Security Directory

F

Fontes PMP OÜ

fontes.ee

0

Fontes PMP OÜ is a well-established Estonian company specializing in talent management, recruitment, mentoring, and consulting services. With 35 years of experience, it holds a strong market position as a trusted partner for organizations seeking to develop and retain talent. The website reflects a professional and comprehensive digital presence, leveraging WordPress CMS and modern web technologies to deliver a fast, mobile-optimized, and accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms in place, though explicit security policies and incident response details are absent. Overall, the site demonstrates high business credibility and privacy compliance, supporting Fontes' reputation as a leading talent management consultancy in Estonia.

DF / DESIGN FACTORY is a small Estonian consulting and design firm established in 1992, specializing in innovation acceleration, brand and business model overhauls, and product and service design. The company targets corporate intrapreneurship teams and businesses seeking transformative growth. Their website is built on WordPress with modern plugins such as Elementor and Yoast SEO, reflecting a moderate level of digital maturity. The site is well-designed, mobile-optimized, and uses privacy-respecting analytics. Security posture is adequate with HTTPS enabled but lacks explicit security headers and formal privacy and cookie policies. No incident response or vulnerability disclosure information is provided, indicating room for improvement in security governance. Overall, the website is professional and trustworthy, with a domain registration consistent with the business profile.

B

Brightway.ro

brightway.ro

0

Brightway.ro is a Romanian company specializing in professional and personal development training, coaching, consulting, recruitment, and team building services. Established since 2004, it offers a broad portfolio of courses and programs aimed at individuals and organizations seeking to enhance leadership, sales, technical skills, and organizational culture. The company leverages expert trainers and innovative methodologies to deliver value and growth opportunities to its clients. The website reflects a mature digital presence with comprehensive content, client testimonials, and multiple service offerings.

The website technoland.jo currently presents an empty HTML structure with no visible content, metadata, or business information. This lack of content prevents any meaningful assessment of the company's business operations, market position, or services. The absence of contact details, privacy policies, or security information indicates the site is either under construction or inactive. Technically, the site lacks modern web technologies, SEO optimizations, and accessibility features, resulting in a poor digital maturity profile. Security posture is minimal with no HTTPS or security headers detected, exposing the site to potential risks. Overall, the site poses a high risk due to lack of transparency and security controls, and it is recommended to implement foundational web content, security policies, and compliance mechanisms before further analysis.

R

Responda Group

h1.se

0

Responda Group is a Swedish telecommunications service provider specializing in customer service and answering services, handling over 10 million customer contacts annually for more than 3,500 clients. The company consolidates several subsidiaries including Kalix Tele24, Personlig Svarsservice, Call4U, K2C, and H1 Communication, positioning itself as a significant player in the Nordic customer service market. The website is professionally designed using WordPress with Elementor and Astra theme, reflecting a modern digital infrastructure with good SEO and mobile optimization. Security posture is solid with HTTPS enabled and cookie consent managed via Usercentrics CMP, though DNSSEC is not enabled and no explicit security or incident response policies are published. Overall, the domain registration data is consistent and transparent, supporting the legitimacy of the business.

M

ML Staffing Inc

mlstaffinginc.com

0

ML Staffing Inc operates as a specialized staffing and recruitment firm focusing on engineering, IT, metals, food, and chemical manufacturing sectors. The company emphasizes providing qualified candidates and tailored hiring solutions leveraging over 50 years of combined recruiter experience. Their market position is that of a small, niche staffing provider with claims of strong client relationships and ethical hiring practices. Technically, the website is built on an outdated WordPress 4.9.3 platform with legacy JavaScript libraries such as jQuery 1.6.4, indicating a need for modernization. The site lacks HTTPS, exposing visitors to security risks and undermining trust. Security posture is weak due to missing SSL, outdated software, and absence of security headers. Privacy compliance is minimal with only a basic privacy policy linked and no cookie consent mechanisms. The absence of WHOIS registration data for the domain raises significant legitimacy concerns. Overall, the website presents basic business information but requires urgent technical and security improvements to enhance trust and compliance.

A

Advokaadibüroo Concordia

concordia.ee

0

Advokaadibüroo Concordia is an established Estonian law firm founded in 2010, providing legal services primarily in Estonia and across the European Union through its membership in the European Law Firm network. The firm targets clients requiring professional legal representation and consulting services with a cross-border reach within the EU. The website reflects a professional and consistent brand image with clear contact details and multilingual support (Estonian and English). Technically, the website employs a modern technology stack including Laravel Livewire, Alpine.js, jQuery, and integrates Google reCAPTCHA for bot protection. The site is hosted by Zone Media OÜ, a known Estonian hosting provider, and uses HTTPS with a valid SSL configuration. Performance and mobile optimization are good, though accessibility features are basic. SEO is implemented at a basic level with meta tags and Open Graph properties. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, CSRF token usage, and a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No security headers were detected in the provided data, which could be improved to enhance security posture. Overall, the website is trustworthy and professionally maintained with a strong domain registration history consistent with the business claims. Recommendations include enhancing security headers, publishing formal security and incident response policies, and adding a vulnerability disclosure page to improve transparency and security maturity.

The website ubiksolutions.eu is currently a parked domain with no active business content or services. It primarily serves as a domain for sale landing page, with advertising scripts and tracking mechanisms embedded. There is no evidence of an operational company or business model on the site. The technical infrastructure is basic, relying on standard HTML, CSS, and JavaScript with third-party ad networks such as Google Adsense and Youseasky. The site lacks modern security practices, including HTTPS enforcement and security headers, and does not provide privacy or cookie consent mechanisms. Overall, the security posture is weak, and the site does not comply with GDPR or other privacy regulations. The domain registration is consistent with a domain parking service provider, indicating no active business ownership. Strategic recommendations include implementing HTTPS, adding clear privacy and cookie policies with consent, providing legitimate business contact information, and improving site content and design to enhance trust and compliance.

The website regionaalhaigla.ee is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks direct access to the actual content. The domain is registered since 2010 with an Estonian registrar, consistent with the domain's regional healthcare focus. No business content, contact information, or compliance policies are visible in the provided HTML, limiting the ability to perform a full analysis. The technical infrastructure relies on Cloudflare services for security and performance, but the lack of accessible content prevents evaluation of the website's design, user experience, and compliance posture. Security headers and policies are not visible, and no forms or data collection mechanisms are present beyond the security challenge. Overall, the site appears legitimate based on WHOIS data but is currently inaccessible for detailed review.

L

Lumi Capital

lumicapital.eu

0

Lumi Capital is a Baltic real estate company specializing in the development and management of residential rental apartment buildings across Tallinn, Riga, and Vilnius. Managing a portfolio of approximately 2000 apartments, the company partners with institutional investors such as insurance companies and pension funds. Their business model focuses on long-term rental housing with an emphasis on sustainability, innovation, and digital services, positioning themselves as a preferred brand for urban renters valuing flexibility and community. Technically, the website is built on Joomla CMS with Bootstrap and jQuery frameworks, integrating Google Analytics for user tracking. The site is mobile-optimized and presents a professional design with clear navigation. While performance is moderate, the technical stack is modern and well-maintained. From a security perspective, the site enforces HTTPS and obfuscates email addresses to reduce spam. However, it lacks explicit security headers and published security policies or incident response contacts. Privacy compliance is partial, with a cookie consent banner present but no dedicated privacy or terms of service pages. The WHOIS data is unavailable due to EURid privacy restrictions, but the website content and business information appear legitimate and consistent. Overall, Lumi Capital's digital presence reflects a professional real estate business with good technical implementation and moderate security posture. Enhancements in privacy documentation, security headers, and incident response transparency would strengthen trust and compliance.

E

Eesti Rahva Muuseum

erm.ee

0

Eesti Rahva Muuseum (ERM) is a prominent national museum in Estonia dedicated to preserving and showcasing Estonian ethnography, culture, and history. Operated under the Estonian Ministry of Education and Research, ERM offers a wide range of exhibitions, educational programs, events, and visitor services including a restaurant and retail shop. The museum targets a broad audience including the general public, educators, researchers, and cultural enthusiasts, positioning itself as a leading cultural institution in Estonia. Technically, the website is built on Drupal CMS with modern web technologies such as jQuery, Bootstrap, and various JavaScript libraries for enhanced user experience. It integrates analytics and marketing tools like Google Analytics, Google Tag Manager, and Facebook Pixel, demonstrating a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS and employs Google reCAPTCHA on forms to prevent abuse. However, it lacks some security headers that could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is evident through a GDPR-compliant privacy policy, though a cookie consent mechanism is not clearly present. Overall, ERM's website reflects a professional, trustworthy, and well-maintained digital presence suitable for a government cultural institution. The domain registration aligns with the official entity, reinforcing legitimacy. Strategic improvements in security headers and cookie consent transparency could further strengthen the site's security and compliance posture.

R

Regionální agentura pro rozvoj střední Moravy

rarsm.cz

0

Regionální agentura pro rozvoj střední Moravy (RARSM) is a Czech non-profit association focused on supporting regional development in Central Moravia. Founded in 1996, it provides project preparation, grant application support, and administrative services primarily to municipalities and regional authorities. The agency manages a regional fund and participates in EU co-financed projects aimed at employment and administrative capacity building. The website is built on WordPress with a dated theme but contains relevant and structured content in Czech. Contact information and official documents are clearly presented, supporting business credibility. However, WHOIS data is missing, which impacts domain trustworthiness. Technically, the site uses standard WordPress technologies with jQuery and PDF embedding plugins. It enforces HTTPS but lacks modern security headers and cookie consent mechanisms, which are recommended for GDPR compliance. No analytics or tracking scripts were detected, indicating minimal user tracking. The website's design and mobile optimization are basic but functional, with good navigation clarity. Security posture is generally good due to HTTPS and absence of exposed sensitive data, but improvements are needed in security headers and privacy compliance. The absence of WHOIS data and security policies reduces overall trust. Strategic recommendations include implementing security headers, adding cookie consent, maintaining up-to-date software, and publishing incident response contacts to enhance security and compliance.

K

KROČKA & Partners s.r.o.

krockapartners.sk

0

KROČKA & Partners s.r.o. is a Slovak legal consultancy firm specializing in mediation, debt collection, labor law, and data protection services including GDPR compliance. Founded in 2016, the company serves both businesses and individuals in Slovakia, offering a range of legal and compliance-related services supported by a team of qualified legal and data protection experts. The website reflects a professional and consistent brand presence with clear service offerings and team member credentials. Technically, the website employs a stable but somewhat dated technology stack including Bootstrap 3 and jQuery 2.2.4, with good mobile optimization and SEO practices. The site is fully accessible without any WAF or blocking mechanisms, uses HTTPS with strong SSL configuration, and implements cookie consent via Consentmanager.net. However, some modern security headers are missing, and no explicit security policy or incident response contacts are provided. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. GDPR compliance is supported by comprehensive privacy and cookie policies available as downloadable PDFs. The absence of direct contact emails or phone numbers on the site is noted but social media channels are provided. Overall, the site scores well on business credibility and privacy compliance but could improve in security policy transparency and accessibility. Strategically, the company should focus on enhancing security headers, publishing incident response information, and improving accessibility features to strengthen trust and compliance posture. The technical stack could be modernized over time to improve performance and maintainability.

W

wissensstadt heilbronn

wissensstadt.hn

0

wissensstadt heilbronn is a German educational and community platform focused on fostering lifelong learning, research, and innovation in the Heilbronn region. The website serves as a hub for projects, events, and community engagement, targeting students, researchers, and local institutions. Technically, the site is built on WordPress with modern plugins such as Elementor and Yoast SEO, indicating a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The WHOIS data presents inconsistencies, showing a prohibited registration status despite the active website, which warrants caution. Overall, the site is professional and content-rich but lacks explicit privacy and terms of service pages, impacting privacy compliance scores.

Lifeworld is a Belgian real estate development business led by Serge Hannecart, with over three decades of experience in residential, commercial, and international real estate projects. The company also engages in creative ventures such as a unique gin and a rock musical, reflecting a diversified business model. The website presents a professional and visually rich experience, showcasing multiple related ventures and projects. Technically, the site uses concrete5 CMS and common JavaScript libraries, with good mobile optimization and moderate performance. Security posture is solid with HTTPS enabled and cookie consent implemented, though security headers are not explicitly detected. WHOIS data is restricted by the registry, limiting domain ownership transparency, which impacts trust assessment. Overall, the website is professional and credible but would benefit from enhanced security headers and clearer contact information.

O

OZ Na konci sveta

nakoncisveta.sk

0

OZ Na konci sveta is a Slovak non-profit organization dedicated to animal rescue and adoption. The website serves as a platform to showcase animals available for adoption, provide information on how to help, and facilitate donations or support through an e-commerce system powered by PrestaShop. The organization appears to be small and locally focused, with clear contact information and a consistent brand presence. The website content is relevant and well-structured for its audience of animal lovers and potential adopters. Technically, the website uses PrestaShop CMS with common web technologies such as jQuery and responsive design elements. Hosting is provided by a Slovak hosting provider (webhost.cnet.sk), and HTTPS is properly configured, ensuring secure communication. However, the site lacks several security headers and privacy compliance elements such as privacy and cookie policies, which are important for GDPR compliance and user trust. From a security perspective, the site shows a moderate posture with HTTPS enabled but missing security headers and no visible incident response or vulnerability disclosure information. No analytics or tracking scripts were detected, indicating minimal user tracking. The WHOIS data aligns well with the website's stated purpose and origin, supporting legitimacy. Overall, the website is functional and professional for a small non-profit but would benefit from enhanced privacy compliance, security hardening, and transparency to improve trust and regulatory adherence.

P

Patron dětí

patrondeti.cz

0

Patron dětí is a Czech non-profit organization established in 2017, dedicated to supporting children who have faced adversity. The website serves as a platform to share stories of these children and connect donors and volunteers willing to help. The organization positions itself as a trusted charity within the Czech Republic, leveraging modern web technologies such as Nuxt.js and Vue.js to provide a responsive and user-friendly experience. The site integrates standard analytics and marketing tools including Google Analytics, Facebook Pixel, and Hotjar, while maintaining GDPR compliance through cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response procedures are not publicly disclosed. Overall, the website demonstrates a good balance of professional design, technical implementation, and privacy compliance, supporting its mission effectively.

S

Svoboda zvířat

svobodazvirat.cz

0

Svoboda zvířat is a well-established Czech non-profit organization focused on animal rights and welfare advocacy. Founded in 2000, it operates primarily through public awareness campaigns, legislative advocacy, and volunteer engagement. The website reflects a mature digital presence with clear branding, good content quality, and active social media integration. Technically, the site is built on WordPress with modern plugins and libraries, delivering moderate performance and good mobile responsiveness. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and GDPR-aligned cookie consent. Overall, the organization presents a trustworthy and professional image with no critical security or compliance issues detected.

C

Creduo

creduo.cz

0

Creduo is a Czech Republic-based language education studio specializing in group and individual English courses primarily for children from preschool age to teenagers, as well as online Spanish courses for beginners and intermediate learners. The business emphasizes quality teaching, individual approach, and uses accredited methods such as Teddy Eddie. The website reflects a small but professional local education provider with a clear market niche and positive customer testimonials. Technically, the site is built on WordPress with Elementor and Yoast SEO, showing good digital maturity and SEO optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking explicit security policies or incident response information. Overall, the site is trustworthy and well-maintained, suitable for its target audience.

The website 42firenze.it currently serves a security challenge page that blocks direct access to its main content, indicating the presence of a Web Application Firewall or similar security mechanism. The domain is registered since 2021 and is active without DNSSEC enabled. The visible page uses outdated CMS technologies such as Joomla 1.5 and WordPress 2.5, which are known to have multiple security vulnerabilities. No business or contact information, privacy, cookie, or terms of service policies are present on the accessible page, limiting the ability to assess the business or compliance posture. The site includes a security check powered by BitNinja, suggesting some level of security awareness but lacks modern security headers and best practices. Overall, the site’s digital maturity is low, with poor content quality and minimal SEO or accessibility features.

4

42 Luanda

42luanda.com

0

42 Luanda is a free programming education center based in Angola, part of a global network offering innovative peer-to-peer learning without traditional teachers. The website presents a clear business focus on empowering youth through gamified programming challenges and practical projects. Technically, the site uses modern frontend technologies and is hosted with Cloudflare DNS, ensuring good availability and performance. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced security headers and explicit privacy or cookie policies. Tracking technologies like Facebook Pixel and Google Tag Manager are used without visible consent mechanisms, indicating privacy compliance gaps. Overall, the site is professional and credible but would benefit from enhanced security and privacy transparency.

S

Stop Parkinson vzw

stopparkinson.be

0

Stop Parkinson vzw is a Belgian non-profit organization dedicated to raising awareness and funds for Parkinson's disease research. The website serves as a platform to inform the public, engage donors, and promote fundraising events such as Peloton Parkinson and Trappenloop. The organization targets individuals, companies, and communities interested in supporting Parkinson's research. Technically, the website is built on WordPress using the Divi theme, integrated with Gravity Forms for data collection, and employs modern analytics and tracking tools including Google Analytics and Facebook Pixel. The site is hosted by Combell nv, a reputable provider, and uses HTTPS to secure communications. Security posture is generally good with no visible vulnerabilities, but lacks explicit security headers and incident response information. Privacy compliance is weak due to absence of privacy and cookie policies, which should be addressed to meet GDPR requirements. Overall, the website is professional and trustworthy, with a solid business model focused on community engagement and fundraising.

We Educación Ejecutiva SAC. is a Peruvian-based education company specializing in executive education, offering a variety of programs including online courses, specializations, diplomados, memberships, and live events targeting professionals and executives in Latin America. The company positions itself as a leader in LATAM executive education with practical methodologies designed by industry leaders. The website is built on the Odoo CMS platform, leveraging modern web technologies such as Bootstrap 5, Swiper.js, and integrates payment SDKs like MercadoPago and Culqi, hosted on AWS infrastructure. The site demonstrates good design quality, mobile optimization, and clear navigation, supporting a positive user experience. Security posture is adequate with HTTPS enabled and domain registration protections, though it lacks DNSSEC and explicit security headers. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional and trustworthy, with room for improvement in privacy and security best practices.

O

Overalia

overalia.com

0

Overalia is a specialized digital marketing agency based in Spain, with a strong focus on online marketing strategies, web development, traffic acquisition, and analytics. The company positions itself as a Google Analytics Certified Partner and Google Partner, serving a diverse client base with over 1,200 projects completed. Their website demonstrates a professional and modern digital presence, utilizing contemporary web technologies and providing comprehensive content including case studies and detailed service descriptions. The technical infrastructure is solid, with HTTPS enforced and integration of security features like Google reCAPTCHA. Privacy and cookie policies are well implemented, reflecting good compliance with GDPR standards. However, the absence of WHOIS domain registration data introduces some uncertainty regarding domain legitimacy, although the website content and certifications strongly support the business's credibility.

The analyzed content corresponds to a Chrome internal error page (chrome-error://chromewebdata/) which is not a public website but an internal browser error or offline page. The page includes embedded JavaScript and CSS for the Chrome Dino game, which is a browser Easter egg displayed when there is no internet connectivity. There is no business-related content, no privacy or security policies, no contact information, and no external links. The technical infrastructure is limited to client-side JavaScript and HTML5 canvas game code. Security posture cannot be meaningfully assessed due to the nature of the content. Overall, this is not a public-facing website but a browser internal page, and thus no business credibility or compliance can be established.

W

WocaBee

wocademy.cz

0

WocaBee operates an educational platform focused on language learning and teacher support, exemplified by the WocaDemy conference targeting future and novice language teachers. The website serves as an event landing page providing detailed program information, speaker bios, partner affiliations, and a registration form. Technically, the site uses standard web technologies including jQuery and Animate.css, with a responsive design and moderate performance. However, it lacks key privacy and security disclosures such as privacy and cookie policies, security headers, and incident response contacts, which are critical for compliance and trust. The registration form collects personal data but does not show visible anti-bot protections. Overall, the site is functional and professional but would benefit from enhanced security and privacy measures to improve compliance and user trust.