High-risk security reports

A

Ambient Sound Investments

asi.ee

46

Ambient Sound Investments (ASI) is a private asset management firm established in 2003 by four founding engineers of Skype. The company operates as a family office with a focus on investments across venture capital, private equity, listed equity, and real assets, with assets geographically located in Europe, the US, and Asia. The website presents a professional image with clear navigation and relevant business content, targeting investors and professionals interested in diversified asset management. The business model is niche and specialized, leveraging the founders' technology and finance backgrounds. Technically, the website is built on the Voog CMS platform, utilizing standard web technologies such as JavaScript, CSS, and HTML5. The site is mobile optimized and performs moderately well, though accessibility features are basic. The hosting and domain registration are consistent with the business location in Estonia, with no signs of privacy protection or suspicious WHOIS data. External scripts are limited and primarily related to the CMS platform. From a security perspective, the website benefits from HTTPS with a valid SSL certificate, but lacks important security headers and visible security policies. There are no privacy or cookie policies, nor contact information for security incidents or data protection officers. No vulnerabilities or exposed sensitive data were detected, but the absence of key compliance documents and security headers represents a moderate risk. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, improved security headers, and clearer contact information to strengthen trust and regulatory adherence.

S

Softwerk

softwerk.ee

43

Softwerk OÜ is an Estonian technology company specializing in custom business software solutions including business intelligence (BI), ERP implementations (notably Microsoft Dynamics 365), and web development using modern frameworks such as .NET and React. Established in 2012, Softwerk has positioned itself as a trusted partner for businesses in Estonia and Europe, offering tailored solutions that improve operational efficiency and data-driven decision making. The company emphasizes long-term client relationships and quality service delivery, supported by positive client testimonials and recognized partnerships such as Microsoft. Technically, the website is built on WordPress with WPBakery Page Builder, leveraging common web technologies like jQuery and FontAwesome, and integrates Google Analytics and Tag Manager for user tracking. The site is mobile optimized and presents a professional design with clear navigation. Security posture is solid with HTTPS enforced and secure form handling, but lacks advanced security headers and explicit security or incident response policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, Softwerk demonstrates a mature digital presence with room for improvement in privacy and security transparency.

B

Boomerang

boomerang.ee

47

Boomerang is a well-established third-party logistics provider specializing in eCommerce fulfillment and returns management, primarily serving the Nordic region and global markets. The company positions itself as the largest return handling operator in the Nordics, offering tailored and flexible logistics solutions to online webshops. The website reflects a professional and consistent brand image with good content quality and clear business focus. Technically, the site is built on WordPress with Elementor, leveraging modern technologies such as Usercentrics for cookie consent and Google Tag Manager for analytics, indicating a moderate level of digital maturity. Security-wise, the website enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and published security policies, which are areas for improvement. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

The website www.sotsiaalkindlustusamet.ee is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks access to the actual content. As a result, no business information, contact details, or policy documents are available for review. The site is protected by Cloudflare's WAF, indicating a focus on security but preventing external analysis. Without access to the real content, it is not possible to assess the company's market position, services, or compliance posture. The technical infrastructure relies on Cloudflare services, but performance and SEO cannot be evaluated. Security posture cannot be fully assessed beyond the presence of Cloudflare protection. Overall, the site appears to be a government-related entity from Estonia, but detailed insights are unavailable due to access restrictions.

F

FM Capital Consulting Ltd.

capital-consulting.com

48

FM Capital Consulting Ltd. is a well-established Estonian finance consulting firm specializing in worldwide company registration, bookkeeping, compliance, legal support, and tax planning services. The company targets businesses and entrepreneurs, including startups and fintech companies, offering tailored corporate and tax advantage solutions. Their market position is that of a niche consulting provider with expertise in cross-border transactions and fintech licensing. The website is professionally designed with good content quality and clear navigation, supporting their business credibility. Technically, the website is built on WordPress with common plugins such as Yoast SEO, Slider Revolution, and WPBakery Page Builder. It uses modern tracking and analytics tools including Google Analytics and LinkedIn Insight Tag. Performance and mobile optimization are good, though accessibility is basic. The hosting provider is not explicitly identified but the domain is registered with GoDaddy and uses DNS servers from zone.eu and zone.ee. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers. No privacy or cookie policies are present, which is a compliance gap especially given the use of tracking technologies. Contact information is clearly provided, enhancing trust. No WAF or blocking mechanisms are detected, allowing full content access. Overall, the website presents a moderate risk profile with strengths in business credibility and technical implementation but weaknesses in privacy compliance and security best practices. Strategic improvements in privacy policy implementation, cookie consent, and security headers would enhance their security posture and compliance standing.

R

R Haldus OÜ

rhaldus.ee

45

R Haldus OÜ is a small Estonian company specializing in property management services for commercial and residential real estate. Their website presents a focused business model offering competent and quality property maintenance and management services. The site is primarily in Estonian with options for English and Russian, targeting property owners seeking professional management solutions. Technically, the website is built on the Voog CMS platform and uses common JavaScript libraries such as jQuery and Modernizr, along with Google Analytics and Google Tag Manager for tracking. The site is moderately optimized for mobile devices and has basic SEO and accessibility features. Security-wise, the website uses HTTPS but lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. There is no visible incident response or vulnerability disclosure information, which limits transparency in security matters. Overall, the website is functional but basic, with room for improvement in privacy, security, and content depth.

N

Nord Projekt

nordprojekt.ee

42

Nord Projekt is a leading Estonian architecture and engineering bureau offering comprehensive design and project management services. The company emphasizes creativity, precision, and quality across all project phases, serving clients seeking professional architectural and engineering solutions. Their market position is strong within Estonia, supported by a portfolio of notable projects and ISO 9001 certification. The website is built on WordPress with modern plugins and demonstrates good digital maturity, including multilingual support and SEO optimization. Security posture is solid with HTTPS enabled, but lacks some security headers and explicit privacy and cookie policies, which are areas for improvement. Contact information is clearly provided, enhancing business credibility. Overall, the site reflects a professional and trustworthy business presence.

The website ww.ee represents a small Estonian technology-related company operating under the names OÜ Wõrgu Wõlurid and Web Wizards LLC. The business appears to provide web or IT services, targeting both Estonian and English-speaking clients. The domain is well-established since 2010 and hosted by Zone Media OÜ, consistent with the company's location and language. The website content is minimal but accessible, providing basic contact information in two languages. Technical infrastructure is simple, relying on standard HTML, CSS, and JavaScript without advanced frameworks or CMS platforms. Mobile optimization and accessibility are basic but functional. From a security perspective, the site lacks critical security headers and published policies such as privacy, cookie, or terms of service, which indicates compliance gaps and potential risks. No incident response or vulnerability disclosure mechanisms are present. The absence of analytics or tracking scripts suggests minimal user tracking, which is positive for privacy but also indicates limited marketing sophistication. WHOIS data is transparent and consistent with the website's claims, supporting legitimacy. Overall, the website scores moderately on business credibility but falls short on privacy compliance and security posture. The lack of published policies and security best practices presents risks that should be addressed to improve trust and regulatory compliance. Strategic improvements in security headers, policy publication, and incident response readiness are recommended to enhance the site's security and compliance maturity.

Estfilm Production OÜ is a small Estonian film production company established in 2006, specializing in cultural, nature, and regional films to promote Estonia. They serve both public and private sector clients and offer a range of services including aerial filming, time-lapse filming, 3D animations, and video editing. The company maintains a consistent brand presence and showcases its portfolio via a YouTube channel. Technically, the website is built on WordPress using older jQuery and Google Analytics for tracking, with basic mobile optimization and accessibility. Security posture is moderate but could be improved by updating libraries and implementing security headers. Privacy compliance is weak due to the absence of privacy and cookie policies and lack of consent mechanisms. Overall, the website is functional and professional but requires enhancements in security and privacy to meet modern standards.

AuditPartner is a small Estonian auditing and financial consulting firm with a website primarily in Estonian and an English language option. The company positions itself as a professional service provider focusing on seeing beyond the numbers, targeting businesses requiring auditing and financial services. The website is built on WordPress with common web technologies such as jQuery and Bootstrap, indicating a standard but modern technical infrastructure. Performance and mobile optimization are moderate to good, with basic SEO and accessibility features. From a security perspective, the site uses HTTPS with good SSL configuration but lacks important security headers and visible security policies such as privacy, cookie, or incident response policies. No vulnerability disclosure or security.txt files are present, and no contact information such as emails or phone numbers are explicitly provided on the homepage. These gaps reduce the overall privacy compliance and security posture scores. Overall, the website is functional and professionally designed but lacks critical compliance and security transparency elements. The domain WHOIS data is consistent with the business claims, supporting legitimacy. Strategic improvements in privacy policy publication, security headers, and contact transparency would enhance trust and compliance.

M

M-Partner

mpartner.ee

41

M-Partner is an established Estonian recruitment company specializing in the effective hiring of managers and specialists, with over 20 years of experience and more than 1000 successful recruitments. Their business model focuses on full search and headhunting services, targeting Estonian companies seeking qualified personnel. The website reflects a professional and consistent brand image, supported by client logos and clear service descriptions. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates essential tools such as Google Tag Manager and reCAPTCHA, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforcement, email obfuscation, and cookie consent mechanisms, though additional security headers and formal policies could enhance protection. Overall, the site is accessible, well-structured, and compliant with GDPR, presenting a trustworthy and credible online presence.

The website vanglateenistus.ee is currently inaccessible beyond a Cloudflare Turnstile captcha challenge page, preventing access to any substantive content. The domain is very recently registered (December 2023) and is owned by Elkdata OÜ, a hosting and registrar provider, indicating the site is likely new or under development. Due to the WAF challenge, no business, security, or compliance information is available for analysis. The technical infrastructure relies on Cloudflare's security and analytics services, but no CMS or frameworks are detectable. The security posture cannot be fully assessed, but the presence of Cloudflare WAF indicates some baseline protection. Overall, the site is low trust at this stage due to lack of accessible content and new domain age.

L

Lindab

lindab.si

40

Lindab.si is a Slovenian content and blogging website established in 2022, offering articles on a variety of topics including home, health, sports, services, and technology. The site targets a general Slovenian-speaking audience interested in diverse lifestyle and technology content. The business model is primarily content publishing with no direct e-commerce or transactional services evident. The website is built on WordPress CMS, utilizing Yoast SEO for search optimization and Google reCAPTCHA for form security. The technical infrastructure is modern and moderately performant with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enforced and form protection via reCAPTCHA, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy page present but no cookie consent mechanism detected. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the website is legitimate, consistent with its domain registration data, and presents a moderate trust level. Strategic improvements in privacy compliance, security policy transparency, and contact information availability would enhance credibility and user trust.

R

Roadplan

roadplan.ee

48

Roadplan is an Estonian company specializing in road project design, outdoor space projects, and consulting services. Founded in 2013, it positions itself as a leading road project designer in Estonia, targeting clients who require sustainable and innovative solutions for their outdoor environments. The website content is primarily in Estonian and focuses on communicating the company's expertise and service offerings. Technically, the website is built on WordPress and uses modern web technologies including Google Fonts, Google Analytics, Google Tag Manager, and reCAPTCHA for form security. The site is hosted by Zone Media OÜ, a known Estonian hosting provider. Performance and mobile optimization are good, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the website uses HTTPS with a valid SSL certificate and employs reCAPTCHA to protect forms. However, it lacks important security headers and does not provide explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is professional and functional but lacks comprehensive privacy and cookie policies, explicit contact information, and detailed security disclosures. These gaps reduce its privacy compliance and slightly impact trustworthiness. Strategic improvements in these areas would enhance the site's security posture and user trust.

Berbank AS operates as a small Estonian financial institution providing traditional banking services including private and business banking, loans, deposits, and internet banking. The website targets Estonian private individuals and business clients, offering localized financial products. The domain is registered since 2019, consistent with a relatively new or niche bank. The technical infrastructure is basic, relying on jQuery and Google Analytics, with no modern frameworks or CMS detected. The website lacks HTTPS enforcement and security headers, which are critical for banking sites, indicating a weak security posture. Privacy compliance is poor, with no visible privacy or cookie policies, and no GDPR compliance indicators. Contact information is present but limited, and no incident response or security policy details are provided. Overall, the site shows moderate business credibility but requires significant improvements in security and privacy to meet industry standards.

D

Dispak

dispak.ee

45

Dispak is an Estonian retail business specializing in the sale of paper and fabric bags, primarily targeting customers seeking packaging solutions for gifts and corporate gifts. The company claims over two decades of experience and offers custom logo printing services with a minimum order quantity. The website is primarily in Estonian and serves the local market with a product-focused approach. Technically, the site uses jQuery and jQuery UI libraries along with Google Analytics and Tag Manager for tracking. The hosting and domain registration are consistent with an Estonian business identity. However, the website lacks explicit privacy, cookie, and terms of service policies, which impacts its compliance posture. Security headers and advanced security practices are not evident, and no incident response or vulnerability disclosure information is provided. Overall, the site is functional with moderate technical implementation but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

L

Laser Diagnostic Instruments

ldi.ee

44

Laser Diagnostic Instruments (LDI) is an Estonian-based company specializing in advanced oil spill detection systems and water monitoring sensors. Their flagship product, the ROW (Remote Optical Watcher), provides autonomous, non-contact detection of oil spills and algal blooms, serving industrial and environmental clients globally. The company has a strong niche market position with installations across multiple continents and industries including energy, water treatment, and shipping ports. The website reflects a professional and consistent brand image with detailed product information and client testimonials, supporting their credibility in the environmental monitoring sector. Technically, the website is built on WordPress with modern plugins and frameworks, offering good performance and mobile optimization. Security posture is solid with HTTPS and standard best practices, though improvements are recommended in cookie consent and security headers. Privacy compliance is basic with a privacy policy present but lacking cookie consent mechanisms. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, LDI presents a trustworthy and professional digital presence aligned with their business objectives.

S

Sparkup

teaduspark.ee

45

Sparkup Tartu Teaduspark is a well-established science and technology park based in Tartu, Estonia, founded in 2010. It serves as a hub for science- and technology-intensive startups and scaleups, offering incubation, acceleration, business development services, and rental spaces. The organization supports companies through various programs including Sparkup Inkubaator, ESA BIC Estonia, and multiple thematic accelerators focused on energy, climate, defense, and logistics. The website reflects a mature digital presence with a modern WordPress-based infrastructure, leveraging Elementor for design and Google Tag Manager and Facebook Pixel for analytics and marketing. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not published. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy page, primarily in Estonian. Overall, the site demonstrates good professionalism, clear navigation, and strong business credibility, positioning Sparkup as a key player in the Estonian innovation ecosystem.

E

Eesti Keskkonnauuringute Keskus OÜ

klab.ee

40

Eesti Keskkonnauuringute Keskus OÜ is a government-affiliated Estonian company specializing in chemical, physical, and microbiological laboratory analyses, geotechnical studies, and environmental condition modeling. The company positions itself as a leading environmental research and laboratory service provider in Estonia, serving government bodies, environmental agencies, and research institutions. Their website reflects a professional and consistent brand image with a clear focus on environmental services and scientific expertise. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The site includes a consent management platform (Usercentrics) for cookie compliance and integrates Google Tag Manager for analytics. Performance and mobile optimization are good, though accessibility features are basic. The hosting and domain registration are consistent with an Estonian government-related entity, registered since 2013. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism, but lacks explicit security headers and a published security or incident response policy. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of a security.txt or vulnerability disclosure policy is noted as an area for improvement. Overall, the website demonstrates a solid business credibility and technical foundation with room for enhanced security and privacy policy transparency. The risk profile is low, but strategic improvements in security headers and formal policies would strengthen trust and compliance.

Polhem International is a marketing and communications agency operating primarily in Scandinavia and the Baltics. The company offers a broad range of services including marketing, communication, public relations, events, influencer marketing, digital advertising, social media, and media training. The website reflects a professional and consistent brand presence with a modern technical infrastructure leveraging Nuxt.js and Bootstrap 5 frameworks. Tracking and analytics are implemented via Google Analytics and Google Tag Manager, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and DNSSEC, which could be improved. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the domain is well-established and legitimate, supporting the credibility of the business.

S

SRINI OÜ

srini.ee

45

SRINI OÜ is an Estonian software development company specializing in custom software solutions primarily for government and private sector clients. Founded in 2019, the company operates from Tallinn and Tartu with approximately 80 employees. Their business model focuses on delivering tailored software design, development, and maintenance services, leveraging modern methodologies such as SCRUM and XP. The company has a positive market position supported by government contracts and a spin-off subsidiary, Modena. Technically, the website is built on WordPress, uses Java-based technologies, and integrates Google Analytics and Google Maps APIs. The site is mobile-optimized and SEO-friendly but lacks published privacy and cookie policies, which impacts compliance. Security posture is good with HTTPS enforced, but missing security headers and incident response contacts are areas for improvement. Overall, SRINI presents a credible and professional digital presence with moderate risk and room for enhanced privacy and security practices.

Nixor is a technology solutions provider specializing in retail and IT infrastructure services. Their offerings include sales systems, self-service solutions, POS hardware, payment solutions, electronic shelf labels, weighing systems, security technology, business software, and IT infrastructure. The website targets businesses seeking integrated technology solutions in Estonia and the surrounding region. The company presents itself as a medium-sized, established player in the technology sector with a professional online presence. Technically, the website is built on the Odoo CMS platform, utilizing modern frontend technologies such as Bootstrap and FontAwesome. The site is mobile-optimized and provides a multilingual experience with support for English, Estonian, Latvian, and Lithuanian. Performance is moderate, and SEO practices are adequately implemented. However, accessibility features are basic, and there is room for improvement in technical implementation. From a security perspective, the website lacks visible security headers and explicit security or privacy policies. There is no evidence of GDPR compliance mechanisms such as cookie consent banners or privacy policies. No incident response or vulnerability disclosure information is provided, which may impact trust and compliance. The absence of these elements suggests a need for enhanced security posture and privacy compliance. Overall, the website is functional and professional but requires improvements in privacy, security, and compliance transparency to strengthen trustworthiness and meet regulatory expectations. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, and establishing clear incident response and vulnerability disclosure processes.

M

Moonwalk

moonwalk.ee

46

Moonwalk is an Estonian music agency specializing in artist management, music production, and event promotion. The company represents notable artists such as Stefan, Getter Jaani, Black Velvet, and Mr Happyman, positioning itself as a recognized player in the Estonian music industry. The website reflects a professional and consistent brand image, targeting music fans and industry professionals. Technically, the site is built on Squarespace, leveraging modern web technologies and standard analytics tools like Google Analytics and Facebook Pixel. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the website uses HTTPS but lacks several important security headers such as HSTS and Content-Security-Policy, which could improve its security posture. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable gap given the use of tracking technologies. Overall, the website is credible and functional but would benefit from enhanced security and privacy measures to align with best practices and regulatory requirements.

N

Nex OÜ

nex.ee

40

Nex OÜ operates as a small Estonian IT service provider specializing in computer repair, network consulting, remote support, and IT infrastructure management. The company positions itself as a reliable local partner with authorized partnerships from recognized brands such as Lenovo and Epson. Their website clearly communicates their service offerings and contact information, targeting businesses and individuals requiring IT support and hardware sales. Technically, the website is built on WordPress and utilizes modern web technologies including jQuery, LiteSpeed Cache, and Google Tag Manager. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. However, some security best practices such as security headers are missing. From a security perspective, the site enforces HTTPS and does not expose sensitive data. However, it lacks published privacy and cookie policies, incident response contacts, and vulnerability disclosure mechanisms, which are important for compliance and trust. The WHOIS data is consistent with the business claims, enhancing legitimacy. Overall, the website is professional and functional but would benefit from improved privacy compliance and enhanced security headers to strengthen trust and regulatory adherence.

The website epicenter.ee is currently inaccessible due to an HTTP 403 Forbidden error, indicating that access to the site's content is blocked or restricted by server configuration or security policies. As a result, no metadata, structured data, contact information, or business content is available for analysis. The domain is registered to Zone Media OÜ since 2012, which suggests a legitimate and established presence in Estonia. However, the lack of accessible content severely limits the ability to assess the company's business model, services, or compliance posture. Technically, the site runs on an Apache server hosted by Zone Media OÜ, but no further technology stack details or security headers are visible due to the access restriction. Security posture cannot be evaluated beyond the presence of HTTPS (implied by port 443) and the 403 error. Overall, the site scores very low on content quality, technical implementation, security, privacy compliance, and business credibility due to the blocked content.

The website iaconsulting.info currently presents minimal content, consisting solely of a frameset that redirects visitors to an external domain (www.searchvity.com). There is no visible business information, contact details, or policies on the site, which severely limits the ability to assess the company's market position or services. The domain is registered since 2015 with privacy protection, but the lack of transparency and meaningful content raises concerns about legitimacy and professionalism. From a technical perspective, the website lacks modern infrastructure elements such as HTTPS, security headers, and accessible HTML structure. The use of framesets is outdated and negatively impacts user experience and SEO. No scripts, analytics, or tracking technologies were detected, indicating a very basic or placeholder site. Security posture is weak due to the absence of HTTPS, security headers, and any visible security or privacy policies. The WHOIS privacy protection, while common for small businesses, combined with the minimal content and redirect behavior, suggests a low trust level. There are no indications of incident response readiness or certifications. Overall, the website poses a high risk from a security and trust perspective. It is recommended to implement HTTPS, develop meaningful content including privacy and cookie policies, provide clear contact information, and modernize the technical implementation to improve credibility and compliance.

L

LVM Kinnisvara

lvm.ee

46

LVM Kinnisvara is a well-established Estonian real estate company providing comprehensive property services including sales, valuation, development, and brokerage. The company operates across major Estonian cities with multiple office locations and a professional online presence. Their website is built on WordPress with modern plugins and integrates marketing and analytics tools to engage and track users effectively. Security measures such as HTTPS, CAPTCHA on forms, and cookie consent mechanisms are implemented, though some security headers could be improved. The domain registration data aligns well with the business profile, indicating legitimacy and a mature online presence.

J

Jolos

jolos.eu

44

Jolos is a full spectrum creative agency based in Estonia, specializing in world-class event production, branding, campaigns, and live and virtual events. The company positions itself as a high-quality, professional agency focused on delivering unique and memorable experiences for brands and organizations. The website reflects a mature digital presence built on WordPress, leveraging modern optimization and analytics tools such as Google Analytics and Tag Manager with IP anonymization enabled. The site is well-designed, mobile-optimized, and rich in multimedia content, showcasing detailed case studies and team profiles that enhance trust and professionalism. Security posture is solid with HTTPS enforced and no exposed sensitive data, though the absence of security headers and formal security policies suggests room for improvement. Privacy compliance is limited due to missing privacy and cookie policies and lack of consent mechanisms. Overall, the domain registration aligns with the business claims, indicating legitimacy and trustworthiness.

R

Rescoval

rescoval.ee

42

Rescoval is an Estonian company specializing in advertising installation services, including banner and sticker advertising, seasonal sales areas, and rental of advertising trailers across Estonia. Established in 2010, the company targets retail chains, supermarkets, and shopping centers, offering professional and rapid campaign installations. The website reflects a mature local business with consistent branding and clear service offerings. Technically, the site is built on WordPress with common plugins for SEO, forms, and sliders, showing moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent implemented, though there is room for improvement in security headers and incident response policies. Overall, the domain registration data aligns well with the business claims, enhancing trustworthiness.

N

Nordic Consult

nordicconsult.ee

40

Nordic Consult is a small Estonian corporate services provider specializing in online company registration, legal address provision, accounting, and e-Residency support. Established since 1997, it targets entrepreneurs and e-Residents seeking efficient company formation in Estonia. The website is built on WordPress with SEO and form plugins, offering a user-friendly experience with clear navigation and relevant content. Technically, the site is hosted via Zone Media OÜ and uses HTTPS with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and secure form handling but lacks important security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional and trustworthy but would benefit from improved privacy and security practices.

Tehnolabor OÜ is a specialized technology development laboratory based in Estonia, focusing on electronics, automation, telecommunication, and industrial solutions. With over 20 years of experience, the company offers comprehensive services from prototype creation to product development and production management. Their portfolio includes projects in healthcare, transportation, and industrial sectors, with notable collaborations such as Airbus and EU-funded research initiatives. The company targets businesses and individuals seeking reliable technology development and automation solutions. Technically, the website is built on WordPress with common plugins and modern JavaScript libraries, providing a good user experience and mobile optimization. Security posture is adequate with enforced HTTPS, though improvements are needed in security headers and server-side HTTPS enforcement. Privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the website reflects a credible and professional business with room for compliance and security enhancements.

S

SandFox OÜ

sandfox.ee

42

SandFox OÜ is a small Estonian company founded in 2016 specializing in integrated energy storage solutions, smart battery management, solar panel integration, and Linux-based IT infrastructure services. The company targets industrial clients and businesses in the energy sector, offering critical IT and industrial automation solutions. Their market position is supported by partnerships with major technology vendors such as RedHat, IBM, Huawei, and SUSE, and they emphasize business-critical IT solutions and energy management. Technically, the website uses a basic but functional stack including jQuery, Google Analytics, and Google Translate, hosted likely by Zone Media OÜ. The site is accessible and moderately optimized but lacks advanced mobile responsiveness and accessibility features. Security posture is adequate with HTTPS enabled but lacks important security headers and visible privacy compliance mechanisms. Overall, the company presents a credible and trustworthy business presence with room for improvement in privacy compliance and technical modernization.

The website leegohansson.com is currently inaccessible due to an origin web server downtime, as indicated by the Cloudflare 521 error page. The domain is very recently registered (July 2024) and uses Cloudflare as a CDN and security provider. There is no accessible business content, contact information, or policies available on the site, which severely limits the ability to assess the business or its market position. Technically, the site relies on Cloudflare but lacks DNSSEC and security headers, and the server is currently non-responsive. The security posture is weak due to the downtime and lack of standard security configurations. Overall, the site presents a high risk due to unavailability and lack of transparency, and it is recommended to restore server availability, implement security best practices, and publish necessary compliance policies to improve trust and security.

G

GS Group

gs-group.com

44

GS Group is a well-established Russian investment and industrial holding company with over 30 years of expertise in high-tech industries, primarily focusing on electronics development and manufacturing. The company operates a diversified portfolio including microelectronics, software development, packaging production, and energy-efficient lighting solutions. Their market position is strong within Russia, supported by a robust production base and a strategic focus on import substitution and technology localization. The website reflects a professional and consistent brand image with good content quality and clear navigation, targeting industrial partners, investors, and technology professionals. Technically, the website is built on the Bitrix CMS platform, leveraging modern JavaScript libraries and analytics tools such as Yandex Metrika and Google Tag Manager. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Security posture is adequate with HTTPS enforced and use of reCAPTCHA on forms, but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. Privacy compliance is partial; a comprehensive privacy policy is present, but no cookie consent mechanism was detected, which may pose compliance risks under GDPR. Contact information is limited to a subscription form without direct emails or phone numbers, reducing transparency. The domain WHOIS data is consistent with the business profile, showing a long-standing registration with no privacy protection, indicating legitimacy. Overall, GS Group's digital presence is professional and credible but could benefit from enhanced security practices and improved privacy compliance to strengthen trust and regulatory adherence.

M

MyHome OÜ

myhome.ee

42

MyHome OÜ operates a professional real estate brokerage and property management business primarily serving the Estonian market with additional offerings in Spain. The company provides services including property sales, rentals, management, and interior design. The website reflects a well-established small business with a consistent brand and a focus on quality customer service, as evidenced by testimonials and detailed property listings. The technical infrastructure is based on WordPress with common plugins and integrations such as Google Analytics, Google Tag Manager, and Mailchimp, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly, with structured data enhancing search visibility. Security posture is adequate with HTTPS and some security best practices, but lacks advanced headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies and no visible consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced compliance and security transparency.

The website lasitamaja.com/lander is a newly registered domain (August 2023) currently serving a minimal placeholder or parking page with no substantive business content. The site uses React and JavaScript technologies and includes Google AdSense scripts, indicating an intent to monetize traffic. However, there is no visible business information, contact details, privacy or cookie policies, or terms of service, which limits trust and credibility. Technically, the site is hosted via GoDaddy with domain status locks enabled but lacks DNSSEC and security headers, which are important for domain and web security. The minimal content and lack of SEO or accessibility features suggest a low level of digital maturity. No forms or user data collection mechanisms are present. From a security perspective, the absence of HTTPS enforcement details, security headers, and privacy compliance measures indicates a basic security posture with room for improvement. The domain registration is consistent with a new business but the lack of transparency and content reduces confidence. Overall, the site scores low on content quality, privacy compliance, and business credibility, with moderate technical implementation.

S

Standard

standard.ee

46

Standard is a well-established Estonian company specializing in office and hospitality interior solutions, offering high-quality furniture and comprehensive services including design, manufacturing, and installation. The company targets B2B clients such as businesses, architects, and hotels, with a strong market presence supported by decades of experience and international exports. The website reflects a mature digital infrastructure built on WordPress, leveraging modern technologies and SEO best practices to deliver a professional user experience. Security posture is solid with HTTPS enforcement, cookie consent compliance, and no visible vulnerabilities, although explicit security policies and incident response contacts are absent. Overall, the site demonstrates a trustworthy and credible business presence with room for enhanced privacy and security disclosures.

The website duendekoolitused.ee currently presents no visible content, with an empty HTML body and no metadata, scripts, or forms. The domain is registered since 2010 with Zone Media OÜ, a known Estonian registrar and hosting provider, indicating a legitimate registration history. However, the lack of website content and absence of contact or policy information significantly limit the ability to assess the business operations or digital maturity. The technical infrastructure appears minimal, with no detected CMS, frameworks, or security headers. Security posture is weak due to missing HTTPS information and lack of security best practices. Overall, the website is either inactive or a placeholder, resulting in a low trust and security score.

S

Sisustuskoda OÜ

sisustuskoda.ee

42

Sisustuskoda OÜ is a small Estonian company specializing in custom-made furniture, particularly kitchen furniture for residential customers. Established in 2014, the company positions itself as a provider of quality, durable, and design-focused furniture solutions. Their website reflects a professional and consistent brand image, targeting consumers seeking bespoke interior furnishings. The business operates primarily in the retail sector with a local market focus in Estonia. Technically, the website is built on WordPress using the Astra theme and WooCommerce for e-commerce capabilities. It integrates modern tools such as Google Tag Manager and Google reCAPTCHA to enhance functionality and security. The site is mobile-optimized and demonstrates good SEO practices through structured data and meta tags. Hosting appears to be managed by Zone Media OÜ, consistent with the domain's Estonian registration. From a security perspective, the site uses HTTPS and includes reCAPTCHA to protect forms, but lacks explicit security headers and published security or incident response policies. Privacy and cookie policies are absent, posing compliance risks under GDPR. No vulnerability disclosure or security contact information is provided, which could impact trust and incident handling readiness. Overall, the website is functional and credible for its business purpose but would benefit from enhanced privacy compliance, improved security headers, and transparent security policies to strengthen its security posture and regulatory adherence.

C

Celsius Healthcare

celsius.ee

42

Celsius Healthcare is a leading Estonian medical information company specializing in delivering comprehensive healthcare communication solutions. Their services include the largest medical web publication Med24, organizing medical conferences and training, and publishing specialized healthcare journals. The company targets healthcare professionals such as doctors, nurses, pharmacists, and decision-makers within Estonia, positioning itself as a key player in the national healthcare media and event sector. Founded in 2010, Celsius Healthcare has established a strong market presence supported by public grants and cluster memberships.

B

BCS Auto - Baltic Car Solutions

bcsauto.ee

48

BCS Auto - Baltic Car Solutions is a well-established Estonian company specializing in long-term car rental, vehicle sales, commission sales, and automotive services since 2007. The company targets both private individuals and businesses seeking flexible and cost-effective vehicle solutions. Their market position is strong within Estonia, supported by recognition from the Transport Authority and positive customer testimonials. The website is built on a modern WordPress platform with WooCommerce and Elementor, integrating SEO and marketing tools such as Yoast SEO, Google Analytics, Microsoft Clarity, and MailerLite. Social media presence on Facebook and Instagram further supports their brand visibility. Security posture is adequate with HTTPS and no exposed sensitive data, though improvements in security headers and explicit security policies are recommended. Privacy compliance is basic with a cookie consent mechanism but lacks a visible privacy policy or terms of service. Overall, the website is professional, user-friendly, and trustworthy, reflecting a medium-sized transportation business with a solid digital presence.