvertising.com

0

Spring is an independent creative advertising agency based in Vancouver, Canada, established in 2005. The company offers a broad range of services including strategy, design, advertising, branding, digital, and on-demand creative services. They have a strong market presence with a focus on real estate marketing and have worked with over 100 brands across more than 70 industries. The website reflects a professional and consistent brand image with clear navigation and good content quality. Technically, the site is built on WordPress with modern plugins and SEO tools, hosted by Automattic Inc., ensuring reliable infrastructure and good performance. Security posture is solid with HTTPS enforced and domain transfer protection, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is basic but present, with privacy and cookie policies including consent mechanisms. Contact information is complete and easily accessible, enhancing business credibility. Overall, the website is trustworthy and well-maintained, suitable for its target audience.

A

Actual Reports OÜ

actualreports.com

0

Actual Reports OÜ is a small Estonian technology company specializing in business process automation with a focus on document generation and data collection solutions. Their website presents a professional and consistent brand image, targeting developers, eCommerce merchants, and general users with products such as PDF Generator API, PDFViewer, Printout Designer, and PDFMake. The company leverages a partner ecosystem to provide comprehensive automation tools. Technically, the website uses modern web fonts, Font Awesome icons, embedded YouTube videos, and Google Tag Manager for analytics. Hosting appears to be on Amazon AWS infrastructure. The website is mobile optimized with good SEO practices but lacks advanced accessibility features. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanism. Contact information is limited to email and physical address with no phone or contact forms. Overall, the website is functional and professional but could improve in privacy and security transparency.

AuditPartner is a small Estonian auditing and financial consulting firm with a website primarily in Estonian and an English language option. The company positions itself as a professional service provider focusing on seeing beyond the numbers, targeting businesses requiring auditing and financial services. The website is built on WordPress with common web technologies such as jQuery and Bootstrap, indicating a standard but modern technical infrastructure. Performance and mobile optimization are moderate to good, with basic SEO and accessibility features. From a security perspective, the site uses HTTPS with good SSL configuration but lacks important security headers and visible security policies such as privacy, cookie, or incident response policies. No vulnerability disclosure or security.txt files are present, and no contact information such as emails or phone numbers are explicitly provided on the homepage. These gaps reduce the overall privacy compliance and security posture scores. Overall, the website is functional and professionally designed but lacks critical compliance and security transparency elements. The domain WHOIS data is consistent with the business claims, supporting legitimacy. Strategic improvements in privacy policy publication, security headers, and contact transparency would enhance trust and compliance.

M

M-Partner

mpartner.ee

0

M-Partner is an established Estonian recruitment company specializing in the effective hiring of managers and specialists, with over 20 years of experience and more than 1000 successful recruitments. Their business model focuses on full search and headhunting services, targeting Estonian companies seeking qualified personnel. The website reflects a professional and consistent brand image, supported by client logos and clear service descriptions. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates essential tools such as Google Tag Manager and reCAPTCHA, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforcement, email obfuscation, and cookie consent mechanisms, though additional security headers and formal policies could enhance protection. Overall, the site is accessible, well-structured, and compliant with GDPR, presenting a trustworthy and credible online presence.

O

Ouman Oy

ouman.fi

0

Ouman Oy is a Finnish company specializing in building automation and energy efficiency solutions, targeting property owners, automation contractors, housing companies, and related sectors primarily in the Baltic Sea region. The company offers smart controllers, IoT solutions, and energy optimization services, positioning itself as a key player in energy-efficient building management. The website reflects a mature digital presence with professional design, multilingual support, and comprehensive product and solution information. Technically, the site is built on WordPress with modern analytics and marketing integrations such as Google Analytics, HubSpot, and Facebook Pixel. Security measures include HTTPS enforcement and CAPTCHA-protected forms, though explicit security headers and policies are not fully implemented. Overall, the site demonstrates good security hygiene and business credibility, with room for improvement in privacy compliance documentation and security transparency.

A

ADM Interactive

adm.ee

0

ADM Interactive is a leading digital solutions agency based in Estonia, established in 1997. The company specializes in custom software development, digital marketing, cloud infrastructure hosting, and integration services, serving over 370 clients worldwide including notable brands. ADM positions itself as a comprehensive service provider covering the entire customer lifecycle with a strong emphasis on innovation and ROI. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, and Cookiebot for consent management. The site is mobile-optimized, SEO-friendly, and integrates multiple marketing and analytics tools. Security posture is strong with HTTPS, cookie consent, and no visible vulnerabilities, although explicit security policies and incident response details are not published. Overall, ADM demonstrates a mature digital presence with solid business credibility and compliance adherence.

Namespace OÜ is a small Estonian digital agency specializing in full-service software development with expertise in Python, API, and React.js technologies. The company targets businesses seeking custom digital applications and API integrations, positioning itself as a niche technology service provider with a portfolio of notable projects such as Navirec, GSMtasks, and Parcelfellows. The website reflects a professional and consistent brand image with clear contact information and project showcases. Technically, the website is built using modern frameworks including React.js and Next.js, with integrations for Google Analytics, Google Tag Manager, and Cal.com scheduling. The site is mobile-optimized and performs moderately well, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and uses standard analytics scripts but lacks explicit security headers and visible security policies. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. The WHOIS data aligns well with the business claims, showing a consistent and legitimate registration. Overall, the website presents a moderate risk profile with room for improvement in privacy compliance and security best practices. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

F

Fortaco Group

fortacogroup.com

0

Fortaco Group is a leading brand-independent strategic partner specializing in manufacturing technology, vehicle cabins, steel fabrications, and vehicle assemblies primarily serving the heavy off-highway equipment and marine industries. Established in 2012, the company has positioned itself as a key player in Europe with a strong focus on quality, delivery performance, and operational excellence. Their business model revolves around providing comprehensive value chain solutions to global customers, emphasizing flexibility, reliability, and innovation in manufacturing processes. The website infrastructure is built on WordPress, leveraging modern plugins such as Yoast SEO and MonsterInsights for analytics and SEO optimization. The site demonstrates good mobile responsiveness, clear navigation, and professional design, supporting a positive user experience. Technical implementation is solid with HTTPS enforced, though there is room for improvement in security headers and DNSSEC deployment. Security posture is generally good, with no critical vulnerabilities detected. The domain registration is consistent with the business claims, showing a stable and legitimate presence. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. However, explicit security policies and incident response contacts are not publicly available, which could be enhanced to improve trust and compliance. Overall, Fortaco Group's digital presence reflects a mature and professional organization with a strong market position. Strategic recommendations include enhancing DNS security, publishing detailed security policies, and expanding contact information for incident response to further strengthen their security and compliance posture.

SRV Yhtiöt Oyj operates in the Finnish real estate sector, focusing on sustainable and energy-efficient construction of new residential and commercial properties. The website targets potential home buyers and commercial tenants, presenting a professional and modern digital presence built with React and Gatsby technologies. The content is relevant and well-structured, although explicit privacy and cookie policies are not found in the provided content. Security posture is limited due to lack of visible security headers and policies, and no contact information or incident response details are provided. WHOIS data confirms the legitimacy and consistency of the domain registration with the business entity in Finland. Overall, the website demonstrates a good business credibility and technical foundation but requires improvements in privacy compliance and security best practices.

The website vanglateenistus.ee is currently inaccessible beyond a Cloudflare Turnstile captcha challenge page, preventing access to any substantive content. The domain is very recently registered (December 2023) and is owned by Elkdata OÜ, a hosting and registrar provider, indicating the site is likely new or under development. Due to the WAF challenge, no business, security, or compliance information is available for analysis. The technical infrastructure relies on Cloudflare's security and analytics services, but no CMS or frameworks are detectable. The security posture cannot be fully assessed, but the presence of Cloudflare WAF indicates some baseline protection. Overall, the site is low trust at this stage due to lack of accessible content and new domain age.

C

Cytognos, S.L.

cytognos.com

0

Cytognos, S.L. is a specialized healthcare company focused on providing clinical flow cytometry solutions, including reagents, devices, and software tailored for flow cytometer laboratories. The company leverages partnerships such as EuroFlow™ to offer advanced Next Generation Flow™ solutions, positioning itself as a niche provider in the clinical diagnostics sector. The website reflects a medium-sized enterprise with a professional digital presence built on WordPress and WooCommerce, incorporating modern plugins and SEO optimizations. Technically, the site is well-structured, mobile-optimized, and uses HTTPS with cookie consent mechanisms, though it lacks some advanced security headers and explicit privacy and terms of service pages. The absence of public WHOIS data introduces some uncertainty about domain registration transparency, but the website content and business information appear consistent and credible. Overall, the security posture is moderate with room for improvement in policy disclosures and incident response readiness.

L

Lindab

lindab.si

0

Lindab.si is a Slovenian content and blogging website established in 2022, offering articles on a variety of topics including home, health, sports, services, and technology. The site targets a general Slovenian-speaking audience interested in diverse lifestyle and technology content. The business model is primarily content publishing with no direct e-commerce or transactional services evident. The website is built on WordPress CMS, utilizing Yoast SEO for search optimization and Google reCAPTCHA for form security. The technical infrastructure is modern and moderately performant with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enforced and form protection via reCAPTCHA, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy page present but no cookie consent mechanism detected. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the website is legitimate, consistent with its domain registration data, and presents a moderate trust level. Strategic improvements in privacy compliance, security policy transparency, and contact information availability would enhance credibility and user trust.

R

Roadplan

roadplan.ee

0

Roadplan is an Estonian company specializing in road project design, outdoor space projects, and consulting services. Founded in 2013, it positions itself as a leading road project designer in Estonia, targeting clients who require sustainable and innovative solutions for their outdoor environments. The website content is primarily in Estonian and focuses on communicating the company's expertise and service offerings. Technically, the website is built on WordPress and uses modern web technologies including Google Fonts, Google Analytics, Google Tag Manager, and reCAPTCHA for form security. The site is hosted by Zone Media OÜ, a known Estonian hosting provider. Performance and mobile optimization are good, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the website uses HTTPS with a valid SSL certificate and employs reCAPTCHA to protect forms. However, it lacks important security headers and does not provide explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is professional and functional but lacks comprehensive privacy and cookie policies, explicit contact information, and detailed security disclosures. These gaps reduce its privacy compliance and slightly impact trustworthiness. Strategic improvements in these areas would enhance the site's security posture and user trust.

Berbank AS operates as a small Estonian financial institution providing traditional banking services including private and business banking, loans, deposits, and internet banking. The website targets Estonian private individuals and business clients, offering localized financial products. The domain is registered since 2019, consistent with a relatively new or niche bank. The technical infrastructure is basic, relying on jQuery and Google Analytics, with no modern frameworks or CMS detected. The website lacks HTTPS enforcement and security headers, which are critical for banking sites, indicating a weak security posture. Privacy compliance is poor, with no visible privacy or cookie policies, and no GDPR compliance indicators. Contact information is present but limited, and no incident response or security policy details are provided. Overall, the site shows moderate business credibility but requires significant improvements in security and privacy to meet industry standards.

D

Dispak

dispak.ee

0

Dispak is an Estonian retail business specializing in the sale of paper and fabric bags, primarily targeting customers seeking packaging solutions for gifts and corporate gifts. The company claims over two decades of experience and offers custom logo printing services with a minimum order quantity. The website is primarily in Estonian and serves the local market with a product-focused approach. Technically, the site uses jQuery and jQuery UI libraries along with Google Analytics and Tag Manager for tracking. The hosting and domain registration are consistent with an Estonian business identity. However, the website lacks explicit privacy, cookie, and terms of service policies, which impacts its compliance posture. Security headers and advanced security practices are not evident, and no incident response or vulnerability disclosure information is provided. Overall, the site is functional with moderate technical implementation but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

C

Certex Eesti

certex.ee

0

Certex Eesti is a medium-sized Estonian company specializing in the sale of steel wire ropes, lifting slings, load securing equipment, and related accessories. It operates an e-commerce platform integrated with a comprehensive product catalog targeting industrial and construction sectors. The company is part of the Lifting Solutions Group, indicating a solid market position within the lifting equipment industry in the Baltic region. The website demonstrates good digital maturity with modern CMS usage (Pimcore), responsive design, and integration of consent management and analytics tools. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly available. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, making it suitable for B2B and B2C customers seeking lifting and securing solutions.

T

TF Bank

tfbankgroup.com

0

TF Bank operates as an internet-based niche bank offering consumer banking services through a proprietary IT platform emphasizing automation. The website presents a professional image consistent with a financial institution targeting consumers seeking streamlined online banking solutions. The technical infrastructure is built on WordPress CMS, utilizing modern web technologies such as jQuery and Cookiebot for cookie consent management, alongside Google Tag Manager for analytics. The site is secured with HTTPS, and cookie consent is actively managed, reflecting a commitment to privacy compliance. However, the absence of WHOIS data for the domain group.tfbank.se raises questions about domain registration legitimacy, although the website content itself appears credible and well-maintained. Security posture is solid with HTTPS and consent mechanisms, but could be improved by adding explicit security headers and detailed privacy and security policies. Overall, the site demonstrates a good balance of professionalism, technical maturity, and privacy awareness, with room for enhanced transparency and security documentation.

L

Laser Diagnostic Instruments

ldi.ee

0

Laser Diagnostic Instruments (LDI) is an Estonian-based company specializing in advanced oil spill detection systems and water monitoring sensors. Their flagship product, the ROW (Remote Optical Watcher), provides autonomous, non-contact detection of oil spills and algal blooms, serving industrial and environmental clients globally. The company has a strong niche market position with installations across multiple continents and industries including energy, water treatment, and shipping ports. The website reflects a professional and consistent brand image with detailed product information and client testimonials, supporting their credibility in the environmental monitoring sector. Technically, the website is built on WordPress with modern plugins and frameworks, offering good performance and mobile optimization. Security posture is solid with HTTPS and standard best practices, though improvements are recommended in cookie consent and security headers. Privacy compliance is basic with a privacy policy present but lacking cookie consent mechanisms. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, LDI presents a trustworthy and professional digital presence aligned with their business objectives.

Hydroscand AS operates as a leading Norwegian supplier specializing in hoses, couplings, and related hydraulic and industrial components. The company boasts a broad product range and a nationwide network of branches and dealers, positioning itself strongly within the manufacturing sector. Their website reflects a professional and consistent brand presence, targeting industrial and commercial customers requiring specialized hose solutions and services such as machine service and central lubrication systems. Technically, the website leverages modern tools including Litium CMS, Google Tag Manager, Matomo Analytics, and a comprehensive cookie consent mechanism, demonstrating a mature digital infrastructure with good mobile optimization and accessibility. Security-wise, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data, although explicit security policies and incident response contacts are not publicly available. Overall, the site is trustworthy and compliant with GDPR through detailed cookie management and privacy policy linkage to a reputable third-party provider. Strategic recommendations include enhancing transparency by publishing terms of service, security policies, and clear contact information for security incidents to further strengthen trust and compliance.

D

Dajani Pharmacy Ltd

dajanipharmacy.com

0

Dajani Pharmacy Ltd is a well-established healthcare provider based in Central London, offering a comprehensive range of pharmacy and medical clinic services including prescribing pharmacists, GP services, allergy and blood testing, aesthetic treatments, and COVID-19 testing. The company has a strong local presence with two physical locations and a history spanning over 40 years. Their website reflects a professional and user-friendly digital presence with clear service offerings and multiple contact channels. Technically, the site uses modern web technologies such as Bootstrap, jQuery, Google Analytics, and Microsoft Clarity, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is basic, with privacy and cookie policies present but lacking active consent mechanisms. Overall, the website demonstrates a credible and trustworthy business with room for technical and security enhancements.

C

CyberCube

cybcube.com

0

CyberCube is a leading provider of cyber risk analytics and modeling solutions tailored for the insurance market. The company offers a suite of products and services including underwriting tools, portfolio management, consulting, and event response services. Their technology leverages artificial intelligence and extensive data to quantify cyber risk and support decision-making for insurers, reinsurers, brokers, and investment entities. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting industry professionals. Technically, the site is built on HubSpot CMS with modern JavaScript frameworks and integrates multiple analytics and marketing tools. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not published. The absence of WHOIS registration data is a notable gap, reducing domain transparency and trust slightly. Overall, CyberCube presents as a credible and authoritative player in the cyber risk analytics space with a well-executed online presence.

T

Thorgate

thorgate.eu

0

Thorgate is a well-established technology company specializing in software development, web design, and mobile applications with a strong focus on Python and related technologies. Operating primarily in the Nordics and Baltics with offices in Estonia, UK, Norway, and Poland, the company targets businesses and startups seeking expert development and design services. Their market position is strong within the Nordic region, supported by a professional online presence and a diversified service portfolio including startup investments. Technically, the website leverages modern frameworks such as Django and React, integrates multiple analytics and marketing tools including Google Analytics, Hotjar, Facebook Pixel, and HubSpot, and maintains good mobile optimization and SEO practices. While performance is moderate, the site is well-structured and content-rich, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses Sentry for error tracking, but lacks explicit security headers and published security policies or incident response information. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website presents a high level of professionalism and trustworthiness with minor areas for improvement in security policy transparency and accessibility. The risk profile is low, and the company demonstrates a solid foundation for secure and compliant digital operations.

S

Sparkup

teaduspark.ee

0

Sparkup Tartu Teaduspark is a well-established science and technology park based in Tartu, Estonia, founded in 2010. It serves as a hub for science- and technology-intensive startups and scaleups, offering incubation, acceleration, business development services, and rental spaces. The organization supports companies through various programs including Sparkup Inkubaator, ESA BIC Estonia, and multiple thematic accelerators focused on energy, climate, defense, and logistics. The website reflects a mature digital presence with a modern WordPress-based infrastructure, leveraging Elementor for design and Google Tag Manager and Facebook Pixel for analytics and marketing. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not published. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy page, primarily in Estonian. Overall, the site demonstrates good professionalism, clear navigation, and strong business credibility, positioning Sparkup as a key player in the Estonian innovation ecosystem.

E

Eesti Keskkonnauuringute Keskus OÜ

klab.ee

0

Eesti Keskkonnauuringute Keskus OÜ is a government-affiliated Estonian company specializing in chemical, physical, and microbiological laboratory analyses, geotechnical studies, and environmental condition modeling. The company positions itself as a leading environmental research and laboratory service provider in Estonia, serving government bodies, environmental agencies, and research institutions. Their website reflects a professional and consistent brand image with a clear focus on environmental services and scientific expertise. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The site includes a consent management platform (Usercentrics) for cookie compliance and integrates Google Tag Manager for analytics. Performance and mobile optimization are good, though accessibility features are basic. The hosting and domain registration are consistent with an Estonian government-related entity, registered since 2013. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism, but lacks explicit security headers and a published security or incident response policy. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of a security.txt or vulnerability disclosure policy is noted as an area for improvement. Overall, the website demonstrates a solid business credibility and technical foundation with room for enhanced security and privacy policy transparency. The risk profile is low, but strategic improvements in security headers and formal policies would strengthen trust and compliance.

Polhem International is a marketing and communications agency operating primarily in Scandinavia and the Baltics. The company offers a broad range of services including marketing, communication, public relations, events, influencer marketing, digital advertising, social media, and media training. The website reflects a professional and consistent brand presence with a modern technical infrastructure leveraging Nuxt.js and Bootstrap 5 frameworks. Tracking and analytics are implemented via Google Analytics and Google Tag Manager, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and DNSSEC, which could be improved. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the domain is well-established and legitimate, supporting the credibility of the business.

A

askRobin México

askrobin.com

0

askRobin México operates as an online loan search platform targeting Mexican consumers seeking personal loans and debt liquidation options. The platform aggregates offers from multiple financial institutions to provide tailored financing proposals. The website is built on WordPress with a modern tech stack including jQuery, Bootstrap Slider, and integrates marketing and tracking tools such as Google Tag Manager, Facebook Pixel, and SalesManago. The site is well-structured, mobile-optimized, and provides clear navigation and content relevant to its audience. Security posture is adequate with HTTPS enforced, but lacks some security headers and cookie consent mechanisms. WHOIS data for the subdomain is unavailable, which slightly impacts trust but the presence of partner logos and privacy policies supports legitimacy. Overall, the site presents a professional and functional digital presence for its business model.

S

SRINI OÜ

srini.ee

0

SRINI OÜ is an Estonian software development company specializing in custom software solutions primarily for government and private sector clients. Founded in 2019, the company operates from Tallinn and Tartu with approximately 80 employees. Their business model focuses on delivering tailored software design, development, and maintenance services, leveraging modern methodologies such as SCRUM and XP. The company has a positive market position supported by government contracts and a spin-off subsidiary, Modena. Technically, the website is built on WordPress, uses Java-based technologies, and integrates Google Analytics and Google Maps APIs. The site is mobile-optimized and SEO-friendly but lacks published privacy and cookie policies, which impacts compliance. Security posture is good with HTTPS enforced, but missing security headers and incident response contacts are areas for improvement. Overall, SRINI presents a credible and professional digital presence with moderate risk and room for enhanced privacy and security practices.

Kinkston is an Estonian company specializing in corporate and promotional gifts, targeting businesses seeking branding and advertising products. The website presents a professional and consistent brand image with a focus on the Estonian market. The technical infrastructure is modern, leveraging Angular framework and standard marketing tools such as Google Tag Manager and CookieHub for cookie consent management. The domain is well-established since 2010, indicating a stable business presence. Security posture is adequate with HTTPS enabled and cookie consent implemented, though there is room for improvement in security headers and explicit security policies. Privacy compliance is good, with GDPR-aligned cookie consent but lacks a dedicated privacy policy page on the domain itself. Overall, the website is functional, professional, and trustworthy with moderate risk.

T

terasbeach.ee

terasbeach.ee

0

The website www.terasbeach.ee appears to be a small business site based in Estonia, built using modern frontend technologies such as Gatsby and Bootstrap. However, the provided HTML content is largely technical and lacks visible business descriptions, contact information, or policy documents. The site does not present privacy, cookie, or terms of service policies, which are critical for compliance and user trust. Technically, the site uses a modern stack but lacks security headers and explicit security policies, indicating a low security maturity level. No analytics or tracking scripts were detected, suggesting minimal user tracking. The WHOIS data is consistent with the website's country and domain, indicating legitimacy. Overall, the site scores low to moderate on content quality, security posture, and privacy compliance, with recommendations to improve policy transparency, security headers, and contact information to enhance trust and compliance.

Nixor is a technology solutions provider specializing in retail and IT infrastructure services. Their offerings include sales systems, self-service solutions, POS hardware, payment solutions, electronic shelf labels, weighing systems, security technology, business software, and IT infrastructure. The website targets businesses seeking integrated technology solutions in Estonia and the surrounding region. The company presents itself as a medium-sized, established player in the technology sector with a professional online presence. Technically, the website is built on the Odoo CMS platform, utilizing modern frontend technologies such as Bootstrap and FontAwesome. The site is mobile-optimized and provides a multilingual experience with support for English, Estonian, Latvian, and Lithuanian. Performance is moderate, and SEO practices are adequately implemented. However, accessibility features are basic, and there is room for improvement in technical implementation. From a security perspective, the website lacks visible security headers and explicit security or privacy policies. There is no evidence of GDPR compliance mechanisms such as cookie consent banners or privacy policies. No incident response or vulnerability disclosure information is provided, which may impact trust and compliance. The absence of these elements suggests a need for enhanced security posture and privacy compliance. Overall, the website is functional and professional but requires improvements in privacy, security, and compliance transparency to strengthen trustworthiness and meet regulatory expectations. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, and establishing clear incident response and vulnerability disclosure processes.

The website terviseamet.ee is currently inaccessible due to a Cloudflare Turnstile human verification challenge, which blocks direct content access. This prevents extraction of meaningful business, contact, or policy information from the site. The domain is registered since 2010 with an Estonian registrar, consistent with the domain's country and likely government affiliation. The technical infrastructure relies on Cloudflare for security and content delivery, indicating a modern approach to protection against automated threats. However, the lack of accessible content limits the ability to assess the website's design, user experience, and compliance with privacy regulations. Security posture is enhanced by Cloudflare's WAF, but no internal security policies or incident response information is visible. Overall, the site appears legitimate but is currently locked behind a security gate, limiting detailed analysis.

M

Moonwalk

moonwalk.ee

0

Moonwalk is an Estonian music agency specializing in artist management, music production, and event promotion. The company represents notable artists such as Stefan, Getter Jaani, Black Velvet, and Mr Happyman, positioning itself as a recognized player in the Estonian music industry. The website reflects a professional and consistent brand image, targeting music fans and industry professionals. Technically, the site is built on Squarespace, leveraging modern web technologies and standard analytics tools like Google Analytics and Facebook Pixel. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the website uses HTTPS but lacks several important security headers such as HSTS and Content-Security-Policy, which could improve its security posture. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable gap given the use of tracking technologies. Overall, the website is credible and functional but would benefit from enhanced security and privacy measures to align with best practices and regulatory requirements.

L

Likewize

brightstar.com

0

Likewize is a technology service provider focused on offering comprehensive protection and support for technology disruptions. The company positions itself as a reliable partner for consumers and businesses seeking to mitigate technology-related issues. The website is professionally designed using WordPress CMS, enhanced with SEO tools like Yoast, and incorporates modern tracking and consent technologies such as Google Tag Manager and OneTrust. While the site is accessible and well-structured, it lacks explicit privacy and terms of service documentation, as well as direct contact information, which are important for trust and compliance. The absence of WHOIS data raises questions about domain registration legitimacy, though the website content suggests a legitimate business presence. Security posture is generally good with HTTPS and cookie consent, but could be improved by adding security headers and incident response contacts.

I

Indevex

indevex.com

0

Indevex is a small healthcare-focused company specializing in the development of science-based nutritional products, such as NGC®, aimed at supporting health, recovery, and performance. The company positions itself as a niche innovator leveraging clinical research to back its product offerings. The website reflects a professional and consistent brand image with good content quality and SEO optimization, targeting health-conscious consumers and athletes. Technically, the site is built on WordPress 6.8.1, utilizing modern technologies including Google Tag Manager for analytics and Cookiebot for cookie consent management. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service detected. Overall, the domain is legitimate, long-established since 1999, and registered through a reputable registrar without privacy protection, supporting trustworthiness. Strategic improvements in privacy transparency, security headers, and contact information publication are recommended to enhance compliance and user trust.

W

Weekdone

weekdone.com

0

Weekdone is a technology company specializing in SaaS-based OKR (Objectives and Key Results) software designed to help businesses align goals, track progress, and manage performance. The company offers a suite of services including OKR management, weekly progress reporting, project tracking, and continuous performance management. Positioned as a leading provider in the OKR software market, Weekdone targets businesses and teams seeking structured goal-setting and transparent progress reporting tools. The website reflects a professional and consistent brand image with clear navigation and relevant content aimed at its target audience. Technically, the website is built on WordPress CMS and leverages modern front-end technologies such as jQuery, Google Analytics, Google Tag Manager, and CookieYes for consent management. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate, with multiple external resources loaded from reputable domains. The technical infrastructure is supported by GoDaddy as the registrar and hosting provider. From a security perspective, the website enforces HTTPS with excellent SSL configuration and employs a comprehensive cookie consent mechanism that aligns with GDPR requirements. However, it lacks explicit security headers, published security policies, incident response contacts, and vulnerability disclosure mechanisms. No exposed sensitive data or vulnerable libraries were detected in the HTML content. The security posture is solid but could be improved by implementing additional security best practices and transparency measures. Overall, Weekdone presents a trustworthy and professional online presence with a mature domain and consistent business information. The main risks relate to the absence of published privacy and security policies and limited contact information. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and improving accessibility compliance to further strengthen trust and compliance.

R

Recticel

recticel.com

0

Recticel is a well-established insulation company focused on sustainable thermal and acoustic solutions, targeting investors, customers, and partners in the energy sector. The website demonstrates a mature digital presence with comprehensive content, investor relations, and sustainability reporting. Technically, the site uses Drupal CMS with modern libraries and includes GDPR-compliant cookie consent and security measures such as HTTPS and Google reCAPTCHA. However, the absence of WHOIS registration data is unusual and warrants monitoring, though the website's content and linked domains strongly support legitimacy. Security posture is good but could be improved by adding more security headers and publishing a formal security policy or incident response information. Overall, the site is professional, trustworthy, and well-optimized for users and compliance.

N

Nex OÜ

nex.ee

0

Nex OÜ operates as a small Estonian IT service provider specializing in computer repair, network consulting, remote support, and IT infrastructure management. The company positions itself as a reliable local partner with authorized partnerships from recognized brands such as Lenovo and Epson. Their website clearly communicates their service offerings and contact information, targeting businesses and individuals requiring IT support and hardware sales. Technically, the website is built on WordPress and utilizes modern web technologies including jQuery, LiteSpeed Cache, and Google Tag Manager. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. However, some security best practices such as security headers are missing. From a security perspective, the site enforces HTTPS and does not expose sensitive data. However, it lacks published privacy and cookie policies, incident response contacts, and vulnerability disclosure mechanisms, which are important for compliance and trust. The WHOIS data is consistent with the business claims, enhancing legitimacy. Overall, the website is professional and functional but would benefit from improved privacy compliance and enhanced security headers to strengthen trust and regulatory adherence.

J

JAS Worldwide Inc.

jas.com

0

JAS Worldwide Inc. is a well-established global freight forwarding and logistics company offering a comprehensive range of services including airfreight, ocean freight, ground freight, customs brokerage, cargo insurance, contract logistics, and green solutions. The company positions itself as a leader in international shipping and supply chain support with over four decades of industry experience. Their market presence is supported by partnerships such as with Lufthansa Cargo and a network of subsidiaries including JAS Jet Air Service S.p.A., Multilogistics S.p.A., and Setoa S.p.A. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Tag Manager, Google Analytics, and Facebook Pixel for analytics and marketing. The site demonstrates good performance, excellent mobile optimization, and solid SEO practices. Accessibility is good, though there is room for further enhancement. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes security headers. It implements a GDPR-compliant cookie consent mechanism and maintains privacy and cookie policies. However, there is no explicit security policy or incident response contact information visible, and no vulnerability disclosure or security.txt file is present. The absence of WHOIS data for the domain is a notable concern, though the website content and branding strongly indicate legitimacy. Overall, the website presents a professional, trustworthy, and secure digital presence for JAS Worldwide, with recommendations to improve transparency around security policies and domain registration details to further enhance trust and compliance.

D

Domestack

domestack.com

0

Domestack is a small technology company specializing in tailored software development services across various business sectors. Founded in 2018, the company presents a professional online presence with a well-structured website built on WordPress and Elementor. The site targets businesses seeking custom software solutions and emphasizes expertise in multiple technologies. Technically, the website employs modern tools including Google reCAPTCHA for form security and EWWW Image Optimizer for performance enhancements. SSL is properly configured, ensuring secure communications. However, the absence of explicit privacy policies, terms of service, and direct contact details limits full compliance and trust transparency. Security posture is adequate but could be improved by enabling DNSSEC and adding security headers. Overall, the website is functional and professional but would benefit from enhanced privacy and security disclosures.

V

Visit Estonia

visitestonia.com

0

Visit Estonia operates as the official national tourism website for Estonia, providing comprehensive travel information, tips, and cultural insights to visitors. The website targets tourists and travelers seeking to explore Estonia's attractions, nature, and culinary experiences. It maintains a strong market position as a government-backed tourism portal with a well-established domain since 2000. The business model focuses on tourism promotion and trip planning services, leveraging digital content to attract and assist visitors.

D

Decoland

decoland.cz

0

Decoland is a Czech Republic based luxury and design furniture retailer and interior design studio. The company offers a curated gallery of design furniture and accessories, targeting consumers seeking high-end interior solutions. The website is built on a modern React and Next.js framework, incorporating cookie consent and Google Tag Manager for analytics and privacy compliance. The site is well-structured, mobile-optimized, and provides comprehensive privacy and cookie policies in Czech language. Security posture is good with HTTPS and security headers, though explicit security policies and incident response contacts are absent. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but does not indicate malicious intent. Overall, Decoland presents a professional and trustworthy online presence in the luxury furniture retail sector.

The website epicenter.ee is currently inaccessible due to an HTTP 403 Forbidden error, indicating that access to the site's content is blocked or restricted by server configuration or security policies. As a result, no metadata, structured data, contact information, or business content is available for analysis. The domain is registered to Zone Media OÜ since 2012, which suggests a legitimate and established presence in Estonia. However, the lack of accessible content severely limits the ability to assess the company's business model, services, or compliance posture. Technically, the site runs on an Apache server hosted by Zone Media OÜ, but no further technology stack details or security headers are visible due to the access restriction. Security posture cannot be evaluated beyond the presence of HTTPS (implied by port 443) and the 403 error. Overall, the site scores very low on content quality, technical implementation, security, privacy compliance, and business credibility due to the blocked content.

T

TBD Pharmatech

biodiscovery.eu

0

TBD Pharmatech is a European-based Contract Development and Manufacturing Organization (CDMO) specializing in Active Pharmaceutical Ingredients, advanced intermediates, and fine chemicals production. Founded in 2021, the company positions itself as a reliable partner for pharmaceutical companies seeking development and manufacturing services. The website reflects a professional and consistent brand image with clear business focus and relevant service offerings. Technically, the site is built on WordPress with modern analytics and tracking tools integrated, including Google Analytics and Google Tag Manager. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and comprehensive security headers. Privacy compliance is weak due to absence of privacy and cookie policies and no visible consent mechanisms. Overall, the site is trustworthy and credible but would benefit from enhanced privacy and security practices to align with regulatory requirements and industry best practices.

I

ITM Trade

itm.ee

0

ITM Trade is an established IT services company based in Estonia, providing a broad range of services including programming, SEO, server and workstation administration, marketing, and e-commerce solutions. With over 15 years of experience and a portfolio of more than 300 projects across 35 countries, ITM Trade holds a strong market position as a leader in its industry. The website reflects a professional and consistent brand image targeting businesses seeking comprehensive IT solutions. The technical infrastructure of the website is modern and functional, utilizing Google Fonts, Google reCAPTCHA for form security, and slick sliders for UI elements. The site is mobile optimized and SEO friendly, though there is room for improvement in accessibility and performance optimization. Hosting and domain registration are managed by Zone Media OÜ, a reputable Estonian registrar. From a security perspective, the website employs HTTPS and reCAPTCHA, and implements a cookie consent mechanism compliant with GDPR. However, it lacks advanced security headers and a published security policy or incident response contacts. No vulnerability disclosure or security.txt file is present, which are recommended for enhanced transparency and security posture. Overall, the website is trustworthy and professionally maintained, with a good balance of content quality, technical implementation, and privacy compliance. Strategic improvements in security policies and DNS security would further strengthen its risk profile.

The website iaconsulting.info currently presents minimal content, consisting solely of a frameset that redirects visitors to an external domain (www.searchvity.com). There is no visible business information, contact details, or policies on the site, which severely limits the ability to assess the company's market position or services. The domain is registered since 2015 with privacy protection, but the lack of transparency and meaningful content raises concerns about legitimacy and professionalism. From a technical perspective, the website lacks modern infrastructure elements such as HTTPS, security headers, and accessible HTML structure. The use of framesets is outdated and negatively impacts user experience and SEO. No scripts, analytics, or tracking technologies were detected, indicating a very basic or placeholder site. Security posture is weak due to the absence of HTTPS, security headers, and any visible security or privacy policies. The WHOIS privacy protection, while common for small businesses, combined with the minimal content and redirect behavior, suggests a low trust level. There are no indications of incident response readiness or certifications. Overall, the website poses a high risk from a security and trust perspective. It is recommended to implement HTTPS, develop meaningful content including privacy and cookie policies, provide clear contact information, and modernize the technical implementation to improve credibility and compliance.

Accenture is a global professional services company specializing in consulting, technology, and operations services. The analyzed webpage focuses on supply chain networks consulting services and solutions, highlighting Accenture's capabilities in helping clients anticipate demand and drive efficiency, sustainability, and growth. The company targets client prospects in various industries including technology, manufacturing, energy, transportation, and finance. Accenture operates at an enterprise scale with a strong market position and a comprehensive service portfolio. Technically, the website is built on Adobe Experience Manager CMS and employs modern web technologies such as Adobe Helix RUM, jQuery, and OneTrust for consent management. The site demonstrates good performance, mobile optimization, accessibility, and SEO practices. Security is robust with HTTPS enforcement, security headers, and no exposed sensitive data. However, explicit security policies and incident response information are not publicly available on the analyzed page. The WHOIS data for the domain is unavailable, likely due to registry restrictions or privacy policies, but this does not detract from the site's legitimacy given Accenture's global brand recognition. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, the website presents a professional, secure, and trustworthy digital presence aligned with Accenture's business stature. Strategic recommendations include publishing detailed security policies, incident response contacts, and vulnerability disclosure information to enhance transparency and trust.

L

LVM Kinnisvara

lvm.ee

0

LVM Kinnisvara is a well-established Estonian real estate company providing comprehensive property services including sales, valuation, development, and brokerage. The company operates across major Estonian cities with multiple office locations and a professional online presence. Their website is built on WordPress with modern plugins and integrates marketing and analytics tools to engage and track users effectively. Security measures such as HTTPS, CAPTCHA on forms, and cookie consent mechanisms are implemented, though some security headers could be improved. The domain registration data aligns well with the business profile, indicating legitimacy and a mature online presence.

J

Jolos

jolos.eu

0

Jolos is a full spectrum creative agency based in Estonia, specializing in world-class event production, branding, campaigns, and live and virtual events. The company positions itself as a high-quality, professional agency focused on delivering unique and memorable experiences for brands and organizations. The website reflects a mature digital presence built on WordPress, leveraging modern optimization and analytics tools such as Google Analytics and Tag Manager with IP anonymization enabled. The site is well-designed, mobile-optimized, and rich in multimedia content, showcasing detailed case studies and team profiles that enhance trust and professionalism. Security posture is solid with HTTPS enforced and no exposed sensitive data, though the absence of security headers and formal security policies suggests room for improvement. Privacy compliance is limited due to missing privacy and cookie policies and lack of consent mechanisms. Overall, the domain registration aligns with the business claims, indicating legitimacy and trustworthiness.