Security Directory

E

Eesti Veevarustuse ja Kanalisatsiooni Inseneride Selts

evkis.ee

0

Eesti Veevarustuse ja Kanalisatsiooni Inseneride Selts (EVKIS) is a professional association for water supply and sanitation engineering specialists in Estonia. Established in 2010, it serves as a voluntary union providing membership services, training, news, and an online store to its members and the wider industry community. The website is well-structured and targets professionals in the environmental engineering sector, particularly those focused on water and sanitation technologies. The organization maintains partnerships with relevant industry bodies, enhancing its credibility and reach. Technically, the website is built on WordPress using popular plugins such as WooCommerce for e-commerce, Yoast SEO for search optimization, and Events Manager for event handling. The site is hosted by Zone Media OÜ, a known Estonian registrar and hosting provider. The infrastructure supports HTTPS with valid SSL certificates, ensuring secure communications. The site is moderately performant and mobile-optimized, though accessibility features are basic. From a security perspective, the site employs Google reCAPTCHA v3 to protect forms from spam and abuse. However, it lacks several important security headers such as Content-Security-Policy and HSTS, which are recommended to enhance security posture. No explicit security policies, incident response contacts, or vulnerability disclosure mechanisms are present, indicating room for improvement in security governance and transparency. Overall, EVKIS presents a trustworthy and professional online presence consistent with its role as an industry association. The main risks relate to privacy compliance gaps, notably the absence of privacy and cookie policies, and the lack of advanced security headers. Addressing these areas would strengthen the site's compliance and security posture, thereby enhancing trust among members and visitors.

B

Bureau Veritas Eesti

bureauveritas.ee

0

Bureau Veritas Eesti is a well-established branch of the global Bureau Veritas Group, specializing in certification, inspection, and sustainability services. The company offers a broad portfolio of services including ISO management system certifications, food safety, information security, and sustainability consulting, targeting businesses in Estonia. The website reflects a professional and consistent brand image with clear navigation and relevant content for its audience. Technically, the site is built on Drupal 10, uses modern consent management tools (Didomi), and integrates Google Analytics and Tag Manager for tracking. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security and incident response policies are not found. Privacy compliance is partially addressed via cookie consent but lacks a clearly accessible privacy policy page. Overall, the website demonstrates a mature digital presence with room for improvement in privacy transparency and incident response communication.

N

NOVOT Agentuur

novot.ee

0

NOVOT Agentuur is a well-established full-service marketing agency based in Estonia, founded in 2006. The company offers a broad range of marketing services including branding, website development, campaign management, social media, and media planning. Their website reflects a professional and consistent brand image, targeting businesses seeking comprehensive marketing solutions. The digital infrastructure is built on WordPress with modern plugins and tools such as Yoast SEO, Google Tag Manager, and CookieYes for privacy compliance. The site is mobile-optimized and demonstrates good SEO practices. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. WHOIS data confirms domain legitimacy and consistency with the business history. Overall, the website presents a trustworthy and professional digital presence.

The website maaruum.ee is currently inaccessible beyond a Cloudflare Turnstile human verification challenge page, which blocks access to actual content. The domain is newly registered in November 2023 under an Estonian registrar, consistent with the domain's country. The site uses Cloudflare services for security and performance, including Cloudflare Insights for analytics and Turnstile for bot mitigation. Due to the WAF challenge, no business information, contact details, or policies are visible, limiting the ability to assess the business model or market position. The technical infrastructure shows modern security practices such as HTTPS and Cloudflare protection but lacks DNSSEC and security headers. Privacy compliance and security posture are incomplete due to missing policies and contact channels. Overall, the site appears legitimate but is in an early stage with minimal public content.

P

Planeerimine.ee

planeerimine.ee

0

Planeerimine.ee is an Estonian government-related informational website dedicated to spatial planning. It provides comprehensive materials including legal documents, guidelines, FAQs, and training information to support planners and stakeholders in Estonia. The site targets professionals and public officials involved in spatial planning and related regulatory processes. The business model is primarily informational and educational, positioning itself as an authoritative resource within the Estonian government sector. Technically, the website is built on WordPress 6.8.1 with a modern tech stack including jQuery, Google Analytics, and accessibility tools. The site is mobile-optimized, uses HTTPS, and implements cookie consent mechanisms. SEO and accessibility features are well integrated, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA for form protection. However, some security headers are not explicitly present, suggesting room for improvement. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with cookie consent present but no visible privacy policy or terms of service pages. Overall, the website demonstrates a solid security posture and technical maturity suitable for a government informational portal. Strategic recommendations include enhancing security headers, publishing privacy and incident response policies, and maintaining up-to-date software to mitigate risks.

L

Luuletus.ee

luuletus.ee

0

Luuletus.ee is a well-established Estonian online platform dedicated to poetry, offering a large collection of poems with daily updates. It targets Estonian poetry enthusiasts and writers, providing services such as poem publishing, sharing, user accounts, and curated collections. The platform is owned by Zone Media OÜ and has been operational since 2011, positioning itself as the largest Estonian poetry repository online. Technically, the website employs modern web technologies including HTTPS, Cloudflare CDN, Google Analytics, and lazy loading for images, delivering a good user experience with mobile optimization and clear navigation. Security-wise, the site enforces HTTPS and uses service workers but lacks some advanced security headers and a formal vulnerability disclosure policy. Privacy compliance is addressed with a visible cookie consent mechanism and a basic privacy policy aligned with GDPR requirements. Overall, the website demonstrates a solid business credibility and technical maturity with room for security enhancements.

E

Eesti Rahvusraamatukogu

digar.ee

0

DIGAR is a digital archive platform operated by the National Library of Estonia, providing access to a wide range of digitized cultural heritage materials including books, periodicals, images, and collections. The website targets researchers, students, historians, and the general public interested in Estonian history and culture. It serves as a national-level digital repository with a public service business model, offering structured search capabilities and curated collections. The platform is well-branded and consistent with its institutional identity. Technically, the website employs standard web technologies including JavaScript and integrates Google Analytics and Google Tag Manager for user tracking and analytics. The site is served over HTTPS with CSRF protection on forms, indicating a reasonable security baseline. However, it lacks advanced security headers and explicit privacy or cookie policies, which are important for compliance and user trust. Mobile optimization and accessibility are basic but functional, with room for improvement. From a security perspective, the site demonstrates good practices such as HTTPS and CSRF tokens but misses opportunities to enhance security posture through security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or blocking mechanisms were detected. The WHOIS data confirms the legitimacy and consistency of the domain registration, aligning with the website's governmental and cultural heritage role. Overall, DIGAR presents a trustworthy and professional digital archive service with good content quality and business credibility. To improve, it should implement comprehensive privacy and cookie policies, enhance security headers, and provide clear incident response and vulnerability disclosure information to strengthen user trust and compliance.

M

MTÜ Eesti Raamatukoguvõrgu Konsortsium

elnet.ee

0

MTÜ Eesti Raamatukoguvõrgu Konsortsium operates as a non-profit consortium dedicated to serving the public interests of Estonian libraries. The organization provides key shared services such as the E-kataloog ESTER, Eesti artiklite andmebaas, Eesti märksõnastik, and the E-varamu portaal, targeting libraries, researchers, and the general public interested in library resources. The website reflects a medium-sized, well-established entity with a consistent brand and a clear focus on education and information services within Estonia. Technically, the website is built on a modern WordPress platform using the Enfold theme and several plugins including Yoast SEO and Ajax Search Pro. It employs HTTPS with good SSL configuration and integrates Google Analytics with user consent mechanisms. The site demonstrates good mobile optimization and accessibility features, including options for visually impaired users. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, it lacks explicit security policies, incident response information, and vulnerability disclosure channels. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website's claims, reinforcing the legitimacy of the domain. Overall, the website presents a trustworthy and professional digital presence for the consortium, with room for improvement in security transparency and incident response readiness.

E

Eesti Noorteühenduste Liit

enl.ee

0

Eesti Noorteühenduste Liit (ENL) is a well-established non-profit umbrella organization founded in 2010 that unites youth associations and participation bodies across Estonia. The organization focuses on advocacy, youth participation, training, and international cooperation, positioning itself as a leading entity in the Estonian youth sector. The website reflects a professional and comprehensive digital presence with clear content, strong branding, and multilingual support. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance, accessibility, and SEO. Security posture is solid with HTTPS, cookie consent, and error reporting, though some security headers and formal policies could be enhanced. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact information and social media engagement.

I

Infohunt

infohunt.ee

0

Infohunt.ee is a government-backed Estonian youth information portal providing localized event and activity information for young people. The platform aggregates data on youth events, hobby education, and projects, supporting youth engagement and participation. It is operated under the auspices of the Estonian Ministry of Education and Research (Haridus- ja Teadusministeerium) and hosted by EENet, reflecting a strong institutional foundation. The website uses WordPress with modern SEO and accessibility features, ensuring good user experience and mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though some improvements in security headers and explicit policies could enhance trust. Privacy compliance is partial, with privacy and terms pages present but lacking cookie consent mechanisms. Overall, Infohunt.ee is a credible, well-maintained portal serving the Estonian youth sector effectively.

E

Erasmus+ ja Euroopa Solidaarsuskorpuse agentuur

euroopanoored.eu

0

The website represents the Erasmus+ and European Solidarity Corps national agency in Estonia, providing comprehensive information, resources, and support for youth, youth workers, and organizations involved in European youth programs. It serves as a government-funded platform facilitating access to program opportunities, project guidance, and community engagement. The site is well-positioned as the authoritative national agency for these programs, targeting youth and professionals in the youth sector. Technically, the website is built on WordPress with modern performance and SEO optimizations, including WP Rocket and The SEO Framework. It employs Google Site Kit for analytics and consent management, ensuring GDPR compliance with a robust cookie consent mechanism. The site is mobile-optimized, accessible, and fast-loading, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and employs consent mode to restrict tracking and personalization. While explicit security headers and incident response policies are not evident, no vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the agency's Estonian identity, registered through a reputable local registrar without privacy protection, appropriate for a government entity. Overall, the website demonstrates a strong security posture, excellent content quality, and good privacy compliance, making it a trustworthy and professional platform for its audience.

T

Teeviit

teeviit.ee

0

Teeviit is an Estonian youth information portal affiliated with the Haridus- ja Noorteamet (Education and Youth Board). It provides comprehensive content on education, career, health, relationships, and social topics targeted primarily at young people. The website serves as a central hub for youth-related resources, including news, podcasts, event calendars, and partner portals such as Teeviit Juunior and Infohunt. The platform is well-positioned in the Estonian education and government sector as a trusted information source for youth.

Eesti Avatud Noortekeskuste Ühendus (Eesti ANK) is a national non-profit umbrella organization in Estonia that connects youth centers across the country. Founded in 2001, it currently represents 95 members with 152 youth centers. The website is currently in maintenance mode, limiting content availability and user engagement. The technical infrastructure is based on WordPress with a maintenance plugin, utilizing HTTPS and jQuery libraries. However, the site lacks advanced SEO, accessibility, and security headers, indicating room for technical maturity improvements. Security posture is moderate with HTTPS enabled but missing key security headers and policies. No privacy or cookie policies are present, which impacts compliance and user trust. Overall, the website reflects a legitimate and established non-profit entity but requires enhancements in content availability, security, and compliance to improve user trust and operational maturity.

H

Hannomal OÜ

veebispetsid.com

0

Hannomal OÜ operates a professional web development and e-commerce service business based in Estonia, with a strong market presence since 2011. The company offers a comprehensive suite of services including website creation, e-shop development, graphic design, programming, and content writing, primarily leveraging the WordPress platform. Their website reflects a mature digital presence with good SEO and user experience design. Technically, the site uses modern web technologies and integrates Google Analytics and Tag Manager for marketing and analytics purposes. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though improvements such as enabling DNSSEC and adding security headers are recommended. Overall, the business demonstrates transparency and credibility with clear contact information and consistent branding.

K

Kodutütred

kodututred.ee

0

Kodutütred is a well-established Estonian youth organization affiliated with the Kaitseliit (Estonian Defence League), focusing on patriotic education and voluntary activities for girls aged 7 to 18. The website serves as an informational and engagement platform, showcasing news, events, organizational structure, and membership opportunities. The organization has a strong national presence with thousands of members and active participation across all counties in Estonia. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, FontAwesome, and Google Analytics for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Hosting and domain registration are consistent with the organization's location and purpose. From a security perspective, the site uses HTTPS and secure forms but lacks advanced security headers and DNSSEC, which could be improved. Privacy compliance is weak due to the absence of explicit privacy and cookie policies or consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy compliance and security hardening to meet modern standards and regulatory requirements.

The website eenet.ee is registered to the Haridus- ja Teadusministeerium (EENet), an Estonian government entity likely providing educational and research network services. However, the website content is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page employing Turnstile captcha, which blocks direct access to the site's content. This prevents a full assessment of the business description, policies, and contact information. The domain is well-established since 2010 and the WHOIS data aligns with the government registrant, indicating legitimacy. The technical infrastructure leverages Cloudflare services for security and performance, but the lack of accessible content limits evaluation of user experience, privacy compliance, and detailed security posture. Overall, the site demonstrates a moderate level of security controls through WAF but lacks visible transparency on privacy and contact details.

S

Sillamäe Muuseum - SASIMU

sasimu.ee

0

Sillamäe Muuseum SASIMU is a recently established cultural institution in Estonia, focusing on the rich and complex history of Sillamäe through permanent exhibitions, educational programs, and innovative virtual reality experiences. The museum targets tourists, local visitors, and educational groups, offering a blend of historical insight and interactive technology to enhance visitor engagement. The website is built on WordPress and integrates common marketing and analytics tools, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy and cookie policies, indicating room for compliance improvement. Overall, the site presents a professional and trustworthy image aligned with its business goals.

E

Ettevõtlik kool

evkool.ee

0

Ettevõtlik Kool is a non-profit educational network in Estonia focused on promoting entrepreneurial learning and providing a quality mark for modern education. The website serves as a portal for schools and kindergartens to access training, tools, and certification processes. It targets educational institutions and professionals within Estonia, supporting over 221 schools and more than 41,000 students. The business model revolves around educational services and network collaboration rather than commercial sales. Technically, the website is built on WordPress with modern enhancements such as lazy loading, Google Tag Manager, and reCAPTCHA for security. The site is mobile-optimized and includes accessibility features, reflecting a mature digital presence. SEO and metadata are well implemented, supporting discoverability and user engagement. From a security perspective, the site enforces HTTPS, uses reCAPTCHA on forms, and avoids exposing sensitive data. However, it lacks explicit security policies and incident response contacts, which could be improved. Privacy and cookie policies are present and appear GDPR compliant, enhancing user trust. Overall, the website presents a trustworthy and professional image with good content quality and technical implementation. The domain registration data aligns with the business claims, supporting legitimacy. Strategic improvements in security policy transparency and additional compliance documentation would further strengthen the site's posture.

E

Eliis Tarkvara

eliis.eu

0

ELIIS is a specialized online information system designed for pre-school organizations, including kindergartens, local governments, teachers, and parents. It offers a comprehensive suite of features such as curriculum planning, child development analysis, digital diaries, communication tools, and document management. The platform is positioned as a trusted solution across the EU, with over 15,000 teachers and 1,000 institutions relying on it. The business model is subscription-based, charging local governments per child, while teachers and parents have free access. The website is professionally designed, multilingual, and emphasizes GDPR compliance.

S

Sihtasutus Ida-Viru Investeeringute Agentuur (IVIA)

ivia.ee

0

Sihtasutus Ida-Viru Investeeringute Agentuur (IVIA) is a public sector development organization based in Estonia, specializing in the creation and management of modern industrial and business parks in the Ida-Viru region. The agency facilitates investment by offering land plots with established infrastructure and provides free support services to investors, including administrative assistance and networking. The website reflects a well-established regional development entity with a clear focus on industrial real estate and investment promotion. Technically, the site is built on WordPress with modern plugins and frameworks, optimized for SEO and mobile use, and integrates Google Maps and reCAPTCHA for enhanced user experience and security. Security posture is strong with HTTPS, security headers, and consent mechanisms in place, though formal security policies and incident response contacts are absent. Overall, the site presents a credible, professional, and trustworthy digital presence aligned with its public sector mission.

I

Ida-Viru Ettevõtluskeskus

ivek.ee

0

Ida-Viru Ettevõtluskeskus is a regional development center focused on providing free consulting services to individuals, non-profit organizations, and entrepreneurs in Ida-Viru County, Estonia. Established in 2010, it acts as a regional development engine offering training, funding opportunities, and support services. The website is multilingual, targeting Estonian, English, and Russian speakers, reflecting the regional demographic. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates Google Maps and various plugins for SEO, multilingual support, and user interaction. Security posture is solid with HTTPS and cookie consent mechanisms, though additional HTTP security headers and published policies would enhance compliance and trust. Overall, the site presents a professional and trustworthy digital presence aligned with its business mission.

L

Lastekaitse Liidu Lastelaagrite OÜ

lastelaagrid.eu

0

Lastekaitse Liidu Lastelaagrite OÜ is a small Estonian non-profit organization dedicated to providing educational and recreational youth camps and programs aligned with the mission of Lastekaitse Liit. The organization operates recognized youth camps such as Pivarootsi and Remniku and offers educational programs during school time. Their target audience includes children, youth, schools, municipalities, and entrepreneurs within Estonia. The website is built on a modern WordPress CMS with WooCommerce integration, supporting online interactions and registrations. The technical infrastructure includes standard web technologies and third-party services such as Google Analytics and CookieYes for consent management. Security posture is solid with HTTPS and reCAPTCHA implemented, though some security headers are missing and no formal security or privacy policies are published. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional, well-branded, and trustworthy, but could improve privacy compliance and security transparency.

T

Targalt Internetis

targaltinternetis.ee

0

Targalt Internetis is a reputable non-profit educational initiative based in Estonia, dedicated to promoting safe and responsible internet use among children, youth, parents, and educators. The website offers a rich array of resources including workshops, seminars, articles, and events focused on digital safety, cyberbullying, misinformation, and digital wellbeing. It serves as a trusted platform with strong partnerships and a clear focus on community education and awareness. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Complianz GDPR, ensuring good SEO and privacy compliance. The site is mobile-optimized and accessible, with a moderate performance profile. Security-wise, the website enforces HTTPS, implements strong security headers, and provides a comprehensive cookie consent mechanism, although it lacks explicit incident response or vulnerability disclosure information. Overall, the site demonstrates a strong security posture and compliance with GDPR, supporting its credibility and trustworthiness in the education sector.

M

MTÜ Lastekaitse Liit

markalast.ee

0

MTÜ Lastekaitse Liit operates the 'Märka Last' web portal, a non-profit platform dedicated to promoting child rights and welfare in Estonia. The website offers a variety of content including opinion articles, podcasts, news updates, and educational resources targeting parents, children, youth, and child protection professionals. The organization is well-established with a domain registered since 2019 and maintains a consistent brand presence online. Technically, the site is built on WordPress using modern themes and plugins, ensuring a good user experience and mobile optimization. Security posture is adequate with HTTPS enforced and basic security practices in place, though improvements such as enabling DNSSEC and publishing a security.txt file are recommended. Privacy compliance is partially addressed with a cookie consent mechanism, but no explicit privacy policy or terms of service pages were found in the provided content. Overall, the website is professional, trustworthy, and serves its non-profit mission effectively.

S

Spin TEK AS

spin.ee

0

Spin TEK AS is an established Estonian IT company specializing in software and hardware development with over 30 years of experience. The company serves both private and public sector clients, focusing on developing functional, user-friendly, and flexible information systems tailored to client needs. Their website reflects a professional digital presence built on WordPress with Elementor and Astra theme, indicating a moderate level of digital maturity. While the site is well-designed and mobile-optimized, it lacks explicit privacy, cookie, and security policies, which are critical for compliance and trust. Security posture is adequate with HTTPS enabled but could be improved by implementing security headers and formal incident response channels. Overall, the website demonstrates moderate trustworthiness and business credibility but would benefit from enhanced privacy compliance and security transparency.

The website elron.ee is currently inaccessible due to a Cloudflare Turnstile human verification challenge page, which blocks access to the actual content. This prevents a full analysis of the business, security, and compliance posture. Based on the WHOIS data, the domain is registered since 2013 with Zone Media OÜ, a known registrar, indicating a legitimate domain age and registration consistency. The website appears to be related to the transportation sector in Estonia, likely a medium-sized entity given the domain age and sector. The technical infrastructure includes Cloudflare services for CDN, security, and bot mitigation, but no CMS or other frameworks are detectable due to the blocked content. Security posture cannot be fully assessed, but the presence of Cloudflare WAF and Turnstile indicates a baseline security measure. No privacy, cookie, or terms of service policies are visible, nor are there any contact details or business information on the landing page. Overall, the site is protected by strong bot mitigation but lacks publicly accessible content for deeper analysis.

P

Peatus

peatus.ee

0

Peatus.ee is a digital journey planning user interface focused on public transportation in Estonia, leveraging the Digitransit platform. The website targets public transport users seeking route planning and transit information. Technically, it employs modern web technologies including React, JavaScript, and integrates analytics tools such as Matomo and Google Tag Manager. The site demonstrates good security practices with HTTPS and security headers, but lacks explicit privacy and cookie policies, as well as contact information, which impacts privacy compliance and user trust. Overall, the domain registration data aligns well with the website's purpose, indicating legitimacy. Strategic improvements in privacy disclosures and user contact options would enhance compliance and trust.

T

Tervisekassa

tervisekassa.ee

0

Tervisekassa is the official Estonian national health insurance portal, providing information and services related to state health insurance, medical benefits, and healthcare access. The website targets insured individuals, employers, healthcare providers, and partners within Estonia. It offers comprehensive content on insurance coverage, medical services, reimbursements, and public health initiatives. The site is well-positioned as a government-backed service with a clear mission to facilitate healthcare access and information dissemination. Technically, the website is built on Drupal CMS, leveraging modern analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and Siteimprove. It employs Cloudflare for DNS and CDN services, ensuring good performance and security. Accessibility and mobile optimization are well addressed, with features like contrast toggling and skip links. Security posture is strong with HTTPS, cookie consent mechanisms, and bot protection via Google reCAPTCHA. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust, with clear privacy and cookie policies and GDPR-aligned consent management. Contact information is transparent, including official email and phone numbers, and social media presence is active on major platforms. Overall, the website demonstrates a mature digital infrastructure suitable for a public healthcare service, balancing usability, security, and compliance effectively.

The website 'kaart.ee/epood/' appears to be a minimal online store page titled 'EOMAP-Veebipood' with very limited content and no visible interactive elements or contact information. The domain is registered since 2010 with Zone Media OÜ, a known Estonian registrar and hosting provider, indicating a legitimate domain registration history. However, the website itself lacks essential business information, privacy policies, and security features such as HTTPS, which significantly impacts its trustworthiness and user confidence. Technically, the site uses outdated HTML framesets and lacks modern web technologies, resulting in poor user experience and SEO performance. Security posture is weak due to absence of HTTPS and security headers, and no incident response or vulnerability disclosure mechanisms are present. Overall, the site presents a high risk from a security and compliance perspective and requires significant improvements to meet modern standards.

EELIS (Eesti looduse infosüsteem) is an official Estonian government-operated environmental data portal managed by the Estonian Environment Agency (Keskkonnaagentuur). It provides public access to nature conservation data, statistical analyses, and educational content about protected natural objects and areas in Estonia. The website targets researchers, environmental professionals, and the general public interested in Estonian nature data. The business model is non-commercial, focusing on transparency and public information dissemination. Technically, the website uses basic HTML and CSS without modern JavaScript frameworks or CMS detected. Hosting is provided by Zone Media OÜ, a reputable Estonian registrar and hosting provider. The site is functional but has limited mobile optimization and accessibility features. SEO and metadata are minimal, and no analytics or tracking services were detected. From a security perspective, the site uses HTTPS but lacks visible security headers and DNSSEC is not enabled. No privacy or cookie policies are present, and contact information is limited to a feedback form without direct emails or phone numbers. The WHOIS data is consistent and legitimate, indicating a stable domain with no suspicious patterns. Overall, the website is trustworthy and credible as a government information portal but would benefit from enhanced security headers, privacy compliance documentation, and improved technical modernization to strengthen its security posture and user experience.

H

Haridus- ja Teadusministeerium (EENet)

elurikkus.ee

0

eElurikkus is a government-backed public portal aggregating biodiversity data for Estonia, integrating scientific, monitoring, and citizen science datasets. It serves researchers, environmental agencies, and the public by providing access to species taxonomy, occurrence records, and monitoring projects. The platform is built on the PlutoF biodiversity data infrastructure and collaborates with global partners like GBIF. Technically, the website uses modern JavaScript libraries such as Leaflet for mapping and Google Analytics for user tracking. The site is mobile-optimized with a clear navigation structure and good content relevance. Security posture is solid with HTTPS enforced and no exposed sensitive data, though it lacks some security headers and formal security policies. Privacy compliance is basic, with no visible cookie consent mechanism or detailed privacy policy links. Overall, the site is trustworthy and professionally maintained, reflecting its governmental and research affiliations.

K

Keskkonnaagentuur

keskkonnaportaal.ee

0

Keskkonnaportaal.ee is an Estonian government environmental data portal managed by Keskkonnaagentuur. It consolidates key environmental datasets and information to provide quality and up-to-date data for environmental stakeholders and the public. The portal uses Drupal 10 CMS and integrates modern frontend libraries and Google Tag Manager for analytics. The website is well-structured, mobile-optimized, and provides clear navigation through extensive environmental themes and data sources. Security posture is solid with HTTPS enforced, but lacks advanced security headers and published security policies. Privacy compliance is partial with a cookie consent mechanism but no explicit privacy policy or terms of service found. Overall, the site is credible, professional, and trustworthy, serving as a key government resource for environmental information in Estonia.

K

Keskkonnaagentuur

loodusveeb.ee

0

Loodusveeb is an official Estonian governmental environmental information portal managed by the Estonian Environment Agency (Keskkonnaagentuur). It provides comprehensive information on Estonia's nature, biodiversity, ecological themes, citizen science projects, and environmental education. The website targets Estonian residents, environmental enthusiasts, researchers, and volunteers, serving as a trusted source for nature-related data and public engagement. Technically, the site is built on Drupal 10 with modern libraries and includes a cookie consent mechanism compliant with EU regulations. The site is mobile optimized and accessible, with good SEO practices. Security posture is solid with HTTPS and cookie consent, but lacks explicit security headers and published security policies. WHOIS data confirms domain legitimacy and consistency with the governmental nature of the site. Overall, the website is professional, trustworthy, and well-positioned as a governmental environmental resource.

Z

Zone Media OÜ

inimene.ee

0

Inimene.ee is an established Estonian health portal operated by Zone Media OÜ since 2010. It provides comprehensive health-related content including disease catalogs, symptoms, treatments, and health news. The site targets Estonian-speaking individuals seeking reliable health information and offers interactive features such as a question submission form answered by medical professionals. The business model relies on content provision combined with advertising partnerships, notably with Apotheka e-pharmacy. Technically, the site uses a modern CMS (Greativ), integrates multiple third-party analytics and advertising services, and is optimized for mobile devices with good SEO practices. Security posture is solid with HTTPS enforced and secure form handling, though it lacks some advanced headers and published incident response policies. Overall, the site is trustworthy and professionally maintained, with room for improvement in security transparency and direct contact information.

A

Apotheka Beauty

apothekabeauty.ee

0

Apotheka Beauty is a prominent Estonian e-commerce retailer specializing in health and beauty products, particularly pharmacy-approved cosmetics. The website offers a broad selection of products from well-known brands and targets consumers interested in healthy beauty solutions in the Baltic region. The platform is built on Magento CMS and integrates modern technologies such as Google Tag Manager, Hotjar, and Google Translate, reflecting a mature digital infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, providing a positive user experience. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly available. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, making it a reliable platform for its target audience.

P

PetCity

petcity.ee

0

PetCity is a leading Estonian pet retail and veterinary service provider, operating a large e-commerce platform alongside physical stores and modern veterinary clinics in major cities such as Tallinn, Tartu, and Pärnu. The website is professionally designed, localized in Estonian, and targets pet owners primarily of cats and dogs. The business model integrates product sales with veterinary services, positioning PetCity as a comprehensive pet care provider in the Estonian market. Technically, the site leverages Magento as its e-commerce platform, enhanced with modern JavaScript frameworks and integrations such as Google Analytics, Google Tag Manager, Hotjar, and Google Translate for multilingual support. The site demonstrates good digital maturity with responsive design and accessibility considerations.

MTÜ Viimsi Invaühing is a small Estonian non-profit organization focused on community support and charity events, such as the Heategevusball. The website serves as an informational portal for local activities and fundraising events, targeting the Viimsi community and supporters of disability-related causes. The business model is event-driven and donation-based, with a local market position and a history dating back to 2010. Technically, the website uses a basic custom or legacy CMS with JavaScript and jQuery libraries. The hosting is provided by Spin TEK AS, a local Estonian registrar and hosting company. The site shows moderate performance and basic mobile optimization but lacks modern frameworks or CMS platforms. SEO and accessibility features are minimal. From a security perspective, the site uses HTTPS (assumed from URL), but no advanced security headers or policies are detected. There are no visible forms collecting sensitive data, but the absence of privacy and cookie policies indicates compliance gaps with GDPR. No incident response or security contact information is provided, limiting the organization's readiness for security events. Overall, the website is functional but basic, with moderate trustworthiness due to its long domain age and consistent WHOIS data. However, it lacks critical privacy and security policies, contact transparency, and modern technical implementations. Strategic improvements in security posture, privacy compliance, and user experience would enhance trust and compliance.

L

Laama

pixie.ee

0

Laama is a small Estonian digital agency specializing in web design, UX/UI design, branding, graphic design, front-end development, websites, and web applications. The website serves as a minimal portfolio and contact landing page, targeting businesses or individuals seeking digital design and development services. The company appears to have been founded around 2018, consistent with the domain registration date. Technically, the website uses standard web technologies including Google Analytics and Google Tag Manager for tracking, and Typekit for fonts. Hosting and domain registration are managed by Elkdata OÜ, a local Estonian registrar and hosting provider. The site is basic in design and content, with moderate performance and basic mobile optimization. SEO and accessibility features are minimal but present. From a security perspective, the site uses HTTPS as indicated by canonical URLs, but no security headers were detected in the provided data. There are no visible forms or inputs, reducing attack surface, but the absence of privacy and cookie policies indicates poor privacy compliance. No incident response or security policy information is available. The WHOIS data is consistent and legitimate, with no suspicious patterns. Overall, the website is functional but minimal, with moderate technical maturity and basic security posture. Strategic improvements in privacy compliance, security headers, and richer contact information would enhance trust and compliance.

E

Eesti Vee-ettevõtete Liit

evel.ee

0

Eesti Vee-ettevõtete Liit (EVEL) is a well-established voluntary association representing water companies and related entities in Estonia. Founded in 1995, it serves over 90% of the country's public water and sewerage service consumers through its 42 member water companies and 31 related companies. The organization provides coordination, information dissemination, training, and project participation services to its members, positioning itself as a key player in Estonia's water sector. The website reflects this focus with relevant content, partner links, and organizational information primarily in Estonian, targeting industry stakeholders and members.

V

Visit Harju

visitharju.ee

0

Visit Harju is the official tourism portal for Harju County, Estonia, providing comprehensive information on the region's natural beauty, cultural heritage, and leisure activities. The website targets tourists and visitors seeking to explore Harju's attractions, travel routes, and experiences. Managed by SA Harju Ettevõtlus- ja Arenduskeskus, it serves as a trusted regional resource with consistent branding and a clear focus on hospitality and cultural tourism. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, ensuring good SEO and user experience. The site is mobile-optimized and accessible, with moderate performance and integration of analytics tools like Google Analytics and Plausible. Security posture is solid with HTTPS, reCAPTCHA on forms, and no exposed sensitive data, though explicit security headers and policies are not fully documented. Privacy compliance is a notable gap, lacking visible privacy and cookie policies or consent mechanisms. Overall, the domain registration is consistent and legitimate, supporting the site's credibility as an official tourism portal.

T

Terviserajad

terviserajad.ee

0

Terviserajad is an established Estonian platform dedicated to promoting health trails and outdoor physical activities across the country. The website offers comprehensive information on trails, events, news, and seasonal campaigns to encourage community engagement and healthy lifestyles. It targets Estonian residents and visitors interested in fitness and nature exploration. The platform enjoys partnerships with major Estonian companies such as Merko, Eesti Energia, and Swedbank, enhancing its market position as a trusted national resource. Technically, the website is built on WordPress and leverages modern web technologies including jQuery, Google Analytics, Google reCAPTCHA v3, and Instagram Feed integration. The site is mobile-optimized with good SEO practices and uses HTTPS to secure communications. However, some security best practices like HTTP security headers are missing, and privacy compliance is incomplete due to the absence of privacy and cookie policies. From a security perspective, the site demonstrates a moderate security posture with encrypted connections and anti-spam measures but lacks published security policies and incident response contacts. No WAF or blocking mechanisms were detected, and no exposed sensitive data was found. The domain registration is consistent and long-standing, supporting the site's legitimacy. Overall, Terviserajad presents a professional and trustworthy online presence with room for improvement in privacy compliance and security hardening. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

The website kik.ee is currently inaccessible due to a Cloudflare Turnstile human verification challenge page, which blocks access to any substantive content. The domain is registered since 2010 with Zone Media OÜ, an Estonian registrar, indicating a legitimate registration. However, no business information, contact details, or compliance policies are visible on the landing page. The technical infrastructure relies on Cloudflare's security and analytics services, but no CMS or other technologies are detectable due to the blocked content. Security posture cannot be fully assessed given the lack of accessible content, but the presence of Cloudflare protection is a positive indicator. Overall, the site lacks visible privacy, cookie, or terms of service policies, and no contact or incident response information is available, limiting trust and compliance evaluation.

M

Metana Digiagentuur

metana.eu

0

Metana Digiagentuur is a small digital agency based in Tallinn, Estonia, specializing in website design, email marketing, and digital advertising services such as Meta Ads and Google Ads. The company targets businesses seeking comprehensive digital marketing and web development solutions. Their website is built on WordPress using Elementor and WooCommerce, indicating a modern and flexible technical infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enabled and use of Google reCAPTCHA, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security measures.

The website sm.ee is currently inaccessible beyond a Cloudflare security challenge page that requires human verification via Turnstile captcha. This prevents access to any substantive content or business information. The domain is registered since 2010 with an Estonian registrar, indicating a mature and legitimate domain. However, no privacy policies, cookie notices, terms of service, or contact information are visible on the challenge page. The technical infrastructure relies heavily on Cloudflare services for security and performance. Due to the WAF blocking, a full security and compliance assessment is not possible. The site lacks visible security headers and business trust indicators in the accessible content. Overall, the site appears legitimate but is currently inaccessible for detailed analysis.

J

Jõelähtme Valla Päevakeskus

joelahtmepaevakeskus.ee

0

Jõelähtme Valla Päevakeskus is a local government social service center in Estonia providing social and supportive services primarily to elderly and disabled individuals. The website is built on WordPress using common plugins for booking and accessibility, hosted by Zone Media OÜ. The site is well-structured with clear navigation and good mobile optimization. Security posture is adequate with HTTPS enabled and CSRF tokens in booking forms, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the site is functional and trustworthy but requires improvements in privacy and security practices.

V

Visit Lahemaa

visitlahemaa.com

0

Visit Lahemaa is a regional tourism website dedicated to promoting Lahemaa National Park in Estonia. It provides comprehensive information on local attractions, accommodations, dining, transport, and events, targeting tourists interested in exploring this natural and cultural area. The website is multilingual, supporting several languages to cater to a diverse audience. Technically, it is built on WordPress using the Elementor page builder, with integration of common analytics and tracking tools such as Facebook Pixel and Microsoft Clarity. The site is hosted under a legitimate domain registered since 2017, with standard security practices like HTTPS enabled. However, there is room for improvement in privacy compliance, notably the absence of a cookie consent mechanism and limited explicit privacy-related disclosures. Security posture is generally good but could be enhanced by enabling DNSSEC and publishing security policies. Overall, the website is professional and functional, serving its purpose as a tourism information portal effectively.

A

AS Lahevesi

lahevesi.ee

0

AS Lahevesi is a municipal utility company founded in 2008, providing water supply, sewage, property management, cemetery services, and public space maintenance in Lääne-Harju municipality, Estonia. The company operates under contracts with the local government and serves residents and businesses in the region. The website is built on WordPress using Elementor and several plugins, featuring a professional design with clear navigation and mobile optimization. Security measures include HTTPS and Google reCAPTCHA on forms, though additional security headers and cookie consent mechanisms are recommended. The WHOIS data confirms the legitimacy of the company with consistent registration details. Overall, the website demonstrates a solid technical and business foundation with room for improvement in privacy compliance and security policies.

The website mil.ee is currently inaccessible beyond a Cloudflare Turnstile human verification challenge page, preventing direct content analysis. The domain is registered since 2010 with an Estonian registrar, consistent with the .ee country code top-level domain and likely representing a government entity. Due to the WAF challenge, no business, contact, or policy information is visible on the landing page. The site uses Cloudflare services for security and performance, but no further technical or security details are accessible. This limits the ability to assess the website's content quality, privacy compliance, or security posture comprehensively.

The website 'Maardu 45' serves as a dedicated platform for celebrating the 45th anniversary of Maardu city in Estonia. It provides residents and visitors with information about the city's history, culture, events, and local government contacts. The site is positioned as a local government information portal aimed at community engagement and city promotion. Technically, the site leverages a modern tech stack including Alpine.js, jQuery, Leaflet for maps, and multiple analytics tools such as Google Analytics and Matomo, hosted likely by Telia Eesti AS. The website is mobile optimized and offers a good user experience with clear navigation and consistent branding. Security-wise, the site uses HTTPS and does not expose sensitive data, but lacks some security headers and formal policies such as privacy and cookie policies, which are important for GDPR compliance. The domain is very recently registered, which is somewhat unusual for a city site but may reflect a new dedicated event domain. Overall, the site is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices.

Z

Zone Media OÜ

maardupanoraam.ee

0

Maardu Panoraam is a local news and information website serving the residents of Maardu, Estonia. It provides timely news, official announcements, event information, job postings, and messages from the mayor, targeting the local community. The website is built on WordPress CMS, leveraging common plugins such as WPBakery Page Builder and WPML for multilingual support. It uses Google Analytics and Tag Manager for visitor tracking and performance insights. The site is hosted under the domain registered by Zone Media OÜ, an Estonian registrar, aligning with the website's geographic focus. Technically, the website demonstrates a moderate level of digital maturity with responsive design, good SEO practices, and integration of modern web technologies. However, it lacks some advanced security measures such as DNSSEC and security headers, which could be improved to enhance protection against common web threats. The absence of privacy and cookie policies indicates a gap in compliance with GDPR and related privacy regulations, which is critical given the use of tracking technologies. From a security perspective, the site uses HTTPS and secure login forms but does not provide explicit security or incident response policies. No WAF or blocking mechanisms are detected, and no suspicious or malicious indicators are present. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security hardening to reduce risk and improve user trust.