Security Directory

L

Liikumisharrastuse kompetentsikeskus

liikumisaasta.ee

49

Liikumisharrastuse kompetentsikeskus is a government-affiliated non-profit organization established by the Estonian Olympic Committee in 2022 to promote physical activity and healthy lifestyles across Estonia. The website serves as a central hub for information, resources, and events related to physical movement, targeting a broad audience including youth, adults, seniors, and partners in the health and sports sectors. The organization positions itself as a leader in driving a national movement towards increased physical activity and wellness.

E

Eesti Spordi- ja Olümpiamuuseum SA

spordimuuseum.ee

49

Eesti Spordi- ja Olümpiamuuseum is a well-established cultural institution located in Tartu, Estonia, serving as the largest and most modern sports museum in the Baltic region. The museum offers a rich visitor experience with over 15 attractions, educational programs, exhibitions, and a dedicated Hall of Fame. Its target audience includes families, groups, individual sports enthusiasts, and educational institutions. The business model combines ticket sales, educational services, event hosting, and an online store. The museum maintains a strong market position supported by partnerships with cultural and Olympic organizations and environmental certifications.

S

Spordimeditsiini SA

sportmed.ee

38

Spordimeditsiini SA is an established Estonian sports medicine foundation providing specialized health examinations, treatments, and consultations for amateur, youth, and professional athletes. With over 25 years of experience, it holds a strong market position in Estonia's healthcare sector, focusing on sports-related medical services including physiotherapy, cardiology diagnostics, nutrition counseling, and advanced physiotherapy procedures. The website is well-structured, multilingual, and professionally designed, reflecting the organization's credibility and service quality. Technically, it is built on WordPress with modern plugins and SEO optimizations, though some performance and security enhancements are advisable. Security posture is solid with HTTPS and no visible vulnerabilities, but lacks explicit security headers and incident response policies. Privacy compliance is partially met with privacy and cookie policies present, but missing active consent mechanisms. Overall, the site demonstrates a mature digital presence with room for improvements in security and privacy transparency.

A

A. Le Coq

alecoq.ee

47

A. Le Coq is Estonia's oldest and largest beverage producer, offering a wide range of alcoholic and non-alcoholic drinks including beer, cider, juices, water, and energy drinks. The company operates a professional and well-structured website built on WordPress with WooCommerce, targeting both consumers and distributors in Estonia and export markets. The website demonstrates good digital maturity with modern technologies, SEO optimization, and mobile responsiveness. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit privacy and security policies are not published. Overall, the site reflects a credible and established business with a focus on compliance and user experience.

P

Pilt Ruudus OÜ

piltruudus.ee

41

Pilt Ruudus OÜ operates as a creative agency based in Estonia, offering a comprehensive suite of digital marketing, SEO, web development, video, and photography services. The company targets Estonian businesses seeking to enhance their online presence and marketing effectiveness. The website reflects a professional and consistent brand image, with clear service descriptions and a user-friendly contact form facilitating client engagement. The business appears well-established with a domain age consistent with its operational history.

S

Sisekaitseakadeemia

sisekaitse.ee

58

Sisekaitseakadeemia is a key Estonian governmental educational institution specializing in internal security education, research, and professional training. It serves students, professionals, and government officials with a broad portfolio of academic programs, seminars, and research activities. The website reflects a well-established institution with a clear focus on internal security sectors including police, rescue, prison, finance, and security studies. The institution holds a strong market position as the national authority in its domain. Technically, the website is built on Drupal 9 with modern web technologies such as Bootstrap, jQuery, and lazy loading for images. It integrates analytics tools like Matomo and Google Tag Manager, indicating a mature digital infrastructure. The site is mobile optimized, accessible, and SEO friendly, providing a good user experience. From a security perspective, the site uses HTTPS and employs some best practices like Do Not Track in analytics. However, explicit security headers and incident response policies are not evident. Privacy compliance is partially addressed with privacy and cookie policies present, though lacking a consent mechanism. Contact information is clearly provided, enhancing trust. Overall, the website is professional, trustworthy, and serves its educational and governmental purpose effectively. Strategic improvements in security headers, incident response transparency, and cookie consent would further strengthen its posture.

R

Rapla vald

rapla.ee

45

Rapla vald operates as a local government entity serving the Rapla region in Estonia, providing a broad range of municipal services including social support, education, cultural activities, infrastructure management, and community engagement. The website serves as an official portal for residents and visitors, offering news, event information, and access to various public services. The organization maintains a clear and consistent brand presence with a well-structured website in Estonian, targeting local community members and stakeholders. Technically, the website is built on WordPress CMS, leveraging modern plugins and frontend technologies such as jQuery, FontAwesome, and Google Tag Manager. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Hosting and domain registration are managed by a reputable Estonian registrar, Telia Eesti AS, with domain age consistent with the organization's history. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks explicit security headers, published security policies, and incident response contact information. No vulnerability disclosure or security.txt files are present, indicating room for improvement in transparency and security maturity. Overall, the website presents a trustworthy and professional digital presence for a government entity, with moderate technical and security posture. Strategic enhancements in security headers, incident response readiness, and vulnerability disclosure would strengthen its security and compliance stance.

G

Geopeitus MTÜ

geopeitus.ee

41

Geopeitus.ee is a niche community platform dedicated to geocaching activities in Estonia, operated by Geopeitus MTÜ. The website offers geocache listings, user forums, event announcements, and user-generated content such as logs and photos. It targets geocaching enthusiasts primarily within Estonia, fostering an active and engaged community with premium membership features and event support. The platform's market position is that of a specialized community hub rather than a commercial enterprise. Technically, the site uses legacy JavaScript libraries like jQuery 1.6.4 and jQuery Fancybox 1.3.4, along with Google Tag Manager for analytics. The CMS appears custom-built, with basic mobile optimization and accessibility features. Security posture is moderate but could be improved; the site lacks modern security headers and uses outdated libraries that may expose vulnerabilities. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or terms of service. Contact information is limited to an obfuscated email and a login form; no phone numbers or physical addresses are provided. Overall, the site is functional and community-focused but would benefit from modernization and enhanced security and privacy practices.

B

British Tourist Authority

visitbritain.org

63

VisitBritain.org is the official national tourism agency website for Britain, operated by the British Tourist Authority. It serves as a comprehensive resource for tourists, travel trade professionals, business event planners, and media, offering information on travel, accommodation, destinations, business support, research, and news. The site is well-positioned as an authoritative government entity promoting tourism in the UK. Technically, the website is built on Drupal 10, employs modern JavaScript libraries, and integrates Google Tag Manager and OneTrust for analytics and consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security-wise, the site enforces HTTPS, uses standard security headers, and manages cookie consent effectively, though explicit security policies and vulnerability disclosure mechanisms are not publicly visible. Overall, the domain appears legitimate despite incomplete WHOIS data, likely due to privacy protection. The website presents a professional, trustworthy, and user-friendly experience aligned with its government agency status.

V

Valgeranna Seikluspark

valgerannaseikluspark.ee

44

Valgeranna Seikluspark is an Estonian adventure park offering active outdoor recreational activities primarily targeting families, children, and groups near Pärnu. The website presents a professional and consistent brand image with clear descriptions of services such as adventure trails, group bookings, and special events. Technically, the site is built on WordPress with Elementor and Yoast SEO, integrating Google Analytics and Tag Manager for tracking. Cookie consent is implemented with detailed user controls, reflecting a basic level of privacy compliance. Security posture is solid with HTTPS and no visible vulnerabilities, though formal security and incident response policies are absent. Overall, the site is functional, trustworthy, and well-positioned regionally, but could improve transparency by publishing privacy and terms policies and enhancing contact information visibility.

A

Adrenaator Grupp

adrenaator.ee

40

Adrenaator Grupp operates the website adrenaator.ee, providing adventure and outdoor experiences such as canoe trips, hiking, and team events primarily in the Aidu quarry area in Estonia. The company targets families, friends, and corporate groups seeking unique adventure activities. The business is positioned as a niche local provider with a focus on experiential tourism and event hosting. The website is built on WordPress with modern SEO and GDPR compliance plugins, indicating a moderate level of digital maturity. Technical infrastructure includes Google Analytics and Tag Manager for tracking, and the site is hosted by Zone Media OÜ, a known Estonian registrar and hosting provider. Security posture is adequate with HTTPS enabled and cookie consent implemented, though some security headers are missing and no explicit security or incident response policies are published. Overall, the site is professional and trustworthy with room for improvement in security and contact transparency.

A

Avis Budget UK Limited

budget.co.uk

71

Budget.co.uk represents the UK branch of Avis Budget UK Limited, a major player in the global car rental industry. The website offers a comprehensive car rental booking platform with a wide range of services including additional drivers, one-way hires, roadside assistance, and long-term rentals. The company operates across 165 countries with over 11,000 locations, positioning itself as a large and reputable transportation service provider. The site targets consumers and businesses seeking affordable and convenient car rental solutions in the UK and internationally. From a technical perspective, the website employs modern JavaScript libraries such as Handlebars.js and Globalize.js, integrates Google Tag Manager and Tealium for analytics and marketing, and uses Bing Maps API for location services. The site is mobile-optimized with good navigation and content quality, although accessibility features could be enhanced. Performance is moderate with room for improvement in loading speed and technical SEO. Security posture is solid with HTTPS enforced, cookie consent mechanisms, and input validation on forms. However, explicit security headers are not detected, and no public security or incident response policies are found on the site. The WHOIS lookup failed due to domain registration rules, but the website content and branding strongly indicate legitimacy. No WAF or blocking mechanisms were detected, and the site is fully accessible. Overall, Budget.co.uk is a professional, trustworthy, and functional car rental website with strong business credibility and good privacy compliance. Strategic improvements in security headers, accessibility, and public security policies would further enhance its security posture and user trust.

B

Budget Truck Rental

budgettruck.ca

68

Budget Truck Rental Canada operates a professional and well-structured website offering moving truck rentals and related services primarily targeting Canadian customers. The site is built on a modern technology stack including AngularJS and Adobe Experience Manager, integrating multiple analytics and marketing tools to optimize user engagement and business insights. The business is positioned as a large transportation service provider with a strong brand presence in Canada. Security posture is moderate with HTTPS usage and secure analytics scripts, but lacks visible security headers and explicit privacy or incident response policies. WHOIS data is unavailable, likely due to privacy protection, which limits domain trust verification but is common for commercial entities. Overall, the website is functional, professional, and trustworthy with room for improvement in privacy compliance and security transparency.

T

The Hertz Corporation

hertz.ie

70

The website www.hertz.ie is the Irish regional portal for The Hertz Corporation, a globally recognized car rental company. It offers car and van rental services across Ireland with a focus on quality and convenience, including electric vehicle options. The site supports multiple languages and internationalization, reflecting a mature digital presence. Technically, the site employs modern JavaScript frameworks, asynchronous script loading, and integrates Google services such as Tag Manager and Analytics, alongside Stripe for payments and reCAPTCHA for bot protection. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers and incident response information are not evident. Privacy compliance is well addressed with a comprehensive privacy policy and GDPR-aligned cookie consent. Business credibility is supported by consistent branding and professional content, though direct contact details are not prominently displayed on the analyzed page. Overall, the site is professionally designed, functional, and secure, suitable for enterprise-level operations in the transportation sector.

T

The Hertz Corporation

dollar.co.uk

64

Dollar Car Rental UK, operated under The Hertz Corporation, provides car hire and rental services across Europe with over 400 locations. The website offers a user-friendly booking platform, special offers, and comprehensive customer support. The brand is well-established since 1965 and targets travelers seeking budget-friendly and flexible car rental options. Technically, the site uses modern web technologies including jQuery, Bootstrap, and Google Tag Manager, with good mobile optimization and SEO practices. Security posture is strong with HTTPS, CSRF tokens, and cookie consent mechanisms, though some security headers could be improved. The WHOIS data for the domain 'www.dollar.co.uk' is unavailable or invalid, but the website content and branding strongly indicate legitimacy as part of the Hertz group. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

T

The Hertz Corporation

thrifty.lu

67

Thrifty Car Rental, a brand under The Hertz Corporation, operates a comprehensive car rental service across Europe with over 400 locations. The website offers a user-friendly booking platform, extensive fleet options including electric vehicles, and promotional offers targeting cost-conscious travelers. The company leverages its strong brand recognition and parent company backing to maintain a competitive market position. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Google Tag Manager, ensuring a responsive and functional user experience. Privacy and cookie consent mechanisms are well implemented, reflecting compliance with GDPR and related regulations. Security posture is solid with HTTPS enforcement and CSRF protections, though some security headers and explicit vulnerability disclosures are absent. Overall, the site presents a professional and trustworthy digital presence aligned with an established transportation business.

T

The Hertz Corporation

thrifty.be

67

Thrifty Belgium is a car rental service website operated under The Hertz Corporation, a well-established global transportation company founded in 1958. The website offers a comprehensive range of rental vehicles targeting cost-conscious travelers and business clients in Belgium and Europe. The business model focuses on providing flexible, affordable car rental options with a strong online booking platform and physical locations across Europe. The site is well-branded, consistent, and provides clear service offerings with multiple language and location options. Technically, the website uses modern web technologies including Bootstrap 5, jQuery, and Google Tag Manager, with a cookie consent mechanism powered by Securiti.ai. The site is mobile-optimized and SEO-friendly, though some accessibility features could be enhanced. Performance is moderate with a good user experience and clear navigation. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and a published security.txt file. The WHOIS data is restricted due to DNS Belgium policies, limiting domain registration transparency, which slightly impacts trust. However, the overall digital maturity and security practices align with industry standards for a large transportation company. Overall, the website presents a trustworthy and professional front for Thrifty Car Rental in Belgium, with recommendations to improve security headers, publish vulnerability disclosure information, and enhance accessibility to further strengthen its security and compliance posture.

T

The Hertz Corporation

thrifty.nl

64

Thrifty.nl is the Dutch localized website of Thrifty Car Rental, a well-established car rental brand operating under The Hertz Corporation. The company offers affordable and flexible car rental services across the Netherlands and Europe, targeting cost-conscious travelers and business clients. The website provides a comprehensive booking platform, detailed fleet information, and localized content in Dutch, supported by a strong brand presence and social media engagement. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Google Tag Manager, with good mobile optimization and SEO practices. Security posture is solid with HTTPS, cookie consent mechanisms, and CSRF protections, though some security headers could be improved. Privacy compliance is robust with clear privacy and cookie policies, and incident response information is publicly available. Overall, the site reflects a mature digital presence aligned with a large transportation company.

T

The Hertz Corporation

thrifty.it

66

Thrifty, operated by The Hertz Corporation, is a well-established car rental service provider founded in 1958, targeting cost-conscious travelers primarily in Italy and Europe. The website offers a comprehensive range of rental vehicles including electric and hybrid options, supported by a network of over 1000 locations. The digital platform is modern, mobile-optimized, and integrates advanced tracking and consent management tools, reflecting a mature technical infrastructure. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and CSRF protections, though some security headers could be enhanced. Privacy compliance is robust with clear policies and GDPR adherence. Overall, the site projects a professional and trustworthy image aligned with its parent company's reputation.

T

The Hertz Corporation

thrifty.de

64

Thrifty.de is the German localized website of Thrifty Car Rental, a well-established car rental brand founded in 1958 and a subsidiary of The Hertz Corporation. The website offers comprehensive car rental services across Germany and Europe, targeting price-conscious business and leisure travelers. It provides a user-friendly booking interface, detailed fleet information, and multiple language and country options, reflecting a mature digital presence. The technical infrastructure leverages modern frontend technologies such as Bootstrap, jQuery, and slick-carousel, combined with a robust cookie consent mechanism powered by securiti.ai and Google Tag Manager for analytics and marketing. Security posture is strong with HTTPS enforcement and CSRF protections, though explicit security headers and a dedicated security policy page are absent. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR adherence. The domain registration aligns with the brand's legitimacy and history, reinforcing trust. Overall, the website demonstrates a professional, secure, and user-centric platform suitable for an enterprise-level transportation service provider.

T

The Hertz Corporation

hertz.es

71

The website www.hertz.es is the official Spanish portal for The Hertz Corporation, a globally recognized car and van rental company. It offers online reservation services tailored to the Spanish market and integrates with a broad international network of Hertz websites. The site targets consumers and businesses seeking vehicle rentals in Spain and worldwide, providing a professional and localized user experience. The business model centers on vehicle rental services supported by a loyalty program and business rental solutions. Technically, the site employs modern JavaScript frameworks, Google analytics and tag management, and security tools such as reCAPTCHA Enterprise, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, with a comprehensive privacy policy and GDPR-aligned cookie consent. However, WHOIS data is restricted due to .es registry policies, limiting public domain registration transparency. Overall, the site is professional, secure, and trustworthy, suitable for enterprise-level operations.

T

The Hertz Corporation

thrifty.es

67

Thrifty.es is the Spanish localized website for Thrifty Car Rental, a well-established car rental brand operating under The Hertz Corporation. The website offers comprehensive car rental services across Spain and Europe, targeting travelers seeking affordable and flexible vehicle rentals. The site is professionally designed with a clear focus on user experience, featuring booking forms, promotional offers, and multilingual support. Technically, the website employs modern web technologies including jQuery, Bootstrap 5, and Google Tag Manager, ensuring a responsive and functional user interface. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR requirements, although some security headers could be improved. The WHOIS data is unavailable due to .es domain restrictions but the domain and branding strongly align with the parent company, indicating legitimacy. Overall, the site demonstrates a mature digital presence with good privacy and security practices, suitable for its large-scale commercial operations.

T

Thrifty Car Rental

thrifty.ie

69

Thrifty Car Rental operates a professional and user-friendly website focused on providing car rental services primarily in Ireland with global reach. The company offers a broad range of vehicles and emphasizes competitive pricing and convenience. The website integrates modern technologies such as jQuery, Bootstrap, and Google Tag Manager, supporting a responsive and accessible user experience. Privacy and cookie policies are clearly presented with a consent mechanism, reflecting compliance with GDPR standards. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy. Security practices are generally sound with HTTPS and CSRF protections, though additional security headers could enhance the posture. Overall, the site represents a credible and established business in the transportation sector with room for technical and security improvements.

T

The Hertz Corporation

thrifty.fr

70

Thrifty.fr is the French localized website of Thrifty Car Rental, a brand under The Hertz Corporation, a major player in the global car rental industry. The website offers car rental services primarily in France and Europe, targeting both leisure and business travelers. It provides a comprehensive booking system, special offers, and a diverse fleet including electric vehicles. The site is well-branded, consistent with corporate identity, and includes multilingual support and regional targeting. Technically, the site uses modern frontend frameworks such as Bootstrap and jQuery, integrates Google Tag Manager and Visual Website Optimizer for analytics and marketing, and implements cookie consent mechanisms compliant with GDPR. Security posture is solid with HTTPS, CSRF tokens, and no visible vulnerabilities, though security headers could be improved. WHOIS data is unavailable, which slightly impacts trust but is mitigated by strong brand presence and content quality. Overall, the site is professional, user-friendly, and compliant with privacy regulations.

T

Thrifty Car Rental

thriftycanada.ca

74

Thrifty Car Rental operates as a major car rental service provider primarily targeting consumers in Canada and the United States. It is a subsidiary of The Hertz Corporation, a well-established brand founded in 1965. The website offers online car rental reservations, location finders, and promotional deals, positioning itself as a competitive player in the transportation sector. The brand maintains consistent and professional digital branding with a focus on user-friendly design and clear service offerings. Technically, the website leverages modern web technologies including React, Adobe Experience Manager CMS, and advanced analytics tools such as Dynatrace and Google Tag Manager. The site is mobile-optimized and incorporates cookie consent mechanisms aligned with GDPR requirements. Security posture is generally strong with HTTPS enforced and privacy policies clearly presented, though explicit security headers are not evident in the HTML content. The absence of WHOIS data for the domain introduces some uncertainty about domain registration legitimacy, but the overall trustworthiness is supported by consistent branding and external references. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and improving accessibility compliance to further strengthen the security and compliance posture.

B

Budget Car Rental Canada

budget.ca

67

Budget Car Rental Canada operates a comprehensive online platform for car rental services targeting Canadian consumers and businesses. The website offers reservation capabilities, promotional deals, loyalty programs, and additional services such as moving truck rentals. The company positions itself as a major player in the Canadian transportation rental market with strong branding and partner integrations. Technically, the site leverages modern web technologies including AngularJS, Adobe Experience Manager CMS, and integrates multiple analytics and marketing tools. Security posture is solid with HTTPS enforcement and bot protection via reCAPTCHA Enterprise, though some security headers are not explicitly detected. Privacy compliance is moderate due to lack of visible privacy and cookie policies in the provided content. WHOIS data is unavailable, likely due to privacy protection, but the site content and branding indicate legitimacy. Overall, the site is professional, user-friendly, and well-optimized for mobile users.

Maaturism.ee is the official website of MTÜ Eesti Maaturism, a non-profit organization dedicated to promoting rural tourism in Estonia. The website offers comprehensive information about accommodation, active holidays, food services, health tourism, family vacations, themed farms, museums, seminars, weddings, and cooperation networks. It also highlights various projects aimed at developing rural tourism products and services, targeting tourists interested in nature and cultural experiences in Estonia and the Baltic region. The organization has a strong local presence and a network of members, positioning itself as a key player in Estonia's rural tourism sector. Technically, the website employs a modern tech stack including jQuery, Leaflet.js for mapping, Google Tag Manager, and Google Analytics for tracking. It uses HTTPS with a hosting provider Elkdata OÜ, an Estonian registrar and hosting company, ensuring secure connections. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. From a security perspective, the site uses HTTPS and asynchronous script loading, but no explicit security headers were detected. There is no visible vulnerability disclosure or incident response contact information. The WHOIS data is transparent and consistent with the website's business and location, supporting legitimacy. Overall, the site demonstrates a moderate to good security posture but could improve compliance and security best practices. The overall risk assessment is moderate with recommendations to implement privacy and cookie policies, add security headers, and establish vulnerability disclosure mechanisms to enhance trust and compliance.

R

Romantiline Rannatee

rannatee.ee

38

Romantiline Rannatee is a well-established regional tourism promotion website focused on the Pärnumaa coastal area in Estonia. The site offers rich content including destination guides, events, accommodations, and virtual tours, targeting tourists interested in nature, culture, and leisure activities. The business operates primarily as a tourism marketing platform, leveraging partnerships with local organizations and maintaining a consistent brand presence. Technically, the website is built on WordPress using the Avada theme and Yoast SEO plugin, with Google Tag Manager integrated for analytics. The site demonstrates good design quality, mobile optimization, and SEO practices, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration is consistent and trustworthy, with no blocking or WAF detected, supporting a moderate to good trust level for visitors.

V

Visit Pärnu

visitparnu.com

51

Visit Pärnu operates a well-established regional tourism portal focused on the Pärnu area in Estonia, providing comprehensive information on accommodation, dining, events, transport, and general tourism guidance. The website targets tourists and visitors seeking detailed and localized travel information. The business is positioned as a key regional tourism information provider with a clear focus on hospitality and visitor services. Technically, the site is built on WordPress with Elementor and integrates modern plugins for search, analytics, and accessibility, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced, cookie consent implemented, and no critical vulnerabilities detected, though improvements in DNSSEC and security headers are recommended. Privacy compliance is robust with accessible privacy and cookie policies aligned with GDPR requirements. Overall, the site demonstrates a professional and trustworthy online presence with good user experience and content relevance.

V

Virupärane

laaneviru.ee

44

The website laaneviru.ee serves as an official regional portal for Lääne-Viru County in Estonia, focusing on tourism, living, and entrepreneurship. It provides comprehensive information about local attractions, events, accommodation, business support, and municipal resources. The site targets tourists, residents, and entrepreneurs interested in the region. The business model is informational and promotional, likely operated by a government or regional development entity. The domain is newly registered in 2024, consistent with the website's launch and content. Technically, the site is built on WordPress with modern performance and image optimization plugins. It uses Google Tag Manager and Facebook Pixel for analytics and marketing, with a cookie consent mechanism implemented via CookieYes. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search visibility. From a security perspective, HTTPS is enforced, and no critical vulnerabilities or exposed sensitive data were detected. However, security headers are not explicitly present, and no published security or incident response policies were found. Privacy compliance is basic, with no visible privacy policy or terms of service pages, which should be addressed to improve compliance and user trust. Overall, the website is professional and trustworthy, with a solid technical foundation and clear business purpose. Strategic recommendations include publishing privacy and security policies, enhancing security headers, and adding vulnerability disclosure information to strengthen security posture and compliance.

P

Põllumajanduse Registrite ja Informatsiooni Amet (PRIA)

pria.ee

55

PRIA (Põllumajanduse Registrite ja Informatsiooni Amet) is the official Estonian government agency responsible for managing agricultural subsidies, registers, and providing information services to farmers and rural entrepreneurs. The website serves as a comprehensive portal offering subsidy information, registers, news, and e-services such as the e-PRIA login portal. The site targets Estonian agricultural stakeholders and the general public interested in rural development. Technically, the website is built on Drupal 10, employs modern web technologies, and integrates analytics and business intelligence tools, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, uses cookie consent mechanisms compliant with GDPR, and shows no signs of exposed sensitive data or vulnerabilities. Overall, the website demonstrates a strong security posture and good privacy compliance, supporting its role as a trusted government resource.

@

@weboinc

webolution.ee

39

Webolution is a small Estonian web development company specializing in creating functional digital solutions and websites. With nearly 20 years of experience, they position themselves as a reliable partner for businesses seeking end-to-end digital services from concept to launch. Their portfolio showcases a variety of projects including websites and e-commerce platforms, indicating a focus on quality and client satisfaction. Technically, the website is built on WordPress with modern JavaScript libraries and integrates Google Analytics and Tag Manager for tracking. Security measures include HTTPS enforcement and use of Google reCAPTCHA, though the absence of security headers and explicit privacy policies suggests room for improvement. Overall, the site is professional and trustworthy but could enhance compliance and security transparency.

E

Eesti Korvpalliliit

basket.ee

43

Eesti Korvpalliliit is the official governing body for basketball in Estonia, managing national teams, leagues, coaching, refereeing, and basketball development programs. The organization holds a strong market position as the primary basketball authority in Estonia, supported by sponsorship from Swedbank. The website provides comprehensive content including news, events, galleries, and contact information, targeting basketball players, coaches, referees, and fans within Estonia. Technically, the site uses a custom CMS with jQuery, Owl Carousel, and Google Tag Manager, offering good mobile optimization and moderate performance. Security posture is solid with HTTPS and cookie consent mechanisms, though some improvements like updated libraries and security headers are recommended. Overall, the site is professional, trustworthy, and well-aligned with its business purpose.

V

Visit Jõgeva | Avasta Jõgevamaa

visitjogeva.com

47

Visit Jõgeva is a regional tourism website dedicated to promoting the Jõgevamaa region in Estonia. It provides comprehensive information on local events, attractions, accommodation, food, active holidays, and local products, targeting tourists and visitors interested in exploring this area. The website is multilingual, supporting Estonian, English, German, Finnish, and Latvian languages, enhancing accessibility for international visitors. The business model focuses on informational and promotional services to boost regional tourism.

H

Haridus- ja Teadusministeerium (EENet)

progetiiger.ee

61

ProgeTiigri.ee is an official educational platform managed by the Estonian Ministry of Education and Research, providing a curated collection of over 100 educational tools and materials focused on programming, robotics, 3D design, and multimedia for teachers and educators. The website serves as a resource hub to support teaching activities with filtering capabilities to find suitable materials. The platform targets primarily educators in Estonia and operates as a government-backed educational resource. Technically, the website employs modern web technologies including Vue.js, jQuery, and the Foundation CSS framework, with integration of Google Analytics and Google Tag Manager for user tracking and analytics. The site is mobile optimized and accessible, with a moderate performance profile. Hosting appears to be managed by a government or educational network provider, ensuring stable infrastructure. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, alongside a cookie consent mechanism compliant with GDPR principles. However, it lacks several security headers that could enhance protection against common web threats. No privacy policy or terms of service pages were found, which represents a compliance gap. No explicit contact information or incident response channels are provided, limiting user support and security communication. Overall, the website is trustworthy and professionally maintained, with strong legitimacy due to government ownership and consistent domain registration. The main risks relate to missing formal privacy and security documentation and absence of security headers. Strategic improvements in these areas would enhance compliance and security posture.

M

MTÜ Eesti Pagulasabi

pagulasabi.ee

49

Eesti Pagulasabi is a well-established Estonian non-profit humanitarian organization founded in 2011, dedicated to supporting refugees and displaced persons both in Estonia and internationally. The organization provides a broad range of services including humanitarian aid, social and economic wellbeing programs, mental health support, and integration assistance. Their website reflects a professional and consistent brand presence with comprehensive content and multiple language support, targeting refugees, donors, volunteers, and partners. The donation infrastructure is robust, offering multiple payment options and detailed forms to facilitate contributions. Technically, the website is built on Drupal 9, leveraging modern analytics and consent management tools, and is hosted by a reputable Estonian registrar and hosting provider. Security posture is good with HTTPS enforced and reCAPTCHA implemented, though some security headers could be improved. Privacy compliance is strong with clear cookie consent and privacy policy documentation. Overall, the website is trustworthy, accessible, and professionally maintained, supporting the organization's mission effectively.

T

Tallinn City Tourist Office & Convention Bureau

visittallinn.ee

69

Visit Tallinn is the official tourism portal managed by the Tallinn City Tourist Office & Convention Bureau, providing comprehensive information about the city's attractions, events, public transport, and dining options. The website targets tourists and visitors seeking practical and up-to-date travel information about Tallinn, Estonia. It holds a strong market position as the official city guide and tourism authority, supported by consistent branding and good content quality. Technically, the website employs modern web technologies including Vue.js and Bootstrap, with integrations for analytics and tracking such as Google Tag Manager, Microsoft Clarity, and Facebook Pixel. The site demonstrates good mobile optimization and moderate performance, reflecting a mature digital infrastructure. Hosting and domain registration are consistent and stable, managed by Spin TEK AS since 2014. From a security perspective, the website uses HTTPS with good SSL configuration and includes several security-related HTTP headers. However, it lacks visible privacy and cookie policies, consent mechanisms, and incident response contact information, which are critical for GDPR compliance and user trust. No significant vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and transparency measures to improve user trust and regulatory adherence.

B

Bureau Veritas Eesti

bureauveritas.ee

68

Bureau Veritas Eesti is a well-established branch of the global Bureau Veritas Group, specializing in certification, inspection, and sustainability services. The company offers a broad portfolio of services including ISO management system certifications, food safety, information security, and sustainability consulting, targeting businesses in Estonia. The website reflects a professional and consistent brand image with clear navigation and relevant content for its audience. Technically, the site is built on Drupal 10, uses modern consent management tools (Didomi), and integrates Google Analytics and Tag Manager for tracking. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security and incident response policies are not found. Privacy compliance is partially addressed via cookie consent but lacks a clearly accessible privacy policy page. Overall, the website demonstrates a mature digital presence with room for improvement in privacy transparency and incident response communication.

N

NOVOT Agentuur

novot.ee

56

NOVOT Agentuur is a well-established full-service marketing agency based in Estonia, founded in 2006. The company offers a broad range of marketing services including branding, website development, campaign management, social media, and media planning. Their website reflects a professional and consistent brand image, targeting businesses seeking comprehensive marketing solutions. The digital infrastructure is built on WordPress with modern plugins and tools such as Yoast SEO, Google Tag Manager, and CookieYes for privacy compliance. The site is mobile-optimized and demonstrates good SEO practices. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. WHOIS data confirms domain legitimacy and consistency with the business history. Overall, the website presents a trustworthy and professional digital presence.

E

Eesti Rahvusraamatukogu

digar.ee

40

DIGAR is a digital archive platform operated by the National Library of Estonia, providing access to a wide range of digitized cultural heritage materials including books, periodicals, images, and collections. The website targets researchers, students, historians, and the general public interested in Estonian history and culture. It serves as a national-level digital repository with a public service business model, offering structured search capabilities and curated collections. The platform is well-branded and consistent with its institutional identity. Technically, the website employs standard web technologies including JavaScript and integrates Google Analytics and Google Tag Manager for user tracking and analytics. The site is served over HTTPS with CSRF protection on forms, indicating a reasonable security baseline. However, it lacks advanced security headers and explicit privacy or cookie policies, which are important for compliance and user trust. Mobile optimization and accessibility are basic but functional, with room for improvement. From a security perspective, the site demonstrates good practices such as HTTPS and CSRF tokens but misses opportunities to enhance security posture through security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or blocking mechanisms were detected. The WHOIS data confirms the legitimacy and consistency of the domain registration, aligning with the website's governmental and cultural heritage role. Overall, DIGAR presents a trustworthy and professional digital archive service with good content quality and business credibility. To improve, it should implement comprehensive privacy and cookie policies, enhance security headers, and provide clear incident response and vulnerability disclosure information to strengthen user trust and compliance.

T

Teeviit

teeviit.ee

56

Teeviit is an Estonian youth information portal affiliated with the Haridus- ja Noorteamet (Education and Youth Board). It provides comprehensive content on education, career, health, relationships, and social topics targeted primarily at young people. The website serves as a central hub for youth-related resources, including news, podcasts, event calendars, and partner portals such as Teeviit Juunior and Infohunt. The platform is well-positioned in the Estonian education and government sector as a trusted information source for youth.

H

Hannomal OÜ

veebispetsid.com

50

Hannomal OÜ operates a professional web development and e-commerce service business based in Estonia, with a strong market presence since 2011. The company offers a comprehensive suite of services including website creation, e-shop development, graphic design, programming, and content writing, primarily leveraging the WordPress platform. Their website reflects a mature digital presence with good SEO and user experience design. Technically, the site uses modern web technologies and integrates Google Analytics and Tag Manager for marketing and analytics purposes. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though improvements such as enabling DNSSEC and adding security headers are recommended. Overall, the business demonstrates transparency and credibility with clear contact information and consistent branding.

E

Eduten Ltd.

eduten.com

65

Eduten Ltd. operates a leading digital math learning platform originating from Finland, combining Finnish educational excellence with gamification and AI technologies. The platform targets K-12 students, teachers, school leaders, and parents worldwide, offering a comprehensive content library and AI-driven learning analytics. It holds a strong market position supported by over 15 years of university research and international awards such as the UNESCO ICT for education prize and UNICEF special edtech award. Technically, the website employs modern JavaScript libraries and analytics tools, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though additional security headers and explicit security policies could enhance protection. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Overall, the website presents a professional, trustworthy, and user-friendly digital education platform.

S

Sillamäe Muuseum - SASIMU

sasimu.ee

43

Sillamäe Muuseum SASIMU is a recently established cultural institution in Estonia, focusing on the rich and complex history of Sillamäe through permanent exhibitions, educational programs, and innovative virtual reality experiences. The museum targets tourists, local visitors, and educational groups, offering a blend of historical insight and interactive technology to enhance visitor engagement. The website is built on WordPress and integrates common marketing and analytics tools, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy and cookie policies, indicating room for compliance improvement. Overall, the site presents a professional and trustworthy image aligned with its business goals.

E

Ettevõtlik kool

evkool.ee

44

Ettevõtlik Kool is a non-profit educational network in Estonia focused on promoting entrepreneurial learning and providing a quality mark for modern education. The website serves as a portal for schools and kindergartens to access training, tools, and certification processes. It targets educational institutions and professionals within Estonia, supporting over 221 schools and more than 41,000 students. The business model revolves around educational services and network collaboration rather than commercial sales. Technically, the website is built on WordPress with modern enhancements such as lazy loading, Google Tag Manager, and reCAPTCHA for security. The site is mobile-optimized and includes accessibility features, reflecting a mature digital presence. SEO and metadata are well implemented, supporting discoverability and user engagement. From a security perspective, the site enforces HTTPS, uses reCAPTCHA on forms, and avoids exposing sensitive data. However, it lacks explicit security policies and incident response contacts, which could be improved. Privacy and cookie policies are present and appear GDPR compliant, enhancing user trust. Overall, the website presents a trustworthy and professional image with good content quality and technical implementation. The domain registration data aligns with the business claims, supporting legitimacy. Strategic improvements in security policy transparency and additional compliance documentation would further strengthen the site's posture.

P

Peatus

peatus.ee

51

Peatus.ee is a digital journey planning user interface focused on public transportation in Estonia, leveraging the Digitransit platform. The website targets public transport users seeking route planning and transit information. Technically, it employs modern web technologies including React, JavaScript, and integrates analytics tools such as Matomo and Google Tag Manager. The site demonstrates good security practices with HTTPS and security headers, but lacks explicit privacy and cookie policies, as well as contact information, which impacts privacy compliance and user trust. Overall, the domain registration data aligns well with the website's purpose, indicating legitimacy. Strategic improvements in privacy disclosures and user contact options would enhance compliance and trust.

T

Tervisekassa

tervisekassa.ee

64

Tervisekassa is the official Estonian national health insurance portal, providing information and services related to state health insurance, medical benefits, and healthcare access. The website targets insured individuals, employers, healthcare providers, and partners within Estonia. It offers comprehensive content on insurance coverage, medical services, reimbursements, and public health initiatives. The site is well-positioned as a government-backed service with a clear mission to facilitate healthcare access and information dissemination. Technically, the website is built on Drupal CMS, leveraging modern analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and Siteimprove. It employs Cloudflare for DNS and CDN services, ensuring good performance and security. Accessibility and mobile optimization are well addressed, with features like contrast toggling and skip links. Security posture is strong with HTTPS, cookie consent mechanisms, and bot protection via Google reCAPTCHA. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust, with clear privacy and cookie policies and GDPR-aligned consent management. Contact information is transparent, including official email and phone numbers, and social media presence is active on major platforms. Overall, the website demonstrates a mature digital infrastructure suitable for a public healthcare service, balancing usability, security, and compliance effectively.

K

Keskkonnaagentuur

keskkonnaportaal.ee

53

Keskkonnaportaal.ee is an Estonian government environmental data portal managed by Keskkonnaagentuur. It consolidates key environmental datasets and information to provide quality and up-to-date data for environmental stakeholders and the public. The portal uses Drupal 10 CMS and integrates modern frontend libraries and Google Tag Manager for analytics. The website is well-structured, mobile-optimized, and provides clear navigation through extensive environmental themes and data sources. Security posture is solid with HTTPS enforced, but lacks advanced security headers and published security policies. Privacy compliance is partial with a cookie consent mechanism but no explicit privacy policy or terms of service found. Overall, the site is credible, professional, and trustworthy, serving as a key government resource for environmental information in Estonia.

A

Apotheka Beauty

apothekabeauty.ee

57

Apotheka Beauty is a prominent Estonian e-commerce retailer specializing in health and beauty products, particularly pharmacy-approved cosmetics. The website offers a broad selection of products from well-known brands and targets consumers interested in healthy beauty solutions in the Baltic region. The platform is built on Magento CMS and integrates modern technologies such as Google Tag Manager, Hotjar, and Google Translate, reflecting a mature digital infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, providing a positive user experience. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly available. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, making it a reliable platform for its target audience.