Security Directory

P

Peatus

peatus.ee

51

Peatus.ee is a digital journey planning user interface focused on public transportation in Estonia, leveraging the Digitransit platform. The website targets public transport users seeking route planning and transit information. Technically, it employs modern web technologies including React, JavaScript, and integrates analytics tools such as Matomo and Google Tag Manager. The site demonstrates good security practices with HTTPS and security headers, but lacks explicit privacy and cookie policies, as well as contact information, which impacts privacy compliance and user trust. Overall, the domain registration data aligns well with the website's purpose, indicating legitimacy. Strategic improvements in privacy disclosures and user contact options would enhance compliance and trust.

K

Keskkonnaagentuur

loodusveeb.ee

55

Loodusveeb is an official Estonian governmental environmental information portal managed by the Estonian Environment Agency (Keskkonnaagentuur). It provides comprehensive information on Estonia's nature, biodiversity, ecological themes, citizen science projects, and environmental education. The website targets Estonian residents, environmental enthusiasts, researchers, and volunteers, serving as a trusted source for nature-related data and public engagement. Technically, the site is built on Drupal 10 with modern libraries and includes a cookie consent mechanism compliant with EU regulations. The site is mobile optimized and accessible, with good SEO practices. Security posture is solid with HTTPS and cookie consent, but lacks explicit security headers and published security policies. WHOIS data confirms domain legitimacy and consistency with the governmental nature of the site. Overall, the website is professional, trustworthy, and well-positioned as a governmental environmental resource.

V

Visit Harju

visitharju.ee

50

Visit Harju is the official tourism portal for Harju County, Estonia, providing comprehensive information on the region's natural beauty, cultural heritage, and leisure activities. The website targets tourists and visitors seeking to explore Harju's attractions, travel routes, and experiences. Managed by SA Harju Ettevõtlus- ja Arenduskeskus, it serves as a trusted regional resource with consistent branding and a clear focus on hospitality and cultural tourism. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, ensuring good SEO and user experience. The site is mobile-optimized and accessible, with moderate performance and integration of analytics tools like Google Analytics and Plausible. Security posture is solid with HTTPS, reCAPTCHA on forms, and no exposed sensitive data, though explicit security headers and policies are not fully documented. Privacy compliance is a notable gap, lacking visible privacy and cookie policies or consent mechanisms. Overall, the domain registration is consistent and legitimate, supporting the site's credibility as an official tourism portal.

M

Metana Digiagentuur

metana.eu

47

Metana Digiagentuur is a small digital agency based in Tallinn, Estonia, specializing in website design, email marketing, and digital advertising services such as Meta Ads and Google Ads. The company targets businesses seeking comprehensive digital marketing and web development solutions. Their website is built on WordPress using Elementor and WooCommerce, indicating a modern and flexible technical infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS enabled and use of Google reCAPTCHA, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security measures.

Z

Zone Media OÜ

maardupanoraam.ee

39

Maardu Panoraam is a local news and information website serving the residents of Maardu, Estonia. It provides timely news, official announcements, event information, job postings, and messages from the mayor, targeting the local community. The website is built on WordPress CMS, leveraging common plugins such as WPBakery Page Builder and WPML for multilingual support. It uses Google Analytics and Tag Manager for visitor tracking and performance insights. The site is hosted under the domain registered by Zone Media OÜ, an Estonian registrar, aligning with the website's geographic focus. Technically, the website demonstrates a moderate level of digital maturity with responsive design, good SEO practices, and integration of modern web technologies. However, it lacks some advanced security measures such as DNSSEC and security headers, which could be improved to enhance protection against common web threats. The absence of privacy and cookie policies indicates a gap in compliance with GDPR and related privacy regulations, which is critical given the use of tracking technologies. From a security perspective, the site uses HTTPS and secure login forms but does not provide explicit security or incident response policies. No WAF or blocking mechanisms are detected, and no suspicious or malicious indicators are present. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security hardening to reduce risk and improve user trust.

N

Notarite Koda

notar.ee

60

Notarite Koda is the official Estonian organization representing notaries, providing authoritative information and services related to notarial acts, registers, and legal procedures. The website serves as a comprehensive portal for citizens and businesses to access notarial services, including an e-notary self-service platform for booking and managing transactions. The organization holds a strong market position as a government-related entity ensuring legal security in Estonia. Technically, the website is built on Drupal 7 with a moderate performance profile and good mobile and accessibility features, though some libraries like jQuery are outdated, posing potential security risks. Security posture is generally good with HTTPS enabled and secure form handling, but lacks visible security headers and explicit privacy or cookie policies, which impacts compliance and trust. Contact information is clearly presented, and social media presence enhances credibility. Overall, the site is professional and trustworthy but would benefit from modernization and enhanced privacy compliance.

V

Viimsi Hoolekandekeskus

viimsihoolekandekeskus.ee

43

Viimsi Hoolekandekeskus is a local Estonian social care center established in 2021, consolidating day centers and social services for the Viimsi municipality community. The website provides information about their services, events, and contact options primarily in Estonian. Technically, the site is built on WordPress with popular plugins for events and page building, hosted under a reputable Estonian registrar. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, though some security headers and policies are missing. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the site is professional and trustworthy for its local government/non-profit purpose.

The website kaitsealad.ee is an official Estonian government-related portal managed by Keskkonnaamet (Environmental Board) providing comprehensive information about Estonia's protected areas. It serves as an educational and informational resource for the public, nature enthusiasts, landowners, and youth conservation groups. The site offers news, events, maps, and educational content related to nature conservation and sustainable tourism. Technically, the site is built on Drupal 10 CMS with modern frontend libraries and is hosted via Zone Media OÜ. It features a cookie consent mechanism compliant with EU regulations and uses Matomo for analytics. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies could be improved. Contact information is clearly provided, enhancing trust and credibility. However, privacy policy and terms of service pages are not explicitly found, which is a gap in compliance. Overall, the site is professional, accessible, and trustworthy, supporting its government mission effectively.

E

EOMAP

eomap.ee

39

EOMAP is an established Estonian technology company specializing in cartography and spatial data solutions, with a strong focus on municipal software products such as the Kovgis EVALD system. The company has a solid market position supported by integration with national information systems and a 30-year history. Technically, the website is built on WordPress using the Divi theme and Yoast SEO plugin, indicating a mature digital presence with good SEO and mobile optimization. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

Z

Zone Media OÜ

evald.ee

39

Eomap.ee is a technology company focused on geoinformation systems and cartography, primarily serving local governments in Estonia. Their flagship product, Kovgis EVALD, is a server-based, open-source software solution designed for municipal geoinformation management, integrating with national systems via X-tee. The company has a solid local market presence with over 30 years of experience, reflected in their comprehensive suite of modules tailored for municipal needs such as waste management, road maintenance, and public lighting. Technically, the website is built on WordPress with modern SEO and performance optimizations, though it lacks explicit privacy and cookie policies. Security posture is good with HTTPS and no visible vulnerabilities, but could be improved with additional security headers and incident response information. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and clearer contact details.

Ida-Virumaa Omavalitsuste Liit is a regional government association serving the municipalities of Ida-Virumaa, Estonia. The website provides comprehensive information on governance, development strategies, programs, projects, education, public health, safety, culture, and visa-related matters. It targets local residents, government officials, and stakeholders interested in regional development. The organization operates as a small-sized government entity founded in 2010, with a clear focus on regional coordination and public service. Technically, the website is built on the Liferay CMS platform, utilizing technologies such as jQuery, Bootstrap, Google reCAPTCHA, and Font Awesome. The site is hosted by Elkdata OÜ, consistent with the WHOIS data. The website is mobile-optimized and provides a good user experience, although some technical aspects like the use of an outdated jQuery version and lack of security headers indicate areas for improvement. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to mitigate automated abuse. However, the absence of security headers and outdated JavaScript libraries present potential vulnerabilities. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms, which could expose the organization to regulatory risks. Overall, the website is trustworthy and professional but would benefit from enhanced security practices and improved privacy compliance to align with modern standards and regulations.

P

Peetri Kool

peetrikool.ee

38

Peetri Kool is a small educational institution located in Estonia, providing primary and kindergarten education services to the local community. The website serves as an informational portal offering details about school schedules, staff, admission, and extracurricular activities. The site is built on WordPress using the Education Hub theme and integrates basic modern web technologies such as jQuery and Font Awesome. Hosting appears to be managed by Elkdata OÜ, a local Estonian provider. The website is accessible, mobile-optimized, and includes clear navigation but lacks comprehensive content on the homepage. Security posture is moderate with HTTPS enabled but missing important security headers and privacy compliance elements such as privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Analytics are handled via plausible.io, indicating a privacy-conscious approach but without explicit consent mechanisms.

E

Ettevõte

jarvakodu.ee

43

Järvakodu is a small healthcare business operating a newly renovated elderly care home in Järva-Jaani, Estonia. The facility offers 24/7 general care services with a focus on personalized attention, a supportive environment, and sustainable energy solutions such as solar panels and geothermal heating. The website reflects a professional and consistent brand image with clear service descriptions and contact information. Technically, the site is built on WordPress using modern plugins and frameworks, hosted by Elkdata OÜ, and demonstrates good SEO and mobile optimization. Security posture is solid with HTTPS enabled and no obvious vulnerabilities, though some security headers and policies could be improved. Privacy compliance is addressed with a cookie consent banner and a privacy policy page, but no terms of service or incident response information is published. Overall, the site is trustworthy and well-maintained, supporting the business's credibility and customer engagement.

Z

Zone Media OÜ

planeeringud.ee

61

The website planeeringud.ee serves as the official Estonian national repository for established planning documents, providing public access to planning data and downloadable files. It targets municipalities, planners, and the general public interested in regional planning information. The platform is built on modern Angular technology with Material Design components, ensuring a responsive and user-friendly interface. The site integrates Google Analytics for usage tracking but lacks visible privacy and cookie policies, indicating compliance gaps with GDPR requirements. Security posture is solid with HTTPS and a Content-Security-Policy header, though additional security headers and vulnerability disclosure mechanisms are absent. Overall, the site is professionally presented and trustworthy but would benefit from enhanced privacy compliance and security hardening.

M

MTÜ Spordiklubi Presidendirada

presidendirada.ee

67

Spordiklubi Presidendirada is a small non-profit sports club based in Estonia, organizing the annual Presidendimatk event. The website provides event information, prize details, and contact information, targeting local sports enthusiasts and community members. The site is hosted on Google Sites, leveraging Google's infrastructure and technologies such as Google Fonts and APIs, with embedded Facebook social media integration. The technical infrastructure is modern but basic, with moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced, though lacking advanced security headers and formal security policies. Privacy compliance is minimal, with a cookie consent banner present but no dedicated privacy or terms pages. Overall, the website is trustworthy and professional for its scope but could improve in privacy and security transparency.

T

Tapa Valla Spordikeskus

tapasport.ee

46

Tapa Valla Spordikeskus is a municipal sports center in Lääne-Virumaa, Estonia, offering diverse sports facilities including swimming pools, gyms, health trails, and event hosting. The website serves local residents and sports enthusiasts with information on training, events, and additional services such as accommodation and seminar rooms. The business operates under a government sector model, founded in 2020, and maintains a consistent and professional online presence with active social media channels. Technically, the site is built on WordPress with modern plugins and SEO tools, hosted by Virtuaal.com OÜ, and optimized for mobile devices with good performance and accessibility. Security posture is strong with HTTPS and no visible vulnerabilities, though security headers and explicit privacy and cookie policies are missing, representing compliance gaps. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices.

Väike-Maarja vald operates as a local government entity in Estonia, providing a broad range of municipal services including administration, social welfare, education, culture, and community engagement. The website serves as an official portal for residents and stakeholders, offering news, event information, contact details, and access to various public services. The site is well-structured and content-rich, targeting local residents, businesses, and visitors. Technically, the website is built on the Liferay CMS platform, leveraging modern web technologies such as jQuery, Bootstrap, Google Analytics, and Microsoft Clarity for analytics and user experience enhancement. The site is hosted by Telia Eesti AS and uses HTTPS with a good SSL configuration. Mobile optimization and navigation clarity are good, though accessibility features could be improved. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks several important security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain. Overall, the website presents a trustworthy and professional digital presence for the municipality but would benefit from enhanced security headers, privacy compliance improvements, and clearer security policies to strengthen its security posture and regulatory adherence.

Jõhvi vallavalitsus operates as the official municipal government for the Jõhvi region in Estonia, providing a wide range of public services including governance, social welfare, education, cultural events, urban planning, and community engagement. The website serves as a comprehensive portal for residents and stakeholders to access information, participate in local initiatives, and stay informed about municipal activities. The target audience primarily consists of local residents, businesses, and visitors seeking official information and services. Technically, the website is built on the Liferay CMS platform, utilizing JavaScript, jQuery, Bootstrap, and Font Awesome for UI components and styling. It employs HTTPS for secure communication and integrates Google Analytics for visitor tracking. The site demonstrates good mobile responsiveness and clear navigation, although some technical debt is evident with the use of an outdated jQuery version, which could pose security risks. From a security perspective, the site benefits from HTTPS encryption and a cookie consent mechanism indicating GDPR awareness. However, it lacks visible security headers and explicit security or incident response policies. The absence of a vulnerability disclosure policy and the use of outdated libraries suggest areas for improvement. No critical vulnerabilities or blocking mechanisms were detected, and contact information is clearly provided, enhancing trust. Overall, the website is professional, trustworthy, and functional, serving its governmental role effectively. Strategic improvements in updating libraries, implementing security headers, and publishing comprehensive security policies would enhance its security posture and compliance standing.

A

Alutaguse vald

alutagusevald.ee

53

Alutaguse vald operates as a local government entity in Estonia, providing a broad range of public services including social welfare, environmental management, urban planning, and cultural activities. The website serves as an information portal for residents and stakeholders, offering detailed navigation to various municipal services and administrative resources. The business model is typical of a public sector organization focused on community service and governance. The website is positioned as an official government resource with a clear focus on transparency and accessibility to local information. Technically, the website is built on the Liferay CMS platform, utilizing standard web technologies such as jQuery, Google Fonts, and Font Awesome. It integrates Google Tag Manager for analytics and tracking purposes. The site demonstrates moderate performance and good mobile optimization, with a structured and consistent design. SEO and accessibility are adequately addressed, though accessibility could be improved further. From a security perspective, the website enforces HTTPS and implements several security headers, indicating a good baseline security posture. There are no visible vulnerabilities or exposed sensitive data. However, the absence of an explicit cookie consent mechanism and published security or incident response policies suggests room for improvement in compliance and transparency. No WAF or blocking mechanisms were detected, and WHOIS data confirms the legitimacy and consistency of the domain registration with the website's government affiliation. Overall, the website presents a trustworthy and professional front for the Alutaguse vald municipality, with solid technical and security foundations. Strategic enhancements in privacy compliance, accessibility, and security policy transparency would further strengthen its position and user trust.

Raasiku Vallavalitsus operates as the local government authority for Raasiku vald in Estonia, providing a broad range of public services including social welfare, education, environmental management, and urban planning. The website serves as an information hub for residents and stakeholders, offering news, contact details, e-services, and detailed sectoral information. The organization holds a stable market position as a small-sized governmental entity with a domain age consistent with its operational history since 2010. Technically, the website is built on the Liferay CMS platform, utilizing standard web technologies such as JavaScript, jQuery, Bootstrap, and Google Fonts. It is hosted under a reputable registrar, Telia Eesti AS, and employs HTTPS with a cookie consent mechanism, indicating a moderate level of digital maturity. Mobile optimization and SEO practices are adequately implemented, though accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and includes a cookie consent banner, but lacks visible advanced security headers and explicit security or incident response policies. No critical vulnerabilities or exposed sensitive data were detected. The use of Google Analytics introduces moderate user tracking, balanced by privacy compliance measures including a privacy policy and cookie policy. Overall, the website presents a trustworthy and professional digital presence for a local government entity. Strategic recommendations include enhancing security headers, publishing incident response information, updating libraries regularly, and improving accessibility compliance to further strengthen the security posture and user trust.

C

Caotica

caotica.eu

54

Caotica is a small technology service provider specializing in web development and online marketing, targeting medium-sized companies primarily in Estonia and internationally. The company offers a broad range of digital services including SEO, Google Ads, social media campaigns, email marketing, and content management. The website is professionally designed using WordPress with modern SEO and analytics tools integrated, reflecting a mature digital presence. Security posture is good with HTTPS enforced and a comprehensive cookie consent mechanism, although some security headers are missing and no explicit incident response or security policy pages are available. The lack of publicly available WHOIS data due to EURid privacy policies limits transparency but is common for .eu domains. Overall, the website is trustworthy and functional with room for improvement in contact transparency and security best practices.

U

UAB Eltechnika

eltechnika.eu

54

UAB Eltechnika is a Lithuanian-based company specializing in the distribution and sales of advanced laser and CNC machinery, including CO2, Fiber, UV lasers, and CNC milling machines. Established in 2015, it serves primarily the Baltic region as an official distributor for AEON and LightBurn, targeting manufacturing and industrial businesses seeking high-precision equipment. The website reflects a professional B2B business model with multilingual support and a focus on product exposition and customer engagement. Technically, the site is built on WordPress with common plugins for caching and multilingual content, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and secure form handling, but lacks explicit security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site presents a credible and trustworthy business presence with room for improvement in privacy and security transparency.

M

MERI

mer.ee

43

MERI is a small Estonian artisan business specializing in unique metal art and jewelry, led by artist Merilin Pedastsaar. The website showcases a professional portfolio with detailed descriptions of bespoke metal artworks, collaborations, and awards, positioning MERI as a niche player in the Estonian art and design market. The technical infrastructure is modern, leveraging Bootstrap, Google Fonts, and Google Tag Manager, with a responsive and well-structured design that supports excellent user experience across devices. Security posture is adequate with HTTPS implied and secure form handling, but lacks explicit security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional but would benefit from enhanced compliance and security transparency.

D

Drouot Estimations

drouot-estimations.com

57

Drouot Estimations is a French auction house operating under the Drouot group, specializing in art, antiques, jewelry, and collectibles. The website serves as a platform for auction calendars, results, object estimations, and online bidding services, targeting both French and international clients interested in auctions. The site is well-branded and professionally designed, reflecting a medium-sized business with a strong market position in the auction industry. Technically, the website employs modern web technologies including Bootstrap, jQuery, and various JavaScript libraries for sliders and carousels, ensuring a responsive and interactive user experience. Google Tag Manager and Google Analytics are integrated with a cookie consent mechanism, indicating some level of privacy awareness. However, explicit privacy and terms of service pages are not found, which is a compliance gap. From a security perspective, the site uses HTTPS and implements cookie consent, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of WHOIS registration data is a concern, potentially indicating privacy protection or domain registration issues, which slightly lowers trust. Overall, the website is functional, professional, and trustworthy from a user perspective but would benefit from enhanced transparency in privacy, security policies, and domain registration information to improve compliance and trustworthiness.

D

Doping

doping.agency

55

Doping is a results-driven digital marketing agency specializing in Google Ads management and growth strategies for e-commerce, B2B, and B2C companies primarily in Estonia. The company emphasizes a 90-day Growth Sprint™ methodology to deliver measurable sales growth and ROI improvements. Their website showcases strong client testimonials, case studies, and a clear service offering including campaign optimization, landing page creation, and training programs. Technically, the site is built on Webflow with modern tracking and analytics tools such as Google Tag Manager, Facebook Pixel, and Mouseflow, ensuring good performance and user experience across devices. Security posture is solid with HTTPS and no exposed sensitive data, but lacks some advanced security headers and published policies. The absence of WHOIS data for the domain raises concerns about registration transparency, though the professional presentation and active business presence mitigate some risk. Overall, the site is credible and well-structured, but could improve privacy compliance and domain legitimacy disclosures.

U

UAB Eltechnika

eltechnika.lt

54

UAB Eltechnika is a Lithuanian-based company specializing in the distribution and sales of advanced manufacturing machinery, including CO2, UV, Fiber laser cutting and engraving machines, as well as CNC milling equipment. Established in 2015, the company serves the Baltic region as an official distributor for AEON and LightBurn, targeting industrial and manufacturing businesses seeking high-precision equipment. Their website reflects a professional and consistent brand image with multilingual support, clear product categorization, and active social media engagement. Technically, the site is built on WordPress with modern plugins and themes, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and secure forms, but lacks explicit security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the business demonstrates credibility and a solid market position, but should improve privacy and security transparency to enhance trust and compliance.

Z

Zone Media OÜ

omastehooldusest.ee

45

Omastehooldusest.ee is a specialized informational portal launched in 2024 by Zone Media OÜ, focused on providing knowledge, support, and hope for individuals requiring care and their caregivers in Estonia. The website offers comprehensive resources including guidance for care recipients, adult and child caregivers, community information, specialist resources, and multimedia content such as videos and podcasts. It targets a niche non-profit sector audience, aiming to support caregiving journeys with practical and emotional assistance. Technically, the site is built on WordPress with a modern theme and SEO optimizations, integrating analytics and chat support tools. Security posture is adequate with HTTPS enabled but lacks advanced DNS security and security headers. Privacy compliance is weak due to missing explicit privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

C

ConvexityShares

convexityshares.com

44

ConvexityShares is a small ETF issuer based in the USA, founded in 2020, currently without active products in the market. The company operates under the parent company Teucrium and targets investors interested in exchange-traded funds. The website provides basic business information, tax package support resources, and contact options primarily through a contact form and physical address. The digital infrastructure employs modern web technologies including Google Tag Manager and Twitter tracking pixels, indicating moderate digital maturity. However, the site lacks comprehensive privacy and cookie policies, which impacts privacy compliance ratings. From a security perspective, the website benefits from HTTPS encryption and domain transfer protection, enhancing trustworthiness. Nonetheless, it lacks advanced security headers and explicit incident response contacts, which are recommended for improved security posture. No critical vulnerabilities or exposed sensitive data were detected during analysis. The website is accessible without any WAF or blocking mechanisms, allowing full content inspection. Overall, ConvexityShares presents a basic but functional online presence consistent with a small financial services business. Strategic improvements in privacy compliance, security headers, and incident response transparency would enhance trust and regulatory alignment. The company’s partnership with tax package support services adds value to its investor audience.

K

KiVa

kivaschool.nl

51

KiVa is an established educational program focused on promoting social safety and positive group dynamics in schools, primarily in the Netherlands. The website presents a comprehensive and scientifically backed anti-bullying program, supported by certified trainers and a large network of schools and teachers. The digital infrastructure leverages modern web technologies including jQuery, Bootstrap, Google Maps API, and tracking tools such as Google Analytics and Facebook Pixel, indicating a mature digital presence. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-positioned in the education sector.

A

ACE Logistics Ukraine LLC

acelogistics.ua

47

ACE Logistics Ukraine LLC is a small transportation and logistics company based in Ukraine, specializing in international freight forwarding services including road, air, and sea transport, customs brokerage, cargo insurance, and warehousing. The company targets businesses requiring efficient and professional logistics solutions with a focus on individual customer needs. Their website is built on WordPress using common plugins and libraries, providing a good user experience with clear navigation and relevant content. However, the site lacks critical compliance documentation such as privacy and cookie policies, and does not disclose security or incident response policies. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosure mechanisms. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. The website uses Google Analytics and Google Tag Manager for tracking, indicating moderate user tracking without clear privacy compliance disclosures.

C

Cboe Global Markets

cboe.com

67

Cboe Global Markets operates as a leading global financial market infrastructure provider, offering a broad range of tradable products including equities, options, futures, and volatility indices. The company serves a diverse audience of market participants, including traders, investors, and financial institutions, with a strong market position in the U.S. and international markets. Their business model centers on operating multiple exchanges, providing market data, clearing services, and listing opportunities for corporates and ETFs. Technically, the website employs modern web technologies such as React, Google Tag Manager, and Highcharts, ensuring a responsive and accessible user experience. The site is well-optimized for SEO and mobile devices, with comprehensive content and clear navigation. Privacy and cookie policies are implemented with consent mechanisms, reflecting good privacy compliance. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes security headers. However, explicit security policies, incident response information, and vulnerability disclosure mechanisms are absent, representing areas for improvement. The lack of WHOIS registration data reduces transparency but does not significantly detract from the site's legitimacy given the professional presentation and extensive business information. Overall, the website demonstrates a mature digital presence with strong business credibility and security posture, though enhancements in transparency and direct contact information would further strengthen trust and compliance.

C

Caotica OÜ

caotica.ee

49

Caotica OÜ is a specialized web design and development agency based in Estonia, operating since 2008. The company offers a comprehensive suite of digital services including website design, web development across platforms like WordPress, Webflow, and Wix, e-commerce solutions with WooCommerce and Shopify, as well as ongoing website management and SEO optimization. Their market position is that of a trusted, experienced small business serving both local and international clients, with over 200 projects completed and 80+ clients served. The website reflects a professional and consistent brand image with clear service offerings and client testimonials, supporting their credibility. Technically, the website is built on WordPress using the Avia Framework and Yoast SEO plugin, leveraging modern web technologies such as jQuery and Google Fonts. The site is mobile-optimized and demonstrates good SEO practices with structured data and meta tags. Hosting and domain registration are managed by Zone Media OÜ, consistent with the company's Estonian base. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS with anonymized IP tracking in Google Analytics and implements a cookie consent mechanism, indicating awareness of privacy compliance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no formal security or incident response policies are published. There is no vulnerability disclosure or security.txt file, which could be areas for improvement. Overall, Caotica OÜ presents a low-risk profile with a solid business foundation, professional web presence, and basic privacy compliance. Strategic enhancements in security headers, incident response transparency, and accessibility could further strengthen their security posture and trustworthiness.

T

Tervise Arengu Instituut

toitumine.ee

40

The website toitumine.ee is an official Estonian government health information portal managed by the Tervise Arengu Instituut under the Haridus- ja Teadusministeerium (EENet). It provides comprehensive nutrition guidelines, health advice, and tools such as a BMI calculator targeted at Estonian residents across various life stages and health conditions. The site is well-structured with rich content and expert contributions, positioning it as a trusted national resource for healthy eating information. Technically, the site is built on WordPress with modern libraries like jQuery, Bootstrap, and integrates Google Analytics and Facebook SDK for tracking. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and explicit incident response or vulnerability disclosure information. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the site is credible and trustworthy but would benefit from enhanced privacy and security practices.

U

UÜ Granaat

granaat.ee

40

UÜ Granaat is a small Estonian technology company specializing in creating sales-enhancing websites and e-commerce stores on the Voog platform. Established in 2010, the company leverages over 15 years of experience to deliver tailored web solutions aimed at helping small businesses achieve their goals. Their market position is strengthened by their official partnership with Voog and a strong portfolio of satisfied clients, as evidenced by numerous positive testimonials. Technically, the website is built using modern frameworks such as Next.js and React, styled with Tailwind CSS, and optimized for fast performance and excellent mobile responsiveness. Hosting and domain registration are consistent and managed by Elkdata OÜ, further supporting the company's legitimacy. The site integrates Google Analytics via Google Tag Manager and uses Calendly for scheduling client calls. From a security perspective, the site enforces HTTPS and employs secure form handling, but lacks explicit security headers and published security policies. Privacy compliance is limited due to the absence of privacy and cookie policies, which presents a compliance risk under GDPR. No critical vulnerabilities or exposed sensitive data were detected. Overall, UÜ Granaat presents a professional and trustworthy web presence with solid technical foundations and business credibility. However, to enhance compliance and security posture, the company should publish privacy and cookie policies, implement consent mechanisms, and add recommended security headers.

A

Alphabet Inc.

trilliondollarcoach.com

62

The website trilliondollarcoach.com serves as the official platform for the book 'Trillion Dollar Coach,' which encapsulates the leadership and management lessons of Bill Campbell, a renowned Silicon Valley coach. The site is professionally designed, featuring rich content including testimonials from prominent industry leaders and multiple purchase options. It targets business leaders and managers interested in leadership principles derived from Silicon Valley's top executives. The business model centers on book sales and leadership education, with strong brand association to Alphabet Inc., enhancing its market credibility. Technically, the website employs modern web technologies such as React, Google Analytics, and Swiper.js, ensuring a fast, mobile-optimized, and accessible user experience. The domain is registered with a reputable registrar and shows no signs of suspicious activity. However, the site lacks explicit privacy and cookie policies, which are critical for compliance with data protection regulations. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but it does not implement security headers or provide incident response contacts or vulnerability disclosure mechanisms. The use of Google Analytics indicates moderate user tracking, but without clear privacy compliance disclosures. Overall, the site demonstrates a solid security posture but has room for improvement in privacy and security transparency. The overall risk assessment is low, with recommendations focusing on enhancing privacy compliance, implementing security headers, and publishing incident response information to strengthen trust and regulatory adherence.

P

Petri Kajander

petrikajander.com

60

Petri Kajander's website serves as a personal and professional platform showcasing his work as a purpose-driven founder, content creator, and mentor. The site features a variety of content including blogs, podcasts, and curated social media feeds, targeting entrepreneurs, business leaders, and individuals interested in personal development and startups. The business model revolves around thought leadership and content dissemination rather than direct product sales. Technically, the website is built on WordPress, leveraging common plugins and modern web technologies such as jQuery and YouTube Embed Plus. The site is mobile-optimized and provides a good user experience with clear navigation and structured content. However, hosting provider details are not explicitly identified. From a security perspective, the site uses HTTPS and implements some best practices like setting rel="noopener noreferrer" on external links. However, it lacks visible security headers, privacy and cookie policies, and vulnerability disclosure mechanisms. The absence of WHOIS registration data raises concerns about domain legitimacy, although the site content and branding appear consistent and professional. Overall, the website is functional and professional but would benefit from enhanced transparency in privacy, security policies, and domain registration details to improve trust and compliance.

T

The Options Clearing Corporation

optionseducation.org

50

The Options Industry Council (OIC) is a well-established educational resource operated by The Options Clearing Corporation (OCC), providing comprehensive options trading education to investors, financial advisors, and institutional participants globally. The website offers a rich array of educational materials including webinars, podcasts, strategy guides, and real-time options quotes, positioning itself as a trusted industry leader since 1992. The business model is non-profit and supported by major participant exchanges, reinforcing its credibility and market position. Technically, the website is built on the Kentico CMS platform and leverages a modern technology stack including Google Tag Manager, Google Analytics, Facebook Pixel, and Microsoft Clarity for analytics and marketing. The site demonstrates good performance, mobile optimization, and accessibility, with a professional and consistent design that enhances user experience and trustworthiness. From a security perspective, the site enforces HTTPS and employs secure form handling with hashed data submissions. While no critical vulnerabilities were detected, the absence of explicit security headers such as Content-Security-Policy and lack of published security or incident response policies represent areas for improvement. Privacy compliance is partially addressed with a comprehensive privacy policy, but the lack of a cookie consent mechanism and GDPR-specific disclosures suggests room for enhancement. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include implementing additional security headers, publishing security policies, enhancing privacy compliance with cookie consent, and improving WHOIS transparency to further strengthen trust and compliance.

A

Aitan Eestit MTÜ

aitaneestit.ee

51

Aitan Eestit MTÜ is a small Estonian non-profit organization founded in 2020, focused on charitable activities that connect donors with those in need. The organization primarily engages young people to collect donations and spread their message, aiming to improve social welfare in Estonia. The website reflects this mission with clear calls to action for donations and partnership, supported by a modern WordPress infrastructure using Elementor and GiveWP plugins. The site is multilingual, supporting Estonian, English, and Russian languages, enhancing accessibility for diverse audiences. Technically, the website is built on a robust WordPress platform with SEO optimization via Yoast and integrates Google Analytics for visitor tracking. The site uses HTTPS with a valid SSL certificate, ensuring secure data transmission. However, it lacks advanced security headers and DNSSEC, which could be improved to enhance security posture. The donation forms collect essential contact information such as email and phone numbers, but no explicit privacy or cookie policies are present, indicating a gap in GDPR compliance. From a security perspective, the site demonstrates basic best practices like HTTPS and nonce tokens in forms but misses critical elements like security headers and documented incident response or vulnerability disclosure policies. The WHOIS data is transparent and consistent with the organization's founding date and domain usage, supporting legitimacy. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security hardening. Strategically, the organization should prioritize implementing comprehensive privacy and cookie policies, enable DNSSEC, and add security headers to improve trust and compliance. Enhancing transparency around data protection and incident response will further strengthen their security culture and stakeholder confidence.

K

KiVa Program

kivaprogram.net

61

KiVa Program is an established international anti-bullying educational initiative focused on providing schools, educators, and parents with resources and research to combat bullying. The website demonstrates a professional design with clear navigation and a global presence through multiple localized domains. Technically, the site is built on WordPress, uses modern libraries such as jQuery and DustPress, and integrates Cookiebot for privacy compliance. The site is mobile-optimized and accessible, with good SEO practices. Security-wise, the website enforces HTTPS and employs a comprehensive cookie consent mechanism, but lacks advanced security headers and published security policies or incident response contacts. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts the overall trustworthiness assessment. No explicit contact emails or phone numbers were found, limiting direct communication channels. Overall, the website is functional, privacy-conscious, and professionally presented, but the missing WHOIS data and lack of explicit business contact details reduce confidence in business credibility. Strategic improvements in security transparency and domain registration verification are recommended.

N

NORDWOOD

nordwood.ee

39

NORDWOOD is a collaborative brand representing four wood industry companies based in Estonia, focusing on wood sawing, processing, and sales. The website provides basic information about the company, its products, employment opportunities, and certifications. The business targets customers and potential employees interested in the wood manufacturing sector. The domain is well-established since 2013 and registered with a reputable Estonian registrar, supporting the legitimacy of the business. Technically, the website is built on WordPress and uses common technologies such as jQuery and Google Fonts. It employs the Wordfence security plugin and has HTTPS enabled, indicating a baseline security posture. However, the site lacks advanced security headers and proper configuration of analytics tools. The website is moderately optimized for mobile and performance but has room for improvement in SEO and accessibility. From a security perspective, the site shows basic good practices like HTTPS and Wordfence usage but lacks visible privacy and cookie policies, security headers, and incident response information. No forms or contact emails were found, which limits user engagement and transparency. The absence of privacy compliance elements is a notable gap given GDPR requirements. Overall, the website is functional and moderately professional but requires enhancements in privacy compliance, security headers, and user contact options to improve trust and regulatory adherence. Strategic recommendations include implementing privacy and cookie policies, adding security headers, properly configuring analytics, and providing clear contact and incident response information.

S

SDD BV

sddbv.com

65

SDD BV is a specialized manufacturing company focused on providing tailor-made print finishing solutions to businesses. Founded in 2016, the company positions itself as a niche provider in the print finishing industry, offering customized systems that add value to their clients' operations. Their website reflects a professional and consistent brand image, targeting business customers seeking print finishing equipment and services. Technically, the website is built on WordPress using the Divi theme, hosted by Argeweb Hosting, and incorporates modern web technologies including Google Fonts and GDPR compliance plugins. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Security-wise, the website uses HTTPS and has domain transfer protections enabled, but lacks DNSSEC and advanced security headers, indicating room for improvement in hardening the site against attacks. No explicit privacy policy, terms of service, or incident response information is present, which may impact compliance and trust. Overall, the website is functional and professional but could benefit from enhanced security measures and clearer compliance documentation.

A

admin

monetti.ee

55

Monetti.ee operates as a leading personal loan consultancy and comparison platform in Estonia, providing users with access to a wide range of loan products including mortgage loans, refinancing loans, credit cards, and quick loans. The website positions itself as the number one loan consultant in Estonia since 2008, offering services that help consumers make informed financial decisions by comparing various financial products. The platform targets Estonian consumers seeking personal loans and related financial services, leveraging partnerships with multiple loan providers to offer comprehensive options. Technically, the website is built on WordPress CMS, utilizing popular libraries and plugins such as jQuery, Bootstrap, and WPBakery Page Builder, hosted behind Cloudflare DNS services. The site demonstrates good digital maturity with responsive design, SEO optimization, and integration of analytics and trust signals like Trustpilot reviews. Security posture is solid with HTTPS enforced, use of reCAPTCHA, and cookie consent mechanisms, although it lacks explicit security policies and advanced security headers. Overall, Monetti.ee presents a professional and trustworthy online presence with room for improvement in formal security disclosures and terms of service.

E

Eesti Füüsika Selts

fyysika.ee

49

FYYSIKA.EE is a specialized Estonian website operated by the Estonian Physical Society, focusing on physics, science, and technology news, seminars, and educational content. The site serves a niche audience of physics students, educators, and researchers primarily in Estonia. Technically, it is built on WordPress with a modern theme and uses standard web technologies such as jQuery and Google Fonts. The site is well-structured with semantic markup and schema.org data, enhancing SEO and accessibility. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies, which should be addressed to meet GDPR requirements. Overall, the site is professional and trustworthy but could improve in privacy transparency and security best practices.

C

Creditea International

creditea.com

52

Creditea International operates an online lending platform targeting consumers in multiple countries including Estonia, Latvia, Lithuania, Czech Republic, and Mexico. The website serves as a gateway to country-specific portals offering consumer credit services. The business model focuses on digital lending solutions, positioning itself as a regional player in the online finance sector. The site uses modern web technologies such as React and Next.js, indicating a contemporary technical infrastructure. However, the content is minimal and primarily navigational, with limited visible business or compliance information. Security posture is moderate but lacks visible security headers and compliance documentation, which could be improved to enhance trust and regulatory adherence. The absence of WHOIS registration data and contact information raises concerns about transparency and legitimacy. Overall, the website is functional but requires enhancements in security, privacy compliance, and business credibility to strengthen its market position and user trust.

The website multitudegroup.com currently serves as a placeholder 'Coming Soon' page hosted on the Squarespace platform. It lacks any substantive business content, contact information, or policy documentation. The domain is registered through Squarespace Domains II LLC with a registration date in early 2021, consistent with a new or developing business presence. The technical infrastructure is basic, relying on Squarespace's hosting and standard web fonts and scripts. There are no advanced SEO, accessibility, or security features implemented on the site at this time. From a security perspective, the site uses HTTPS but lacks DNSSEC and security headers, which are recommended to enhance domain and web application security. No privacy or cookie policies are present, indicating non-compliance with GDPR and related regulations. There are no forms or data collection mechanisms, which limits exposure but also reduces business functionality. The absence of contact or incident response information further reduces trust and transparency. Overall, the site is in an early stage of development with minimal digital maturity and security posture. The risk level is moderate due to lack of content and policies rather than active vulnerabilities. Strategic recommendations include implementing comprehensive privacy and cookie policies, enabling DNSSEC, adding security headers, and providing clear contact and incident response information to improve trust and compliance.

O

OpenSpeedTest™

openspeedtest.com

45

OpenSpeedTest™ is a technology-focused company providing a free, open-source HTML5 internet speed testing tool accessible via any modern web browser without requiring plugins like Flash or Java. Established in 2013, the company targets a broad audience including individual internet users, website and app owners, and enterprise infrastructure operators. Their business model centers on offering free tools supported by advertising and self-hosted deployment options. The website demonstrates a mature technical infrastructure leveraging modern web standards, Google analytics and advertising services, and a reliable CDN provider (Cachefly) to ensure fast and responsive user experiences across devices. Security posture is strong with HTTPS enforcement, comprehensive security headers, and no visible vulnerabilities. Privacy compliance is robust, featuring a detailed consent management platform aligned with GDPR requirements. However, the site lacks explicit Terms of Service and incident response contact details, which could enhance trust and compliance. Overall, OpenSpeedTest™ presents a professional, trustworthy, and technically sound online presence with room for improvement in formal policy disclosures and direct contact information.

G

Grünfin

grunfin.com

55

Grünfin's website indicates that the business is closed, with minimal content and no active business information or contact details. The site is hosted on Google Sites and uses HTTPS with good SSL configuration, but lacks privacy policies, terms of service, and security headers. The WHOIS data is unavailable, suggesting the domain may be unregistered or expired, which aligns with the business closure message. Overall, the digital presence is minimal and does not support active business operations.

FoodDocs is a specialized SaaS provider offering intuitive food safety management software tailored for hospitality, healthcare, and retail sectors. The company positions itself as a market leader with top-rated software solutions that streamline compliance, monitoring, and traceability processes. Their platform is designed for ease of use, enabling businesses to set up food safety systems quickly and efficiently. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies and marketing tools to deliver a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security and incident response policies are not publicly detailed. Privacy compliance is well addressed with GDPR-compliant cookie consent and privacy policies. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency, which slightly impacts overall trustworthiness. Strategic recommendations include publishing detailed security policies, incident response plans, and improving domain registration transparency to enhance credibility.

K

Keila Muusikakool

keilamuusikakool.ee

39

Keila Muusikakool is a small local music school based in Keila, Estonia, providing music education services primarily to students and parents in the local community. The website offers detailed information about competitions, study programs, schedules, events, and pricing. The business operates with a clear focus on education and community engagement. Technically, the website is built on WordPress using Elementor, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal policies such as privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the site is functional and professional but could improve in privacy compliance and security best practices.

T

Tervise Arengu Instituut

terviseinfo.ee

38

Terviseinfo.ee is a well-established Estonian health information portal managed by the Tervise Arengu Instituut, a government-affiliated health development institute. The website provides comprehensive health promotion content, news, and educational resources targeted primarily at health promotion specialists and the general public. It covers a broad range of health topics including alcohol, HIV/AIDS, nutrition, mental health, and more, positioning itself as a trusted national resource for health information. Technically, the site is built on Joomla CMS and utilizes common JavaScript libraries such as MooTools and jQuery, along with Google Fonts and Google Analytics for tracking. The site is served over HTTPS, ensuring secure communication, and includes CSRF tokens in forms to protect against cross-site request forgery. However, it lacks explicit security headers like Content-Security-Policy and HSTS, and does not have a visible cookie consent mechanism or privacy policy page, which are important for GDPR compliance. From a security perspective, the website demonstrates a moderate security posture with secure form handling and HTTPS usage but could improve by implementing additional HTTP security headers and publishing clear privacy and cookie policies. No WAF or blocking mechanisms were detected, and the site content is fully accessible. The WHOIS data aligns well with the website's governmental health mission, showing a consistent and legitimate registration since 2011. Overall, the website is professional, trustworthy, and serves its public health mission effectively, but should enhance privacy compliance and security headers to strengthen its security posture and regulatory adherence.