High-risk security reports

J

Just another WordPress site

efa.biz

48

EFA Platform is a specialized financial research database management and publication platform targeting equity, fixed income, and multi-asset analyst teams. The website presents a professional and modern design built on WordPress with the Divi theme, incorporating essential SEO metadata and client trust indicators such as logos and demo requests. Technically, the platform uses standard web technologies including Google reCAPTCHA for form protection, but lacks visible advanced security headers and privacy compliance mechanisms. The absence of WHOIS registration data raises concerns about domain legitimacy, although the site content and structure suggest an operational business. Overall, the security posture is moderate with room for improvement in privacy and transparency. Strategic recommendations include adding privacy and cookie policies, improving security headers, and clarifying domain registration details to enhance trust.

T

Thulema

thulema.ee

39

Thulema is a well-established Estonian company specializing in the manufacturing and retail of ergonomic and modern office and public furniture. The company positions itself as a leading brand in Estonia, emphasizing human-friendly materials and innovative Nordic design. Their website reflects a medium-sized business with a clear focus on sustainability, as evidenced by their published carbon footprint report. The target audience includes businesses and institutions seeking quality workplace solutions. Technically, the website is built on WordPress with modern plugins and tracking tools, offering a good user experience and SEO optimization. Security posture is solid with HTTPS and nonce usage, though lacking some advanced security headers and explicit security policies. Privacy compliance is basic, with no visible cookie consent mechanism or GDPR-specific disclosures. Overall, the website is professional, trustworthy, and aligned with the company's business claims.

A

AKU Collective OÜ

aku.co

40

AKU Collective OÜ is a small, established design studio based in Tallinn, Estonia, specializing in branding, strategy, and creative solutions across various media. Founded in 2012, the company serves clients in culture, government, music, and other sectors, with a strong portfolio and multiple design awards. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the site is built on WordPress, uses modern JavaScript libraries like jQuery, and integrates Google Analytics and Tag Manager for tracking. Performance and mobile optimization are good, though accessibility is basic. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration is privacy protected but legitimate, with no suspicious patterns.

M

Mellow

mellow.ee

43

Mellow is a small creative company based in Estonia specializing in video production, photography, animation, visual effects, and graphic design. The website presents a minimalistic portfolio and contact information, targeting clients seeking creative media services. The business appears to be a small niche player with a straightforward service offering and a modest online presence. Technically, the website is built with basic HTML and CSS without any detected CMS or advanced frameworks. Hosting is provided by Zone Media OÜ, an Estonian registrar and hosting provider. The site lacks HTTPS on some assets, and no security headers or modern web technologies are detected. Mobile optimization and accessibility are basic, and SEO features are minimal. From a security perspective, the site shows limited maturity. There is no evidence of privacy or cookie policies, no incident response or security policies, and no vulnerability disclosure mechanisms. The absence of HTTPS on all content and lack of security headers represent notable risks. The WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, the website scores moderately low on security and privacy compliance but maintains basic business credibility and content relevance. Strategic improvements in security posture, privacy compliance, and technical modernization are recommended to enhance trust and user experience.

A

Andevis

andevis.ee

34

Andevis is an Estonian software development company specializing in integrated HR, payroll, and personnel management solutions, notably the Virosoft HR system and self-service portals. The company targets Estonian businesses seeking comprehensive personnel management software tailored to their organizational rules and accounting needs. The website reflects a professional and consistent brand presence with clear contact information and multiple service offerings. Technically, the site is built on WordPress using modern libraries such as jQuery, Bootstrap, and Google reCAPTCHA v2 for form security. Performance and mobile optimization are adequate, though accessibility and SEO could be enhanced. Security posture is moderate with HTTPS enforced and anti-spam measures in place, but lacks important security headers and explicit privacy or cookie policies, indicating compliance gaps. The domain is well-established since 2010 with consistent WHOIS data, supporting business legitimacy. Overall, the site is functional and professional but would benefit from improved privacy compliance and security hardening.

Evex.ge is the official website of Evex Clinics, a large healthcare network in Georgia established in 2014. The company provides a wide range of medical services including state healthcare programs, private insurance, and specialist consultations. The website is professionally designed, mobile-optimized, and offers clear navigation to services, doctors, clinics, and booking options. The business holds ISO 9001:2015 and TÜV AUSTRIA certifications, indicating a commitment to quality standards. Technically, the site uses modern JavaScript libraries and analytics tools, with HTTPS enabled and good SSL configuration. However, it lacks visible privacy and cookie policies, which impacts privacy compliance scores. Security headers are not detected, suggesting room for improvement in security posture. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

P

Pure Norwegian Seafood

pns.no

42

Pure Norwegian Seafood is a Norwegian family-owned seafood producer specializing in high-quality salmon products. The company emphasizes sustainability, quality assurance, and traceability, aiming to be a leading supplier for premium seafood markets. Their website reflects a professional and consistent brand image focused on natural purity and product excellence. Technically, the site uses modern tracking tools such as Google Analytics and Google Tag Manager, with images optimized via Imgix CDN. The site is mobile-optimized and SEO-friendly, though no explicit CMS or hosting provider is identified. Security posture is good with HTTPS enabled and cookie consent mechanisms in place, but lacks visible security headers and detailed security policies. WHOIS data is unavailable due to Norid's privacy policies for .no domains, which is typical and justified for this business type. Overall, the website presents a trustworthy and credible business presence with room for improvement in security transparency and contact information availability.

B

Bestnet Group

tikitreiler.com

48

Bestnet Group is a medium-sized manufacturing company based in Estonia, specializing in metal industry services including trailer development, subcontracted metalworking, and environmentally friendly surface coatings. The company positions itself as a reliable partner with over 30 years of experience and significant factory space in Scandinavia and the Baltics. Their website is professionally designed, mobile-optimized, and uses modern web technologies such as WordPress, Bootstrap, and Google Analytics for tracking. Structured data and SEO practices are well implemented, enhancing their digital presence. Security posture is adequate with HTTPS enforced and domain transfer protections, but lacks advanced security headers and explicit security policies. Privacy compliance is basic, with no cookie consent mechanism despite active analytics tracking. Overall, the website reflects a credible and professional business with room for improvement in privacy and security transparency.

Metaprofit is an established Estonian training and consulting company specializing in organizational development, personnel training, and psychological services. With over 20 years of experience and a client base exceeding 500 organizations, it offers a wide range of personalized training programs and consulting services targeting both public and private sectors. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, it is built on WordPress with modern plugins and integrates analytics tools such as Google Analytics and Yandex Metrika. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is trustworthy and functional but would benefit from enhanced privacy and security disclosures.

T

Tallinna 21. Kool

21k.ee

41

Tallinna 21. Kool is a well-established educational institution in Estonia, providing primary and secondary education with a focus on modern, innovative learning approaches. The school has a strong market position supported by a long history since 1903 and multiple recognitions and awards. The website reflects a medium-sized institution targeting students, parents, and educators with comprehensive educational services and extracurricular activities. Technically, the site is built on WordPress with a modern tech stack including Bootstrap and various JavaScript libraries, delivering a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS and anonymized Google Analytics tracking, though it lacks some advanced security headers and formal security policies. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

R

Reiting PR OÜ

reiting.ee

45

Reiting PR OÜ is an established Estonian company specializing in adult education, business training, and accounting services. Founded in 2010, it operates a professional website offering a wide range of practical courses, including entrepreneurship, personal work, logistics, IT, and language training. The company also provides reliable accounting services for businesses and housing associations, alongside psychological and addiction counseling. It holds a reputable market position as a partner of the Estonian Unemployment Insurance Fund (Töötukassa) and collaborates with several recognized local organizations. The website is well-structured, content-rich, and targets adult learners, entrepreneurs, and professionals seeking skill development.

RAKETT OÜ is a small independent advertising and design agency specializing in the food industry, operating primarily in Northern Europe with offices in Tallinn and Helsinki. The company showcases a professional portfolio with notable clients, emphasizing creative advertising and design services. The website is built on WordPress using modern plugins and frameworks, indicating a moderate level of digital maturity. Security measures such as HTTPS and Google reCAPTCHA are implemented, and a cookie consent mechanism is active, though explicit privacy and terms of service pages are absent. WHOIS data is privacy protected, which is common for small agencies, and no suspicious indicators were found. Overall, the website presents a trustworthy and professional image with room for improvement in compliance documentation and security headers.

L

LenovoArvutid

lenovoarvutid.ee

43

LenovoArvutid is an Estonian e-commerce retailer specializing in business-class Lenovo ThinkPad laptops and related accessories. The website targets business customers and individual buyers seeking high-quality Lenovo laptops, offering products such as the ThinkPad X1 Carbon, T14, and P14 series. The business model focuses on online sales with additional services like leasing and installment payment options. The company has been operating since 2017 and maintains a consistent brand presence with a professional website design and clear navigation.

E

Emerante

emerante.ee

41

Emerante is a small Estonian retail and service company specializing in home interior furnishings, offering full services from project planning to installation and furniture maintenance. The website reflects a local market focus with a professional and consistent brand presence. Technically, the site is built on WordPress with WooCommerce, leveraging modern libraries and frameworks such as Bootstrap, jQuery, and Owl Carousel. The site is mobile-optimized and uses SSL with good SEO practices. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and explicit policies are lacking. Privacy compliance is partial, with cookie consent implemented but no visible privacy or terms pages. Overall, the site is trustworthy and functional but could improve transparency and security documentation.

B

Bait Partner OÜ

baitpartner.eu

41

Bait Partner OÜ is a specialized provider of innovative medical technology solutions aimed at improving healthcare workflows through tailored hardware and software products. The company targets healthcare institutions such as hospitals and laboratories primarily in Europe, positioning itself as a niche B2B technology partner. The website is built on WordPress using the Avada theme and incorporates modern plugins and SEO tools, reflecting a moderate to high level of digital maturity. Security posture is strong with HTTPS and security headers implemented, though privacy compliance could be improved by adding cookie consent mechanisms and dedicated security policies. Overall, the site presents a professional and trustworthy image with clear contact information and client testimonials.

P

PharmaEstica Manufacturing OÜ

pharmaestica.ee

33

PharmaEstica Manufacturing OÜ is an Estonian pharmaceutical manufacturing company specializing in full-cycle production and development of medicines and biologically active supplements. Established in 1997, the company has a solid market presence and offers key services including pharmaceutical development, manufacturing, quality assurance, and R&D. The website reflects a medium-sized enterprise with consistent branding and a professional online presence. Technically, the site is built on WordPress using the Avada theme and Gravity Forms, with basic bot protection via Google reCAPTCHA. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit privacy or cookie policies. Contact information is comprehensive and easily accessible, enhancing business credibility.

The website at bitofproperty.com/lander is currently a minimal placeholder or parking page with very limited content and no visible business information. The domain is registered since 2017 with a stable registrar and no privacy protection, but the website itself lacks any privacy, cookie, or terms of service policies, and does not provide contact or company details. The technical infrastructure relies on basic JavaScript and a parking lander platform, with Google Adsense for advertising. There is no evidence of advanced security measures or compliance frameworks implemented on the site. Overall, the site appears to be inactive or under development, providing minimal value to visitors and lacking trust signals.

T

Tehnoplast AS

tehnoplast.ee

33

Tehnoplast AS is a leading plastic packaging manufacturer based in Estonia, serving primarily the Baltic and Scandinavian markets. With over 30 years of industry experience, the company specializes in producing high-quality HDPE bottles, canisters, and caps for chemical and food industries. Their business model focuses on manufacturing and providing comprehensive packaging solutions, supported by certifications such as ISO 9001 and ISO 22000, which underline their commitment to quality and safety. The website reflects a professional and consistent brand image, targeting business customers in relevant industrial sectors. Technically, the website is built on WordPress with WooCommerce and Elementor, leveraging modern web technologies and SEO best practices. It uses Google Analytics and Tag Manager for tracking and is hosted by a reputable Estonian registrar. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, performance is moderate, and accessibility features are basic. From a security perspective, the site enforces HTTPS and uses secure forms but lacks visible security headers and published security policies. There is no evidence of a privacy or cookie policy, which is a compliance gap. No incident response or vulnerability disclosure information is provided, which limits transparency in security matters. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security transparency. Strategic improvements in these areas would strengthen user trust and regulatory adherence.

The website unitedskills.com currently displays a critical WordPress error page, indicating a misconfiguration or backend failure. The domain is long-established, registered since 2003 with GoDaddy.com, LLC, and shows domain status protections but lacks DNSSEC. No business or contact information, privacy policies, or terms of service are present on the accessible page. The technical infrastructure is based on WordPress, hosted on Radicenter servers, but the site is non-functional and lacks content, resulting in poor user experience and trustworthiness. Security posture is weak due to missing security headers and exposure of error details. Overall, the site is not currently serving its intended business purpose and requires urgent remediation.

P

Prototron

prototron.ee

43

Prototron is an Estonian startup funding program established in 2012 that provides equity-free grants up to 35,000€ along with mentoring and acceleration services to innovators and startups. The program supports the development of functional prototypes and aims to foster new technology-driven businesses. The website is professionally designed using WordPress CMS and integrates common web technologies such as jQuery and Yoast SEO for optimization. It demonstrates good mobile responsiveness and clear navigation, supporting a positive user experience. Security posture is solid with HTTPS enforced and secure cookie settings, though it lacks advanced security headers and explicit privacy and cookie policies, which are areas for improvement. The domain registration is consistent with the business claims, showing legitimacy and stability. Overall, the website reflects a credible and established organization with a clear mission and professional online presence.

The website altex.ee is currently inaccessible due to a bandwidth limit exceeded error (HTTP 509), resulting in no available content for analysis. The domain is newly registered in February 2024 under the Estonian registrar Zone Media OÜ, indicating a recent business or project launch. Due to the lack of accessible content, no business description, contact information, or policies are available. The technical infrastructure appears to be hosted by host.ee, but no further technical or security details can be confirmed. The security posture is weak due to the site being offline, and no security headers or HTTPS status could be verified. Overall, the site currently presents a high risk of unavailability and lacks transparency and compliance indicators.

O

Oribalt Group

oribalt.com

49

Oribalt Group is a regional pharmaceutical logistics and wholesale company operating in the Baltic states of Estonia, Latvia, and Lithuania. Established in 2017 following the acquisition of Baltic operations from Oriola Group, Oribalt continues a legacy dating back to the early 1990s. The company offers a broad range of services including logistics, wholesale, tenders, repackaging, clinical trials, marketing, and pharmacy operations, targeting businesses in the healthcare sector across the Baltics. The website reflects a professional and consistent brand presence with clear navigation and comprehensive contact information for multiple regional offices. Technically, the website employs modern web technologies such as Google Tag Manager, jQuery, and FontAwesome, with good mobile optimization and moderate performance. The site uses HTTPS with a valid SSL configuration and implements CSRF tokens for form security. Cookie consent is managed via an opt-in banner, indicating some level of privacy compliance. However, the absence of a dedicated privacy policy, terms of service, and security policy pages limits full compliance and transparency. From a security perspective, the site shows good practices like HTTPS enforcement and CSRF protection but lacks security headers and explicit incident response contacts. WHOIS data is transparent and consistent with the business claims, enhancing trustworthiness. No WAF or blocking mechanisms were detected, allowing full content accessibility. Overall, Oribalt's digital presence is solid with room for improvement in privacy and security policy disclosures. Strategic enhancements in these areas would strengthen compliance posture and stakeholder trust.

K

Kingivabrik OÜ

kingivabrik.ee

41

Kingivabrik OÜ operates a professional e-commerce website specializing in promotional and corporate gifts, offering a wide range of branded merchandise including writing instruments, souvenirs, gift sets, drinkware, textiles, and sweets. The company targets businesses and organizations looking for customized logo products to enhance brand visibility and employee recognition. With over 13 years of experience and a strong client base exceeding 10,000 companies, Kingivabrik holds a solid position in the Estonian retail market for promotional goods. The website is built on a WordPress platform using WooCommerce, enhanced by the Avia Framework and various plugins for e-commerce functionality, multilingual support, and marketing integrations. The technical infrastructure includes modern tracking and analytics tools such as Google Analytics and Facebook Pixel, alongside a live chat widget for customer support. The site demonstrates good mobile optimization, SEO practices, and user experience design, although some accessibility features could be improved. From a security perspective, the site enforces HTTPS and employs Google reCaptcha on its contact form to mitigate spam. Cookie consent mechanisms are implemented in compliance with GDPR, and privacy policies are clearly accessible. However, the site lacks explicit security headers and published security or incident response policies, which could be enhanced to strengthen its security posture. Overall, Kingivabrik's website reflects a trustworthy and professional business with a good balance of content quality, technical implementation, and privacy compliance. Strategic improvements in security headers and transparency around security policies would further enhance its risk profile and customer trust.

S

Semetron AS

semetron.ee

48

Semetron AS is an established Estonian company specializing in the sale, maintenance, and repair of advanced medical technology and supplies. With over 30 years of experience and partnerships with more than 200 brands, Semetron serves healthcare providers and medical institutions primarily in Estonia and the Baltic region. Their business model focuses on B2B sales and service, supported by a professional website that highlights their product range and services. The company also operates an online store and partners with related entities such as mmh.ee for modular field hospital solutions. Technically, the website is built on WordPress with modern JavaScript libraries like Swiper.js and jQuery, and it employs Yoast SEO for search optimization and CookieYes for cookie consent management. The site is mobile-optimized and provides a good user experience with clear navigation and multilingual support. Security-wise, the site uses HTTPS with excellent SSL configuration and implements cookie consent mechanisms, but lacks explicit security policies or incident response contacts. Overall, the website demonstrates a solid security posture with room for improvement in security headers and formal policies. The domain registration data aligns well with the business claims, indicating high legitimacy and trustworthiness. Strategic recommendations include enhancing security headers, publishing a security policy, and improving incident response transparency to further strengthen trust and compliance.

The website glassolutions.eu is currently inaccessible due to a Cloudflare Turnstile human verification challenge, which blocks access to the actual content. This prevents a full analysis of the business, security posture, and compliance status. The visible page is a generic security challenge page with no business or contact information, no privacy or cookie policies, and no visible metadata or structured data. The technical infrastructure includes Cloudflare's security services, but no further technology stack details are available. The security posture cannot be fully assessed due to lack of content and security headers visibility. Overall, the site presents a low trust profile in its current state due to inaccessibility and lack of transparency.

I

ITEE Centre of Excellence

it.ee

48

The ITEE Digital Connected Economy website represents a government-affiliated Centre of Excellence in Estonia focused on digital economy research and innovation. The site is modest in content and design, primarily serving as an informational portal with a clear institutional affiliation to the Estonian Ministry of Education and Research (Haridus- ja Teadusministeerium). The technical infrastructure is based on WordPress with common plugins and libraries, though some components like jQuery are outdated, which may pose security risks. The website uses HTTPS but lacks advanced security headers and privacy compliance mechanisms such as cookie consent or privacy policies. Contact information is limited to a single institutional email address, with no phone numbers or physical addresses provided. Overall, the site demonstrates moderate digital maturity with room for improvement in security and privacy compliance.

Adaltum.ee is a small Estonian translation service provider operated by Elkdata OÜ, founded in 2022. The website offers professional translation and localization services targeting businesses and organizations requiring multilingual content adaptation. The site is built on WordPress and uses standard themes and scripts, providing a moderate level of technical maturity with good mobile optimization and basic SEO. Security posture is adequate with HTTPS enabled but lacks important security headers and formal privacy or cookie policies, which impacts compliance and trust. No direct contact information or incident response policies are published, limiting transparency. Overall, the website is functional and professional but would benefit from enhanced security practices and compliance documentation to improve trust and legal adherence.

H

Harju Elekter AS

harjuelekter.ee

49

Harju Elekter AS is a well-established Estonian industrial group specializing in the design, manufacture, and installation of electrical distribution equipment for energy, industrial, and infrastructure sectors. The company has a strong market position supported by multiple awards and contracts with major entities such as Eesti Energia and CERN. Their website reflects a mature digital presence built on WordPress with modern plugins and frameworks, offering good SEO and mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements are recommended in security headers and privacy compliance mechanisms. Overall, the website and business demonstrate high professionalism and trustworthiness.

F

Feministeerium

feministeerium.ee

47

Feministeerium is an Estonian feminist media platform established in 2015, offering well-argued articles on politics, culture, and personal experiences. The website targets Estonian-speaking audiences interested in feminist perspectives and social issues. It operates a content publishing model supplemented by an online store and donation options, positioning itself as a niche media outlet in Estonia. Technically, the site is built on WordPress with WooCommerce, leveraging popular plugins like Yoast SEO for optimization. The infrastructure is hosted by Elkdata OÜ, a reputable Estonian hosting provider. Security posture is solid with HTTPS enabled and no exposed sensitive data, but lacks visible security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies and consent mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security transparency.

A

Altex

altex.ro

48

Altex.ro is a well-established Romanian e-commerce platform specializing in the sale of electronics and household appliances. Founded in 2001, it holds a strong market position as a leading retailer in Romania, offering a wide range of products including phones, laptops, TVs, and home appliances. The website features a comprehensive product catalog and supports fast delivery and installment payment options, targeting Romanian consumers seeking competitive prices and convenience. Technically, the website is built using modern web technologies such as React and Next.js, hosted on Akamai's infrastructure, and integrates analytics and marketing tools like Google Tag Manager, Hotjar, and Cookiebot for consent management. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies. No critical vulnerabilities or blocking mechanisms were detected. However, the absence of a visible privacy policy, terms of service, and direct contact information for security incidents indicates areas for improvement in compliance and transparency. Overall, Altex.ro demonstrates a mature digital presence with strong business credibility and technical implementation. Strategic enhancements in privacy documentation, security policy publication, and contact transparency would further strengthen its security posture and regulatory compliance.

T

Tanel Teemusk

teemusk.com

47

The website teemusk.com represents a seasoned freelance iOS developer and technical team lead, Tanel Teemusk, showcasing his portfolio, resume, and contact information. The site targets businesses and clients seeking expert iOS development and technical leadership services. The business model is freelance consultancy with a strong emphasis on technical expertise and project leadership. The website is professionally designed using WordPress with Divi Builder and SEO optimizations, providing a good user experience and clear navigation. Social media presence is leveraged for contact and trust building. Technically, the site employs modern web technologies including HTTPS, Google Analytics, and Google reCAPTCHA for security and analytics. The CMS is WordPress, with plugins enhancing SEO and form functionality. Performance is moderate with good mobile optimization. However, some security best practices such as DNSSEC and security headers are missing, which could be improved. Security posture is solid with HTTPS and anti-bot measures, but lacks published security or privacy policies, which impacts privacy compliance. No direct company emails or phone numbers are disclosed, relying on contact forms and social media. The domain registration data is consistent with the business claims, showing a long-standing domain without privacy protection, supporting legitimacy. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security hardening to improve user trust and regulatory adherence.

G

Gabriel Scientific OÜ

sleepangel-medical.com

46

Gabriel Scientific OÜ operates the SleepAngel Medical website, offering innovative medical barrier bedding products featuring patented PneumaPure® filter technology. Their products are certified as Class I Medical Devices in the EU, registered with the FDA, and approved by the SFDA, positioning them as a niche innovator in healthcare infection control. The company targets healthcare facilities and distributors, emphasizing sustainability and hygiene. The website is professionally designed using WordPress with Divi and Elementor, featuring multimedia content and clear navigation. Technical infrastructure includes modern web technologies, Google Analytics, and Facebook Pixel for marketing insights. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the site reflects a trustworthy and credible business with room for enhanced privacy and security disclosures.

F

FB Asset Management

fbassets.eu

46

FB Asset Management is a small Estonian investment fund management company established in 2013. The company manages investment funds licensed by the Estonian Financial Supervision Authority and targets professional and experienced investors with funds such as FB Opportunity Fund and FB Corporate Bond Fund. The website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable technical infrastructure. Google Analytics is used for visitor tracking, but no cookie consent mechanism or privacy policy is present, representing a compliance gap. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks security headers and incident response information. Overall, the website is professional and trustworthy but should improve privacy compliance and security transparency.

AS Eesti Pagar is a well-established Estonian bakery company founded in 2010, specializing in a wide range of bread, pastry, and frozen bakery products. The company serves retail consumers and export markets, positioning itself as a key player in the Estonian bakery sector. Their website reflects a professional and consistent brand image with clear product categorization and marketing efforts. Technically, the website is built on WordPress using modern frameworks and libraries such as Foundation, jQuery, and Slick Slider, with integrated marketing and analytics tools including Google Analytics, Facebook Pixel, and Mailchimp. The site is mobile-optimized and SEO-friendly, providing a good user experience. Security-wise, the site uses HTTPS with a cookie consent mechanism compliant with GDPR, but lacks explicit security policies and some security headers. WHOIS data confirms the domain's legitimacy and long-term presence, matching the business profile. Overall, the website demonstrates a mature digital presence with room for improvement in security transparency and incident response readiness.

O

OÜ MyFinancier

myf.ee

42

MyFinancier is a small Estonian company providing an intelligent personal finance assistant service that helps users analyze cash flows and gain detailed insights into asset distribution. The website is professionally designed using WordPress with Elementor and optimized for SEO and mobile devices. It targets Estonian individuals seeking financial management tools. The company maintains a consistent brand presence with active social media profiles on Facebook, LinkedIn, and YouTube. The domain is registered with Elkdata OÜ since 2018, aligning with the business age and location. Technically, the site uses modern web technologies, including Google Analytics and Facebook Pixel for analytics and marketing, with a compliant cookie consent mechanism.

The website bevscottbrown.com currently presents no accessible content, metadata, or business information, rendering it effectively non-functional from a user and security perspective. The domain is long-registered since 2006 with no privacy protection, indicating a stable registration history, but the lack of visible content severely limits any meaningful business or security analysis. Technically, the site lacks any detectable technologies, scripts, or security configurations, and no privacy or cookie policies are present. This absence of content and security posture represents a significant risk and undermines trust and credibility. Strategic recommendations include immediate deployment of HTTPS, development of comprehensive privacy and cookie policies, addition of contact and business information, and implementation of security best practices to improve the site's security and compliance posture.

P

Puidukoda OÜ

puidukoda.eu

49

Puidukoda OÜ is a medium-sized Estonian manufacturing company specializing in high-quality planed softwood timber products, founded in 1997 and part of the French Groupe Rose. The company operates modern automated production lines with a capacity exceeding 225,000 m³ annually and offers additional finishing services such as painting and impregnation. Their market position is strong in Europe, supported by a professional website with multilingual support and e-commerce capabilities. Technically, the website is built on WordPress with WooCommerce and employs modern SEO and privacy compliance tools, including GDPR cookie consent mechanisms. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the company demonstrates a professional digital presence aligned with its business operations and compliance requirements.

The analyzed content corresponds to a Chrome internal error page (chrome-error://chromewebdata/) which serves as an offline or error display within the Chrome browser. It includes embedded JavaScript and CSS for the Chrome Dinosaur game, but contains no actual business or website content. There is no evidence of a commercial entity, business description, or contact information. The page is not accessible as a public website and does not provide privacy, cookie, or terms of service policies. Technically, the page uses standard HTML5, CSS3, and JavaScript with Canvas and Web Audio APIs to render the game. Security posture is minimal but acceptable given the lack of external inputs or forms. Overall, this is not a live website but a browser error page, and thus cannot be evaluated as a business website.

V

Vanalinna Ehitus

vanalinnaehitus.ee

44

Vanalinna Ehitus is an established Estonian construction company specializing in building construction under main contracting agreements. Founded in 2010, the company emphasizes flexibility, client-centric approaches, and quality workmanship. Their website reflects a professional and modern digital presence with multilingual support for Estonian, Finnish, and Swedish audiences. The company showcases a portfolio of projects and maintains active social media channels, reinforcing their market position. Technically, the site is built on WordPress with modern libraries and optimizations, delivering good performance and mobile responsiveness. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is addressed with a privacy policy and cookie consent mechanism. Overall, the website supports the company's credibility and business goals effectively.

V

Vincent Holding OÜ

vholding.ee

49

Vincent Holding OÜ is a sales and distribution company specializing in consumer products such as Batiste dry shampoo, Moxie tampons, Andmetics, Foreo, and Purederm masks. The company positions itself as a major player in the retail sector within Estonia. The website is built using the Wix platform, leveraging Wix Thunderbolt and standard web technologies including JavaScript and Webpack. The technical infrastructure is modern and supports mobile optimization, though performance is moderate. Security posture is adequate with HTTPS enabled and some cookie handling mechanisms, but lacks comprehensive security headers and policies. Privacy compliance is minimal with no visible privacy or cookie policies, and no contact information is provided on the site, which limits user trust and regulatory compliance. Overall, the website is functional and professionally designed but requires improvements in privacy, security policies, and contact transparency to enhance trust and compliance.

E

Estateguru OÜ

estateguru.eu

40

Estateguru OÜ operates a leading European online marketplace platform specializing in short-term, property-backed business loans. The platform targets investors seeking secure investment opportunities backed by real estate mortgages across Europe. The company has an established market presence since 2013 and offers a digital investment service that connects businesses needing loans with investors. Technically, the website is built on WordPress using Elementor and Yoast SEO, hosted likely on SiteGround, and employs modern tracking and marketing tools such as Google Tag Manager and Intercom. The site is HTTPS secured with Cloudflare DNS but lacks DNSSEC and some security headers, indicating room for security enhancements. Privacy compliance is weak due to the absence of explicit privacy and cookie policies, and no direct contact information or incident response details are provided. Overall, the website is professional and trustworthy but would benefit from improved privacy and security disclosures to enhance compliance and user trust.

Z

Zone Media OÜ

eventcenter.ee

40

Event Center is a small Estonian company specializing in the rental of event technology equipment such as sound, lighting, video technology, and stages. The website is built on WordPress using WooCommerce for e-commerce capabilities, supported by Elementor and Jet Menu plugins. The technical infrastructure is modern and moderately optimized for performance and mobile devices. However, the site lacks critical privacy and cookie policies, which impacts its compliance posture. Security measures such as HTTP security headers are absent, and no explicit contact or incident response information is provided, which could affect trust and user confidence. Overall, the website serves its business purpose but requires improvements in privacy, security, and transparency to enhance its credibility and compliance.

Meidron is a small Estonian company founded in 2011, offering IT support and consulting services, EU funding project management, and environmental consulting. The company targets businesses and organizations requiring specialized consulting and support services. The website is simple and functional, providing basic business information and contact details, including email, phone, and LinkedIn profile. The market position appears niche and regional with a focus on professional service delivery. Technically, the website uses basic HTML, CSS, and JavaScript with Google Analytics for tracking. Hosting appears to be on Oracle Cloud infrastructure. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. No CMS or frameworks are detected, indicating a custom or static site. From a security perspective, the domain is well-registered with a long history and transfer protection. However, the site lacks DNSSEC, visible HTTPS enforcement, and security headers. No privacy or cookie policies are present, and no consent mechanisms are implemented, indicating GDPR compliance gaps. The use of Google Analytics without cookie consent further impacts privacy compliance. No incident response or vulnerability disclosure information is provided. Overall, the website presents a moderate risk profile with good business credibility but requires improvements in security posture and privacy compliance to enhance trust and regulatory adherence.

K

KaminaKeskus

kaminakeskus.ee

42

KaminaKeskus is an established Estonian retailer specializing in fireplaces, stoves, ovens, sauna stoves, chimneys, and boilers, operating since 1997. The company offers a wide selection of heating appliances with a focus on quality, competitive pricing, and customer convenience including free home delivery. Their market position is strong within Estonia, supported by multiple physical stores and an active online presence. Technically, the website is built on WordPress with the Avada theme, utilizing modern SEO and multilingual plugins, and integrates Google Analytics and Facebook SDK for tracking. Security posture is adequate with HTTPS and basic security headers, but lacks advanced headers like CSP and HSTS, and is missing privacy and cookie policies, which are critical for GDPR compliance. Overall, the site is professional and user-friendly but should improve privacy compliance and security policies to enhance trust and regulatory adherence.

M

MTÜ Eesti Sukeldujate Klubi

sukeldujad.ee

38

Eesti Sukeldujate Klubi is a small non-profit diving club based in Estonia, providing diving courses, trial dives, and organizing diving-related projects and events. The website serves as an informational portal for diving enthusiasts in Estonia, with a focus on community engagement and education. The club encourages support for its activities, such as purchasing a new bus, indicating active community involvement. Technically, the website is built on WordPress with common plugins like Events Manager, uses HTTPS, and includes social media integration with Facebook and Instagram. However, the site lacks advanced security headers and privacy compliance documentation, which are areas for improvement. The absence of explicit contact emails and phone numbers on the homepage limits direct communication channels. Overall, the site is functional with basic content and navigation but could benefit from enhanced security and privacy features to improve trust and compliance.