Security Directory

Vormsi.ee is the official local government and community information portal for Vormsi island, Estonia. The website provides current news, event calendars, administrative information, and local services primarily targeting residents and visitors of Vormsi. It is positioned as a trusted source of local information with a focus on community engagement and tourism. The site is multilingual, supporting Estonian, English, and Swedish languages, enhancing accessibility for diverse audiences. The business model is informational and governmental, with no evident commercial transactions. The domain is well-established since 2010, reinforcing its credibility and local presence. Technically, the website is built on WordPress CMS using a modern tech stack including PHP, jQuery, and popular plugins such as Yoast SEO and WPML for multilingual support. The site uses Google Tag Manager for analytics and employs a responsive design optimized for mobile devices. Performance is moderate with good SEO practices implemented. However, accessibility features are basic and could be improved. From a security perspective, the site uses HTTPS with a good SSL configuration, but lacks visible security headers such as Content-Security-Policy or X-Frame-Options. There is no evidence of a published privacy policy, cookie consent mechanism, or incident response information, which are important for GDPR compliance and user trust. No security.txt or vulnerability disclosure information is present. The site does not appear to be behind a WAF or security challenge, and no critical vulnerabilities were detected in the provided content. Overall, Vormsi.ee is a credible and professionally maintained government website with good content quality and technical implementation. To enhance security posture and compliance, it should publish privacy and cookie policies, implement security headers, and provide clear contact information for incident response. These improvements will strengthen user trust and regulatory compliance.

A

Anija vald

anija.ee

42

Anija.ee is the official website of Anija vald, a local government entity in Estonia. The site serves as a comprehensive portal for municipal information, including news, services, contacts, and community resources. It targets residents and stakeholders within the Anija vald municipality, providing essential public service information and facilitating communication between the government and its constituents. The website is well-structured with clear navigation and a consistent branding approach, reflecting its role as a trusted government resource. Technically, the website is built on WordPress CMS, utilizing modern plugins such as Max Mega Menu, Complianz GDPR Cookie Consent, and Carousel Block. It employs jQuery and FontAwesome for enhanced UI/UX. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate and could benefit from further optimization. The presence of Google Tag Manager indicates usage of analytics and tracking, balanced with a GDPR-compliant cookie consent mechanism. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks explicit security headers like Content-Security-Policy and X-Frame-Options, which are recommended for enhanced protection. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data confirms a consistent and legitimate domain registration aligned with the website's governmental purpose. Overall, Anija.ee presents a secure, compliant, and professionally maintained digital presence for the Anija vald municipality. Strategic recommendations include enhancing security headers, adding explicit incident response contacts, and maintaining regular updates to CMS and plugins to sustain security and compliance.

B

BSTX

bstx.com

59

BSTX operates as a regulated national securities exchange integrating blockchain technology to modernize public securities trading. Powered by tZERO technology and jointly owned by BOX Digital Markets and tZERO, BSTX aims to reduce friction and complexity in securities trading. The website reflects a medium-sized finance and technology business with a clear focus on blockchain-enabled securities exchange services. The technical infrastructure is based on WordPress CMS with common plugins and integrations such as LayerSlider and Google Analytics, hosted likely on WP Engine with Cloudflare DNS. The site is well designed, mobile optimized, and SEO friendly, though some accessibility features are basic. Security posture is solid with HTTPS enforced and domain transfer protections, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with privacy and terms pages present but no cookie consent mechanism or explicit GDPR compliance indicators. Contact information is limited to email and contact forms, with no phone or physical address listed. Overall, BSTX presents a credible and professional online presence consistent with its business claims.

X

XetNET

xetnet.fi

62

XetNET is a Finnish-based hosting and domain registration company established in 2002, offering a range of web hosting solutions including webhotelli packages, virtual servers, Docker services, and business email. The company emphasizes local Finnish hosting infrastructure and customer service, positioning itself as a reliable and performance-oriented provider in the Finnish market. Their website is professionally designed, mobile-optimized, and provides clear navigation and service descriptions. Technically, the site uses WordPress with modern technologies such as LiteSpeed Cache, PHP 8.x, Redis, and Docker, ensuring good performance and scalability. Security posture is strong with HTTPS, security headers, and a comprehensive cookie consent mechanism that complies with GDPR. However, explicit security policies and incident response information are not publicly available, which could be improved to enhance transparency. Overall, the site reflects a mature, trustworthy business with good digital maturity and compliance practices.

U

UAB Eltechnika

eltechnika.eu

54

UAB Eltechnika is a Lithuanian-based company specializing in the distribution and sales of advanced laser and CNC machinery, including CO2, Fiber, UV lasers, and CNC milling machines. Established in 2015, it serves primarily the Baltic region as an official distributor for AEON and LightBurn, targeting manufacturing and industrial businesses seeking high-precision equipment. The website reflects a professional B2B business model with multilingual support and a focus on product exposition and customer engagement. Technically, the site is built on WordPress with common plugins for caching and multilingual content, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and secure form handling, but lacks explicit security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site presents a credible and trustworthy business presence with room for improvement in privacy and security transparency.

Copix is a modern digital printing company based in Estonia, offering a wide range of printing products and services such as labels, floor stickers, books, and interior decoration prints. The company targets businesses and individuals requiring quality printing solutions and operates an e-commerce platform for convenient ordering. The website is built on WordPress with modern technologies including Bootstrap, jQuery, and integrates multiple marketing and analytics tools such as Google Analytics and Facebook Pixel. Security posture is basic with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and DNSSEC. The domain is newly registered in 2024, consistent with the business's apparent recent establishment. Contact information is comprehensive and transparent, enhancing business credibility.

T

Tuumik Stuudio OÜ

tuumik.ee

49

Tuumik Stuudio OÜ is an established Estonian graphic design and photography studio founded in 2007. The company specializes in visual identity, illustration, print preparation, and photography services, targeting cultural institutions and corporate clients. Their website showcases a comprehensive portfolio demonstrating professional design and consistent branding. Technically, the site is built on WordPress with modern SEO and analytics tools, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and formal privacy or cookie policies, indicating compliance gaps. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

Articulate Global Inc. operates a leading SaaS platform specializing in online workplace learning and interactive course creation. Their flagship product, Articulate 360, is trusted by millions of course creators worldwide, positioning the company as a market leader in the education technology sector. The website reflects a mature digital presence with comprehensive content, professional branding, and a clear focus on corporate training audiences. Technically, the site is built on WordPress with modern SEO and marketing integrations including Google Tag Manager, Marketo Munchkin, and Visual Website Optimizer. The presence of Osano consent management indicates a commitment to privacy compliance. Performance and mobile optimization are good, supporting a positive user experience. Security posture is strong with HTTPS enforced, multiple security headers, and no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response information are not publicly available, representing an area for improvement. WHOIS data is not publicly accessible, likely due to privacy protection, which is common for large enterprises but slightly reduces transparency. Overall, the website is professional, secure, and compliant with privacy regulations, supporting a high trust level. Strategic recommendations include publishing detailed security policies, adding vulnerability disclosure mechanisms, and enhancing transparency around data protection contacts to further strengthen trust and compliance.

O

Oikeusministeriö/Oikeushallinnon tietotekniikkakeskus

demokratia.fi

25

Demokratia.fi is an official Finnish government web portal managed by the Ministry of Justice, providing citizens with comprehensive information and tools to participate in democratic processes locally, nationally, and at the EU level. The site aggregates links to various government-maintained participation platforms and legislative tracking services, targeting Finnish citizens interested in civic engagement. Technically, the site is built on WordPress with modern JavaScript libraries and uses Matomo analytics configured for privacy. Security posture is solid with HTTPS and no exposed sensitive data, though DNSSEC and additional security headers could enhance protection. Privacy compliance is good with a clear privacy policy, but lacks a cookie consent mechanism. Overall, the site is trustworthy, professionally maintained, and serves as a key government resource for democratic participation.

E

Eesti Tervisemuuseum

tervisemuuseum.ee

43

Eesti Tervisemuuseum is a small, non-profit educational museum based in Tallinn, Estonia, focused on health education and cultural exhibitions. The museum offers a variety of services including permanent and temporary exhibitions, educational programs for children and adults, event hosting, and a podcast series. The website is professionally designed with excellent content quality, clear navigation, and multilingual support, targeting a broad audience interested in health and wellness. Technically, the site is built on WordPress with WooCommerce and uses modern web technologies and SEO best practices. Security posture is good with HTTPS enforced and GDPR compliance mechanisms in place, though some security headers could be improved. The domain registration is consistent and transparent, registered with a reputable Estonian registrar, supporting the legitimacy of the business. Overall, the website presents a trustworthy and professional digital presence for the museum.

Ł

ŁÓDŹ MIASTO FILMU UNESCO EC1

lodzcityoffilm.com

58

Łódź Miasto Filmu UNESCO EC1 is a cultural and tourism-focused organization promoting the film heritage and film-related activities in Łódź, Poland. The website serves as a portal for film trails, festivals, events, and projects related to the city's film culture, targeting film enthusiasts, tourists, and cultural visitors. The organization leverages UNESCO branding and local government support to position itself as a regional cultural promoter. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Advanced Custom Fields, integrating Google Maps and social media for enhanced user engagement. The site is mobile-optimized and provides multilingual support, enhancing accessibility for international visitors. Security-wise, the website uses HTTPS with a valid SSL certificate and has domain transfer protections in place. However, it lacks DNSSEC and advanced security headers, and no explicit security or incident response policies are published. Privacy compliance is basic but includes a cookie consent mechanism aligned with GDPR requirements. Overall, the website is professional and trustworthy but could improve in security transparency and contact information availability.

M

Międzynarodowy Festiwal Komiksu i Gier w Łodzi

komiksfestiwal.com

67

The Międzynarodowy Festiwal Komiksu i Gier w Łodzi website represents a well-established cultural event focused on comics and games, primarily targeting creators and enthusiasts in Poland and Central-Eastern Europe. The festival is the largest of its kind in the region, with a history dating back to 2006 for the domain and earlier for the event itself. The site offers multilingual support, event information, contests, and partner links, reflecting a mature digital presence. Technically, the site is built on WordPress with common plugins and tracking tools such as Google Analytics and Facebook Pixel, indicating a standard but effective infrastructure. Security posture is adequate with HTTPS enabled but could be improved by adding DNSSEC and security headers. Privacy compliance is basic but present, with cookie and privacy policies accessible and a consent mechanism implemented. Business credibility is strong due to the festival's reputation, social media presence, and consistent branding. Overall, the site is professional and trustworthy with room for security enhancements.

M

MuseumNext

museumnext.com

49

MuseumNext is a professional organization providing virtual conferences and online learning content tailored for museum professionals worldwide. The website positions itself as a leading platform for museum industry professional development, offering virtual events, season passes, and a blog with relevant articles. The site is well-branded, with trust signals including logos of leading museums and testimonials. Technically, the site is built on WordPress with Gravity Forms for data collection and integrates Google Tag Manager and LinkedIn Insight for analytics and marketing. The site is accessible, mobile-optimized, and SEO-friendly. Security posture is good with HTTPS enforced and no exposed sensitive data, though it lacks some security headers and explicit cookie consent mechanisms. WHOIS data is missing or unavailable, which slightly reduces trust but the professional presentation and content quality mitigate concerns. Overall, the site is a credible and valuable resource for its target audience.

N

Norstat Industrial Safety, Automation and Connectivity Solution

norstat.com

57

Norstat Industrial Safety, Automation and Connectivity Solution is a specialized provider of safety, automation, and connectivity products for the industrial marketplace. Their offerings include safety controllers, light curtains, safety interlocks, non-contact safety switches, safety relays, and signaling devices. The company operates a WordPress-based e-commerce website using WooCommerce and the Avada theme, supported by various plugins including CleanTalk for anti-spam and Google Analytics for tracking. The domain is well-established since 1996, consistent with the company's business history, and uses Cloudflare DNS services. Security posture is moderate with HTTPS enabled and anti-spam measures in place, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the website is professional and functional but would benefit from enhanced security and privacy practices.

D

Digiposter

digiposter.ee

41

Digiposter is an Estonian-based digital advertising company specializing in digital screens and LED advertising solutions across major cities and shopping centers in Estonia. The company leverages a network of digital and LED screens to deliver impactful advertising campaigns directly to potential customers in high-traffic locations. The website reflects a medium-sized enterprise with a professional digital presence, utilizing WordPress with Elementor and SEO best practices to reach its target audience effectively. Technically, the website is built on a modern WordPress stack with multilingual support via WPML, SEO optimization through Yoast, and analytics integration using Google Analytics and Hotjar. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS and has no visible exposed sensitive data or vulnerable libraries. However, it lacks advanced security headers and explicit security or privacy policies, which could be enhanced to improve compliance and trust. No WAF or blocking mechanisms were detected, indicating open accessibility. Overall, the website presents a credible and professional business with a solid market position in Estonia's retail and media advertising sectors. Strategic improvements in privacy compliance and security posture would further strengthen its digital maturity and trustworthiness.

Copix is a newly established Estonian digital printing company specializing in a wide range of printing services including labels, packaging, interior decoration prints, and book printing. The website is professionally designed using WordPress and Bootstrap, featuring a modern and responsive layout with clear navigation and multiple contact channels. The company targets businesses, schools, publishers, designers, and individual customers, positioning itself as a regional printing service provider with an online ordering platform. The technical infrastructure includes common marketing and analytics tools such as Google Analytics, Facebook Pixel, and Adform tracking, integrated via Google Tag Manager. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks DNSSEC and security headers, which are recommended for improvement. The domain is newly registered in 2024, consistent with the business launch, and shows no suspicious registration patterns. Overall, the website is functional, trustworthy, and business credible, though it would benefit from enhanced privacy and security policies.

B

Bestmarketing.ee

balticbest.eu

56

BalticBest is a specialized advertising competition targeting the Baltic region, organized in partnership with EPICA Awards. The competition is conducted online with live judging sessions, providing entrants with immediate feedback and transparency. The website serves as a hub for competition information, news, submission details, and agency rankings. The business is positioned as a niche media entity focused on marketing and advertising professionals in Estonia and neighboring Baltic countries. Technically, the site is built on WordPress using Elementor, with modern web technologies and a moderate performance profile. Security posture is solid with HTTPS and secure forms, though it lacks some security headers and formal privacy and cookie policies, which are compliance gaps. Contact information is comprehensive, including emails, phone numbers, and physical address, enhancing business credibility. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

K

Kartra

krtra.com

67

Kartra is a technology company offering an all-in-one marketing platform designed to streamline marketing efforts through automated email, sales funnels, landing pages, and forms. The company targets businesses and marketers seeking integrated marketing automation solutions and operates a SaaS business model. The website is professionally designed, SEO optimized, and uses modern marketing and tracking technologies, indicating a mature digital presence. Technically, the site is built on WordPress with Cloudflare DNS and CDN services, and integrates multiple analytics and advertising tools such as Google Tag Manager, Facebook Pixel, Bing Ads, and Taboola. Security posture is good with HTTPS enabled and domain registration protections in place, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy policy or terms of service found in the provided content. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the business.

E

Easy Web Soutions

easyweb.ee

49

EasyWeb is a small Estonian technology service provider specializing in WordPress website creation, management, SEO, marketing, UX, and design services targeted primarily at small businesses. The company presents a professional and user-friendly website with clear service offerings and client testimonials, positioning itself as a reliable local partner for digital presence needs. Technically, the website is built on WordPress with modern tools such as GSAP for animations, Facebook Pixel for tracking, and Google Analytics for analytics, hosted likely by Elkdata OÜ as indicated by the WHOIS and nameserver data. The site is mobile-optimized and performs well with fast loading times and good SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks explicit security headers and a published security policy. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the domain registration and hosting details align well with the business claims, supporting legitimacy and trustworthiness.

A

Autoosta

autoosta.lv

55

Autoosta.lv is a Latvian transportation information website focused on providing bus schedules, news, and related information to the public. The site targets local travelers and residents seeking timely and accurate public transport data. The business operates as a small-scale information service platform with a niche focus on Latvian transportation. Technically, the website is built on WordPress using the Divi theme and leverages Jetpack for additional functionality and analytics. The infrastructure is modern and uses HTTPS with appropriate security headers, ensuring a secure browsing experience. However, the site lacks explicit privacy and terms of service policies, which are important for compliance and user trust. Security posture is solid with no detected vulnerabilities or blocking mechanisms, but incident response and vulnerability disclosure information are absent. Overall, the website is functional, moderately optimized for mobile, and provides relevant content for its audience, but could improve in privacy compliance and contact transparency.

U

UAB Eltechnika

eltechnika.lt

54

UAB Eltechnika is a Lithuanian-based company specializing in the distribution and sales of advanced manufacturing machinery, including CO2, UV, Fiber laser cutting and engraving machines, as well as CNC milling equipment. Established in 2015, the company serves the Baltic region as an official distributor for AEON and LightBurn, targeting industrial and manufacturing businesses seeking high-precision equipment. Their website reflects a professional and consistent brand image with multilingual support, clear product categorization, and active social media engagement. Technically, the site is built on WordPress with modern plugins and themes, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and secure forms, but lacks explicit security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the business demonstrates credibility and a solid market position, but should improve privacy and security transparency to enhance trust and compliance.

H

Helsingin Osuuskauppa Elanto

hok-elanto.fi

51

HOK-Elanto is Finland's largest regional cooperative within the S-ryhmä group, operating a broad network of over 400 retail outlets, restaurants, and service stations across the Helsinki metropolitan area and surrounding municipalities. The company serves over 700,000 customer-owners and employs nearly 7,000 people, positioning itself as a significant regional employer and retail service provider. The website reflects a mature digital presence with clear branding, comprehensive service information, and active engagement channels including social media and customer service portals. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and jQuery, supported by third-party services like Google Tag Manager for analytics and Usercentrics for consent management, indicating a commitment to privacy compliance and user experience. Hosting appears to be managed via a specialized Finnish cloud provider, ensuring regional performance and reliability. The site is mobile-optimized and SEO-friendly, with structured data and meta tags enhancing discoverability. From a security perspective, the site enforces HTTPS and integrates consent mechanisms, though it lacks explicit security headers which could be improved. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. WHOIS data confirms the domain's legitimacy, showing consistent registration details aligned with the business identity and a long operational history. Privacy and cookie policies are present and GDPR compliant, supporting regulatory adherence. Overall, HOK-Elanto's website demonstrates a solid digital infrastructure and trustworthy business representation. Strategic improvements in security headers and accessibility could further enhance the site's robustness and user inclusivity.

J

John Lothian News

johnlothiannews.com

58

John Lothian News is a specialized media outlet focused on delivering financial markets news and analysis. Established in 2011, it serves a niche audience of financial professionals and market participants. The website employs a WordPress CMS with the Divi theme and WooCommerce plugin, indicating a modern and flexible technical infrastructure. Hosting is provided by SiteGround, and the site uses Google Analytics and Tag Manager for user tracking. Security posture is solid with HTTPS enabled and use of Google reCAPTCHA, though there is room for improvement in security headers and DNSSEC implementation. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

N

Noranet

noranet.io

45

Noranet is a small Estonian-based company specializing in Internet of Things (IoT) solutions for both enterprises and private individuals. Their offerings range from smart monitoring and consumption management in residential buildings to digitalization and automation of industrial processes. The company appears to be recently founded in 2023 and operates under the parent company Startup Solutions OÜ. The website is professionally designed using WordPress with the Kadence theme and includes modern web technologies such as Google Tag Manager for analytics and marketing. Technically, the website demonstrates moderate performance and good mobile optimization, with proper SEO meta tags and structured data. However, there is room for improvement in accessibility and security best practices, as no advanced security headers or DNSSEC are implemented. The domain registration data aligns well with the business claims, showing consistency and legitimacy. From a security perspective, the site uses HTTPS and has domain transfer protections enabled, but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Analytics usage is moderate, relying on Google Tag Manager, which may track user behavior without explicit user consent. Overall, Noranet presents a credible and professional business presence with a solid technical foundation but requires enhancements in privacy compliance and security transparency to strengthen trust and regulatory adherence.

M

Maria Mägi Advokaadibüroo

mmab.ee

42

Maria Mägi Advokaadibüroo is a professional law firm based in Estonia, providing legal services across major legal domains including business law, real estate law, contract law, tax law, intellectual property, bankruptcy, family law, and environmental law. The firm positions itself as a modern legal service provider with a team of partners and specialized lawyers, targeting clients seeking comprehensive legal assistance in Estonia. The website is well-structured, multilingual, and professionally designed, reflecting the firm's commitment to quality and client service. Technically, the website is built on WordPress using the Avia Framework, with integrations such as Yoast SEO and Google Analytics for performance and marketing insights. The site is mobile-optimized and includes cookie consent mechanisms aligned with GDPR requirements. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and implements cookie consent with opt-in/out options, demonstrating good privacy compliance. However, explicit security headers are missing, and there is no dedicated security policy or vulnerability disclosure page. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, the website presents a trustworthy and professional digital presence for the law firm, with a solid foundation in security and privacy compliance. Strategic improvements in security headers, accessibility, and explicit security policies would enhance the firm's digital maturity and client trust.

O

Online Solution 360 GmbH

saveality.net

59

Saveality, operated by Online Solution 360 GmbH, is a specialized provider of cyber security and privacy solutions based in Germany. Founded in 2018, the company offers a range of services including secure remote desktop environments, multi-encryption data storage, end-to-end encrypted email and communication services, TOR/Onion web services, bulletproof hosting, penetration testing, secure mobile phone solutions, IoT protection, and cryptocurrency cold storage. The business targets clients requiring high confidentiality and privacy protection, positioning itself as a niche player in the cyber security market. The parent company is Online Solution Int Ltd. based in the UK. Technically, the website is built on WordPress and uses common web technologies such as jQuery, Google Analytics, and Google Tag Manager. Hosting and DNS services are managed via Cloudflare. The site implements HTTPS with a good SSL configuration but lacks DNSSEC and advanced security headers. Performance is moderate with good mobile optimization. Privacy compliance is basic with a cookie consent banner and a privacy policy hosted externally on adsafety.net. Security posture is adequate but could be improved by enabling DNSSEC, adding security headers, publishing a security policy, and providing a vulnerability disclosure mechanism. No critical vulnerabilities or exposed sensitive data were detected. Contact information is clearly presented, including phone numbers, emails, and physical addresses, enhancing business credibility. Overall, Saveality presents a professional and trustworthy front with room for improvement in security best practices and privacy transparency. Strategic recommendations include enhancing domain security, publishing detailed security and incident response policies, and improving privacy compliance disclosures.

E

Eesti Meediaettevõtete Liit

meedialiit.ee

41

Eesti Meediaettevõtete Liit is a well-established Estonian media association founded in 1990, representing a broad spectrum of private media outlets including web portals, TV, radio, newspapers, and magazines. The organization focuses on promoting trustworthy journalism, protecting the interests of its members, and advocating for fair competition in the media market. The website reflects this mission with relevant content, press council decisions, and news updates targeted at media professionals and the Estonian public. Technically, the site is built on WordPress with a modern tech stack including Bootstrap, Yoast SEO, and Google reCAPTCHA, ensuring a good user experience and basic security measures. The security posture is solid with HTTPS and anti-bot protections, though some advanced security headers could be added. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the site is professional, trustworthy, and serves its audience effectively.

C

Cargo Handling AS

ch.ee

43

Cargo Handling AS is an Estonian-based small transportation and logistics company specializing in cargo handling and storage services for international air and road carriers, freight forwarders, and companies engaged in international trade. The company also offers customs warehouse and excise warehouse services. The website is built on WordPress using the Divi theme, indicating a moderate level of digital maturity with a focus on clear presentation and multilingual support (Estonian and English). Security posture is adequate with HTTPS enabled, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and functional but could improve in privacy and security transparency to enhance trust and compliance.

F

FinanceEstonia

financeestonia.eu

45

FinanceEstonia is a well-established umbrella organization representing the Estonian financial sector, with over 90 members from both private and public sectors. The organization focuses on advocacy, fostering innovation, and supporting the growth of fintech and capital markets in Estonia. The website reflects a mature digital presence built on WordPress, with good SEO and mobile optimization. Security posture is solid with HTTPS and secure forms, though it lacks explicit security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy, supporting FinanceEstonia's role as a key industry player.

S

Suomi (fi)

kivakoulu.fi

54

KiVa Koulu is an anti-bullying program developed by the University of Turku, widely adopted in Finnish primary schools and internationally in over 20 countries. The website serves as an educational and informational platform targeting schools, teachers, students, and parents, providing resources, research, and program participation information. The business model is non-profit and education-focused, with strong institutional backing and a reputable market position in the education sector. Technically, the website is built on WordPress with modern frontend technologies including jQuery and DustPress JS. It demonstrates good mobile optimization, accessibility, and SEO practices. Cookie consent is managed via Cookiebot, indicating GDPR compliance. Performance is moderate with no blocking or WAF detected, and HTTPS is enforced. Security posture is solid with HTTPS and cookie consent mechanisms in place, but lacks explicit security headers and incident response contact information. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with a comprehensive privacy policy and cookie consent. Overall, the website is trustworthy, professional, and well-maintained, with minor recommendations to enhance security headers and incident response transparency to further strengthen its security and compliance posture.

A

ACE Logistics Latvia SIA

ace.lv

44

ACE Logistics Latvia SIA is a medium-sized logistics and freight transportation company based in Latvia, operating as part of the ACE Logistics Group with subsidiaries in Estonia, Lithuania, and Ukraine. The company offers a broad range of transportation services including road, air, sea, and rail freight, complemented by customs documentation, warehousing, and cargo insurance. Their market position is that of an established regional player with international reach, supported by ISO 9001 and ISO 14001 certifications that demonstrate commitment to quality and environmental standards. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive service information. Technically, the website is built on WordPress using popular plugins such as WPBakery Page Builder and Slider Revolution. It integrates Google Analytics and Facebook SDK for tracking and marketing purposes. The site performs moderately well with good SEO practices and basic accessibility features. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though security headers could be enhanced and legacy jQuery usage updated to reduce risk. No explicit incident response or vulnerability disclosure mechanisms are present, which could be improved to enhance security transparency. Contact information is clearly provided, including phone numbers, email, and physical address, supporting business credibility. Overall, the site reflects a trustworthy and professional logistics provider with room for security and compliance enhancements. Strategic recommendations include implementing stronger security headers, updating legacy scripts, publishing incident response contacts and vulnerability disclosure policies, and continuing to enhance privacy compliance and user trust through transparent communication.

E

Eesti Väike- ja Keskmiste Ettevõtjate Assotsiatsioon

evea.ee

46

EVEA (Eesti Väike- ja Keskmiste Ettevõtjate Assotsiatsioon) is a well-established non-profit business association founded in 1988, representing the interests of small and medium-sized enterprises in Estonia. The organization provides a broad range of services including legal advice, financial consulting, and networking opportunities, positioning itself as the largest SME advocacy group in Estonia. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its target audience of Estonian SMEs. Technically, the website is built on WordPress with WooCommerce and uses modern frameworks such as UIkit and analytics tools like Google Analytics via MonsterInsights. The site is hosted by Elkdata OÜ, an Estonian hosting provider, and demonstrates good mobile optimization and SEO practices. Performance is moderate with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for forms, but lacks explicit security headers and documented security policies or incident response plans. Privacy and cookie policies are present and GDPR compliant, indicating a basic level of privacy compliance. No critical vulnerabilities or suspicious patterns were detected. Overall, the website presents a trustworthy and credible digital presence for EVEA, with a solid foundation in business credibility and technical implementation. Strategic improvements in security headers, accessibility, and formal security policies would enhance the security posture and compliance maturity.

O

Online Solution (supported by SAVEALITY)

ano-phone.de

59

ANO-PHONE is a German-based small technology business specializing in secure, encrypted Android smartphones with integrated private VPN services. The company targets privacy-conscious consumers seeking enhanced mobile security and anonymity. Their product offers hardware encryption, secure communication channels, and control without backdoors or remote access. The website is built on WordPress with WooCommerce, featuring good content quality and a professional design. Technical infrastructure includes Cloudflare DNS and common analytics and advertising tools. Security posture is solid with HTTPS and no exposed sensitive data, though explicit security headers and policies are lacking. Privacy compliance is partial, with cookie consent implemented but no dedicated privacy policy page found. Contact information is limited to an email address, with no phone or physical address provided. Overall, the domain and website appear legitimate and consistent with the business claims.

O

Online Solution 360 GmbH

ano-phone.com

55

ANO-PHONE is a specialized provider of secure encrypted smartphones integrated with private VPN services, targeting privacy-conscious users and security-focused consumers. The company operates an e-commerce platform selling purified Android-based smartphones with hardware encryption, secure communication tools, and cryptocurrency wallet support. The business is positioned as a niche player in the technology sector, emphasizing privacy and security. The website is professionally designed, mobile-optimized, and includes essential business and contact information, although phone numbers and physical addresses are not explicitly listed. Technically, the site uses WordPress with WooCommerce, Google Analytics, and Cloudflare DNS, delivering moderate performance and good SEO optimization. Security posture is solid with HTTPS and client transfer protection on the domain, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is supported by a cookie consent mechanism and a privacy policy indicating GDPR adherence. Overall, the website and domain registration data indicate a legitimate and trustworthy business presence.

O

Online Solution 360 GmbH

cdn-solution.net

51

Online Solution 360 GmbH operates the website cdn-solution.net, providing full service hosting, cyber security, and content delivery network solutions with a focus on eco-friendly data centers. The company targets businesses requiring advanced hosting and CDN services, emphasizing sustainability and innovative technologies such as GeoDNS, load balancing, and AI-driven energy efficiency. The website is professionally designed using WordPress CMS, hosted on Linode infrastructure, and includes a cookie consent mechanism compliant with GDPR. Contact information and company registration details are clearly presented, enhancing business credibility. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though DNSSEC is not enabled and security headers are missing, representing areas for improvement. No WAF or blocking mechanisms were detected, allowing full content access and analysis.

N

Noatum Logistics

noatumlogistics.com

63

Noatum Logistics operates as a global transport and logistics solutions provider, positioned among the top 50 freight forwarders worldwide. Their services encompass air, ocean, road, and rail freight, along with customs brokerage, warehousing, and value supply chain services. The website reflects a professional and consistent brand presence targeting businesses requiring comprehensive logistics solutions. Technically, the site is built on WordPress with modern plugins and SEO tools, ensuring good performance and mobile optimization. Security measures include HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers and explicit privacy policies are missing. The absence of WHOIS registration data raises concerns about domain legitimacy, though the website content and infrastructure appear credible. Overall, the site demonstrates a mature digital presence with room for improvement in transparency and security best practices.

B

BOX Options

boxoptions.com

63

BOX Options Market LLC operates a fully automated electronic options exchange specializing in trading OCC issued standardized options on equities and ETFs. The company emphasizes technological innovation and transparency to provide a reliable marketplace for options traders. The website reflects a mature business with a domain age of approximately 8 years and a clear market presence in the financial sector. The target audience includes institutional investors, market participants, and potential members interested in options trading technology and services. The business model centers on providing exchange services, membership access, and market data dissemination.

C

Caotica OÜ

caotica.ee

49

Caotica OÜ is a specialized web design and development agency based in Estonia, operating since 2008. The company offers a comprehensive suite of digital services including website design, web development across platforms like WordPress, Webflow, and Wix, e-commerce solutions with WooCommerce and Shopify, as well as ongoing website management and SEO optimization. Their market position is that of a trusted, experienced small business serving both local and international clients, with over 200 projects completed and 80+ clients served. The website reflects a professional and consistent brand image with clear service offerings and client testimonials, supporting their credibility. Technically, the website is built on WordPress using the Avia Framework and Yoast SEO plugin, leveraging modern web technologies such as jQuery and Google Fonts. The site is mobile-optimized and demonstrates good SEO practices with structured data and meta tags. Hosting and domain registration are managed by Zone Media OÜ, consistent with the company's Estonian base. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS with anonymized IP tracking in Google Analytics and implements a cookie consent mechanism, indicating awareness of privacy compliance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no formal security or incident response policies are published. There is no vulnerability disclosure or security.txt file, which could be areas for improvement. Overall, Caotica OÜ presents a low-risk profile with a solid business foundation, professional web presence, and basic privacy compliance. Strategic enhancements in security headers, incident response transparency, and accessibility could further strengthen their security posture and trustworthiness.

T

Tervise Arengu Instituut

tubakainfo.ee

43

Tubakainfo.ee is an official Estonian government public health website managed by the Tervise Arengu Instituut (Health Development Institute). It provides comprehensive educational content on the harms of tobacco use, passive smoking, and supports tobacco cessation efforts. The site targets Estonian-speaking tobacco users, their families, and healthcare professionals, offering interactive tools, videos, and guidance. The website is well-structured, professionally designed, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins such as Yoast SEO, Google Tag Manager, and Facebook Pixel for analytics and marketing. It uses HTTPS with good SSL configuration but lacks some security headers. The site does not display a privacy or cookie policy, which is a notable compliance gap, especially given the use of tracking pixels. Contact information is clearly provided, enhancing business credibility. From a security perspective, the site shows good practices like HTTPS and nonce usage for AJAX but could improve by adding security headers and publishing explicit security and incident response policies. No vulnerabilities or suspicious patterns were detected. WHOIS data confirms the domain is registered to the official Estonian health institute, supporting legitimacy. Overall, the site is trustworthy and professional but should address privacy compliance and security policy transparency to improve its security posture and regulatory adherence.

T

Tervise Arengu Instituut

toitumine.ee

40

The website toitumine.ee is an official Estonian government health information portal managed by the Tervise Arengu Instituut under the Haridus- ja Teadusministeerium (EENet). It provides comprehensive nutrition guidelines, health advice, and tools such as a BMI calculator targeted at Estonian residents across various life stages and health conditions. The site is well-structured with rich content and expert contributions, positioning it as a trusted national resource for healthy eating information. Technically, the site is built on WordPress with modern libraries like jQuery, Bootstrap, and integrates Google Analytics and Facebook SDK for tracking. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and explicit incident response or vulnerability disclosure information. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the site is credible and trustworthy but would benefit from enhanced privacy and security practices.

H

Avaleht - Hiv

hiv.ee

40

The website hiv.ee serves as an informational and support portal focused on HIV awareness, prevention, testing, and living with HIV in Estonia. It targets Estonian-speaking individuals, including those living with HIV and at-risk populations, providing educational content, testing locations, and counseling resources. The site is positioned as a trusted health information source, likely operated or supported by public health entities or non-profit organizations. Technically, the site is built on WordPress, utilizing common libraries such as jQuery and Slick Carousel, and integrates marketing and analytics tools like Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile-optimized with good navigation and content relevance. Security-wise, the site enforces HTTPS and uses cookie consent banners but lacks visible security headers and explicit privacy policies, which are areas for improvement. Overall, the site is functional, professional, and moderately secure, with room to enhance privacy compliance and security posture.

V

Visionest Institute

invicta.ee

47

Visionest Institute is an Estonian education and training organization formed by the merger of Marketingi Instituut, Invicta, and Director. It offers a wide range of professional development programs, including corporate training, personal development plans, and a digital magazine. The company targets businesses and individual learners, focusing on leadership, marketing, sales, and export sectors. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support. Technically, it is built on WordPress with WooCommerce and integrates advanced marketing and analytics tools such as Google Tag Manager, HubSpot, and Facebook Pixel. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response information are absent. Overall, the domain registration details align well with the business profile, indicating legitimacy and consistency.

N

Nullist OÜ

nullist.ee

50

Nullist OÜ operates a well-established Estonian online marketing education platform, offering practical training and courses for beginners and advanced learners. The company has a strong market presence with over 3000 business clients and targets entrepreneurs, social media managers, and marketing professionals. Their business model focuses on digital education through webinars, workshops, and masterclasses. Technically, the website is built on WordPress with WooCommerce integration, leveraging modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Plausible Analytics, ensuring GDPR compliance and user consent mechanisms. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the site is professional, fast, mobile-optimized, and trustworthy, reflecting a mature digital infrastructure and credible business operations.

P

Pärnumaa infovärav

parnumaa.ee

51

Pärnumaa.ee is a well-established regional information portal serving the Pärnumaa county in Estonia. It provides comprehensive information for residents and visitors including news, job listings, educational resources, real estate offers, and business environment insights. The website is professionally designed using WordPress with Elementor and Yoast SEO plugins, ensuring good content management and search engine optimization. The site is bilingual with Estonian as the primary language and English as an alternate option. Technically, the site employs modern web technologies and integrates analytics and marketing tools such as Google Tag Manager, Hotjar, and Facebook Pixel, while maintaining GDPR compliance through a robust cookie consent mechanism.

Z

Zone Media OÜ

digioskused.ee

47

Digioskused.ee is an Estonian educational platform offering free AI and digital skills training, developed in partnership with Google and Estonian government agencies. The website serves individuals and businesses aiming to enhance their digital competencies through practical, accessible online courses. The platform leverages modern web technologies including WordPress, jQuery, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. Security measures include HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers are missing. The domain registration is consistent with the business purpose and geographic location, supporting legitimacy. Overall, the site presents a professional and trustworthy digital presence with good content quality and user experience.

E

Eesti kaevandusmuuseum

kaevandusmuuseum.ee

44

Eesti Kaevandusmuuseum is a specialized museum and adventure tourism business located in Estonia, offering unique underground mining experiences, safaris, educational programs, and event hosting. The website is professionally designed using WordPress with WooCommerce and booking plugins, supporting multiple languages and providing rich content about their services and events. The technical infrastructure is modern and includes integration with Google Tag Manager and Facebook SDK for marketing and analytics, although Google Analytics is not fully configured. Security posture is solid with HTTPS enforced and cookie consent implemented, but could be improved with additional security headers and explicit incident response policies. Overall, the website reflects a credible and trustworthy business with a good digital presence.

Z

Zone Media OÜ

teletorn.ee

43

Tallinna Teletorn is a prominent Estonian tourism and hospitality business operating the highest open viewing platform in Northern Europe. The website presents a professional and engaging digital presence, offering ticket sales, event hosting, educational programs, and restaurant services. The company targets tourists, families, and educational groups, positioning itself as a key cultural landmark in Tallinn. Technically, the site is built on WordPress with modern plugins for SEO, multilingual support, and social media integration, delivering a good user experience with responsive design and multimedia content. Security posture is solid with HTTPS, cookie consent, and anti-spam measures, though explicit security policies and headers could be improved. Overall, the business demonstrates credibility and digital maturity with room for enhanced privacy compliance and security transparency.

T

Tallinna Loomaaed

tallinnzoo.ee

41

Tallinna Loomaaed operates as a well-established public zoo in Estonia, offering extensive animal collections, educational programs, and conservation efforts. The website reflects a mature digital presence with multilingual support, clear navigation, and comprehensive content targeting families, educators, and conservationists. Technically, the site is built on WordPress with WooCommerce for ticketing, integrating modern analytics and marketing tools while maintaining good performance and accessibility standards. Security posture is strong with HTTPS enforced and no evident vulnerabilities, though explicit security policies and vulnerability disclosure mechanisms are absent. Overall, the domain registration and website content align well, indicating a trustworthy and legitimate organization.

E

Eesti Tervisemuuseum

tervishoiumuuseum.ee

43

Eesti Tervisemuuseum is a small, non-profit educational museum based in Tallinn, Estonia, focused on health and the human body. The museum offers a variety of services including exhibitions, educational programs, workshops, event hosting, and a podcast. It targets a broad audience including children, families, and adults interested in health education. The website is professionally designed with consistent branding and rich content, supporting multiple languages (Estonian, Russian, English). The museum maintains a clear online presence with social media channels and provides accessible contact information. Technically, the site is built on WordPress with WooCommerce and uses modern web technologies and SEO best practices. The hosting and domain registration are consistent with the museum's Estonian identity.