Security Directory

D

Diivaniparadiis

paradiis.ee

0

Diivaniparadiis is a well-established Estonian furniture retailer operating since 1998, offering a wide range of home and office furniture through both online and physical stores. The website reflects a mature e-commerce platform with clear navigation, product listings, and customer account management features. The business targets Estonian consumers seeking quality furniture and home decor products. The domain age and WHOIS data align with the company's market presence, reinforcing its legitimacy. Technically, the website employs modern JavaScript libraries such as Swiper.js for sliders, Fancybox for image galleries, and integrates marketing tools like Google Tag Manager and Facebook Pixel for analytics and advertising. The presence of CSRF tokens and HTTPS indicates a reasonable security posture, although some security headers could be improved. Mobile optimization and SEO practices are adequately implemented, providing a good user experience across devices. Security-wise, the site uses HTTPS with a good SSL configuration and includes CSRF protection in forms. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in security transparency and compliance. Privacy compliance is basic but includes a cookie consent banner and a privacy policy page in Estonian. Overall, Diivaniparadiis presents a trustworthy and professional online presence with solid business credibility and technical implementation. Strategic enhancements in security policies, accessibility, and legal documentation would further strengthen its compliance and user trust.

E

eHost OÜ

aksohaus.ee

0

Investor.ee is a small Estonian educational website focused on providing practical advice and information about investing, portfolio management, risk management, and financial knowledge. The site targets individuals and organizations interested in growing their capital through various investment strategies. The business operates primarily as a content and informational platform, with a niche focus on the Estonian-speaking investment community. The domain is registered to eHost OÜ since 2019, consistent with the website's scope and scale. Technically, the website is built on WordPress using a modern theme and standard libraries such as Bootstrap, jQuery, and FontAwesome. It integrates Google Tag Manager for analytics and Google reCAPTCHA v3 for spam protection on forms. The site is hosted behind Cloudflare DNS and uses HTTPS, ensuring secure communication. Mobile optimization and SEO practices are good, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms. However, it lacks explicit security headers like Content-Security-Policy and X-Frame-Options, and does not publish privacy or cookie policies, which are critical for GDPR compliance. No incident response or security policy information is available. External links are configured to open in new windows with noopener for security. Overall, the website is functional, professionally designed, and provides relevant content for its audience. The main risks relate to privacy compliance gaps and missing security headers. Strategic improvements in these areas would enhance trust and regulatory adherence.

M

Manimal OÜ

manimaldesign.com

0

Manimal OÜ is a small Estonian digital media and design studio specializing in web design, SEO, and social media services. Founded in 2016, the company targets local businesses and individuals seeking creative digital solutions. The website reflects a professional and consistent brand image with a clear portfolio and client references. Technically, the site is built on WordPress with modern plugins such as Elementor and WooCommerce, and includes tracking via Google Analytics and Facebook Pixel. Security measures include HTTPS and Google reCAPTCHA on the contact form, but lack advanced security headers and explicit privacy or cookie policies. Overall, the site is functional and credible but would benefit from enhanced privacy compliance and security hardening.

T

Tallinna Tehnikakõrgkool

tktk.ee

0

Tallinna Tehnikakõrgkool is a reputable higher education institution in Estonia specializing in technical and engineering education. The website serves multiple audiences including prospective and current students, continuing education learners, and business partners. It offers comprehensive information on study programs, admissions, continuing education, and institutional news. The institution maintains a solid market position as a key technical education provider in Estonia. Technically, the website is built on WordPress using the Elementor page builder, enhanced with Yoast SEO and Usercentrics for GDPR-compliant cookie management. It integrates analytics and marketing tools such as Google Analytics, Facebook Pixel, and a chat widget, indicating a mature digital infrastructure. The site is mobile-optimized and demonstrates good SEO and accessibility practices. From a security perspective, the site enforces HTTPS and uses a consent management platform, but lacks explicit security headers like Content-Security-Policy and does not publicly disclose security policies or incident response procedures. No vulnerability disclosure or security.txt file is present, which could be improved to enhance transparency and trust. Overall, the website is professional, trustworthy, and well-maintained, with moderate to good scores in content quality, technical implementation, and security posture. Strategic improvements in security headers, privacy policy publication, and incident response transparency are recommended to further strengthen compliance and security maturity.

M

Morek Group

morek.eu

0

Morek Group is a medium-sized Estonian company specializing in manufacturing and distributing high-quality electrical components and electric vehicle charging solutions. With 20 years of industry experience, Morek positions itself as a trusted partner in the energy and transportation sectors, focusing on infrastructure development for electricity and electric cars. The company targets electrical industry professionals and infrastructure developers across Europe, supported by multilingual website content and a clear product catalog. Technically, the website is built on WordPress with modern JavaScript integrations, including Google Tag Manager and Facebook Pixel for analytics and marketing. The site demonstrates good performance, mobile optimization, and SEO practices, with a consent management system for cookies ensuring privacy compliance. The technical infrastructure reflects a mature digital presence suitable for a medium-sized enterprise. From a security perspective, the site enforces HTTPS and uses consent mechanisms but lacks explicit security policies, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. Security headers could be improved to enhance protection. Overall, the security posture is solid but could benefit from formalized policies and additional headers. The domain WHOIS data is consistent with the business claims, showing no privacy protection and a domain age appropriate for the company's 20-year history. Contact information is clearly presented, including emails, phone numbers, and physical address, enhancing business credibility. Social media presence on LinkedIn and Facebook supports trust and engagement. Recommendations include publishing security and incident response policies, adding security headers, and considering a vulnerability disclosure program to strengthen security culture and compliance.

A

Ambient Sound Investments

asi.ee

0

Ambient Sound Investments (ASI) is a private asset management firm established in 2003 by four founding engineers of Skype. The company operates as a family office with a focus on investments across venture capital, private equity, listed equity, and real assets, with assets geographically located in Europe, the US, and Asia. The website presents a professional image with clear navigation and relevant business content, targeting investors and professionals interested in diversified asset management. The business model is niche and specialized, leveraging the founders' technology and finance backgrounds. Technically, the website is built on the Voog CMS platform, utilizing standard web technologies such as JavaScript, CSS, and HTML5. The site is mobile optimized and performs moderately well, though accessibility features are basic. The hosting and domain registration are consistent with the business location in Estonia, with no signs of privacy protection or suspicious WHOIS data. External scripts are limited and primarily related to the CMS platform. From a security perspective, the website benefits from HTTPS with a valid SSL certificate, but lacks important security headers and visible security policies. There are no privacy or cookie policies, nor contact information for security incidents or data protection officers. No vulnerabilities or exposed sensitive data were detected, but the absence of key compliance documents and security headers represents a moderate risk. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, improved security headers, and clearer contact information to strengthen trust and regulatory adherence.

S

Softwerk

softwerk.ee

0

Softwerk OÜ is an Estonian technology company specializing in custom business software solutions including business intelligence (BI), ERP implementations (notably Microsoft Dynamics 365), and web development using modern frameworks such as .NET and React. Established in 2012, Softwerk has positioned itself as a trusted partner for businesses in Estonia and Europe, offering tailored solutions that improve operational efficiency and data-driven decision making. The company emphasizes long-term client relationships and quality service delivery, supported by positive client testimonials and recognized partnerships such as Microsoft. Technically, the website is built on WordPress with WPBakery Page Builder, leveraging common web technologies like jQuery and FontAwesome, and integrates Google Analytics and Tag Manager for user tracking. The site is mobile optimized and presents a professional design with clear navigation. Security posture is solid with HTTPS enforced and secure form handling, but lacks advanced security headers and explicit security or incident response policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, Softwerk demonstrates a mature digital presence with room for improvement in privacy and security transparency.

B

Boomerang

boomerang.ee

0

Boomerang is a well-established third-party logistics provider specializing in eCommerce fulfillment and returns management, primarily serving the Nordic region and global markets. The company positions itself as the largest return handling operator in the Nordics, offering tailored and flexible logistics solutions to online webshops. The website reflects a professional and consistent brand image with good content quality and clear business focus. Technically, the site is built on WordPress with Elementor, leveraging modern technologies such as Usercentrics for cookie consent and Google Tag Manager for analytics, indicating a moderate level of digital maturity. Security-wise, the website enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and published security policies, which are areas for improvement. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

The website www.sotsiaalkindlustusamet.ee is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks access to the actual content. As a result, no business information, contact details, or policy documents are available for review. The site is protected by Cloudflare's WAF, indicating a focus on security but preventing external analysis. Without access to the real content, it is not possible to assess the company's market position, services, or compliance posture. The technical infrastructure relies on Cloudflare services, but performance and SEO cannot be evaluated. Security posture cannot be fully assessed beyond the presence of Cloudflare protection. Overall, the site appears to be a government-related entity from Estonia, but detailed insights are unavailable due to access restrictions.

F

FM Capital Consulting Ltd.

capital-consulting.com

0

FM Capital Consulting Ltd. is a well-established Estonian finance consulting firm specializing in worldwide company registration, bookkeeping, compliance, legal support, and tax planning services. The company targets businesses and entrepreneurs, including startups and fintech companies, offering tailored corporate and tax advantage solutions. Their market position is that of a niche consulting provider with expertise in cross-border transactions and fintech licensing. The website is professionally designed with good content quality and clear navigation, supporting their business credibility. Technically, the website is built on WordPress with common plugins such as Yoast SEO, Slider Revolution, and WPBakery Page Builder. It uses modern tracking and analytics tools including Google Analytics and LinkedIn Insight Tag. Performance and mobile optimization are good, though accessibility is basic. The hosting provider is not explicitly identified but the domain is registered with GoDaddy and uses DNS servers from zone.eu and zone.ee. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers. No privacy or cookie policies are present, which is a compliance gap especially given the use of tracking technologies. Contact information is clearly provided, enhancing trust. No WAF or blocking mechanisms are detected, allowing full content access. Overall, the website presents a moderate risk profile with strengths in business credibility and technical implementation but weaknesses in privacy compliance and security best practices. Strategic improvements in privacy policy implementation, cookie consent, and security headers would enhance their security posture and compliance standing.

R

R Haldus OÜ

rhaldus.ee

0

R Haldus OÜ is a small Estonian company specializing in property management services for commercial and residential real estate. Their website presents a focused business model offering competent and quality property maintenance and management services. The site is primarily in Estonian with options for English and Russian, targeting property owners seeking professional management solutions. Technically, the website is built on the Voog CMS platform and uses common JavaScript libraries such as jQuery and Modernizr, along with Google Analytics and Google Tag Manager for tracking. The site is moderately optimized for mobile devices and has basic SEO and accessibility features. Security-wise, the website uses HTTPS but lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. There is no visible incident response or vulnerability disclosure information, which limits transparency in security matters. Overall, the website is functional but basic, with room for improvement in privacy, security, and content depth.

N

Nord Projekt

nordprojekt.ee

0

Nord Projekt is a leading Estonian architecture and engineering bureau offering comprehensive design and project management services. The company emphasizes creativity, precision, and quality across all project phases, serving clients seeking professional architectural and engineering solutions. Their market position is strong within Estonia, supported by a portfolio of notable projects and ISO 9001 certification. The website is built on WordPress with modern plugins and demonstrates good digital maturity, including multilingual support and SEO optimization. Security posture is solid with HTTPS enabled, but lacks some security headers and explicit privacy and cookie policies, which are areas for improvement. Contact information is clearly provided, enhancing business credibility. Overall, the site reflects a professional and trustworthy business presence.

The website ww.ee represents a small Estonian technology-related company operating under the names OÜ Wõrgu Wõlurid and Web Wizards LLC. The business appears to provide web or IT services, targeting both Estonian and English-speaking clients. The domain is well-established since 2010 and hosted by Zone Media OÜ, consistent with the company's location and language. The website content is minimal but accessible, providing basic contact information in two languages. Technical infrastructure is simple, relying on standard HTML, CSS, and JavaScript without advanced frameworks or CMS platforms. Mobile optimization and accessibility are basic but functional. From a security perspective, the site lacks critical security headers and published policies such as privacy, cookie, or terms of service, which indicates compliance gaps and potential risks. No incident response or vulnerability disclosure mechanisms are present. The absence of analytics or tracking scripts suggests minimal user tracking, which is positive for privacy but also indicates limited marketing sophistication. WHOIS data is transparent and consistent with the website's claims, supporting legitimacy. Overall, the website scores moderately on business credibility but falls short on privacy compliance and security posture. The lack of published policies and security best practices presents risks that should be addressed to improve trust and regulatory compliance. Strategic improvements in security headers, policy publication, and incident response readiness are recommended to enhance the site's security and compliance maturity.

Estfilm Production OÜ is a small Estonian film production company established in 2006, specializing in cultural, nature, and regional films to promote Estonia. They serve both public and private sector clients and offer a range of services including aerial filming, time-lapse filming, 3D animations, and video editing. The company maintains a consistent brand presence and showcases its portfolio via a YouTube channel. Technically, the website is built on WordPress using older jQuery and Google Analytics for tracking, with basic mobile optimization and accessibility. Security posture is moderate but could be improved by updating libraries and implementing security headers. Privacy compliance is weak due to the absence of privacy and cookie policies and lack of consent mechanisms. Overall, the website is functional and professional but requires enhancements in security and privacy to meet modern standards.

AuditPartner is a small Estonian auditing and financial consulting firm with a website primarily in Estonian and an English language option. The company positions itself as a professional service provider focusing on seeing beyond the numbers, targeting businesses requiring auditing and financial services. The website is built on WordPress with common web technologies such as jQuery and Bootstrap, indicating a standard but modern technical infrastructure. Performance and mobile optimization are moderate to good, with basic SEO and accessibility features. From a security perspective, the site uses HTTPS with good SSL configuration but lacks important security headers and visible security policies such as privacy, cookie, or incident response policies. No vulnerability disclosure or security.txt files are present, and no contact information such as emails or phone numbers are explicitly provided on the homepage. These gaps reduce the overall privacy compliance and security posture scores. Overall, the website is functional and professionally designed but lacks critical compliance and security transparency elements. The domain WHOIS data is consistent with the business claims, supporting legitimacy. Strategic improvements in privacy policy publication, security headers, and contact transparency would enhance trust and compliance.

M

M-Partner

mpartner.ee

0

M-Partner is an established Estonian recruitment company specializing in the effective hiring of managers and specialists, with over 20 years of experience and more than 1000 successful recruitments. Their business model focuses on full search and headhunting services, targeting Estonian companies seeking qualified personnel. The website reflects a professional and consistent brand image, supported by client logos and clear service descriptions. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates essential tools such as Google Tag Manager and reCAPTCHA, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforcement, email obfuscation, and cookie consent mechanisms, though additional security headers and formal policies could enhance protection. Overall, the site is accessible, well-structured, and compliant with GDPR, presenting a trustworthy and credible online presence.

The website vanglateenistus.ee is currently inaccessible beyond a Cloudflare Turnstile captcha challenge page, preventing access to any substantive content. The domain is very recently registered (December 2023) and is owned by Elkdata OÜ, a hosting and registrar provider, indicating the site is likely new or under development. Due to the WAF challenge, no business, security, or compliance information is available for analysis. The technical infrastructure relies on Cloudflare's security and analytics services, but no CMS or frameworks are detectable. The security posture cannot be fully assessed, but the presence of Cloudflare WAF indicates some baseline protection. Overall, the site is low trust at this stage due to lack of accessible content and new domain age.

L

Lindab

lindab.si

0

Lindab.si is a Slovenian content and blogging website established in 2022, offering articles on a variety of topics including home, health, sports, services, and technology. The site targets a general Slovenian-speaking audience interested in diverse lifestyle and technology content. The business model is primarily content publishing with no direct e-commerce or transactional services evident. The website is built on WordPress CMS, utilizing Yoast SEO for search optimization and Google reCAPTCHA for form security. The technical infrastructure is modern and moderately performant with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enforced and form protection via reCAPTCHA, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy page present but no cookie consent mechanism detected. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the website is legitimate, consistent with its domain registration data, and presents a moderate trust level. Strategic improvements in privacy compliance, security policy transparency, and contact information availability would enhance credibility and user trust.

R

Roadplan

roadplan.ee

0

Roadplan is an Estonian company specializing in road project design, outdoor space projects, and consulting services. Founded in 2013, it positions itself as a leading road project designer in Estonia, targeting clients who require sustainable and innovative solutions for their outdoor environments. The website content is primarily in Estonian and focuses on communicating the company's expertise and service offerings. Technically, the website is built on WordPress and uses modern web technologies including Google Fonts, Google Analytics, Google Tag Manager, and reCAPTCHA for form security. The site is hosted by Zone Media OÜ, a known Estonian hosting provider. Performance and mobile optimization are good, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the website uses HTTPS with a valid SSL certificate and employs reCAPTCHA to protect forms. However, it lacks important security headers and does not provide explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is professional and functional but lacks comprehensive privacy and cookie policies, explicit contact information, and detailed security disclosures. These gaps reduce its privacy compliance and slightly impact trustworthiness. Strategic improvements in these areas would enhance the site's security posture and user trust.

Berbank AS operates as a small Estonian financial institution providing traditional banking services including private and business banking, loans, deposits, and internet banking. The website targets Estonian private individuals and business clients, offering localized financial products. The domain is registered since 2019, consistent with a relatively new or niche bank. The technical infrastructure is basic, relying on jQuery and Google Analytics, with no modern frameworks or CMS detected. The website lacks HTTPS enforcement and security headers, which are critical for banking sites, indicating a weak security posture. Privacy compliance is poor, with no visible privacy or cookie policies, and no GDPR compliance indicators. Contact information is present but limited, and no incident response or security policy details are provided. Overall, the site shows moderate business credibility but requires significant improvements in security and privacy to meet industry standards.

D

Dispak

dispak.ee

0

Dispak is an Estonian retail business specializing in the sale of paper and fabric bags, primarily targeting customers seeking packaging solutions for gifts and corporate gifts. The company claims over two decades of experience and offers custom logo printing services with a minimum order quantity. The website is primarily in Estonian and serves the local market with a product-focused approach. Technically, the site uses jQuery and jQuery UI libraries along with Google Analytics and Tag Manager for tracking. The hosting and domain registration are consistent with an Estonian business identity. However, the website lacks explicit privacy, cookie, and terms of service policies, which impacts its compliance posture. Security headers and advanced security practices are not evident, and no incident response or vulnerability disclosure information is provided. Overall, the site is functional with moderate technical implementation but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

L

Laser Diagnostic Instruments

ldi.ee

0

Laser Diagnostic Instruments (LDI) is an Estonian-based company specializing in advanced oil spill detection systems and water monitoring sensors. Their flagship product, the ROW (Remote Optical Watcher), provides autonomous, non-contact detection of oil spills and algal blooms, serving industrial and environmental clients globally. The company has a strong niche market position with installations across multiple continents and industries including energy, water treatment, and shipping ports. The website reflects a professional and consistent brand image with detailed product information and client testimonials, supporting their credibility in the environmental monitoring sector. Technically, the website is built on WordPress with modern plugins and frameworks, offering good performance and mobile optimization. Security posture is solid with HTTPS and standard best practices, though improvements are recommended in cookie consent and security headers. Privacy compliance is basic with a privacy policy present but lacking cookie consent mechanisms. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, LDI presents a trustworthy and professional digital presence aligned with their business objectives.

S

Sparkup

teaduspark.ee

0

Sparkup Tartu Teaduspark is a well-established science and technology park based in Tartu, Estonia, founded in 2010. It serves as a hub for science- and technology-intensive startups and scaleups, offering incubation, acceleration, business development services, and rental spaces. The organization supports companies through various programs including Sparkup Inkubaator, ESA BIC Estonia, and multiple thematic accelerators focused on energy, climate, defense, and logistics. The website reflects a mature digital presence with a modern WordPress-based infrastructure, leveraging Elementor for design and Google Tag Manager and Facebook Pixel for analytics and marketing. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not published. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy page, primarily in Estonian. Overall, the site demonstrates good professionalism, clear navigation, and strong business credibility, positioning Sparkup as a key player in the Estonian innovation ecosystem.

E

Eesti Keskkonnauuringute Keskus OÜ

klab.ee

0

Eesti Keskkonnauuringute Keskus OÜ is a government-affiliated Estonian company specializing in chemical, physical, and microbiological laboratory analyses, geotechnical studies, and environmental condition modeling. The company positions itself as a leading environmental research and laboratory service provider in Estonia, serving government bodies, environmental agencies, and research institutions. Their website reflects a professional and consistent brand image with a clear focus on environmental services and scientific expertise. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The site includes a consent management platform (Usercentrics) for cookie compliance and integrates Google Tag Manager for analytics. Performance and mobile optimization are good, though accessibility features are basic. The hosting and domain registration are consistent with an Estonian government-related entity, registered since 2013. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism, but lacks explicit security headers and a published security or incident response policy. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of a security.txt or vulnerability disclosure policy is noted as an area for improvement. Overall, the website demonstrates a solid business credibility and technical foundation with room for enhanced security and privacy policy transparency. The risk profile is low, but strategic improvements in security headers and formal policies would strengthen trust and compliance.

Polhem International is a marketing and communications agency operating primarily in Scandinavia and the Baltics. The company offers a broad range of services including marketing, communication, public relations, events, influencer marketing, digital advertising, social media, and media training. The website reflects a professional and consistent brand presence with a modern technical infrastructure leveraging Nuxt.js and Bootstrap 5 frameworks. Tracking and analytics are implemented via Google Analytics and Google Tag Manager, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and DNSSEC, which could be improved. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the domain is well-established and legitimate, supporting the credibility of the business.

S

SRINI OÜ

srini.ee

0

SRINI OÜ is an Estonian software development company specializing in custom software solutions primarily for government and private sector clients. Founded in 2019, the company operates from Tallinn and Tartu with approximately 80 employees. Their business model focuses on delivering tailored software design, development, and maintenance services, leveraging modern methodologies such as SCRUM and XP. The company has a positive market position supported by government contracts and a spin-off subsidiary, Modena. Technically, the website is built on WordPress, uses Java-based technologies, and integrates Google Analytics and Google Maps APIs. The site is mobile-optimized and SEO-friendly but lacks published privacy and cookie policies, which impacts compliance. Security posture is good with HTTPS enforced, but missing security headers and incident response contacts are areas for improvement. Overall, SRINI presents a credible and professional digital presence with moderate risk and room for enhanced privacy and security practices.

Nixor is a technology solutions provider specializing in retail and IT infrastructure services. Their offerings include sales systems, self-service solutions, POS hardware, payment solutions, electronic shelf labels, weighing systems, security technology, business software, and IT infrastructure. The website targets businesses seeking integrated technology solutions in Estonia and the surrounding region. The company presents itself as a medium-sized, established player in the technology sector with a professional online presence. Technically, the website is built on the Odoo CMS platform, utilizing modern frontend technologies such as Bootstrap and FontAwesome. The site is mobile-optimized and provides a multilingual experience with support for English, Estonian, Latvian, and Lithuanian. Performance is moderate, and SEO practices are adequately implemented. However, accessibility features are basic, and there is room for improvement in technical implementation. From a security perspective, the website lacks visible security headers and explicit security or privacy policies. There is no evidence of GDPR compliance mechanisms such as cookie consent banners or privacy policies. No incident response or vulnerability disclosure information is provided, which may impact trust and compliance. The absence of these elements suggests a need for enhanced security posture and privacy compliance. Overall, the website is functional and professional but requires improvements in privacy, security, and compliance transparency to strengthen trustworthiness and meet regulatory expectations. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, and establishing clear incident response and vulnerability disclosure processes.

M

Moonwalk

moonwalk.ee

0

Moonwalk is an Estonian music agency specializing in artist management, music production, and event promotion. The company represents notable artists such as Stefan, Getter Jaani, Black Velvet, and Mr Happyman, positioning itself as a recognized player in the Estonian music industry. The website reflects a professional and consistent brand image, targeting music fans and industry professionals. Technically, the site is built on Squarespace, leveraging modern web technologies and standard analytics tools like Google Analytics and Facebook Pixel. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the website uses HTTPS but lacks several important security headers such as HSTS and Content-Security-Policy, which could improve its security posture. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable gap given the use of tracking technologies. Overall, the website is credible and functional but would benefit from enhanced security and privacy measures to align with best practices and regulatory requirements.

N

Nex OÜ

nex.ee

0

Nex OÜ operates as a small Estonian IT service provider specializing in computer repair, network consulting, remote support, and IT infrastructure management. The company positions itself as a reliable local partner with authorized partnerships from recognized brands such as Lenovo and Epson. Their website clearly communicates their service offerings and contact information, targeting businesses and individuals requiring IT support and hardware sales. Technically, the website is built on WordPress and utilizes modern web technologies including jQuery, LiteSpeed Cache, and Google Tag Manager. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. However, some security best practices such as security headers are missing. From a security perspective, the site enforces HTTPS and does not expose sensitive data. However, it lacks published privacy and cookie policies, incident response contacts, and vulnerability disclosure mechanisms, which are important for compliance and trust. The WHOIS data is consistent with the business claims, enhancing legitimacy. Overall, the website is professional and functional but would benefit from improved privacy compliance and enhanced security headers to strengthen trust and regulatory adherence.

The website epicenter.ee is currently inaccessible due to an HTTP 403 Forbidden error, indicating that access to the site's content is blocked or restricted by server configuration or security policies. As a result, no metadata, structured data, contact information, or business content is available for analysis. The domain is registered to Zone Media OÜ since 2012, which suggests a legitimate and established presence in Estonia. However, the lack of accessible content severely limits the ability to assess the company's business model, services, or compliance posture. Technically, the site runs on an Apache server hosted by Zone Media OÜ, but no further technology stack details or security headers are visible due to the access restriction. Security posture cannot be evaluated beyond the presence of HTTPS (implied by port 443) and the 403 error. Overall, the site scores very low on content quality, technical implementation, security, privacy compliance, and business credibility due to the blocked content.

The website iaconsulting.info currently presents minimal content, consisting solely of a frameset that redirects visitors to an external domain (www.searchvity.com). There is no visible business information, contact details, or policies on the site, which severely limits the ability to assess the company's market position or services. The domain is registered since 2015 with privacy protection, but the lack of transparency and meaningful content raises concerns about legitimacy and professionalism. From a technical perspective, the website lacks modern infrastructure elements such as HTTPS, security headers, and accessible HTML structure. The use of framesets is outdated and negatively impacts user experience and SEO. No scripts, analytics, or tracking technologies were detected, indicating a very basic or placeholder site. Security posture is weak due to the absence of HTTPS, security headers, and any visible security or privacy policies. The WHOIS privacy protection, while common for small businesses, combined with the minimal content and redirect behavior, suggests a low trust level. There are no indications of incident response readiness or certifications. Overall, the website poses a high risk from a security and trust perspective. It is recommended to implement HTTPS, develop meaningful content including privacy and cookie policies, provide clear contact information, and modernize the technical implementation to improve credibility and compliance.

L

LVM Kinnisvara

lvm.ee

0

LVM Kinnisvara is a well-established Estonian real estate company providing comprehensive property services including sales, valuation, development, and brokerage. The company operates across major Estonian cities with multiple office locations and a professional online presence. Their website is built on WordPress with modern plugins and integrates marketing and analytics tools to engage and track users effectively. Security measures such as HTTPS, CAPTCHA on forms, and cookie consent mechanisms are implemented, though some security headers could be improved. The domain registration data aligns well with the business profile, indicating legitimacy and a mature online presence.

J

Jolos

jolos.eu

0

Jolos is a full spectrum creative agency based in Estonia, specializing in world-class event production, branding, campaigns, and live and virtual events. The company positions itself as a high-quality, professional agency focused on delivering unique and memorable experiences for brands and organizations. The website reflects a mature digital presence built on WordPress, leveraging modern optimization and analytics tools such as Google Analytics and Tag Manager with IP anonymization enabled. The site is well-designed, mobile-optimized, and rich in multimedia content, showcasing detailed case studies and team profiles that enhance trust and professionalism. Security posture is solid with HTTPS enforced and no exposed sensitive data, though the absence of security headers and formal security policies suggests room for improvement. Privacy compliance is limited due to missing privacy and cookie policies and lack of consent mechanisms. Overall, the domain registration aligns with the business claims, indicating legitimacy and trustworthiness.

R

Rescoval

rescoval.ee

0

Rescoval is an Estonian company specializing in advertising installation services, including banner and sticker advertising, seasonal sales areas, and rental of advertising trailers across Estonia. Established in 2010, the company targets retail chains, supermarkets, and shopping centers, offering professional and rapid campaign installations. The website reflects a mature local business with consistent branding and clear service offerings. Technically, the site is built on WordPress with common plugins for SEO, forms, and sliders, showing moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent implemented, though there is room for improvement in security headers and incident response policies. Overall, the domain registration data aligns well with the business claims, enhancing trustworthiness.

N

Nordic Consult

nordicconsult.ee

0

Nordic Consult is a small Estonian corporate services provider specializing in online company registration, legal address provision, accounting, and e-Residency support. Established since 1997, it targets entrepreneurs and e-Residents seeking efficient company formation in Estonia. The website is built on WordPress with SEO and form plugins, offering a user-friendly experience with clear navigation and relevant content. Technically, the site is hosted via Zone Media OÜ and uses HTTPS with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and secure form handling but lacks important security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional and trustworthy but would benefit from improved privacy and security practices.

Tehnolabor OÜ is a specialized technology development laboratory based in Estonia, focusing on electronics, automation, telecommunication, and industrial solutions. With over 20 years of experience, the company offers comprehensive services from prototype creation to product development and production management. Their portfolio includes projects in healthcare, transportation, and industrial sectors, with notable collaborations such as Airbus and EU-funded research initiatives. The company targets businesses and individuals seeking reliable technology development and automation solutions. Technically, the website is built on WordPress with common plugins and modern JavaScript libraries, providing a good user experience and mobile optimization. Security posture is adequate with enforced HTTPS, though improvements are needed in security headers and server-side HTTPS enforcement. Privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the website reflects a credible and professional business with room for compliance and security enhancements.

S

SandFox OÜ

sandfox.ee

0

SandFox OÜ is a small Estonian company founded in 2016 specializing in integrated energy storage solutions, smart battery management, solar panel integration, and Linux-based IT infrastructure services. The company targets industrial clients and businesses in the energy sector, offering critical IT and industrial automation solutions. Their market position is supported by partnerships with major technology vendors such as RedHat, IBM, Huawei, and SUSE, and they emphasize business-critical IT solutions and energy management. Technically, the website uses a basic but functional stack including jQuery, Google Analytics, and Google Translate, hosted likely by Zone Media OÜ. The site is accessible and moderately optimized but lacks advanced mobile responsiveness and accessibility features. Security posture is adequate with HTTPS enabled but lacks important security headers and visible privacy compliance mechanisms. Overall, the company presents a credible and trustworthy business presence with room for improvement in privacy compliance and technical modernization.

The website leegohansson.com is currently inaccessible due to an origin web server downtime, as indicated by the Cloudflare 521 error page. The domain is very recently registered (July 2024) and uses Cloudflare as a CDN and security provider. There is no accessible business content, contact information, or policies available on the site, which severely limits the ability to assess the business or its market position. Technically, the site relies on Cloudflare but lacks DNSSEC and security headers, and the server is currently non-responsive. The security posture is weak due to the downtime and lack of standard security configurations. Overall, the site presents a high risk due to unavailability and lack of transparency, and it is recommended to restore server availability, implement security best practices, and publish necessary compliance policies to improve trust and security.

G

GS Group

gs-group.com

0

GS Group is a well-established Russian investment and industrial holding company with over 30 years of expertise in high-tech industries, primarily focusing on electronics development and manufacturing. The company operates a diversified portfolio including microelectronics, software development, packaging production, and energy-efficient lighting solutions. Their market position is strong within Russia, supported by a robust production base and a strategic focus on import substitution and technology localization. The website reflects a professional and consistent brand image with good content quality and clear navigation, targeting industrial partners, investors, and technology professionals. Technically, the website is built on the Bitrix CMS platform, leveraging modern JavaScript libraries and analytics tools such as Yandex Metrika and Google Tag Manager. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Security posture is adequate with HTTPS enforced and use of reCAPTCHA on forms, but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. Privacy compliance is partial; a comprehensive privacy policy is present, but no cookie consent mechanism was detected, which may pose compliance risks under GDPR. Contact information is limited to a subscription form without direct emails or phone numbers, reducing transparency. The domain WHOIS data is consistent with the business profile, showing a long-standing registration with no privacy protection, indicating legitimacy. Overall, GS Group's digital presence is professional and credible but could benefit from enhanced security practices and improved privacy compliance to strengthen trust and regulatory adherence.

M

MyHome OÜ

myhome.ee

0

MyHome OÜ operates a professional real estate brokerage and property management business primarily serving the Estonian market with additional offerings in Spain. The company provides services including property sales, rentals, management, and interior design. The website reflects a well-established small business with a consistent brand and a focus on quality customer service, as evidenced by testimonials and detailed property listings. The technical infrastructure is based on WordPress with common plugins and integrations such as Google Analytics, Google Tag Manager, and Mailchimp, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, with structured data enhancing search visibility. Security posture is adequate with HTTPS and some security best practices, but lacks advanced headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies and no visible consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced compliance and security transparency.

The website lasitamaja.com/lander is a newly registered domain (August 2023) currently serving a minimal placeholder or parking page with no substantive business content. The site uses React and JavaScript technologies and includes Google AdSense scripts, indicating an intent to monetize traffic. However, there is no visible business information, contact details, privacy or cookie policies, or terms of service, which limits trust and credibility. Technically, the site is hosted via GoDaddy with domain status locks enabled but lacks DNSSEC and security headers, which are important for domain and web security. The minimal content and lack of SEO or accessibility features suggest a low level of digital maturity. No forms or user data collection mechanisms are present. From a security perspective, the absence of HTTPS enforcement details, security headers, and privacy compliance measures indicates a basic security posture with room for improvement. The domain registration is consistent with a new business but the lack of transparency and content reduces confidence. Overall, the site scores low on content quality, privacy compliance, and business credibility, with moderate technical implementation.