Security Directory

D

DIRECT INVEST

directinvest.ee

0

Direct Invest Group is a well-established commercial real estate investment company operating primarily in Estonia and Latvia since 2009. The company focuses on investing in shopping centers, office buildings, and development projects, with a portfolio nearing 100 million euros and serving approximately 100 tenants. Their Navigator building holds a prestigious LEED Gold certification, highlighting their commitment to sustainable development. The website reflects a professional digital presence built on WordPress with Elementor, optimized for SEO and mobile devices. Security posture is solid with HTTPS enabled and no visible sensitive data exposure, though security headers and incident response information are lacking. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the site is trustworthy and credible but would benefit from enhanced privacy and security disclosures.

B

BDA Consulting OÜ

bda.ee

0

BDA Consulting OÜ is an Estonian network-based training and consulting company specializing in delivering training, development, consulting projects, service design, and strategic consulting. The company leverages a network of over 200 recognized experts to serve its clients, positioning itself uniquely in the Estonian market. The website is professionally designed using the Wix platform, featuring structured data that enhances SEO and business information visibility. The technical infrastructure is modern and includes common analytics and tracking tools such as Google Analytics, Facebook Pixel, and Inspectlet, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and some JavaScript hardening, but lacks explicit security headers and visible privacy or cookie policies, which are areas for improvement. Overall, the website presents a trustworthy business presence with room to enhance privacy compliance and security transparency.

The analyzed content corresponds to a Chrome internal error page (chrome-error://chromewebdata/) which serves as a placeholder when a website is not accessible or fails to load. This page contains no actual business or website content, only embedded JavaScript and styles for the Chrome offline dinosaur game. Consequently, no business information, contact details, privacy policies, or security policies are present. The technical infrastructure is limited to client-side scripts related to the game, with no server-side or hosting information available. Security posture cannot be properly assessed due to the absence of real website content and security headers. Overall, this page does not represent a legitimate website but an error state within the browser, resulting in a very low trust and credibility score.

P

Powerhouse OÜ

powerhouse.ee

0

Powerhouse OÜ is a well-established communications agency based in Estonia with nearly 25 years of experience. The company specializes in public and internal communications, government relations, process management, event organization, and managing communication channels. Their market position is that of a trusted regional player with a versatile team and a strong focus on client relationships. The website reflects a professional and consistent brand image with clear contact information and expert profiles. Technically, the website uses a modern but straightforward technology stack including jQuery, Bootstrap 4, Google reCAPTCHA, and the Voog CMS platform. The site is mobile-optimized and performs moderately well, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA for form protection, but lacks advanced security headers such as Content-Security-Policy and HSTS. No privacy or cookie policies are present, indicating gaps in GDPR compliance. No incident response or vulnerability disclosure information is provided, which could be improved to enhance trust. Overall, the website is functional, professional, and trustworthy but would benefit from enhanced privacy compliance and security hardening to align with best practices and regulatory requirements.

B

Baltic Industrial OÜ

balticindustrial.com

0

Baltic Industrial OÜ is an established service provider in the Baltic region specializing in repair, diagnostics, and maintenance solutions primarily for the energy sector. With over 20 years of experience and a professional team, the company positions itself as a trusted partner for businesses requiring comprehensive industrial maintenance services. The website reflects this positioning with clear business descriptions and a professional design, targeting companies in need of industrial repair and maintenance in Estonia and neighboring countries. Technically, the website is built on WordPress using the Elementor page builder, incorporating modern web technologies such as jQuery and Google Tag Manager for analytics. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Hosting details are not explicitly disclosed, but DNS servers suggest regional hosting providers. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protections enabled. However, it lacks DNSSEC and important security headers, and no explicit security or incident response policies are published. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms, which could pose compliance risks under GDPR. Overall, Baltic Industrial demonstrates a solid business and technical foundation but should prioritize enhancing privacy compliance and security best practices to reduce risk and improve trustworthiness. Strategic improvements in these areas will strengthen their digital maturity and regulatory adherence.

The domain reales.com is registered since 2003 with GoDaddy.com, LLC and is not privacy protected, indicating a legitimate registration. However, the website is currently non-functional, returning a 404 Not Found error due to missing website configuration on the AWS S3 bucket hosting it. There is no accessible content, metadata, or business information available on the site. The lack of privacy policies, contact information, and security headers indicates a very low digital maturity and poor security posture. No HTTPS or SSL configuration details were provided, which is a critical security concern. Overall, the website is not operational and provides no value or trust signals to visitors.

B

Baltic Rail AS

balticrail.com

0

Baltic Rail AS is a medium-sized transportation company specializing in container-train operations and intermodal rail services primarily in the Baltic Adriatic Rail Corridor. Established in 2008 and owned by the Rail World Group, it operates container terminals and warehousing facilities in Estonia and Poland, serving key locations such as Wroclaw, Katowice, Ostrava, and Koper. The company targets businesses requiring efficient rail freight and logistics solutions in Central and Eastern Europe. The website reflects a professional and consistent brand image with clear service offerings and active news updates, indicating ongoing operations and market presence. Technically, the website is built on WordPress with a modern tech stack including Bootstrap and jQuery, and employs Google reCAPTCHA v3 for form security. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. However, some security best practices such as security headers are missing, and no privacy or cookie policies are published, which impacts compliance. Security posture is generally good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data for the domain is a notable concern, as it conflicts with the business history claimed and may indicate domain registration issues. Overall, the site is trustworthy but would benefit from improved transparency and security documentation. Strategic recommendations include implementing security headers, publishing privacy and cookie policies, adding a vulnerability disclosure policy, and resolving WHOIS registration inconsistencies to enhance trust and compliance.

L

Laomaailm

laomaailm.ee

0

Laomaailm is an established Estonian company specializing in warehouse and industrial storage solutions with over 30 years of market presence. The company offers a broad range of products including shelving, lifting equipment, industrial stairs, and rental services, targeting B2B customers in manufacturing and logistics sectors. The website reflects a mature business with consistent branding and multilingual support, indicating a focus on regional and international clients. Technically, the site is built on WordPress with WooCommerce and enhanced by popular plugins such as Yoast SEO and WPML for multilingual capabilities. The infrastructure includes Google Tag Manager and Analytics for tracking, and the site is secured with HTTPS and cookie consent mechanisms, demonstrating compliance with GDPR requirements. Security posture is solid but could be improved by adding explicit security headers and incident response information. Overall, the website is professional, user-friendly, and trustworthy, supporting the company's market position and business credibility.

The website rtk.ee is currently inaccessible due to a Cloudflare security challenge page employing Turnstile captcha, which blocks access to the actual site content. This prevents extraction of meaningful business, security, or compliance information from the site. The domain is registered since 2012 with Zone Media OÜ, an Estonian registrar, indicating a stable and legitimate registration. The site uses Cloudflare services for security and performance, but no direct content or metadata is available for analysis. Due to the blocking, the technical maturity, security posture, and privacy compliance cannot be assessed accurately. The overall risk is elevated due to lack of accessible information, and further analysis requires bypassing the WAF challenge or direct access to the site.

The website unap.ro is currently inaccessible due to a firewall policy restriction, presenting an 'Access Denied' message with no accessible business content or contact information. The domain is registered since 2003 with a consistent registration history but lacks DNSSEC and detailed registrant information. Due to the blocking, no technical or business content can be analyzed, resulting in a low overall assessment score. The lack of privacy, cookie, and terms policies, as well as absence of contact details, further limits the evaluation. The website's security posture cannot be assessed beyond the indication of blocking, which suggests active security controls are in place but also restricts transparency. It is recommended to contact the site administrators or security team for further access or information.

A

AMIT Baltic

amit.lv

0

AMIT Baltic operates as a software provider specializing in dealer management systems (DMS) for the automotive industry, primarily targeting auto dealers and related businesses in the Baltic region. Their flagship product, AutoMaster, is positioned as a trusted solution recommended by auto manufacturers and importers, serving a medium-sized market with a focus on resource management and process optimization. The website reflects a professional presence with clear branding and client endorsements from major automotive brands, indicating a solid market position. Technically, the website employs legacy technologies such as jQuery 1.8.2 and bxSlider, alongside Google Analytics for user tracking. While the site is accessible and moderately optimized for performance and SEO, mobile optimization and accessibility are basic. The absence of modern frameworks or CMS suggests a relatively simple technical infrastructure. Hosting and domain registration appear consistent and legitimate, with no blocking or WAF interference detected. From a security perspective, the site lacks visible security headers and uses an outdated JavaScript library, which could expose it to vulnerabilities. There is no evidence of HTTPS enforcement or advanced security policies. Privacy compliance is weak, with no privacy or cookie policies found, and no consent mechanisms for tracking, which poses regulatory risks under GDPR. Contact information is comprehensive and clearly presented, enhancing business credibility. Overall, the website scores moderately well but requires improvements in privacy compliance, security hardening, and modernization of its technical stack to reduce risks and enhance trustworthiness. Strategic recommendations include implementing privacy and cookie policies, upgrading JavaScript libraries, adding security headers, and enforcing HTTPS to strengthen the security posture and regulatory compliance.

E

eHost OÜ

ettevotja.ee

0

Aktiva.ee is an Estonian business information portal focused on supporting entrepreneurs at various stages including startups, operating companies, and those expanding internationally. The site provides practical guides, legal and accounting information, marketing advice, and resources to help businesses succeed. It targets Estonian-speaking entrepreneurs and small businesses, positioning itself as a trusted informational gateway in the local business ecosystem. The website is built on WordPress, uses modern web technologies including Google Analytics and reCAPTCHA, and is hosted with reputable providers including Cloudflare for DNS and eHost OÜ as registrar. The site is well-structured with clear navigation and good mobile optimization, though it lacks explicit privacy and cookie policies which impacts compliance. Security posture is solid with HTTPS and anti-bot measures, but could be improved with additional security headers and published policies. Overall, the site is a credible, small-scale business resource with room for enhanced privacy and security transparency.

L

Levstal Group

levstal.com

0

Levstal Group is a well-established Estonian company specializing in steel structures, metal engineering, and marine infrastructure services. With over three decades of experience, the company serves a broad European industrial client base, delivering high-quality fabrication and engineering solutions. Their business model focuses on B2B project-based contracts with a strong emphasis on quality and compliance, supported by multiple industry certifications. Technically, the website is built on WordPress with modern JavaScript libraries and analytics tools, demonstrating a mature digital presence with good SEO and mobile optimization. Security posture is solid with HTTPS enforced and clientTransferProhibited domain status, though improvements can be made by enabling DNSSEC and adding security headers. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, Levstal Group presents a professional, trustworthy, and technically sound online presence aligned with their business operations.

The website onac-vg.fr is currently inaccessible due to a security mechanism that blocks all content, displaying only an 'Attack detected' message. This prevents any meaningful analysis of the site's business offerings, technical infrastructure, or security posture. The domain is registered with a French registrar since 2010, indicating an established presence, but no accessible content or contact information is available to verify the business details or services. The lack of metadata, forms, or external links further limits insight into the website's operations. Technically, the site shows no evidence of modern frameworks, CMS, or analytics tools due to the blocking. Security-wise, the absence of visible HTTPS or security headers and the presence of a generic blocking page suggest a protective WAF is in place, but no further security best practices can be confirmed. Overall, the site scores very low on content quality, technical implementation, security posture, privacy compliance, and business credibility due to the blocking. Strategic recommendations include enabling HTTPS, publishing clear privacy and cookie policies, providing contact and incident response information, and improving transparency to build trust.

H

HansaLaw

hansalaw.ee

0

HansaLaw is an internationally recognized legal and tax advisory firm with over 10 years of experience, operating primarily in the Baltic region with offices in Tallinn, Riga, and Vilnius. The firm offers comprehensive legal consulting and conflict resolution services tailored to clients seeking expert legal advice. The website is built on WordPress using the Avada theme, incorporating modern web technologies and third-party marketing and analytics tools such as Google Analytics, Facebook Pixel, and Adform tracking. The site is well-designed, mobile-optimized, and provides clear navigation, although it lacks explicit privacy and cookie policies, which impacts its privacy compliance rating. Security posture is adequate with HTTPS enabled and good SSL configuration, but could be improved by enabling DNSSEC and adding security headers. No WAF or blocking mechanisms were detected, and the domain registration data is consistent with the business claims, supporting legitimacy.

N

Nuare Studio

nuarestudio.com

0

Nuare Studio is a specialized art outsourcing and software development company established in 2006, serving the video game and movie industries. The company offers a broad range of creative services including 2D and 3D art, animation, VFX, and IT development such as mobile and web applications. Their market position is supported by collaborations with prominent clients and a portfolio of major projects. Technically, the website is built on WordPress with modern plugins and SEO tools, delivering a good user experience with mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled and domain locks in place, though DNSSEC is not enabled and security headers are missing. Privacy compliance is lacking as no privacy or cookie policies are found, which is a notable gap. Overall, the business credibility is high with clear contact information and trust signals like testimonials and client logos. Strategic improvements in privacy compliance and DNS security would enhance their security and trust profile.

Theptrgroup.com is a domain registered since 2000 with NameCheap, Inc. as the registrar and protected by Cloudflare DNS services. However, the website is currently inaccessible due to a Cloudflare 523 error indicating the origin server is unreachable. This prevents any content from being served to visitors, resulting in a lack of visible business information, contact details, or policies. The website title reflects the error state rather than business branding. The absence of content and metadata limits the ability to assess the company's market position, services, or target audience. Technically, the site uses Cloudflare as a CDN and DNS provider but lacks DNSSEC and security headers, which are recommended for improved security. The domain registration is consistent and long-standing, but the current unavailability severely impacts trust and credibility. Security posture is weak due to the origin server issue, and privacy compliance cannot be evaluated due to missing policies.

T

Tritech OÜ

tritech.ee

0

Tritech OÜ is a small Estonian manufacturing company specializing in mechanical engineering and CNC machining services, established in 2012. The company offers a range of services including mechanical engineering design, CNC turning and milling, product assembly, and customized mechanical solutions. Their target audience is industrial companies seeking high-quality machined parts and assembly services. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website is built on WordPress with WooCommerce for e-commerce capabilities, using modern tools such as Google Analytics and Facebook Pixel for marketing and tracking. The site is mobile-optimized and SEO-friendly, though performance is moderate. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but lacks explicit security headers and formal security policies. Overall, the security posture is solid but could be improved by adding cookie consent mechanisms, security policies, and vulnerability disclosure information. The domain registration is consistent with the business claims, enhancing trustworthiness. Strategic recommendations include enhancing privacy compliance and security transparency to further build customer trust and regulatory adherence.