Security Directory

S

Scanfil

scanfil.com

76

Scanfil is a well-established manufacturing partner specializing in industrial and B2B sectors, offering comprehensive services from electronics manufacturing to product development and supply chain management. The company targets global customers in industrial, energy, cleantech, and medtech sectors, positioning itself as a trusted and sustainable partner. The website is professionally designed, mobile-optimized, and SEO-friendly, leveraging WordPress CMS and Cloudflare for performance and security. Security posture is strong with HTTPS and cookie consent mechanisms in place, though explicit privacy and terms of service pages are not found in the provided content. WHOIS data is unavailable, which slightly impacts trust but the overall digital presence and content quality support legitimacy. Recommendations include publishing clear privacy and security policies and enhancing transparency on incident response and data protection roles.

T

Trustek

trustek.eu

45

Trustek is a medium-sized European manufacturing company specializing in roof trusses and construction materials. The company targets construction professionals and contractors across multiple European countries, as evidenced by its multilingual websites. The business model focuses on B2B manufacturing and supply with additional services such as delivery and installation. The website is professionally designed using WordPress with the Divi theme, integrating modern analytics and consent management tools. Security posture is good with HTTPS enforced, security headers present, and use of reCAPTCHA on forms. However, the absence of a public security policy and incident response information indicates room for improvement in transparency and preparedness. Overall, the website and business appear legitimate and trustworthy, though WHOIS privacy limits domain registration transparency.

N

Nobel Digital OÜ

fcrmedia.ee

57

Nobel Digital OÜ is a well-established digital marketing agency based in Estonia, positioning itself as one of the largest in the region with over 15 years of experience as a Google Partner. The company offers a comprehensive suite of digital services including SEO, UX/UI audits, Google Ads management, social media advertising, digital strategy, and web development. Their target audience primarily consists of businesses aiming to grow their digital presence both domestically and internationally. Technically, the website is built on WordPress using Elementor and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Usercentrics for consent management. The security posture is strong with HTTPS enforced and appropriate security headers in place, although explicit privacy and terms of service policies are missing. Overall, the site demonstrates good digital maturity and professionalism, with room for improvement in privacy compliance documentation and contact information transparency.

W

Wolf Group

krimelte.com

52

Wolf Group is a manufacturer specializing in construction chemistry products such as PU foams, sealants, adhesives, and coatings targeted at professional construction markets. The company presents itself as a global player with a focus on energy-saving solutions. The website is built on WordPress with modern SEO practices and integrates multiple Google services for analytics and marketing. The technical infrastructure is solid with HTTPS and cookie consent mechanisms in place, though some security headers are missing. The absence of explicit privacy policies, terms of service, and contact information reduces transparency and compliance posture. The WHOIS data is notably missing or inaccessible, raising concerns about domain legitimacy despite the professional website presence. Overall, the site is functional and well-designed but requires improvements in compliance documentation and domain registration transparency.

A

Abc Motors

abcmotors.ee

59

Abc Motors is an automotive dealership website based in Estonia, offering new and used cars, special offers on stock vehicles, and car servicing booking options. The site prominently features brands such as Renault, Dacia, and SWM, targeting car buyers and service customers in the regional market. The business model focuses on vehicle sales and after-sales services. Technically, the website uses a combination of jQuery, Bootstrap, and Cookiebot for cookie consent management, along with Google Tag Manager for analytics and marketing integration. The site is mobile optimized and uses HTTPS with a good SSL configuration. Security posture is adequate with cookie consent and Google Consent Mode configured to deny ad personalization by default, but lacks explicit security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service pages. Contact information such as emails and phone numbers are not explicitly found in the HTML content, which may impact user trust. Overall, the website is functional and professional but would benefit from enhanced privacy disclosures and security documentation.

V

Veriff

veriff.me

79

Veriff is a leading AI-powered identity verification company providing highly automated solutions for fraud prevention, compliance, and customer trust. Their platform supports a wide range of verification services including document verification, biometric authentication, age validation, and AML screening. The company targets global businesses across multiple industries such as financial services, e-commerce, and human resources. The website demonstrates a mature digital presence with modern technologies, strong branding, and comprehensive content. Privacy and cookie policies are implemented with consent mechanisms, reflecting good compliance practices. However, the absence of public WHOIS data is notable and warrants further verification. Overall, Veriff presents a professional and trustworthy online presence aligned with its market position.

F

FINEST AS

finestmedia.ee

53

FINEST AS is an established Estonian technology company specializing in digital and IT solutions with over 20 years of experience. Their business model focuses on software development, e-commerce platforms, and practical business solutions, serving both government and private sector clients. The company maintains a professional online presence with multilingual support and active social media channels. Technically, the website is built on WordPress using modern plugins and frameworks, optimized for performance and SEO, though some accessibility features are basic. Security posture is adequate with HTTPS and cookie consent mechanisms but lacks published security policies or incident response information. Overall, the website reflects a credible and professional business with room for improvement in security transparency and contact information clarity.

U

Unique Hotels Group

uhotelsgroup.com

47

Unique Hotels Group operates a small portfolio of lifestyle hotels in Estonia, focusing on boutique hospitality experiences with historical ambiance and modern amenities. Their services include hotel accommodations, dining, spa treatments, seminars, and gift cards, targeting tourists and business travelers. The website is professionally designed using WordPress with modern technologies and supports multiple languages. Privacy and cookie policies are implemented, and contact information is clearly provided. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy, though the website content and business information appear authentic. Security posture is generally good with HTTPS enforced, but security headers are missing, and no incident response or vulnerability disclosure information is provided. Overall, the website is functional, trustworthy, and well-positioned in the hospitality market in Estonia.

I

Iglu

iglu.ee

58

Iglu is an Estonian software development company specializing in business analysis, UI design, and development of e-services, self-service portals, and Java portals. Founded in 2013, it serves a range of clients including telecommunications, banking, and government sectors, positioning itself as a reliable partner with strong client relationships and a focus on agile development. The website reflects a professional and modern digital presence built on Gatsby and React technologies, with integration of Google Analytics and Tag Manager for performance and user tracking. Security posture is solid with HTTPS enabled and no exposed sensitive data, though the absence of security headers and formal security policies indicates room for improvement. Privacy compliance is lacking as no privacy or cookie policies are found, which is a notable gap given GDPR requirements. Overall, the site is well-designed and trustworthy, but enhancing privacy and security transparency would strengthen its compliance and user trust.

1

1Partner

1partner.ee

54

1Partner is a well-established Estonian real estate company offering comprehensive property services including buying, selling, renting, and valuation. With over 20 years of market presence and more than 45,000 satisfied clients, it holds a strong position in the Estonian real estate sector. The website reflects a professional and consistent brand image, targeting both private and business clients. Technically, the site uses modern web technologies such as Bootstrap and Google Tag Manager, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are absent. Overall, the site is trustworthy and compliant with GDPR, but could improve transparency around security policies and vulnerability disclosures.

S

SecureOps

secureops.com

68

SecureOps is a Canadian-based boutique cybersecurity service provider with over 25 years of industry experience, offering managed security services including 24/7 SOC monitoring, security infrastructure management, vulnerability management, and professional services. The company emphasizes personalized, collaborative, and scalable cybersecurity solutions tailored to enterprise clients across multiple sectors globally. Their market position is strengthened by a SOC 2 Type 2 certification and a strong reputation for quality service delivery. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Analytics, HubSpot, and multiple marketing and tracking tools. The site is well-optimized for SEO and mobile devices, with good performance and accessibility features. Hosting and domain registration are consistent with the business claims, with Amazon Registrar as the registrar and a domain age of over 20 years. Security posture is strong with HTTPS enforced, use of reCAPTCHA on forms, and no visible sensitive data exposure. However, DNSSEC is not enabled and security headers are not explicitly detected, indicating room for improvement. Privacy compliance is good with a clear privacy policy and cookie consent mechanism, though no explicit GDPR statement or data retention policies were found. Overall, SecureOps presents a professional and trustworthy online presence with comprehensive service offerings and solid technical infrastructure. Strategic improvements in security headers, incident response transparency, and vulnerability disclosure would further enhance their security posture and trustworthiness.

E

Elisa Eesti AS

starman.ee

60

Elisa Eesti AS is a leading telecommunications company in Estonia, providing a broad range of services including mobile and fixed internet, telephony, TV packages, and e-commerce for devices and accessories. The company targets private customers with a comprehensive portfolio of digital services and applications, positioning itself as a market leader with a strong brand presence and multiple industry recognitions. The website reflects a mature digital infrastructure built on Drupal CMS and custom Elisa design systems, offering good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS enforcement, security headers, and a robust cookie consent mechanism, although explicit security policy and incident response contacts are not publicly detailed. Overall, the website demonstrates professionalism, trustworthiness, and compliance with GDPR requirements, supporting Elisa Eesti AS's reputation as a reliable telecommunications provider.

G

Glia

salemove.com

69

Glia, Inc. is a technology company specializing in AI-powered contact center software solutions designed to enhance customer experience across digital and voice channels. Positioned primarily in the finance sector, Glia offers a unified platform that automates and assists customer interactions, targeting enterprises seeking to modernize their customer service operations. The company maintains a professional and well-branded online presence with comprehensive content and clear navigation, reflecting a mature digital infrastructure. Technically, the website leverages modern web technologies including Webflow CMS, Google Fonts, Marketo for marketing automation, Facebook Pixel for advertising, and Google Tag Manager for analytics. The site is hosted on Webflow's platform, optimized for mobile devices, and implements good SEO and accessibility practices. Performance is moderate, with room for improvement in loading speed. From a security perspective, the website enforces HTTPS with strong SSL configuration and includes multiple security headers, indicating a solid security posture. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a public security policy and incident response contact information suggests areas for enhancement in transparency and readiness. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms aligned with GDPR requirements. Overall, Glia presents a trustworthy and professional digital footprint with minor gaps in WHOIS transparency and explicit security disclosures. Strategic improvements in these areas would further strengthen business credibility and security posture.

Smarten Logistics AS operates as the largest third-party logistics (3PL) service provider in Estonia, offering comprehensive supply chain solutions to businesses seeking to optimize their logistics operations. The company positions itself as a key player in the Estonian transportation sector, targeting local enterprises requiring efficient logistics services. The website reflects a mature digital presence with professional design and consistent branding, supported by structured data and social media integration. Technically, the site is built on WordPress with Elementor and Yoast SEO, leveraging modern web technologies and analytics tools such as Google Analytics and Facebook Pixel. Security measures include HTTPS enforcement and a robust cookie consent mechanism via Cookiebot, demonstrating compliance with GDPR consent requirements. However, the absence of explicit privacy policies, terms of service, and incident response information represents a compliance gap. Overall, the website is professional and trustworthy, with a good security posture but room for improvement in privacy and legal disclosures.

G

GT Tarkvara

soft.ee

37

GT Tarkvara is a well-established Estonian technology company specializing in software and cloud solutions, with over 25 years of market presence. The company positions itself as the largest software and related services provider in Estonia, targeting businesses and educational institutions. Their offerings include cloud solutions, software licensing, consulting, implementation, and ongoing support. The website reflects a professional and consistent brand image with clear service descriptions and contact information. Technically, the website is built on WordPress with a modern tech stack including Gravity Forms, Google Analytics, Google Tag Manager, and LinkedIn Insight Tag. Hosting is managed via Azure DNS, indicating a reliable infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search visibility. From a security perspective, the site uses HTTPS with good SSL configuration and employs reCAPTCHA v3 to protect forms. However, explicit security headers and published security policies are absent, and no incident response or vulnerability disclosure information is provided. Privacy compliance is partially addressed with a privacy and cookie policy present, but no active consent mechanism is implemented. Overall, GT Tarkvara's website demonstrates a strong business credibility and technical foundation with room for improvement in security policy transparency and privacy compliance mechanisms.

E

E*TRADE Financial

etrade.com

63

E*TRADE Financial, a subsidiary of Morgan Stanley, operates a comprehensive online financial services platform offering brokerage, retirement, banking, and trading services to retail investors. The website reflects a mature, enterprise-grade digital presence with strong branding, extensive product offerings, and educational resources. The platform leverages advanced marketing, analytics, and consent management technologies to deliver a personalized and compliant user experience. Security measures such as HTTPS, Content Security Policy, and fraud protection guarantees are in place, underscoring a strong security posture. While WHOIS data for the subdomain is unavailable, this is typical for subdomains and does not detract from the site's legitimacy. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

C

Coolbet

coolpickz.com

63

Coolbet is an online gambling platform offering sports betting, casino games, and poker primarily targeting the Finnish and Nordic markets. The website presents a professional and consistent brand image with a focus on providing competitive odds and engaging gaming experiences. The platform integrates modern technologies such as React, Google Tag Manager, and Geocomply for geolocation enforcement, indicating a mature digital infrastructure. Security practices include HTTPS and error monitoring via Sentry, though explicit security headers and policies are not evident in the provided content. The absence of WHOIS data raises some concerns about domain registration transparency, but the website's content and licensing claims suggest legitimacy. Overall, Coolbet demonstrates a solid market presence with room for improvement in privacy compliance and security transparency.

T

Tripod

tripod.ee

55

Tripod is an Estonian service provider specializing in recruitment, testing, research, and coaching services. Established in 2010, the company targets businesses and professionals within Estonia, offering niche HR and development solutions. The website reflects a professional presence with clear branding and a focus on service offerings relevant to its market segment. The company maintains active social media profiles on Facebook and LinkedIn, enhancing its market visibility. Technically, the website is built on WordPress CMS, leveraging Yoast SEO for search optimization and Cookiebot for GDPR-compliant cookie consent management. The site uses modern web technologies including jQuery and integrates Google Tag Manager and Meta Pixel for marketing and analytics purposes. Hosting appears to be managed by Zone Media OÜ, consistent with the domain registration data. The website demonstrates good mobile optimization and moderate performance. From a security perspective, the site employs HTTPS with good SSL configuration and uses cookie consent mechanisms to comply with privacy regulations. However, explicit security headers such as Content-Security-Policy and X-Frame-Options are not detected, and no public security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the website presents a low-risk profile with strong compliance to privacy regulations and a solid technical foundation. Strategic recommendations include enhancing security headers, publishing a security policy and incident response contacts, and providing clearer contact information to improve business credibility and user trust.

S

Softrend

softrend.ee

46

Softrend is an established Estonian furniture company specializing in sofas, beds, and home accessories, with a strong emphasis on sustainability and quality craftsmanship. The company operates a professional e-commerce website built on WordPress, featuring modern technologies such as Google Tag Manager, reCAPTCHA, and performance optimizations via WP Rocket. The website is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. However, it lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security posture is strong with HTTPS and bot protection, but could be improved with additional security headers and a vulnerability disclosure policy. Overall, the domain registration data supports the legitimacy of the business, and the website reflects a credible and professional retail operation.

B

BB Finance OÜ

raha24.ee

63

Raha24, operated by BB Finance OÜ, is an Estonian online lending platform specializing in unsecured loans up to 10,000 EUR with quick approval processes. The company targets individuals in Estonia seeking fast and reliable credit solutions. The website demonstrates a mature digital presence with a domain registered since 2010, consistent with the business's operational history. Technical infrastructure is based on WordPress with modern SEO and consent management tools, indicating a moderate to good level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers appear missing. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with comprehensive privacy and cookie policies and GDPR-aligned consent mechanisms. Overall, the website is professional, trustworthy, and well-optimized for its target market.

A

Adcash

adcash.com

58

Adcash is a well-established global online advertising platform founded in 2000, serving media buyers, affiliates, and publishers worldwide. The company offers a variety of advertising and monetization solutions including Pop-Under, Interstitial, Native, and Banner ads, supported by advanced targeting, anti-fraud technology, and real-time analytics. The website reflects a mature digital presence with comprehensive SEO, mobile optimization, and a professional design that supports user engagement and conversion. Technically, the site leverages modern tools such as Google Tag Manager, Matomo Analytics, and Cloudflare DNS, hosted on a WordPress CMS platform, ensuring fast performance and good accessibility. Security posture is solid with HTTPS enforced and domain registration protections, though improvements could be made by enabling DNSSEC and publishing explicit security policies. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms in place. Overall, Adcash demonstrates a high level of business credibility and digital maturity, positioning itself as a trusted player in the online advertising industry.

I

Industry62

industry62.com

60

Industry62 is a small, employee-owned digital design company operating primarily in Finland and Estonia, with offices in Helsinki, Turku, Tallinn, and Tampere. The company focuses on creating impactful digital services and positions itself as a human-centric, value-driven organization. Their website reflects a professional and consistent brand image, targeting businesses seeking digital design and development services. The technical infrastructure is based on the Squarespace platform, leveraging modern web technologies including Google Analytics and YouTube integrations, providing a moderate performance and good mobile optimization. Security posture is generally strong with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies, which is a notable gap given GDPR requirements. The domain WHOIS data is missing, raising concerns about domain registration legitimacy, though the website content and social media presence support the business's authenticity. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and clearer domain registration transparency.

D

DUX

dux.ee

43

DUX is a small, established UX and UI design studio based in Estonia, founded in 2014. They specialize in creating digital experiences including mobile and desktop applications, websites, e-commerce platforms, and SaaS products. Their portfolio showcases over 200 projects, targeting NGOs, startups, SMEs, and global/local leaders, positioning them as a reputable design partner in the technology sector. The website is professionally designed with excellent content quality and clear navigation, reflecting a mature digital presence. Technically, the site uses modern JavaScript libraries, Google Analytics, and Google Tag Manager, hosted by Elkdata OÜ, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and no exposed sensitive data, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

C

CCP Games

ccpgames.com

75

CCP Games is a well-established interactive entertainment company founded in 1997 in Reykjavik, Iceland, best known for its flagship product EVE Online. The company positions itself as an innovative leader in the gaming industry with a focus on immersive online experiences. The website reflects a professional digital presence with modern technologies such as Google Tag Manager, Cookiebot for privacy compliance, and Bootstrap for responsive design. The site is well-optimized for SEO and mobile devices, providing a good user experience. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers are missing and no explicit security or incident response policies are published. The absence of WHOIS data for the domain is a notable concern, as it raises questions about domain registration legitimacy despite the professional appearance of the site. Overall, CCP Games demonstrates a mature digital infrastructure but should address transparency in domain registration and enhance security disclosures to improve trust and compliance.

Sportlyzer LLC. operates a SaaS platform focused on player development and team management software tailored for youth and amateur sports clubs. The platform facilitates membership management, invoicing, attendance tracking, communication, and athlete homework assignments, serving coaches, managers, players, and parents globally. The company maintains a professional web presence with mobile apps on iOS and Android, and a consistent brand image emphasizing ease of use and comprehensive sports club management. The website content is well-structured, informative, and targets sports organizations seeking digital management solutions. Technically, the website employs modern JavaScript frameworks and integrates multiple marketing and analytics tools such as Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile-optimized and uses HTTPS exclusively, ensuring secure data transmission. However, some security best practices like security headers and cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. From a security perspective, the site shows no signs of vulnerabilities or exposed sensitive data. The lack of WHOIS data transparency is a moderate concern but does not outweigh the professional presentation and trust signals on the site. Privacy and terms of service pages are present and comprehensive, indicating attention to compliance, though explicit cookie consent is absent. Overall, the security posture is good but could benefit from additional transparency and policy disclosures. Strategically, Sportlyzer is positioned as a specialized SaaS provider in the sports management niche with a solid user base and positive testimonials. The company should focus on improving security headers, cookie consent, and publishing incident response policies to strengthen trust and compliance. Enhancing WHOIS transparency or providing verified domain registration details would also improve legitimacy perception.

H

HELMES

helmes.ee

74

Helmes is a well-established software development company specializing in custom software solutions, digital transformation, and consulting services. With over 30 years of experience and a global presence spanning 20 offices, Helmes serves more than 500 international clients including major organizations such as Airbus, Telia, OECD, and CERN. Their service portfolio includes mobile app development, legacy software modernization, data analytics, design, and cybersecurity services, positioning them as a comprehensive digital innovation partner for enterprises. Technically, the website is built on WordPress with modern SEO practices implemented via Yoast SEO. It integrates multiple analytics and consent management tools such as Google Analytics, Microsoft Clarity, Google Tag Manager, and Conseno for GDPR compliance. The site is mobile-optimized, accessible, and demonstrates good performance, although some security headers are not explicitly detected. The company holds ISO certifications (27001, 9001, 14001), reflecting a strong commitment to security and quality management. From a security perspective, Helmes employs HTTPS, Google reCAPTCHA, and a consent management platform to protect user data and ensure compliance. However, the absence of WHOIS registration data and lack of visible incident response contacts or security.txt file slightly reduce the overall trust score. No critical vulnerabilities or exposed sensitive data were detected in the analysis. Overall, Helmes presents a professional, trustworthy, and technically mature digital presence suitable for enterprise clients. Strategic recommendations include enhancing security headers, publishing incident response information, and verifying domain registration details to improve trust and compliance further.

W

WHSmith PLC

whsmithcareers.co.uk

68

WHSmith PLC is a well-established global retailer with a rich history dating back to 1792. The company operates over 1,700 stores across more than 30 countries, encompassing a diverse portfolio of retail and online brands including WHSmith Travel, WHSmith High Street, funkypigeon.com, and cultpens.com. The careers website serves as a comprehensive portal for job seekers, highlighting the company's growth, culture, and opportunities across various business areas. Technically, the website employs modern web technologies such as Google Tag Manager, Vimeo for video content, and a chatbot powered by Chatter Communications, ensuring a user-friendly and interactive experience. The site is mobile-optimized, accessible, and SEO-friendly, with clear navigation and professional design. Security posture is strong with HTTPS enforced, secure forms, and cookie consent mechanisms, although there is room for improvement by adding explicit security policies and incident response contacts. Overall, the domain registration and WHOIS data align well with the company's legitimacy and long-standing market presence, supporting a high trustworthiness rating.

P

Proekspert

proekspert.ee

65

Proekspert is an established technology company founded in 2005, specializing in full-cycle software services for device and machine manufacturers. Their offerings include smart product development, device-to-cloud connectivity, and digital services, positioning them as a key player in digital business transformation within the technology sector. The company targets B2B clients, particularly manufacturers seeking to enhance their products with software and connectivity solutions. Technically, the website is built on WordPress with multilingual support, leveraging modern tools such as Google Analytics, Google Tag Manager, and Cookiebot for analytics and privacy compliance. The site demonstrates good design quality, mobile optimization, and SEO practices, although accessibility features are basic. Security-wise, the site enforces HTTPS, uses clientTransferProhibited domain status, and implements cookie consent mechanisms, but lacks DNSSEC and explicit security headers. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website reflects a mature digital presence with room for improvement in security policies and contact transparency.

H

Hotel Telegraaf

telegraafhotel.com

55

Hotel Telegraaf is a luxury 5-star hotel located in Tallinn’s Old Town, operating under the Marriott Autograph Collection brand. The hotel offers upscale accommodation, spa services, fine dining at Restaurant Tchaikovsky, and event hosting facilities. It targets luxury travelers and business guests seeking premium hospitality experiences. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern libraries and SEO best practices, supported by Google Analytics and cookie consent mechanisms ensuring GDPR compliance. Security posture is strong with HTTPS and no visible vulnerabilities, though security headers could be improved. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and registration transparency, which impacts overall business credibility. Strategic verification of domain registration is recommended to reinforce trust. Overall, the site demonstrates a solid business and technical foundation with room for security and compliance enhancements.

T

Tammiste Personalibüroo OÜ

tammistepersonal.ee

47

Tammiste Personalibüroo OÜ is an established Estonian recruitment and training company with over 25 years of experience. The company specializes in recruitment services, training programs, emotional intelligence assessments, coaching, and outplacement services. Their website reflects a professional and consistent brand image, targeting Estonian businesses and job seekers. The technical infrastructure is based on WordPress with Elementor, leveraging modern web technologies and tracking tools such as Google Tag Manager and Facebook Pixel. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though some security headers are missing. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service detected. Overall, the website is trustworthy and well-positioned in its market segment, though improvements in privacy and security documentation are recommended.

B

BCS Itera

itera.ee

38

BCS Itera is a medium-sized Estonian technology company specializing in consulting and implementing business software solutions including ERP, HRM, CRM, and BI systems. The company has a solid market position in the Baltic region, supported by partnerships and certifications such as the LS Retail Platinum Partner status. Their website reflects a professional and consistent brand image with good content quality and active client engagement. Technically, the site is built on WordPress with modern SEO and analytics tools, and it demonstrates good performance and mobile optimization. Security posture is strong with HTTPS and consent management in place, though explicit security headers and policies could be improved. Overall, the domain registration aligns well with the business claims, indicating legitimacy and trustworthiness.

D

DFDS Iberia S.L.U.

frs.es

65

FRS Ferry, operated by DFDS Iberia S.L.U., is a well-established ferry transportation company with over 150 years of experience, primarily serving routes between Spain and Morocco. The company offers passenger, vehicle, and freight transport services, supported by a modern online booking system and multilingual website. Their market position is strong regionally, with a focus on reliable ferry services and customer convenience. Technically, the website is built on TYPO3 CMS and integrates modern analytics and tracking tools, ensuring good performance and mobile optimization. Security measures include HTTPS enforcement, reCAPTCHA on forms, and appropriate security headers, reflecting a mature security posture. Privacy compliance is robust, with clear privacy and cookie policies and GDPR adherence. Overall, the website presents a professional and trustworthy digital presence, though WHOIS data is unavailable due to query restrictions, limiting domain registration insights.

F

Fontes PMP OÜ

fontes.ee

47

Fontes PMP OÜ is a well-established Estonian company specializing in talent management, recruitment, mentoring, and consulting services. With 35 years of experience, it holds a strong market position as a trusted partner for organizations seeking to develop and retain talent. The website reflects a professional and comprehensive digital presence, leveraging WordPress CMS and modern web technologies to deliver a fast, mobile-optimized, and accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms in place, though explicit security policies and incident response details are absent. Overall, the site demonstrates high business credibility and privacy compliance, supporting Fontes' reputation as a leading talent management consultancy in Estonia.

B

Brightway.ro

brightway.ro

46

Brightway.ro is a Romanian company specializing in professional and personal development training, coaching, consulting, recruitment, and team building services. Established since 2004, it offers a broad portfolio of courses and programs aimed at individuals and organizations seeking to enhance leadership, sales, technical skills, and organizational culture. The company leverages expert trainers and innovative methodologies to deliver value and growth opportunities to its clients. The website reflects a mature digital presence with comprehensive content, client testimonials, and multiple service offerings.

R

Responda Group

h1.se

46

Responda Group is a Swedish telecommunications service provider specializing in customer service and answering services, handling over 10 million customer contacts annually for more than 3,500 clients. The company consolidates several subsidiaries including Kalix Tele24, Personlig Svarsservice, Call4U, K2C, and H1 Communication, positioning itself as a significant player in the Nordic customer service market. The website is professionally designed using WordPress with Elementor and Astra theme, reflecting a modern digital infrastructure with good SEO and mobile optimization. Security posture is solid with HTTPS enabled and cookie consent managed via Usercentrics CMP, though DNSSEC is not enabled and no explicit security or incident response policies are published. Overall, the domain registration data is consistent and transparent, supporting the legitimacy of the business.

O

Online store Bauhof

bauhof.ee

67

Bauhof is a large Estonian retail company specializing in construction, garden, tools, and interior finishing products. The company operates an e-commerce platform built on Vue Storefront 2, offering customers fast pickup and delivery options, flexible payment terms, and a customer-friendly return policy. The website demonstrates a good level of digital maturity with modern frameworks and a responsive design optimized for mobile users. Security posture is solid with HTTPS enforced and cookie consent managed via Cookiebot, though explicit security policies and incident response contacts are absent. Overall, the site is professional and trustworthy, with room for improvement in privacy compliance and security transparency.

Liewenthal Electronics Ltd. is a small Estonian engineering and R&D company specializing in embedded systems, electronics, and software design. With over 15 years of experience, the company serves diverse sectors including telecom, medical, industrial, aerospace, and consumer electronics. Their website reflects a professional B2B service provider with a clear portfolio of key services such as system design, software and electronics design, FPGA/PLD design, testing, and small volume production. The company holds ISO 9001 certification and is recognized as an AMD Adaptive Computing Partner, enhancing its market credibility. Technically, the website is built on WordPress with modern plugins like Yoast SEO and Slider Revolution, and uses Google Analytics and Tag Manager for analytics. The site is mobile optimized and has good SEO practices, though performance is moderate. Cookie consent is implemented via Cookiebot, but a domain authorization error is present, indicating a configuration issue. No WAF or blocking mechanisms were detected, and the site uses HTTPS with good SSL configuration. Security posture is moderate; HTTPS is enforced but lacks explicit security headers and dedicated security or incident response policies. No vulnerability disclosure or security.txt files were found. Privacy compliance is basic with a privacy policy present but no strong GDPR compliance indicators. Contact information is clearly provided, supporting business credibility. Overall, the website is trustworthy and professional but could improve security practices and privacy compliance. Strategic recommendations include fixing Cookiebot errors, adding security headers, publishing security and incident response policies, and implementing vulnerability disclosure mechanisms.

G

Guardtime OÜ

guardtime.com

68

Guardtime OÜ is an established technology company founded in 2005, specializing in blockchain-based data integrity and cybersecurity solutions primarily targeting governments and enterprises. Their flagship KSI blockchain platform enables frictionless value exchange in decentralized digital economies. The company maintains a professional and consistent web presence with clear branding and a focus on enterprise clients. Technically, the website is built on the Voog CMS platform, uses modern tracking and analytics tools such as Google Tag Manager, and is hosted with Cloudflare DNS services. The site is mobile optimized and demonstrates good SEO practices. Security-wise, the site enforces HTTPS and includes a cookie consent mechanism, but lacks DNSSEC and explicit security or incident response policies. No privacy policy page was found, which is a notable compliance gap. Overall, the domain registration data aligns well with the company information, indicating high legitimacy and trustworthiness.

T

tõlkebüroo Interlex

interlex.ee

52

Tõlkebüroo Interlex is a well-established Estonian translation bureau founded in 2010, offering a wide range of professional translation and interpreting services including written, oral, AI-assisted, and sworn translations. The company holds internationally recognized certifications ISO 17100 and ISO 18587, underscoring its commitment to quality and industry standards. Their market position is strong within Estonia and internationally, supported by a diverse client base and subsidiary operations such as Dussan OÜ specializing in sworn interpreting. The website reflects a mature digital presence with multilingual support, professional design, and comprehensive service descriptions.

H

Hogarth

hogarthww.com

70

Hogarth Worldwide is a global enterprise specializing in creative, commerce, and media content production at scale. The company integrates human craftsmanship with advanced technology to deliver innovative content experiences, positioning itself as a leader in the media production industry. Their website showcases a professional and modern digital presence, leveraging Drupal 10 CMS, Vimeo for video content, and Google Tag Manager for analytics. The site is mobile-optimized and includes a cookie consent mechanism, reflecting awareness of privacy compliance requirements. However, the absence of a visible privacy policy and terms of service pages, as well as the lack of WHOIS domain registration data, introduces some trust and compliance concerns. Security posture is generally good with HTTPS enabled, but could be improved by adding explicit security headers and publishing incident response information. Overall, Hogarth Worldwide demonstrates a mature digital infrastructure and strong market positioning, but should enhance transparency and security documentation to strengthen trust and compliance.

E

Eesti Rahva Muuseum

erm.ee

48

Eesti Rahva Muuseum (ERM) is a prominent national museum in Estonia dedicated to preserving and showcasing Estonian ethnography, culture, and history. Operated under the Estonian Ministry of Education and Research, ERM offers a wide range of exhibitions, educational programs, events, and visitor services including a restaurant and retail shop. The museum targets a broad audience including the general public, educators, researchers, and cultural enthusiasts, positioning itself as a leading cultural institution in Estonia. Technically, the website is built on Drupal CMS with modern web technologies such as jQuery, Bootstrap, and various JavaScript libraries for enhanced user experience. It integrates analytics and marketing tools like Google Analytics, Google Tag Manager, and Facebook Pixel, demonstrating a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS and employs Google reCAPTCHA on forms to prevent abuse. However, it lacks some security headers that could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is evident through a GDPR-compliant privacy policy, though a cookie consent mechanism is not clearly present. Overall, ERM's website reflects a professional, trustworthy, and well-maintained digital presence suitable for a government cultural institution. The domain registration aligns with the official entity, reinforcing legitimacy. Strategic improvements in security headers and cookie consent transparency could further strengthen the site's security and compliance posture.

B

BLRT Grupp

blrt.ee

64

BLRT Grupp is a leading industrial holding company in the Baltic Sea region, managing over 50 subsidiaries across multiple countries including Estonia, Latvia, Lithuania, Poland, Ukraine, Finland, and Norway. The company operates in diverse sectors such as shipbuilding, ship repair, manufacturing of high-tech equipment, metal processing, mechanical engineering, transport services, equipment rental, port and stevedoring services, industrial and medical gas production, casting production, and real estate development. Their market position as the largest industrial holding in the Baltics is supported by a broad portfolio and extensive regional presence. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery, Swiper.js, and Fancybox, and integrates Google Tag Manager and Google Analytics for marketing and analytics purposes. The site is hosted with Cloudflare DNS and uses HTTPS with good SSL configuration, providing a secure browsing experience. Mobile optimization and SEO practices are implemented at a good level, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA v3 to protect forms. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no published security or incident response policies are found. Cookie consent mechanisms are in place, indicating GDPR compliance, but more comprehensive privacy and security documentation could enhance trust. Overall, the website reflects a professional and credible industrial business with a solid digital presence. The domain registration data aligns well with the business claims, reinforcing legitimacy. Strategic improvements in security policy transparency and enhanced security headers are recommended to strengthen the security posture and compliance.

T

Telia Eesti AS

telekom.ee

79

Telia Eesti AS operates as a leading telecommunications provider in Estonia, offering a comprehensive range of services including mobile telephony, home internet, TV packages, and IT solutions for both private individuals and businesses. The website reflects a mature digital presence with multi-language support and a strong brand identity consistent with Telia's corporate standards. The company targets a broad audience encompassing both consumers and enterprises, positioning itself as a one-stop-shop for telecommunications and digital services in Estonia. Technically, the website leverages modern web technologies such as React, integrates advanced consent management via Cookiebot, and employs Google Tag Manager and Telia's own RUM agent for analytics and performance monitoring. The site is well-optimized for mobile devices and demonstrates good SEO and accessibility practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS with strong SSL configurations and implements key security headers to protect users. Cookie consent mechanisms are in place, aligning with GDPR requirements. However, explicit security policies, incident response procedures, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement in transparency and security maturity. Overall, the website and business exhibit a high level of professionalism, trustworthiness, and compliance with privacy regulations. The absence of blocking mechanisms or WAF challenges allows for full content accessibility and analysis. Strategic recommendations include publishing detailed security policies, establishing clear incident response contacts, and enhancing vulnerability disclosure practices to further strengthen security posture and stakeholder trust.

E

experimenta gGmbH

experimenta.science

72

experimenta gGmbH operates Germany's largest science center located in Heilbronn, offering interactive science exhibitions, educational programs, and unique experiences such as the Science Dome and Maker Space. The organization targets a broad audience from children to adults interested in science and technology, positioning itself as a leading educational and experiential institution in the region. The website reflects a professional and modern digital presence built on WordPress with the Divi theme, integrating various JavaScript libraries and a consent management platform to comply with privacy regulations. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers and explicit privacy policies are lacking. The absence of WHOIS data limits domain trust analysis but the overall business credibility is supported by consistent branding and social media presence.

E

Ebísum

ebisum.com

58

Ebísum is a Spanish-based company founded in 2021 specializing in comprehensive compliance solutions for businesses across various sectors. Their offerings include a document management system, whistleblowing channel, and eLearning platform, all designed to help companies meet regulatory requirements efficiently. The company positions itself as a trusted partner fostering ethical culture and regulatory adherence. Technically, the website is built on WordPress with Elementor and integrates modern tools such as Google Tag Manager and reCAPTCHA for security and analytics. The security posture is strong with HTTPS enforced and clientTransferProhibited domain status, although some security headers could be added for enhanced protection. Privacy compliance is robust, featuring clear privacy and cookie policies with user consent mechanisms. Overall, Ebísum presents a professional, trustworthy online presence with good technical and security maturity.

S

Securex

securex.be

72

Securex is a large international company specializing in social administration and HR services targeting individuals, startups, self-employed professionals, SMEs, large enterprises, and government entities primarily in Belgium. The company offers a comprehensive suite of services including advisory, tools, training, and client portals, positioning itself as a key player in the HR sector. The website reflects a mature digital presence with multi-language support, professional branding, and extensive content tailored to diverse customer segments. Technically, the site leverages modern frameworks such as React and Kentico CMS, integrates advanced analytics and monitoring tools like Microsoft Application Insights and Google Tag Manager, and employs security measures including HTTPS and Google reCAPTCHA. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. However, WHOIS data is restricted, which is typical for corporate domains but limits transparency. Overall, the site demonstrates strong business credibility, technical maturity, and a solid security posture with room for improvement in explicit security headers and incident response disclosures.

Hubo is a leading Belgian retailer specializing in DIY and home improvement products, operating over 150 physical stores alongside a comprehensive e-commerce platform. The website is well-structured, targeting DIY consumers in Belgium with a clear business model focused on retail and online sales. Technically, the site leverages Adobe Experience Manager CMS, integrates modern marketing and analytics tools such as Google Tag Manager and Bazaarvoice, and implements a robust cookie consent mechanism aligned with GDPR requirements. Security posture is strong with HTTPS enforced and consent-based tracking, though explicit security headers could be further verified and enhanced. The WHOIS data is privacy protected, which is common for commercial entities, and no suspicious indicators were found in the website content. Overall, the site demonstrates good digital maturity, professional design, and compliance with privacy standards.

C

CLdN

cldn.com

61

CLdN is a well-established logistics company specializing in integrated maritime and multimodal transport solutions across Europe. Founded in 1929, it operates a large fleet of RoRo ships and maintains a network of terminals and transport units, serving major economic regions including the UK, Ireland, Iberia, and Scandinavia. The company emphasizes sustainability with a low CO2 footprint and employs around 3,000 staff. The website reflects a professional and comprehensive digital presence built on Drupal 10, featuring modern web technologies and good mobile optimization. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. However, the absence of WHOIS registration data for the domain www.cldn.com is a notable anomaly that slightly impacts trust. Security posture is generally good with HTTPS enforced, but lacks visible security headers and explicit incident response or vulnerability disclosure information. Overall, the website is functional, professional, and trustworthy, but could improve transparency and security documentation to enhance confidence further.

DPG Media Group operates a privacy consent gate page for its digital media properties, primarily targeting users in the Netherlands. The page is minimalistic, serving as a redirect and consent mechanism rather than a full website. The technical infrastructure includes JavaScript-based consent management and Google Tag Manager for analytics. The security posture is moderate with HTTPS usage implied but lacks visible security headers and explicit privacy or cookie policies on this page. The absence of WHOIS data for the subdomain reduces trustworthiness, though the branding and domain structure align with the known media group. Overall, the site functions as a compliance gateway but lacks comprehensive transparency and contact information.

D

Duvel

duvel.com

73

Duvel is a well-established Belgian beer brand with a rich history dating back to 1871. The company operates a professional website that showcases its premium beer products, brand heritage, and visitor experiences. The site targets beer enthusiasts primarily in Belgium and internationally, offering detailed product information, awards, and an e-commerce platform. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, and Flowbox for social media integration, with good mobile optimization and accessibility features. Security-wise, the site enforces HTTPS, includes an age verification modal to comply with legal drinking age requirements, and implements cookie consent mechanisms aligned with GDPR. However, no explicit security policy or incident response information is published, and WHOIS data for the domain is unavailable, which slightly impacts trust analysis. Overall, the website is professional, secure, and compliant, supporting Duvel's market position as a premium beer brand.