Security Directory

U

URRAM

lugeja.ee

0

URRAM is a specialized Estonian library portal that provides users with access to a wide range of library catalogs, articles, and library information. It integrates with national authentication services such as ID-card, Mobile-ID, and Smart-ID, enabling secure user login and management of library services like reservations and loans. The platform targets library users across Estonia, including students, researchers, and the general public, positioning itself as a key national resource in the education and public service sectors. Technically, the website employs a modern frontend stack including Bootstrap 4.4.1, jQuery 3.4.1, and various Bootstrap extensions for UI components and date pickers. It uses Google Analytics for user tracking but lacks visible cookie consent mechanisms. The site is mobile responsive and offers a good user experience with clear navigation and search functionalities. However, some technical improvements are recommended, such as updating JavaScript libraries and enhancing accessibility. From a security perspective, the site enforces HTTPS and uses secure national eID authentication methods, which are strong trust signals. However, the absence of security headers and the use of an outdated jQuery version present potential vulnerabilities. The lack of explicit privacy and cookie policies also indicates compliance gaps with GDPR requirements. Overall, URRAM is a moderately mature digital platform with a solid business credibility in the Estonian library ecosystem. Strategic improvements in privacy compliance, security headers, and library technology updates would enhance its security posture and user trust.

M

Meelis Lilbok, Deltmar OÜ

raamatukogud.ee

0

The website www.raamatukogud.ee offers a specialized real-time service that tracks library borrowings across Estonia, providing live updates on checkouts, returns, and renewals. It targets library users and professionals interested in library activity data, positioning itself as a niche information service within the Estonian education sector. The business is operated by Deltmar OÜ, with clear branding and consistent content focused on library statistics and mapping. Technically, the site employs a modern JavaScript stack including jQuery, Google Maps API, Google Charts, and integrates social media and analytics tools. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is good with HTTPS enforced and no exposed sensitive data, but lacks security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is legitimate and trustworthy but would benefit from enhanced compliance and security practices.

W

Webware

webware.ee

0

Webware OÜ is an established Estonian technology company specializing in comprehensive and flexible information and document management solutions through its flagship platform, WebDesktop. With over 23 years of experience, Webware serves a broad client base including major organizations in Estonia and Northern Europe, positioning itself as a market leader in the info management sector. The company offers a range of services including software analysis, development, hosting, training, and workflow and risk management, targeting both private and public sector organizations. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support.

I

INHUS Prefab, UAB

inhusprefab.eu

0

INHUS Prefab, UAB is a medium-sized manufacturing company specializing in prefabricated reinforced concrete structures and architectural concrete facade elements. Operating primarily in Lithuania with projects extending to Nordic countries and the UK, the company positions itself as a reliable regional player in the construction sector. Their website reflects a professional digital presence with clear navigation, multilingual support, and a portfolio of completed projects. Technically, the site uses modern web technologies including HTML5, CSS, JavaScript, and integrates Google Analytics for user tracking. The site is mobile optimized and performs moderately well. Security posture is adequate with HTTPS enforced but lacks advanced security headers and public security policies. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, aligning with GDPR requirements. Contact information is transparent and includes company email, phone, and physical address. Overall, the website demonstrates good business credibility and digital maturity with room for security enhancements.

O

OÜ Kultuurinet

kultuurikava.ee

0

Kultuurikava.ee is an Estonian cultural event listing platform operated by OÜ Kultuurinet, established in 2012. It serves as a guide to cultural happenings in Estonia, targeting local residents and visitors interested in arts and events. The platform offers event search and filtering capabilities and maintains a consistent brand presence with a professional website design. The business operates in the media sector with a niche focus on cultural events. Technically, the website leverages modern web technologies including React, Font Awesome, Leaflet.js for mapping, and integrates analytics tools such as Google Analytics and Facebook SDK. The hosting is provided by Zone Media OÜ, a known Estonian hosting provider. The site is mobile-optimized with good user experience and basic SEO and accessibility features. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and a cookie consent mechanism despite using tracking scripts, which indicates room for improvement in privacy compliance and security best practices. No critical vulnerabilities or suspicious indicators were found. Overall, Kultuurikava.ee presents a moderate risk profile with good business credibility and technical implementation. Strategic improvements in privacy compliance and security headers would enhance trust and regulatory adherence.

E

eLMEK Accounting OÜ

elmek.ee

0

eLMEK Accounting OÜ is a small Estonian accounting and payroll service provider established in 2017. The company positions itself as a friendly and expert partner for businesses needing accounting and payroll advice and services. It has received recognition as one of the fastest growing accounting firms in Estonia and awards for female entrepreneurship, indicating a positive market presence and growth trajectory. The website clearly communicates its key services and team members, targeting Estonian businesses seeking professional financial services. Technically, the website is built on WordPress using the Enfold theme, enhanced with Yoast SEO and jQuery-based components like Owl Carousel. It employs Google Tag Manager for analytics and tracking, and the site is hosted by Zone Media OÜ, consistent with the Estonian locale. The site is mobile-optimized and SEO-friendly, with good performance and accessibility basics. From a security perspective, the site uses HTTPS with strong SSL configuration and implements a cookie consent mechanism compliant with GDPR principles. However, it lacks explicit security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The site collects user data via a contact form with required fields and uses cookies and session storage for user experience and tracking. Overall, the website presents a professional and trustworthy front for a small accounting firm with good technical implementation and moderate privacy compliance. Strategic improvements include publishing a privacy policy, security policy, and incident response information, enhancing security headers, and improving accessibility features to strengthen compliance and trust.

K

Kysk

kysk.ee

0

SA Kodanikuühiskonna Sihtkapital (KÜSK) operates as a key non-profit organization in Estonia dedicated to supporting civil society, social innovation, and community development. Established in 2010, it provides grant funding and resources to NGOs and community initiatives, positioning itself as a central actor in Estonia's non-profit sector. The website reflects a professional and consistent brand presence with multilingual support and rich media content to engage its audience. Technically, the site is built on WordPress with a modern tech stack including SEO and analytics tools, delivering a good user experience with mobile optimization and accessibility features. Security posture is solid with HTTPS and some best practices, though it lacks explicit security policies and vulnerability disclosures. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the site is trustworthy and credible, with room for improvement in transparency and security documentation.

A

ACE Logistics Estonia AS

ace.ee

0

ACE Logistics Estonia AS is a medium-sized logistics company based in Estonia, specializing in multimodal transportation services including road, air, sea, and rail transport, as well as warehousing and customs clearance. The company operates primarily in the Baltic region and Europe, with subsidiaries in Latvia, Lithuania, and Ukraine, and is part of the ACE Logistics Group. The website reflects a professional and consistent brand image, supported by ISO 9001 and ISO 14001 certifications, indicating a commitment to quality and environmental management. The target audience includes businesses requiring comprehensive logistics solutions across multiple transport modes. Technically, the website is built on WordPress with modern plugins and frameworks such as Bootstrap and Slider Revolution, and it employs SEO best practices and cookie consent mechanisms to comply with GDPR. Security posture is generally good with HTTPS enforced and no visible critical vulnerabilities, though some plugins may require updates to mitigate known risks. Privacy compliance is strong, with clear privacy and cookie policies and consent management. Overall, the website presents a trustworthy and professional digital presence aligned with the company's business operations and market positioning.

The website www.heatit.ee is currently inaccessible, presenting only a minimal error message indicating an unexpected error. Due to the lack of accessible content, no metadata, forms, scripts, or contact information could be extracted or analyzed. This severely limits the ability to assess the company's business model, market position, or technical infrastructure. The absence of visible security headers, privacy policies, or cookie consent mechanisms suggests a low maturity in digital compliance and security posture. Without accessible content, the website's trustworthiness and professionalism cannot be established, resulting in a critical risk profile and low AI scoring.

N

NORDWOOD

nordwood.ee

0

NORDWOOD is a collaborative brand representing four wood industry companies based in Estonia, focusing on wood sawing, processing, and sales. The website provides basic information about the company, its products, employment opportunities, and certifications. The business targets customers and potential employees interested in the wood manufacturing sector. The domain is well-established since 2013 and registered with a reputable Estonian registrar, supporting the legitimacy of the business. Technically, the website is built on WordPress and uses common technologies such as jQuery and Google Fonts. It employs the Wordfence security plugin and has HTTPS enabled, indicating a baseline security posture. However, the site lacks advanced security headers and proper configuration of analytics tools. The website is moderately optimized for mobile and performance but has room for improvement in SEO and accessibility. From a security perspective, the site shows basic good practices like HTTPS and Wordfence usage but lacks visible privacy and cookie policies, security headers, and incident response information. No forms or contact emails were found, which limits user engagement and transparency. The absence of privacy compliance elements is a notable gap given GDPR requirements. Overall, the website is functional and moderately professional but requires enhancements in privacy compliance, security headers, and user contact options to improve trust and regulatory adherence. Strategic recommendations include implementing privacy and cookie policies, adding security headers, properly configuring analytics, and providing clear contact and incident response information.

P

Pinest AS

pinest.ee

0

Pinest AS is an Estonian manufacturing company founded in 2005 specializing in finger-jointed and laminated wood components. The company emphasizes flexibility in raw materials and production to serve large and medium-sized industrial clients, primarily using domestic pine wood. Their production facility is located in Himmaste village, Põlvamaa. The website reflects a professional and consistent brand presence with clear business and contact information, supported by recognized certifications such as FSC and PEFC. Technically, the site is built on WordPress with modern libraries and tools, including Google Analytics and Tag Manager for tracking, and uses SEO best practices via Yoast. Security posture is generally good with HTTPS enabled and secure forms, though some improvements are needed in script handling and security headers. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the website is trustworthy and well-positioned in its market segment.

U

UAB ITM Inkasso

itminkasso.lt

0

UAB ITM Inkasso is a Lithuanian debt collection and legal assistance company, established in 2019. The company offers a range of services including pre-litigation and litigation debt recovery, as well as legal consultations. It positions itself as a high-quality service provider with experienced specialists and a growing partner network across Lithuania and Estonia. The website is professionally designed, mobile responsive, and provides clear navigation, although it lacks published privacy, cookie, and terms of service policies. Technically, the site uses Bootstrap, jQuery, and Google Analytics for tracking, but does not show advanced security headers or explicit contact information. The domain registration data is consistent with the business claims, supporting legitimacy. Overall, the company appears credible but could improve transparency and compliance documentation.

E

e-Governance Academy

egovconference.ee

0

The e-Governance Conference 2025 website represents a well-established global event organized by the e-Governance Academy and supported by Estonian government entities. It targets digital governance leaders and practitioners worldwide, showcasing Estonia's leadership in digital transformation. The site is content-rich, professionally designed, and features high-profile speakers and partners, reinforcing its market position as a leading digital governance conference. Technically, the site uses WordPress with Elementor, integrates Vimeo for video content, and employs modern web technologies, delivering a good user experience with mobile optimization and SEO best practices. Security posture is solid with HTTPS and secure content embedding, though it lacks some security headers and formal policies. Privacy compliance is a notable gap, with no visible privacy or cookie policies, which should be addressed to meet GDPR requirements. Overall, the site is trustworthy and credible, but improvements in privacy and security transparency are recommended.

The website ttja.ee is currently inaccessible due to a Cloudflare Turnstile human verification challenge page that blocks access to actual content. As a result, no direct business information, policies, or contact details are available for analysis. The domain is registered with Zone Media OÜ since 2018, indicating a stable registration history consistent with an Estonian entity. The technical infrastructure includes Cloudflare security and analytics services, but no further technical or security details can be assessed due to content blocking. The security posture cannot be fully evaluated, and no privacy or compliance policies are visible. Overall, the site appears legitimate based on WHOIS data but lacks accessible content for a comprehensive assessment.

The website aki.ee is currently inaccessible beyond a Cloudflare Turnstile human verification challenge page, which blocks access to any substantive content. The domain is registered to Elkdata OÜ, an Estonian company, with a domain age of over a decade, indicating a stable registration history. However, due to the blocking mechanism, no business descriptions, contact information, or policy documents are available for review. The site leverages Cloudflare's security and analytics services, but no further technical or content details can be assessed. This limits the ability to evaluate the website's digital maturity or security posture comprehensively. From a security perspective, the presence of Cloudflare's challenge indicates an active defense against automated threats, but the lack of visible security headers or policies in the accessible content prevents a full security assessment. The WHOIS data suggests legitimacy and consistency with the domain's country of registration. Overall, the site appears to be protected by modern security infrastructure but lacks publicly accessible information for deeper analysis. Given the current state, the website's risk assessment is limited by the lack of accessible content. Strategic recommendations focus on enabling access for legitimate users and publishing essential compliance and contact information to improve trust and transparency.

The website omnivagroup.com is currently inaccessible beyond a Cloudflare security challenge page, indicating that the content is blocked by a Web Application Firewall (WAF) mechanism. Due to this, no substantive business information, contact details, or policies are publicly available. The domain is newly registered in 2023 with a reputable registrar, Ascio Technologies, Inc. Denmark branch, and is set to expire in 2033, which suggests a long-term intent but no visible operational history. The technical infrastructure relies on Cloudflare services for security and performance, including Turnstile captcha and challenge platform, but no further technology stack or CMS details are discernible. Security posture cannot be fully assessed due to lack of accessible content and headers, but the presence of Cloudflare indicates some baseline protection. Overall, the website's risk profile is elevated due to lack of transparency, absence of privacy and cookie policies, and no contact information, compounded by the content being blocked. Strategic recommendations include enabling public access to website content, publishing essential compliance policies, and enhancing security headers and SSL configurations.

V

Virumaa Muuseumid

virumaamuuseumid.ee

0

Virumaa Muuseumid is a regional museum network based in Estonia, focusing on cultural heritage and historical exhibitions in the Virumaa region. The website serves as an informational platform showcasing various museums such as Rakvere linnus and Palmse mõis, targeting visitors interested in history and culture. The organization appears to be a small-sized entity, likely government or non-profit, founded recently in 2022. The site is multilingual, supporting Estonian, English, Russian, and Finnish, enhancing accessibility for diverse audiences. Technically, the website is built on WordPress, utilizing common plugins like All in One SEO, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site is hosted by Zone Media OÜ, a known Estonian hosting provider. Performance and mobile optimization are good, with accessibility features implemented, including an accessibility toolbar. SEO practices are solid with proper meta tags and structured data. Security posture is adequate with HTTPS enabled and use of reCAPTCHA for forms. However, some security headers are missing, and DNSSEC is not enabled, which could be improved. Privacy compliance is strong, with a clear privacy policy, cookie consent banner, and GDPR adherence. Contact information is limited to a phone number and contact forms, with no public emails found. Overall, the website is professional, trustworthy, and serves its purpose well. Recommendations include enhancing security headers, enabling DNSSEC, and publishing explicit security and incident response policies to further strengthen trust and compliance.

E

Eesti Üliõpilaskondade Liit

isic.ee

0

ISIC Eesti is the official Estonian representative of the internationally recognized ISIC student and teacher card brand, operated by Eesti Üliõpilaskondade Liit since 1993. The website provides detailed information about ISIC cards, discounts, and partnerships with educational institutions and businesses. It targets students, teachers, and youth in Estonia, offering card issuance and related services. The site is built on a modern WordPress platform using Elementor and The7 theme, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers and incident response policies are absent. Privacy compliance is limited due to missing privacy and cookie policies. Contact information is clearly presented, including email, phone, and physical address, alongside active social media channels.

C

Confido

confido.ee

0

Confido is a prominent Estonian medical center offering over 2500 healthcare services including preventive care, primary and specialist medical services, surgical and rehabilitation treatments, and aesthetic medicine. The company operates multiple physical clinics across Estonia and provides digital health services such as a digital clinic and online booking. The website is multilingual, targeting Estonian, English, and Russian speakers, reflecting a broad target audience within Estonia. The business model focuses on comprehensive healthcare delivery with both in-person and digital service channels, positioning Confido as a leading private healthcare provider in the region. Technically, the website is built on WordPress with modern plugins like Yoast SEO and WPML for multilingual support. It uses popular JavaScript libraries such as jQuery, Fancybox, and Owl Carousel for enhanced user experience. The site integrates Google Tag Manager and Facebook Pixel for analytics and marketing, and employs a cookie consent mechanism via cookie-script.com, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, though accessibility features are basic. From a security perspective, the site enforces HTTPS with an excellent SSL configuration and uses asynchronous loading for tracking scripts to minimize performance impact. However, there is no explicit privacy policy, terms of service, or security policy pages found, nor any incident response or vulnerability disclosure information. Cookie consent is implemented, but GDPR compliance indicators are limited. No critical vulnerabilities or suspicious activities were detected in the content provided. Overall, Confido's website demonstrates a strong business presence with good technical implementation and a solid security posture, though improvements in privacy compliance documentation and security transparency are recommended. The domain registration details align well with the business claims, supporting high legitimacy and trustworthiness.

E

Eesti Füüsika Selts

fyysika.ee

0

FYYSIKA.EE is a specialized Estonian website operated by the Estonian Physical Society, focusing on physics, science, and technology news, seminars, and educational content. The site serves a niche audience of physics students, educators, and researchers primarily in Estonia. Technically, it is built on WordPress with a modern theme and uses standard web technologies such as jQuery and Google Fonts. The site is well-structured with semantic markup and schema.org data, enhancing SEO and accessibility. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies, which should be addressed to meet GDPR requirements. Overall, the site is professional and trustworthy but could improve in privacy transparency and security best practices.

E

Estonian Film Institute

filmi.ee

0

The Estonian Film Institute operates as a national cultural institution dedicated to supporting and promoting Estonian film production, distribution, and education. The website serves both film viewers and industry professionals, providing news, event information, and institutional details. The organization is well-established with a domain registered since 2014, consistent with its public presence. Technically, the website is built on a modern WordPress CMS platform with contemporary libraries such as Bootstrap and jQuery, ensuring a responsive and user-friendly experience. SEO practices are well implemented, and the site is mobile-optimized. However, some accessibility features could be improved. From a security perspective, the site uses HTTPS with good SSL configuration but lacks visible security headers and explicit privacy or cookie policies. There is no evidence of a vulnerability disclosure program or security contact channels, which could be areas for improvement. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and explicit contact information to improve user trust and regulatory adherence.

P

Põhjala Brewery

pohjalabeer.com

0

Põhjala Brewery is an established Estonian craft beer producer with a diverse portfolio of beers including lagers, IPAs, porters, and non-alcoholic options. The company leverages its heritage and local nature inspirations to create unique beer flavors, targeting craft beer enthusiasts and event attendees. The website reflects a medium-sized hospitality business with a professional and consistent brand presence. Technically, the website uses modern web technologies including jQuery, Google Tag Manager, and Facebook Pixel, with good mobile optimization and SEO practices. However, it lacks explicit privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enforced but missing DNSSEC and security headers. The domain registration is consistent and trustworthy, supporting the legitimacy of the business. Overall, the website is functional and professional but could improve privacy compliance and security hardening.

The analyzed website at thearcane.com/lander is currently a minimal placeholder or parking page with very limited content and no visible business information. The domain is registered since 2001 with eNom, LLC, indicating a long-standing registration, but the website itself does not reflect an active or mature business presence. The site loads minimal scripts related to advertising and parking services and lacks any metadata, structured data, or user interaction elements such as forms or contact details. Technically, the site uses JavaScript and React-based scripts hosted on WSIMG, but no CMS or advanced frameworks are detected. Security posture is weak due to lack of HTTPS confirmation, security headers, and privacy policies. No GDPR compliance or incident response information is present. Overall, the site appears inactive or under development, with low trust and professionalism indicators.

G

Geenius Meedia OÜ

geeniusmeedia.ee

0

Geenius Meedia OÜ is a medium-sized Estonian media company founded in 2018, operating multiple specialized online portals and magazines focused on technology, automotive, finance, health, real estate, and investment topics. The company positions itself as a fact-based, independent platform for expert authors and aims to serve a broad Estonian audience interested in these sectors. Their business model revolves around content creation, advertising sales, and subscription services. Technically, the website employs modern frontend technologies such as Bootstrap, jQuery, Chart.js, and integrates Google Analytics and Tag Manager for user tracking and analytics. The site is mobile-optimized with good navigation and content relevance. Security posture is strong with HTTPS enforced and cookie consent implemented, though some security headers are missing and no explicit vulnerability disclosure or security.txt is present. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

P

PG Inkasso OÜ

pginkasso.ee

0

PG Inkasso OÜ is an Estonian private company specializing in debt collection and legal consulting services. The company positions itself as one of the largest players in Estonia's debt recovery market, offering both extrajudicial and judicial debt collection, legal advice, and client consultation. Their business model focuses on providing convenient and professional debt recovery services supported by qualified specialists and auditor-controlled financial processes. The website content is professionally presented and targets Estonian businesses and debtors needing collection services. Technically, the website uses a modern tech stack including Bootstrap, jQuery, and Google Analytics, hosted behind Cloudflare DNS and nameservers. The site is mobile optimized and has good SEO practices but lacks advanced accessibility features. The domain is very new (registered in 2024) which contrasts with the company's claimed founding year (2010), suggesting a recent domain acquisition or rebranding. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, it lacks DNSSEC, security headers, and any visible privacy or cookie policies, which are important for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided. Tracking is implemented via Google Analytics and Tag Manager without a visible consent mechanism. Overall, the website is functional and professional but could improve significantly in privacy compliance, security best practices, and transparency. The domain registration is consistent with the business location but the new domain age is a point to consider. Strategic improvements in security policies, contact information visibility, and compliance documentation are recommended.

P

Palmako AS

construct.ee

0

Construct, operated by Palmako AS, is a specialized manufacturer of glued laminated timber products serving the construction industry with a focus on sustainability and quality. As part of the Lemeks Group, it benefits from a strong supply chain and international presence, exporting to over 30 countries. The website reflects a mature digital presence built on Drupal 10, with good mobile optimization and clear navigation. Privacy and cookie compliance are well implemented, supporting GDPR requirements. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. However, explicit security policies and incident response information are absent, which could be improved. Overall, the site projects professionalism and trustworthiness aligned with the company's market position.

The website www.imprest.ee is currently inaccessible, displaying only a minimal error message indicating an unexpected error. Due to the lack of accessible content, no metadata, business information, or technical details could be extracted. The absence of privacy, cookie, or terms of service policies, as well as contact information, limits the ability to assess compliance or business credibility. The technical infrastructure cannot be evaluated, and no security posture insights can be derived from the provided data. Overall, the site appears to be down or misconfigured, preventing a comprehensive analysis.

I

Integration Foundation

integrationconference.ee

0

The Integration Foundation operates an informational website promoting an international conference on integration scheduled for November 2025 in Tallinn, Estonia. The conference targets academics, policy-makers, and practitioners focused on integration challenges in Europe. The website serves as a platform to share event details, workshops, and research collaborations. Technically, the site is built on WordPress with a modern but basic tech stack including Bootstrap and jQuery, hosted likely by Zone Media OÜ in Estonia. The site is mobile optimized and presents content in multiple languages. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is limited to an email address and social media links. Overall, the site is professional but could improve in privacy and security transparency.

S

SA Kiusamisvaba Kool

kiusamisvaba.ee

0

SA Kiusamisvaba Kool is a well-established Estonian non-profit organization dedicated to preventing bullying in schools through the implementation of the KiVa anti-bullying program developed in Finland. The organization provides training, resources, and support to schools, parents, and communities, positioning itself as the official representative of the KiVa program in Estonia. The website reflects a professional and consistent brand presence with comprehensive content targeting educators, parents, and socially responsible entities. Technically, the site is built on WordPress with modern plugins and integrations, including WooCommerce for e-commerce and Edwiser Bridge for LMS functionalities. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the site demonstrates good digital maturity and trustworthiness.

W

Waldur

waldur.com

0

Waldur is a technology company specializing in an open-source hybrid cloud and HPC management platform. Their solution integrates private and public cloud resources, including OpenStack, AWS, and DigitalOcean, offering a self-service portal, billing, helpdesk, and marketplace functionalities. The company targets cloud service providers, enterprises, research institutions, and public sector organizations, positioning itself as a niche player with professional support services and a strong open-source community presence. The website content is well-structured, professionally designed, and provides comprehensive information about the product features, integrations, and documentation. Technically, the website uses a modern tech stack including ReactJS for the frontend, Jekyll for static site generation, and standard libraries like jQuery and Bootstrap. Hosting appears to be on AWS infrastructure. The site is mobile-optimized and SEO-friendly with proper meta tags and structured data. Analytics are implemented via Google Analytics and Google Tag Manager, though privacy compliance mechanisms such as cookie consent banners are missing. From a security perspective, the site enforces HTTPS and does not expose sensitive data or vulnerable libraries. However, it lacks important security headers and does not publish security policies or incident response contacts. The WHOIS data shows a consistent and long-term domain registration with no privacy protection, supporting legitimacy. Overall, the security posture is moderate but could be improved with better policy disclosures and technical hardening. The overall risk is low to moderate. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, adding security headers, publishing incident response and vulnerability disclosure information, and enabling DNSSEC for domain security. These steps will enhance trust, compliance, and security posture, supporting Waldur's professional market positioning.

O

OpenSpeedTest™

openspeedtest.com

0

OpenSpeedTest™ is a technology-focused company providing a free, open-source HTML5 internet speed testing tool accessible via any modern web browser without requiring plugins like Flash or Java. Established in 2013, the company targets a broad audience including individual internet users, website and app owners, and enterprise infrastructure operators. Their business model centers on offering free tools supported by advertising and self-hosted deployment options. The website demonstrates a mature technical infrastructure leveraging modern web standards, Google analytics and advertising services, and a reliable CDN provider (Cachefly) to ensure fast and responsive user experiences across devices. Security posture is strong with HTTPS enforcement, comprehensive security headers, and no visible vulnerabilities. Privacy compliance is robust, featuring a detailed consent management platform aligned with GDPR requirements. However, the site lacks explicit Terms of Service and incident response contact details, which could enhance trust and compliance. Overall, OpenSpeedTest™ presents a professional, trustworthy, and technically sound online presence with room for improvement in formal policy disclosures and direct contact information.

I

INHUS

inhus.eu

0

INHUS is a Lithuanian-based construction and manufacturing company specializing in precast reinforced concrete building structures, operating primarily in Lithuania and Northern Europe. The company follows a design-build business model integrating design, production, and construction services. Their website presents a professional portfolio of projects and maintains a consistent brand image across multiple subsidiary domains. Technically, the website uses modern web technologies including Google Tag Manager and Google Analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and formal policies are missing. Overall, the site is trustworthy and well-maintained, supporting INHUS's market position as a regional player in the construction sector.

A

Adbangs Technologies

adbangs.com

0

Adbangs Technologies is a digital marketing and web development company based in Bangalore, India, founded in 2016. The company offers a broad range of services including responsive web design, dynamic website development, WordPress development, digital marketing services such as PPC advertising and social media marketing, business branding, and e-commerce development across multiple platforms. Positioned as a professional and affordable service provider, Adbangs targets small to medium businesses seeking comprehensive digital solutions. Technically, the website is built on WordPress using WPBakery Page Builder, integrates Google Analytics and Adsense for tracking and monetization, and uses Cloudflare for DNS services. The site is mobile optimized with good SEO practices but lacks explicit privacy and cookie policies, which impacts privacy compliance. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Overall, the domain registration is consistent and legitimate, supporting business credibility. Recommendations include implementing privacy and cookie policies, enhancing security headers, and enabling DNSSEC to improve trust and compliance.

Communications Test Design India Pvt. Ltd. (CTDI India) is a large, established subsidiary of the global company Communications Test Design Inc., specializing in repair, engineering, and logistics services primarily for telecom carriers, cable companies, and OEMs. The company operates multiple facilities in India and worldwide, serving a broad target audience in telecommunications and related technology sectors. The website reflects a professional and consistent brand presence with clear business information and service offerings. Technically, the site uses modern frontend technologies such as Bootstrap, jQuery, and Axios, providing a responsive and user-friendly experience. However, the site lacks explicit privacy and cookie policies, which impacts compliance and user trust. Security posture is moderate with HTTPS enforced and CSRF tokens present, but missing security headers and vulnerability disclosure mechanisms are notable gaps. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

G

Glimstedt

glimstedt.lv

0

Glimstedt is a well-established full-service sworn law firm specializing in business law, with a history dating back to 1935. The firm serves a diverse clientele including large foreign capital companies, medium and small enterprises, and private individuals. With 14 offices in Sweden and 3 in the Baltic states, Glimstedt operates an international team of 250 professionals, emphasizing collaboration and excellence. The website reflects this professional positioning with clear branding and relevant business content. Technically, the website is built on WordPress and uses modern JavaScript libraries such as jQuery and Modernizr. The site is mobile-optimized and performs moderately well, with proper SEO meta tags and Open Graph data. However, accessibility features are basic and could be improved. The site uses HTTPS with a good SSL configuration but lacks explicit security headers and visible privacy or cookie policies. From a security perspective, the site shows a good baseline with HTTPS and no exposed sensitive data. However, the absence of security headers, privacy policies, cookie consent mechanisms, and vulnerability disclosure information indicates room for improvement in compliance and security posture. No critical vulnerabilities or WAF blocking were detected, suggesting a stable but improvable security environment. Overall, the website is professional and trustworthy, reflecting the firm's reputable market position. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, publishing incident response and vulnerability disclosure information, and enhancing accessibility and compliance features to strengthen trust and security posture.

A

Advokatfirman Glimstedt

glimstedt.se

0

Advokatfirman Glimstedt is a well-established full-service law firm founded in 1935, specializing in business law and serving primarily large and medium-sized Swedish and international companies. The firm operates across 17 offices in Sweden and the Baltics with over 200 employees, positioning itself as one of the largest law firms in the region. Their website reflects a professional and modern digital presence, built on WordPress with integration of Google Tag Manager and Cookiebot for privacy compliance. The site is well-structured, mobile-optimized, and SEO-friendly, providing comprehensive legal content and news updates. Security-wise, the site enforces HTTPS and implements a robust cookie consent mechanism, though additional HTTP security headers could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a mature digital infrastructure aligned with the firm's market position and compliance requirements.

O

Orpetron

orpetron.com

0

Orpetron is a specialized online platform established in 2020 that honors outstanding web design projects globally. It serves as a source of inspiration for web designers and creative professionals by showcasing award-winning websites. The platform operates on WordPress with a modern tech stack including Elementor, WooCommerce, and various marketing and analytics tools. The website demonstrates good design quality, mobile optimization, and SEO practices, positioning itself as a niche authority in the web design awards space. Security posture is adequate with HTTPS and some security headers, though DNSSEC is not enabled and advanced security policies are not disclosed. Privacy compliance is weak due to the absence of explicit privacy and cookie policies or consent mechanisms. Overall, Orpetron presents a credible and professional business with room for improvement in privacy and security transparency.

B

Blind Android Users Podcast

blindandroidusers.com

0

Blind Android Users Podcast is a niche media platform dedicated to providing podcast content focused on Android accessibility for blind and visually impaired users. The website hosts a podcast player with multiple recent episodes and links to popular podcast platforms such as Spotify, Amazon Music, and Apple Podcasts. The target audience is primarily blind Android users and accessibility advocates. The business model revolves around content creation and community engagement, supported by donations and social media presence. Technically, the website is built on WordPress using modern plugins including Podcast Player, Gutenberg blocks, and performance optimizations via WP Rocket. It employs HTTPS with good SSL configuration and integrates Google Tag Manager for analytics. The site is mobile-optimized and accessible, with good SEO practices evident from meta tags and structured data. However, no hosting provider or domain registration details are available, raising questions about domain legitimacy. From a security perspective, the site uses HTTPS but lacks important security headers and does not provide privacy, cookie, or terms of service policies, which are critical for compliance and user trust. No incident response or vulnerability disclosure information is present. The absence of WHOIS data for the domain is a significant concern, suggesting either a very new or unregistered domain, or use of privacy protection that is not reflected in the WHOIS query results. Overall, the website presents professional content and a good user experience but requires improvements in transparency, compliance, and security best practices. The domain legitimacy should be verified to ensure trustworthiness.

L

Liviko

liviko.eu

0

Liviko is a well-established international group specializing in premium alcoholic beverages, with a strong market presence in the Baltic region and distribution across 60 markets. The company offers a range of services including distillery tours, production, export, and brand representation. Their website reflects a mature digital presence built on WordPress with modern SEO and privacy compliance tools. The technical infrastructure is solid, leveraging popular plugins and analytics services, and the site is mobile-optimized with good user experience. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a professional and trustworthy online presence consistent with the company's business stature.

S

Specialist VC

specialist.vc

0

Specialist VC is a venture capital fund focused on supporting early-stage technology startups primarily in Estonia, Latvia, Lithuania, Finland, Ukraine, and Belarus. The fund invests mainly in pre-seed to Series A rounds, with occasional secondary investments in later rounds. Their portfolio includes over 60 companies, many of which are recognized regional tech leaders. The website presents a professional and consistent brand image, with detailed team bios and clear contact information, positioning Specialist VC as a credible and established player in the regional VC ecosystem. Technically, the website is built on WordPress with modern plugins such as Rank Math for SEO and uses jQuery and Splide.js for interactive elements. The site is mobile-optimized and performs moderately well, with good SEO practices and accessibility features. HTTPS is enforced, ensuring secure communications. From a security perspective, the site has a solid SSL configuration but lacks some security headers and does not provide a vulnerability disclosure or incident response contact. Privacy compliance is partial, with an ESG policy page but no dedicated privacy or cookie policy pages, nor cookie consent mechanisms. Contact information is comprehensive, including multiple team emails and phone numbers. Overall, Specialist VC's website reflects a mature business with a strong market position and good technical implementation. However, improvements in privacy compliance and security best practices would enhance trust and regulatory adherence.

T

Telia Eesti AS

keila.ee

0

Keila.ee is the official municipal website for the city of Keila, Estonia, providing residents and visitors with comprehensive information about city services, news, events, and contact details. The website is managed under the domain registered by Telia Eesti AS since 2010, indicating a stable and legitimate online presence. The site targets local citizens and tourists, offering resources such as job postings, municipal announcements, and tourism information. Technically, the site is built on WordPress with Elementor and Ova Framework plugins, leveraging modern web technologies like Bootstrap and FontAwesome for design and functionality. The website demonstrates good mobile optimization and accessibility features, ensuring usability across devices.

Z

Zone Media OÜ

kooliraamatukogud.ee

0

The website kooliraamatukogud.ee serves as a digital catalog platform named RIKSWEB for Estonian school libraries, enabling users to search library collections, view item statuses, and access news literature and events. It targets educational institutions in Estonia, providing a niche service that supports library management and user engagement. The platform is operated by Zone Media OÜ, a known Estonian registrar and hosting provider, which aligns with the website's regional and sector focus. Technically, the website employs a modern yet simple technology stack including jQuery and Google Fonts, with multiple CSS stylesheets for styling and responsive design. The site is mobile-optimized and offers a clear navigation structure, although SEO optimization is minimal. No CMS or advanced frameworks are detected, indicating a custom or lightweight solution. Performance is moderate, with no evident blocking or WAF interference. From a security perspective, the site uses HTTPS and avoids exposing sensitive data or vulnerable libraries. However, it lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is available, and no contact details for security matters are provided. These gaps reduce the overall security posture and privacy compliance. Overall, the website is functional and professionally presented for its educational purpose but requires improvements in privacy compliance, security best practices, and contact transparency to enhance trust and regulatory adherence.

H

Harju Maakonnaraamatukogu

keilaraamatukogu.ee

0

Harju Maakonnaraamatukogu is a regional public library serving Harju County in Estonia, providing a range of library services including book lending, children's services, local history resources, and event hosting. The website targets local residents and library users, offering information and access to library resources and services. The business operates as a public institution with a focus on education and cultural enrichment. Technically, the website is built on WordPress using Elementor and Bootstrap frameworks, hosted under a reputable Estonian registrar. The site is mobile-optimized, accessible, and uses HTTPS for secure communication. Security posture is generally good with no visible vulnerabilities or exposed sensitive data, but lacks explicit security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

K

Keila Muusikakool

keilamuusikakool.ee

0

Keila Muusikakool is a small local music school based in Keila, Estonia, providing music education services primarily to students and parents in the local community. The website offers detailed information about competitions, study programs, schedules, events, and pricing. The business operates with a clear focus on education and community engagement. Technically, the website is built on WordPress using Elementor, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal policies such as privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the site is functional and professional but could improve in privacy compliance and security best practices.

T

Tervise Arengu Instituut

terviseinfo.ee

0

Terviseinfo.ee is a well-established Estonian health information portal managed by the Tervise Arengu Instituut, a government-affiliated health development institute. The website provides comprehensive health promotion content, news, and educational resources targeted primarily at health promotion specialists and the general public. It covers a broad range of health topics including alcohol, HIV/AIDS, nutrition, mental health, and more, positioning itself as a trusted national resource for health information. Technically, the site is built on Joomla CMS and utilizes common JavaScript libraries such as MooTools and jQuery, along with Google Fonts and Google Analytics for tracking. The site is served over HTTPS, ensuring secure communication, and includes CSRF tokens in forms to protect against cross-site request forgery. However, it lacks explicit security headers like Content-Security-Policy and HSTS, and does not have a visible cookie consent mechanism or privacy policy page, which are important for GDPR compliance. From a security perspective, the website demonstrates a moderate security posture with secure form handling and HTTPS usage but could improve by implementing additional HTTP security headers and publishing clear privacy and cookie policies. No WAF or blocking mechanisms were detected, and the site content is fully accessible. The WHOIS data aligns well with the website's governmental health mission, showing a consistent and legitimate registration since 2011. Overall, the website is professional, trustworthy, and serves its public health mission effectively, but should enhance privacy compliance and security headers to strengthen its security posture and regulatory adherence.

P

Playversity

playversity.co

0

Playversity is an educational platform focused on transforming teaching through game-based learning. The website offers games, resources, learning opportunities, and programs for trainers, targeting educators and learners interested in innovative educational methods. The business is relatively new, founded in 2021, and operates primarily online with a small organizational size. The platform maintains a professional and consistent brand presence with good content quality and clear navigation. Technically, the site is built on WordPress using Elementor and several addons, hosted on HostGator. The infrastructure is modern and supports mobile responsiveness and SEO best practices. Performance is moderate, with room for improvement in accessibility and security headers. The site uses HTTPS and domain registration includes protective EPP locks, but DNSSEC is not enabled. From a security perspective, the site has a good baseline with HTTPS and domain protections but lacks critical security headers and privacy compliance documents such as privacy and cookie policies. No forms or data collection mechanisms were detected on the homepage, reducing immediate data protection concerns. The WHOIS data shows privacy protection for the registrant, which is reasonable for this business type. Overall, the website is functional and professional but should improve privacy compliance and security posture to enhance trust and regulatory adherence.

H

HUUM

huum.de

0

HUUM is a medium-sized manufacturing company specializing in sauna stoves and innovative sauna control systems, combining traditional Estonian sauna knowledge with modern Nordic design and technology. The company maintains a strong international presence with multiple regional domains targeting different markets including Germany, Estonia, Europe, the US, and Japan. The website is built on WordPress with performance optimizations and includes structured data for SEO enhancement. Privacy compliance is well addressed through Cookiebot, providing a comprehensive cookie consent mechanism and linking to a detailed privacy policy. However, explicit contact information and terms of service are not readily found on the homepage, which could be improved for better user trust and compliance.

H

Hubert Inglin Transporte AG

inglintransporte.ch

0

Hubert Inglin Transporte AG is a Swiss transportation company specializing in transport, crane, and grapple services, serving trades such as carpenters, gardeners, metal and steel builders, and roofers. The company has over 30 years of experience, positioning itself as a reliable partner in the transportation sector. Their website provides detailed descriptions of their services and equipment, targeting businesses and professionals needing specialized transport and crane operations. Technically, the website is built using Incomedia WebSite X5 Evo CMS and employs common JavaScript libraries like jQuery and Anime.js. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. Security-wise, the website lacks visible security headers and does not enforce cookie consent mechanisms, which are important for GDPR compliance. No incident response or security contact information is provided, indicating room for improvement in security posture. Overall, the website is professional and credible but could enhance its security and privacy compliance to better protect users and build trust.