Security Directory

T

Tervisekassa

tervisekassa.ee

0

Tervisekassa is the official Estonian national health insurance portal, providing information and services related to state health insurance, medical benefits, and healthcare access. The website targets insured individuals, employers, healthcare providers, and partners within Estonia. It offers comprehensive content on insurance coverage, medical services, reimbursements, and public health initiatives. The site is well-positioned as a government-backed service with a clear mission to facilitate healthcare access and information dissemination. Technically, the website is built on Drupal CMS, leveraging modern analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and Siteimprove. It employs Cloudflare for DNS and CDN services, ensuring good performance and security. Accessibility and mobile optimization are well addressed, with features like contrast toggling and skip links. Security posture is strong with HTTPS, cookie consent mechanisms, and bot protection via Google reCAPTCHA. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust, with clear privacy and cookie policies and GDPR-aligned consent management. Contact information is transparent, including official email and phone numbers, and social media presence is active on major platforms. Overall, the website demonstrates a mature digital infrastructure suitable for a public healthcare service, balancing usability, security, and compliance effectively.

The website 'kaart.ee/epood/' appears to be a minimal online store page titled 'EOMAP-Veebipood' with very limited content and no visible interactive elements or contact information. The domain is registered since 2010 with Zone Media OÜ, a known Estonian registrar and hosting provider, indicating a legitimate domain registration history. However, the website itself lacks essential business information, privacy policies, and security features such as HTTPS, which significantly impacts its trustworthiness and user confidence. Technically, the site uses outdated HTML framesets and lacks modern web technologies, resulting in poor user experience and SEO performance. Security posture is weak due to absence of HTTPS and security headers, and no incident response or vulnerability disclosure mechanisms are present. Overall, the site presents a high risk from a security and compliance perspective and requires significant improvements to meet modern standards.

EELIS (Eesti looduse infosüsteem) is an official Estonian government-operated environmental data portal managed by the Estonian Environment Agency (Keskkonnaagentuur). It provides public access to nature conservation data, statistical analyses, and educational content about protected natural objects and areas in Estonia. The website targets researchers, environmental professionals, and the general public interested in Estonian nature data. The business model is non-commercial, focusing on transparency and public information dissemination. Technically, the website uses basic HTML and CSS without modern JavaScript frameworks or CMS detected. Hosting is provided by Zone Media OÜ, a reputable Estonian registrar and hosting provider. The site is functional but has limited mobile optimization and accessibility features. SEO and metadata are minimal, and no analytics or tracking services were detected. From a security perspective, the site uses HTTPS but lacks visible security headers and DNSSEC is not enabled. No privacy or cookie policies are present, and contact information is limited to a feedback form without direct emails or phone numbers. The WHOIS data is consistent and legitimate, indicating a stable domain with no suspicious patterns. Overall, the website is trustworthy and credible as a government information portal but would benefit from enhanced security headers, privacy compliance documentation, and improved technical modernization to strengthen its security posture and user experience.

H

Haridus- ja Teadusministeerium (EENet)

elurikkus.ee

0

eElurikkus is a government-backed public portal aggregating biodiversity data for Estonia, integrating scientific, monitoring, and citizen science datasets. It serves researchers, environmental agencies, and the public by providing access to species taxonomy, occurrence records, and monitoring projects. The platform is built on the PlutoF biodiversity data infrastructure and collaborates with global partners like GBIF. Technically, the website uses modern JavaScript libraries such as Leaflet for mapping and Google Analytics for user tracking. The site is mobile-optimized with a clear navigation structure and good content relevance. Security posture is solid with HTTPS enforced and no exposed sensitive data, though it lacks some security headers and formal security policies. Privacy compliance is basic, with no visible cookie consent mechanism or detailed privacy policy links. Overall, the site is trustworthy and professionally maintained, reflecting its governmental and research affiliations.

K

Keskkonnaagentuur

keskkonnaportaal.ee

0

Keskkonnaportaal.ee is an Estonian government environmental data portal managed by Keskkonnaagentuur. It consolidates key environmental datasets and information to provide quality and up-to-date data for environmental stakeholders and the public. The portal uses Drupal 10 CMS and integrates modern frontend libraries and Google Tag Manager for analytics. The website is well-structured, mobile-optimized, and provides clear navigation through extensive environmental themes and data sources. Security posture is solid with HTTPS enforced, but lacks advanced security headers and published security policies. Privacy compliance is partial with a cookie consent mechanism but no explicit privacy policy or terms of service found. Overall, the site is credible, professional, and trustworthy, serving as a key government resource for environmental information in Estonia.

K

Keskkonnaagentuur

loodusveeb.ee

0

Loodusveeb is an official Estonian governmental environmental information portal managed by the Estonian Environment Agency (Keskkonnaagentuur). It provides comprehensive information on Estonia's nature, biodiversity, ecological themes, citizen science projects, and environmental education. The website targets Estonian residents, environmental enthusiasts, researchers, and volunteers, serving as a trusted source for nature-related data and public engagement. Technically, the site is built on Drupal 10 with modern libraries and includes a cookie consent mechanism compliant with EU regulations. The site is mobile optimized and accessible, with good SEO practices. Security posture is solid with HTTPS and cookie consent, but lacks explicit security headers and published security policies. WHOIS data confirms domain legitimacy and consistency with the governmental nature of the site. Overall, the website is professional, trustworthy, and well-positioned as a governmental environmental resource.

Z

Zone Media OÜ

inimene.ee

0

Inimene.ee is an established Estonian health portal operated by Zone Media OÜ since 2010. It provides comprehensive health-related content including disease catalogs, symptoms, treatments, and health news. The site targets Estonian-speaking individuals seeking reliable health information and offers interactive features such as a question submission form answered by medical professionals. The business model relies on content provision combined with advertising partnerships, notably with Apotheka e-pharmacy. Technically, the site uses a modern CMS (Greativ), integrates multiple third-party analytics and advertising services, and is optimized for mobile devices with good SEO practices. Security posture is solid with HTTPS enforced and secure form handling, though it lacks some advanced headers and published incident response policies. Overall, the site is trustworthy and professionally maintained, with room for improvement in security transparency and direct contact information.

A

Apotheka Beauty

apothekabeauty.ee

0

Apotheka Beauty is a prominent Estonian e-commerce retailer specializing in health and beauty products, particularly pharmacy-approved cosmetics. The website offers a broad selection of products from well-known brands and targets consumers interested in healthy beauty solutions in the Baltic region. The platform is built on Magento CMS and integrates modern technologies such as Google Tag Manager, Hotjar, and Google Translate, reflecting a mature digital infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, providing a positive user experience. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly available. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, making it a reliable platform for its target audience.

P

PetCity

petcity.ee

0

PetCity is a leading Estonian pet retail and veterinary service provider, operating a large e-commerce platform alongside physical stores and modern veterinary clinics in major cities such as Tallinn, Tartu, and Pärnu. The website is professionally designed, localized in Estonian, and targets pet owners primarily of cats and dogs. The business model integrates product sales with veterinary services, positioning PetCity as a comprehensive pet care provider in the Estonian market. Technically, the site leverages Magento as its e-commerce platform, enhanced with modern JavaScript frameworks and integrations such as Google Analytics, Google Tag Manager, Hotjar, and Google Translate for multilingual support. The site demonstrates good digital maturity with responsive design and accessibility considerations.

MTÜ Viimsi Invaühing is a small Estonian non-profit organization focused on community support and charity events, such as the Heategevusball. The website serves as an informational portal for local activities and fundraising events, targeting the Viimsi community and supporters of disability-related causes. The business model is event-driven and donation-based, with a local market position and a history dating back to 2010. Technically, the website uses a basic custom or legacy CMS with JavaScript and jQuery libraries. The hosting is provided by Spin TEK AS, a local Estonian registrar and hosting company. The site shows moderate performance and basic mobile optimization but lacks modern frameworks or CMS platforms. SEO and accessibility features are minimal. From a security perspective, the site uses HTTPS (assumed from URL), but no advanced security headers or policies are detected. There are no visible forms collecting sensitive data, but the absence of privacy and cookie policies indicates compliance gaps with GDPR. No incident response or security contact information is provided, limiting the organization's readiness for security events. Overall, the website is functional but basic, with moderate trustworthiness due to its long domain age and consistent WHOIS data. However, it lacks critical privacy and security policies, contact transparency, and modern technical implementations. Strategic improvements in security posture, privacy compliance, and user experience would enhance trust and compliance.

L

Laama

pixie.ee

0

Laama is a small Estonian digital agency specializing in web design, UX/UI design, branding, graphic design, front-end development, websites, and web applications. The website serves as a minimal portfolio and contact landing page, targeting businesses or individuals seeking digital design and development services. The company appears to have been founded around 2018, consistent with the domain registration date. Technically, the website uses standard web technologies including Google Analytics and Google Tag Manager for tracking, and Typekit for fonts. Hosting and domain registration are managed by Elkdata OÜ, a local Estonian registrar and hosting provider. The site is basic in design and content, with moderate performance and basic mobile optimization. SEO and accessibility features are minimal but present. From a security perspective, the site uses HTTPS as indicated by canonical URLs, but no security headers were detected in the provided data. There are no visible forms or inputs, reducing attack surface, but the absence of privacy and cookie policies indicates poor privacy compliance. No incident response or security policy information is available. The WHOIS data is consistent and legitimate, with no suspicious patterns. Overall, the website is functional but minimal, with moderate technical maturity and basic security posture. Strategic improvements in privacy compliance, security headers, and richer contact information would enhance trust and compliance.

E

Eesti Vee-ettevõtete Liit

evel.ee

0

Eesti Vee-ettevõtete Liit (EVEL) is a well-established voluntary association representing water companies and related entities in Estonia. Founded in 1995, it serves over 90% of the country's public water and sewerage service consumers through its 42 member water companies and 31 related companies. The organization provides coordination, information dissemination, training, and project participation services to its members, positioning itself as a key player in Estonia's water sector. The website reflects this focus with relevant content, partner links, and organizational information primarily in Estonian, targeting industry stakeholders and members.

V

Visit Harju

visitharju.ee

0

Visit Harju is the official tourism portal for Harju County, Estonia, providing comprehensive information on the region's natural beauty, cultural heritage, and leisure activities. The website targets tourists and visitors seeking to explore Harju's attractions, travel routes, and experiences. Managed by SA Harju Ettevõtlus- ja Arenduskeskus, it serves as a trusted regional resource with consistent branding and a clear focus on hospitality and cultural tourism. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, ensuring good SEO and user experience. The site is mobile-optimized and accessible, with moderate performance and integration of analytics tools like Google Analytics and Plausible. Security posture is solid with HTTPS, reCAPTCHA on forms, and no exposed sensitive data, though explicit security headers and policies are not fully documented. Privacy compliance is a notable gap, lacking visible privacy and cookie policies or consent mechanisms. Overall, the domain registration is consistent and legitimate, supporting the site's credibility as an official tourism portal.

T

Terviserajad

terviserajad.ee

0

Terviserajad is an established Estonian platform dedicated to promoting health trails and outdoor physical activities across the country. The website offers comprehensive information on trails, events, news, and seasonal campaigns to encourage community engagement and healthy lifestyles. It targets Estonian residents and visitors interested in fitness and nature exploration. The platform enjoys partnerships with major Estonian companies such as Merko, Eesti Energia, and Swedbank, enhancing its market position as a trusted national resource. Technically, the website is built on WordPress and leverages modern web technologies including jQuery, Google Analytics, Google reCAPTCHA v3, and Instagram Feed integration. The site is mobile-optimized with good SEO practices and uses HTTPS to secure communications. However, some security best practices like HTTP security headers are missing, and privacy compliance is incomplete due to the absence of privacy and cookie policies. From a security perspective, the site demonstrates a moderate security posture with encrypted connections and anti-spam measures but lacks published security policies and incident response contacts. No WAF or blocking mechanisms were detected, and no exposed sensitive data was found. The domain registration is consistent and long-standing, supporting the site's legitimacy. Overall, Terviserajad presents a professional and trustworthy online presence with room for improvement in privacy compliance and security hardening. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

The website kik.ee is currently inaccessible due to a Cloudflare Turnstile human verification challenge page, which blocks access to any substantive content. The domain is registered since 2010 with Zone Media OÜ, an Estonian registrar, indicating a legitimate registration. However, no business information, contact details, or compliance policies are visible on the landing page. The technical infrastructure relies on Cloudflare's security and analytics services, but no CMS or other technologies are detectable due to the blocked content. Security posture cannot be fully assessed given the lack of accessible content, but the presence of Cloudflare protection is a positive indicator. Overall, the site lacks visible privacy, cookie, or terms of service policies, and no contact or incident response information is available, limiting trust and compliance evaluation.

M

Metana Digiagentuur

metana.eu

0

Metana Digiagentuur is a small digital agency based in Tallinn, Estonia, specializing in website design, email marketing, and digital advertising services such as Meta Ads and Google Ads. The company targets businesses seeking comprehensive digital marketing and web development solutions. Their website is built on WordPress using Elementor and WooCommerce, indicating a modern and flexible technical infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enabled and use of Google reCAPTCHA, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security measures.

The website sm.ee is currently inaccessible beyond a Cloudflare security challenge page that requires human verification via Turnstile captcha. This prevents access to any substantive content or business information. The domain is registered since 2010 with an Estonian registrar, indicating a mature and legitimate domain. However, no privacy policies, cookie notices, terms of service, or contact information are visible on the challenge page. The technical infrastructure relies heavily on Cloudflare services for security and performance. Due to the WAF blocking, a full security and compliance assessment is not possible. The site lacks visible security headers and business trust indicators in the accessible content. Overall, the site appears legitimate but is currently inaccessible for detailed analysis.

J

Jõelähtme Valla Päevakeskus

joelahtmepaevakeskus.ee

0

Jõelähtme Valla Päevakeskus is a local government social service center in Estonia providing social and supportive services primarily to elderly and disabled individuals. The website is built on WordPress using common plugins for booking and accessibility, hosted by Zone Media OÜ. The site is well-structured with clear navigation and good mobile optimization. Security posture is adequate with HTTPS enabled and CSRF tokens in booking forms, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the site is functional and trustworthy but requires improvements in privacy and security practices.

V

Visit Lahemaa

visitlahemaa.com

0

Visit Lahemaa is a regional tourism website dedicated to promoting Lahemaa National Park in Estonia. It provides comprehensive information on local attractions, accommodations, dining, transport, and events, targeting tourists interested in exploring this natural and cultural area. The website is multilingual, supporting several languages to cater to a diverse audience. Technically, it is built on WordPress using the Elementor page builder, with integration of common analytics and tracking tools such as Facebook Pixel and Microsoft Clarity. The site is hosted under a legitimate domain registered since 2017, with standard security practices like HTTPS enabled. However, there is room for improvement in privacy compliance, notably the absence of a cookie consent mechanism and limited explicit privacy-related disclosures. Security posture is generally good but could be enhanced by enabling DNSSEC and publishing security policies. Overall, the website is professional and functional, serving its purpose as a tourism information portal effectively.

A

AS Lahevesi

lahevesi.ee

0

AS Lahevesi is a municipal utility company founded in 2008, providing water supply, sewage, property management, cemetery services, and public space maintenance in Lääne-Harju municipality, Estonia. The company operates under contracts with the local government and serves residents and businesses in the region. The website is built on WordPress using Elementor and several plugins, featuring a professional design with clear navigation and mobile optimization. Security measures include HTTPS and Google reCAPTCHA on forms, though additional security headers and cookie consent mechanisms are recommended. The WHOIS data confirms the legitimacy of the company with consistent registration details. Overall, the website demonstrates a solid technical and business foundation with room for improvement in privacy compliance and security policies.

The website mil.ee is currently inaccessible beyond a Cloudflare Turnstile human verification challenge page, preventing direct content analysis. The domain is registered since 2010 with an Estonian registrar, consistent with the .ee country code top-level domain and likely representing a government entity. Due to the WAF challenge, no business, contact, or policy information is visible on the landing page. The site uses Cloudflare services for security and performance, but no further technical or security details are accessible. This limits the ability to assess the website's content quality, privacy compliance, or security posture comprehensively.

The website 'Maardu 45' serves as a dedicated platform for celebrating the 45th anniversary of Maardu city in Estonia. It provides residents and visitors with information about the city's history, culture, events, and local government contacts. The site is positioned as a local government information portal aimed at community engagement and city promotion. Technically, the site leverages a modern tech stack including Alpine.js, jQuery, Leaflet for maps, and multiple analytics tools such as Google Analytics and Matomo, hosted likely by Telia Eesti AS. The website is mobile optimized and offers a good user experience with clear navigation and consistent branding. Security-wise, the site uses HTTPS and does not expose sensitive data, but lacks some security headers and formal policies such as privacy and cookie policies, which are important for GDPR compliance. The domain is very recently registered, which is somewhat unusual for a city site but may reflect a new dedicated event domain. Overall, the site is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices.

Z

Zone Media OÜ

maardupanoraam.ee

0

Maardu Panoraam is a local news and information website serving the residents of Maardu, Estonia. It provides timely news, official announcements, event information, job postings, and messages from the mayor, targeting the local community. The website is built on WordPress CMS, leveraging common plugins such as WPBakery Page Builder and WPML for multilingual support. It uses Google Analytics and Tag Manager for visitor tracking and performance insights. The site is hosted under the domain registered by Zone Media OÜ, an Estonian registrar, aligning with the website's geographic focus. Technically, the website demonstrates a moderate level of digital maturity with responsive design, good SEO practices, and integration of modern web technologies. However, it lacks some advanced security measures such as DNSSEC and security headers, which could be improved to enhance protection against common web threats. The absence of privacy and cookie policies indicates a gap in compliance with GDPR and related privacy regulations, which is critical given the use of tracking technologies. From a security perspective, the site uses HTTPS and secure login forms but does not provide explicit security or incident response policies. No WAF or blocking mechanisms are detected, and no suspicious or malicious indicators are present. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security hardening to reduce risk and improve user trust.

N

Notarite Koda

notar.ee

0

Notarite Koda is the official Estonian organization representing notaries, providing authoritative information and services related to notarial acts, registers, and legal procedures. The website serves as a comprehensive portal for citizens and businesses to access notarial services, including an e-notary self-service platform for booking and managing transactions. The organization holds a strong market position as a government-related entity ensuring legal security in Estonia. Technically, the website is built on Drupal 7 with a moderate performance profile and good mobile and accessibility features, though some libraries like jQuery are outdated, posing potential security risks. Security posture is generally good with HTTPS enabled and secure form handling, but lacks visible security headers and explicit privacy or cookie policies, which impacts compliance and trust. Contact information is clearly presented, and social media presence enhances credibility. Overall, the site is professional and trustworthy but would benefit from modernization and enhanced privacy compliance.

Õ

Õigusbüroo HUGO.legal õigusabi

hugo.legal

0

Õigusbüroo HUGO.legal is an Estonian legal services platform offering fast, accessible legal advice through professional jurists. The website provides multiple consultation channels including in-office, video, web, and phone, targeting residents of Estonia. The platform also offers legal applications to help users resolve debt and other legal issues efficiently. The business is positioned as a trusted local legal aid provider with a strong digital presence and content marketing through blogs and testimonials. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and WP Rocket, ensuring good performance, SEO optimization, and mobile responsiveness. The site uses HTTPS with a valid SSL certificate and integrates Google Analytics for user tracking. However, DNSSEC is not enabled, and security headers are missing, indicating room for security enhancements. From a security perspective, the site demonstrates good baseline practices including HTTPS and cookie consent mechanisms. There is no evidence of exposed sensitive data or vulnerable libraries. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure reduces transparency. The domain registration is stable but shows partial privacy in WHOIS data, which is reasonable for this business type. Overall, the website is professional, trustworthy, and well-optimized for its target audience. Strategic improvements in security headers, DNSSEC, and published security policies would enhance its security posture and compliance. The business appears credible and well-established with a medium-sized market presence in Estonia.

R

Raven OÜ

ravenou.ee

0

Raven OÜ is a small Estonian company specializing in water utility services, including water supply, water-saving advice, and infrastructure development. The company targets local residents and businesses in the Harju maakond region, providing essential water-related services and customer support. The website is professionally designed using Joomla CMS and offers clear navigation and relevant content focused on water conservation and service notifications. Technically, the website employs a standard Joomla stack with modern JavaScript and CSS assets. It is hosted by Elkdata OÜ, consistent with the domain registration data. The site is mobile-optimized and performs moderately well, though accessibility features could be improved. No advanced analytics or tracking technologies are detected, indicating a privacy-conscious approach but also a lack of marketing sophistication. From a security perspective, the website uses HTTPS with a valid SSL configuration and includes CSRF tokens in scripts, which is positive. However, it lacks important security headers and does not publish privacy, cookie, or security policies, which are critical for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, representing a compliance and security gap. Overall, the website is legitimate and trustworthy based on domain age and registration consistency. The main risks relate to privacy compliance and security best practices. Strategic improvements in these areas would enhance the company's digital maturity and user trust.

H

Harjumaa Omavalitsuste Liit

hol.ee

0

Harjumaa Omavalitsuste Liit is a regional non-profit organization established in 2010 to foster cooperation and joint project development among local governments in Harjumaa, Estonia. The website serves as an information hub for governance, education, culture, health, safety, and regional development initiatives. It targets local government representatives, educational and cultural institutions, and the general public within the Harjumaa region. The organization positions itself as a key regional cooperation leader with a focus on community well-being and development. Technically, the website is built on a modern stack including Laravel Livewire, jQuery, and various JavaScript libraries for UI enhancements. It employs Google reCAPTCHA v3 for form security and implements cookie consent mechanisms, reflecting a moderate level of digital maturity. The site is mobile-optimized with good navigation and content structure, though some accessibility features could be improved. From a security perspective, the site enforces HTTPS and includes CSRF tokens and reCAPTCHA to protect user inputs. However, some security headers are not explicitly detected, and there is no public incident response or vulnerability disclosure policy. No critical vulnerabilities were found in the analysis. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website presents a trustworthy and professional digital presence for a regional government entity. Recommendations include enhancing security headers, publishing incident response information, and considering a vulnerability disclosure policy to further strengthen security posture and transparency.

S

Sõnumitooja

sonumitooja.ee

0

Sõnumitooja is a regional weekly newspaper serving the Ida-Harju region in Estonia, established in 1994 and operating under the Eesti Meediaettevõtete Liit association. The website provides news articles, opinion pieces, and local event coverage, targeting residents and readers interested in regional news. The business model is primarily based on advertising and subscriptions, with a consistent brand presence and good content quality. Technically, the site is built on WordPress with popular plugins such as WPBakery Page Builder and Yoast SEO, hosted by Virtuaal.com OÜ, and demonstrates moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and secure login forms, but lacks explicit security policies, headers, and vulnerability disclosure mechanisms. Privacy compliance is basic, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the site is professional and trustworthy, though improvements in security transparency and privacy documentation are recommended.

R

Raasiku Vallavalitsus

raasikukalender.ee

0

Raasikukalender.ee is a local government-operated event calendar website serving the Raasiku municipality in Estonia. It provides categorized listings of cultural, sports, theater, music, and other community events targeted at residents and visitors. The website is designed to promote local events and facilitate community engagement through an accessible online platform. The business model is a public service information portal without commercial intent, focusing on local government communication and event promotion. Technically, the website is built on WordPress CMS with common plugins such as Contact Form 7 and uses modern JavaScript libraries like jQuery and Flatpickr for enhanced user experience. It employs Plausible Analytics, a privacy-conscious analytics tool, and loads resources from reputable CDNs. The site is hosted by Elkdata OÜ, an Estonian hosting provider, and uses HTTPS with a valid SSL certificate, ensuring secure data transmission. From a security perspective, the website demonstrates good practices such as HTTPS enforcement and deferred script loading. However, it lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure mechanisms are present, indicating room for improvement in security governance. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is trustworthy and professionally maintained with a clear focus on community service. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, adding security headers, and establishing a vulnerability disclosure process to enhance security posture and regulatory compliance.

V

Viimsi Hoolekandekeskus

viimsihoolekandekeskus.ee

0

Viimsi Hoolekandekeskus is a local Estonian social care center established in 2021, consolidating day centers and social services for the Viimsi municipality community. The website provides information about their services, events, and contact options primarily in Estonian. Technically, the site is built on WordPress with popular plugins for events and page building, hosted under a reputable Estonian registrar. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, though some security headers and policies are missing. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the site is professional and trustworthy for its local government/non-profit purpose.

V

Viimsi vald

viimsi.ee

0

Viimsi vald is the official local government authority for the Viimsi municipality in Estonia, providing a wide range of public services including administration, education, social care, culture, and environmental management. The website serves residents and businesses in the region with comprehensive information, news, and access to municipal services. The site is well-structured and professionally designed, reflecting its role as a government portal. Technically, the site is built on Drupal 9 CMS and integrates modern analytics and tracking tools such as Google Analytics, Microsoft Clarity, and Facebook SDK, while maintaining GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though formal security policies and incident response contacts are not published. Overall, the site demonstrates a mature digital presence suitable for a government entity, with clear contact information and consistent branding.

N

Novian Eesti OÜ

volis.ee

0

VOLIS is a specialized electronic meeting and voting platform serving Estonian local governments, enabling virtual meetings, electronic voting, and public participation in municipal decision-making. The platform is supported by the Estonian Association of Cities and Municipalities and developed by Novian Eesti OÜ. The website presents a professional and consistent brand image with clear navigation and relevant content tailored to its government audience. Technically, the site uses legacy JavaScript libraries and Grails-based server-side rendering, with moderate performance and basic mobile optimization. Security posture is strengthened by ISKE certification and audit references, but outdated libraries and lack of modern security headers present risks. Privacy compliance is partial, with no cookie consent mechanism and limited GDPR indicators. Overall, the site is trustworthy and credible but would benefit from technical and compliance improvements.

A

Apotheka

apotheka.ee

0

Apotheka is a leading Estonian online pharmacy and health product retailer offering over 8000 products with fast delivery options including home courier and free pick-up from physical pharmacies. The website targets Estonian consumers seeking pharmaceutical, health, and cosmetic products. The business operates a multi-brand ecosystem including PetCity, Apotheka Beauty, Apollo, and Inimene.ee, indicating a broad market presence. Technically, the site is built on Magento with integrations for Google Tag Manager, Hotjar, and Google Translate, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced, cookie consent mechanisms, and no visible vulnerabilities, though explicit security policies and incident response contacts are not found. Overall, the website is professional, trustworthy, and compliant with GDPR, with room for improvement in transparency of security policies and contact information.

The website kaitsealad.ee is an official Estonian government-related portal managed by Keskkonnaamet (Environmental Board) providing comprehensive information about Estonia's protected areas. It serves as an educational and informational resource for the public, nature enthusiasts, landowners, and youth conservation groups. The site offers news, events, maps, and educational content related to nature conservation and sustainable tourism. Technically, the site is built on Drupal 10 CMS with modern frontend libraries and is hosted via Zone Media OÜ. It features a cookie consent mechanism compliant with EU regulations and uses Matomo for analytics. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies could be improved. Contact information is clearly provided, enhancing trust and credibility. However, privacy policy and terms of service pages are not explicitly found, which is a gap in compliance. Overall, the site is professional, accessible, and trustworthy, supporting its government mission effectively.

E

EOMAP

eomap.ee

0

EOMAP is an established Estonian technology company specializing in cartography and spatial data solutions, with a strong focus on municipal software products such as the Kovgis EVALD system. The company has a solid market position supported by integration with national information systems and a 30-year history. Technically, the website is built on WordPress using the Divi theme and Yoast SEO plugin, indicating a mature digital presence with good SEO and mobile optimization. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

I

Ida-Viru Ühistranspordikeskus

ivytk.ee

0

Ida-Viru Ühistranspordikeskus is a non-profit organization dedicated to coordinating and providing public transportation services in the Ida-Viru region of Estonia. The website serves as an information hub for passengers and transport providers, offering schedules, route maps, contact details, and ticket purchasing options. The organization is small-sized, regionally focused, and operates transparently with clear contact information and official registration details. Technically, the website is built on WordPress using a modern tech stack including Bootstrap, jQuery, and Yoast SEO for optimization. It employs Google reCAPTCHA v3 for form security and uses privacy-conscious analytics tools like Plausible. The site is hosted by Elkdata OÜ, consistent with the domain registration data, and uses HTTPS with a good SSL configuration. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and spam protection on forms. However, it lacks published security policies, security headers, and cookie consent mechanisms, which are important for compliance and enhanced security posture. No vulnerabilities or suspicious activities were detected in the content or scripts. Overall, the website is professional, trustworthy, and functional, but it would benefit from improved privacy compliance and enhanced security policies to better protect users and meet regulatory requirements.

Z

Zone Media OÜ

vaktsineeri.ee

0

vaktsineeri.ee is a public health information website focused on vaccination awareness and education in Estonia. It provides comprehensive information on immunization schedules, vaccine safety, travel vaccinations, and related news. The site targets the general Estonian population including parents, adults, and travelers, positioning itself as an official or semi-official government-affiliated resource. The business model is informational and supported by partnerships with Estonian health and government institutions. Technically, the site is built on Drupal 10 with modern web technologies, offering good mobile optimization and accessibility features. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and policies could be improved. Privacy compliance is weak due to missing privacy and cookie policies and lack of consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

The website info.vaivaravald.ee serves as a minimal informational portal primarily using a frameset to display content from an internal page and an external domain www.vaivara.ee. The site lacks substantive content, metadata, and modern web features, indicating a low level of digital maturity. There is no evidence of privacy policies, cookie consent mechanisms, or contact information, which limits user trust and compliance with data protection regulations. Technically, the site does not demonstrate use of modern frameworks, CMS, or security best practices such as HTTPS or security headers. The security posture is weak due to absence of encryption and lack of visible security controls. Overall, the site presents a low-risk profile due to minimal data collection but suffers from poor professionalism and trustworthiness.

The website kalmistud.ee serves as the official Estonian cemetery portal, providing information and e-services related to cemeteries, burial places, and related administrative functions. It targets Estonian residents, municipalities, and cemetery administrators, offering a centralized platform for searching burial information and managing burial plots. The site is operated by Spin TEK AS, a registrar and hosting provider consistent with the domain registration data. Technically, the site uses modern web technologies including JavaScript and CKEditor, with a responsive and accessible design. Security posture is moderate with HTTPS enabled and CSRF protection on forms, but lacks visible security headers and comprehensive privacy compliance documentation. Overall, the site is functional and trustworthy but would benefit from enhanced privacy policies and security disclosures.

S

Sinimäe spordihoone

spordihoone.ee

0

Sinimäe spordihoone is a local sports facility based in Sinimäe, Narva-Jõesuu, Estonia, offering group training classes, gym access, sauna, and event hosting primarily targeting local sports enthusiasts. The website is built on WordPress with modern plugins and themes, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is legitimate and professionally presented but would benefit from enhanced security and compliance measures.

Z

Zone Media OÜ

evald.ee

0

Eomap.ee is a technology company focused on geoinformation systems and cartography, primarily serving local governments in Estonia. Their flagship product, Kovgis EVALD, is a server-based, open-source software solution designed for municipal geoinformation management, integrating with national systems via X-tee. The company has a solid local market presence with over 30 years of experience, reflected in their comprehensive suite of modules tailored for municipal needs such as waste management, road maintenance, and public lighting. Technically, the website is built on WordPress with modern SEO and performance optimizations, though it lacks explicit privacy and cookie policies. Security posture is good with HTTPS and no visible vulnerabilities, but could be improved with additional security headers and incident response information. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and clearer contact details.

M

MTÜ Lastekaitse Liit

lastekaitseliit.ee

0

MTÜ Lastekaitse Liit is a well-established Estonian non-profit organization dedicated to the protection of children's rights and interests. The organization actively develops and implements child protection projects, provides expert opinions on child protection legislation, supports child and youth participation, organizes training for professionals, and offers camp services and scholarships for children and youth. The website reflects a clear mission and target audience focused on children, families, and child welfare professionals. Technically, the site is built on a modern WordPress platform with WooCommerce integration, leveraging popular plugins such as Yoast SEO, WPBakery, and Slider Revolution, indicating a mature digital infrastructure. The site is mobile-optimized and uses HTTPS, ensuring secure communications. However, it lacks published privacy and cookie policies, which impacts its privacy compliance score. Social media presence is strong with official Facebook, LinkedIn, and YouTube channels linked. Overall, the website demonstrates good professionalism and trustworthiness but would benefit from enhanced privacy and security policy transparency.

S

Synology Inc.

gofile.me

0

The analyzed page is an error page related to Synology's QuickConnect service, hosted under the domain gofile.me. The business behind the service is Synology Inc., a reputable technology company specializing in network-attached storage and related services. The page content is minimal and focused on troubleshooting connection issues, with no direct business or security policy information presented. The technical infrastructure includes AWS DNS hosting and JavaScript-based front-end components, with Google Analytics used for tracking. Security posture is moderate but could be improved by enabling DNSSEC, adding security headers, and publishing explicit security policies. Privacy compliance is basic, with a cookie policy and consent mechanism present but no privacy policy on this page. Overall, the domain registration is consistent and legitimate, with privacy protection justified for this business type.

The website keskkonnaamet.ee is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks direct access to the site's content. This prevents extraction of meaningful business, contact, or policy information. The domain is registered since 2010 with a reputable Estonian registrar, indicating legitimacy and a stable presence. The site appears to be a government-related entity based on the domain and WHOIS data, but no explicit business details or descriptions are available in the accessible content. Technically, the site uses Cloudflare services for security and performance, but no CMS or frameworks are detectable from the challenge page. Security posture is partially observable due to HTTPS and Cloudflare protection, but no security headers or policies are visible. Privacy and cookie policies are not found, and no contact information is exposed. Overall, the site is protected by a strong WAF, but this limits external analysis and transparency.

Ida-Virumaa Omavalitsuste Liit is a regional government association serving the municipalities of Ida-Virumaa, Estonia. The website provides comprehensive information on governance, development strategies, programs, projects, education, public health, safety, culture, and visa-related matters. It targets local residents, government officials, and stakeholders interested in regional development. The organization operates as a small-sized government entity founded in 2010, with a clear focus on regional coordination and public service. Technically, the website is built on the Liferay CMS platform, utilizing technologies such as jQuery, Bootstrap, Google reCAPTCHA, and Font Awesome. The site is hosted by Elkdata OÜ, consistent with the WHOIS data. The website is mobile-optimized and provides a good user experience, although some technical aspects like the use of an outdated jQuery version and lack of security headers indicate areas for improvement. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to mitigate automated abuse. However, the absence of security headers and outdated JavaScript libraries present potential vulnerabilities. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms, which could expose the organization to regulatory risks. Overall, the website is trustworthy and professional but would benefit from enhanced security practices and improved privacy compliance to align with modern standards and regulations.

The website juristaitab.ee is currently inaccessible due to a Cloudflare security challenge page that requires human verification via Turnstile captcha. This prevents access to any substantive content, including business descriptions, contact information, or policies. The domain is registered since 2010 under Elkdata OÜ, an Estonian registrar, indicating a legitimate registration history. However, the lack of accessible content limits the ability to assess the company's market position, services, or technical maturity. The technical infrastructure relies on Cloudflare for security and performance, but no further technology stack details are available. Security posture is difficult to evaluate fully due to the blocked content, but the presence of Cloudflare indicates some level of protection. Privacy and compliance policies are not found, and no contact or business details are visible. Overall, the site currently presents a low trust profile due to inaccessibility and lack of transparency.

I

Ida-Viru Ettevõtluskeskus AS

idaviru.ee

0

Ida-Viru Ettevõtluskeskus AS operates the website idaviru.ee, a regional tourism cluster portal promoting adventure and leisure activities in Ida-Virumaa, Estonia. The site targets tourists and families seeking diverse experiences including outdoor adventures, cultural sites, accommodation, and events. The business model focuses on tourism promotion and cluster partnership facilitation, positioning itself as a key regional information hub. Technically, the website is built on WordPress with Elementor and WooCommerce, optimized with WP Rocket, and uses Cloudflare DNS. It integrates modern analytics and marketing tools such as Google Analytics, Microsoft Clarity, and Facebook Pixel, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced, cookie consent implemented, and no critical vulnerabilities detected. However, the absence of explicit privacy policy and terms of service pages indicates room for compliance improvement. Overall, the website is professional, well-branded, and trustworthy, with good performance and user experience.

S

Sillamäe Muuseum

sillamae-muuseum.ee

0

Sillamäe Muuseum is a small cultural and educational institution based in Estonia, providing guided tours, educational programs, workshops, and children's entertainment rentals. The website is professionally designed using WordPress with a modern theme and includes multilingual support. It demonstrates compliance with GDPR through a cookie consent mechanism and provides clear contact information. The technical infrastructure is solid, leveraging common web technologies and plugins, with good mobile optimization and moderate performance. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and policies could be improved. Overall, the website is trustworthy and serves its target audience effectively.

Jaanilill is a small local kindergarten based in Järva-Jaani, Estonia, providing early childhood education services primarily to local families. The website serves as an informational portal with basic content about the kindergarten, including navigation to pages about history, daily schedule, and parental information. The business model is straightforward, focusing on educational services for young children in a local community setting. The domain age and WHOIS data indicate a legitimate and consistent online presence since 2015. Technically, the website is built on WordPress using the Twenty Seventeen theme and includes jQuery as a JavaScript library. The hosting is provided by Elkdata OÜ, a local Estonian hosting provider. The site is accessible over HTTPS with a good SSL configuration but lacks advanced security headers and modern tracking or analytics tools. Mobile optimization and accessibility are basic but functional. From a security perspective, the site benefits from HTTPS but lacks security headers and does not display privacy or cookie policies, which are important for GDPR compliance. No forms or data collection mechanisms are present on the homepage, reducing immediate data protection risks. However, the absence of incident response contacts or security policies indicates a low maturity in security governance. Overall, the website is a basic but legitimate online presence for a local kindergarten. It would benefit from enhanced privacy compliance, improved security headers, and clearer contact information to increase trust and regulatory adherence.