Security Directory

U

Unique Hotels Group

uhotelsgroup.com

0

Unique Hotels Group operates a small portfolio of lifestyle hotels in Estonia, focusing on boutique hospitality experiences with historical ambiance and modern amenities. Their services include hotel accommodations, dining, spa treatments, seminars, and gift cards, targeting tourists and business travelers. The website is professionally designed using WordPress with modern technologies and supports multiple languages. Privacy and cookie policies are implemented, and contact information is clearly provided. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy, though the website content and business information appear authentic. Security posture is generally good with HTTPS enforced, but security headers are missing, and no incident response or vulnerability disclosure information is provided. Overall, the website is functional, trustworthy, and well-positioned in the hospitality market in Estonia.

A

AS Hekotek

hekotek.ee

0

AS Hekotek is a well-established Estonian manufacturing company specializing in equipment and technological solutions for sawmills, pellet plants, and wood and wood pellet boiler houses. With over 30 years of market presence, 155 employees, and a broad international footprint, the company serves industrial clients primarily in the woodworking and bioenergy sectors. Their product portfolio includes log sorting lines, conveyor systems, pellet plants, and aspiration systems, positioning them as a key player in their niche. The website reflects a professional and consistent brand image with comprehensive business information and multilingual support. Technically, the website is built on WordPress using the Avada theme and Fusion Builder, enhanced with modern plugins such as Rank Math SEO and CookieYes for privacy compliance. The site leverages Cloudflare for DNS and CDN services, ensuring good performance and security. Mobile optimization and SEO practices are well implemented, though accessibility features are basic. Analytics and tracking are managed via Google Analytics and Tag Manager, with a cookie consent mechanism in place. From a security perspective, the site enforces HTTPS and employs cookie consent but lacks explicit security headers like CSP or X-Frame-Options. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the business claims, showing a domain registered since 2010 under ALMIC OÜ, matching the Estonian business location. No WAF or blocking mechanisms interfere with content accessibility. Overall, AS Hekotek's digital presence is solid, reflecting a mature business with good technical infrastructure and privacy compliance. Security posture is adequate but could be improved with additional headers and policies. The site effectively supports business credibility and user trust.

Levercode.com is a domain registered since 2018 and currently displays a permanent closure notice with no active business content or services. The website provides only a single contact email address that does not match the domain, indicating minimal operational presence. The technical infrastructure is minimal, with Cloudflare DNS used for hosting, but no CMS, analytics, or advertising technologies detected. The site lacks privacy, cookie, or terms of service policies, and no security headers or HTTPS status information is available from the provided data. Overall, the website is inactive and does not present a professional or trustworthy online presence.

G

GT Tarkvara

soft.ee

0

GT Tarkvara is a well-established Estonian technology company specializing in software and cloud solutions, with over 25 years of market presence. The company positions itself as the largest software and related services provider in Estonia, targeting businesses and educational institutions. Their offerings include cloud solutions, software licensing, consulting, implementation, and ongoing support. The website reflects a professional and consistent brand image with clear service descriptions and contact information. Technically, the website is built on WordPress with a modern tech stack including Gravity Forms, Google Analytics, Google Tag Manager, and LinkedIn Insight Tag. Hosting is managed via Azure DNS, indicating a reliable infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search visibility. From a security perspective, the site uses HTTPS with good SSL configuration and employs reCAPTCHA v3 to protect forms. However, explicit security headers and published security policies are absent, and no incident response or vulnerability disclosure information is provided. Privacy compliance is partially addressed with a privacy and cookie policy present, but no active consent mechanism is implemented. Overall, GT Tarkvara's website demonstrates a strong business credibility and technical foundation with room for improvement in security policy transparency and privacy compliance mechanisms.

emu.ee is a domain registered and managed by the Estonian Ministry of Education and Research (Haridus- ja Teadusministeerium) through EENet, indicating its role as a governmental or educational resource in Estonia. The website is currently inaccessible due to a Cloudflare Turnstile captcha challenge, which blocks direct content access and prevents detailed content analysis. The domain is well-established since 2010, consistent with a stable government entity. The technical infrastructure leverages Cloudflare services for security and performance, but the visible content is limited to a security verification page without business or contact information. Privacy and cookie policies are not present on the accessible page, and no forms or data collection mechanisms are visible. Overall, the site demonstrates a moderate security posture through Cloudflare's WAF but lacks transparency in privacy compliance and user engagement due to the blocking mechanism.

Metus Laenud is a small Estonian finance-focused informational website providing content about various loan types including quick loans, small loans, and general loans. The site targets Estonian-speaking individuals seeking financial solutions and loan information. The business model is content-driven, relying on informational articles rather than direct financial services. The website is built on WordPress, utilizing common plugins such as Contact Form 7 and Rank Math SEO, hosted behind Cloudflare DNS services. The technical infrastructure is modern and moderately performant with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks important security headers and incident response information. Privacy compliance is poor due to absence of privacy and cookie policies. The domain registration data is suspicious due to a future creation date and lack of registrant details, which impacts overall trustworthiness. Strategic improvements in privacy compliance, security policies, and business transparency are recommended.

The website astangu.ee is currently inaccessible beyond a Cloudflare Turnstile security challenge page, which prevents access to any substantive content. The domain is registered since 2010 with an Estonian registrar, indicating a legitimate and established domain. However, no business information, contact details, or policies are available on the accessible page. The technical infrastructure relies on Cloudflare for security and performance, but no CMS or additional technologies are detected. The security posture is limited to Cloudflare's WAF and captcha challenge, with no further visible security headers or configurations. Due to the content being blocked, a full analysis of business, compliance, and security posture is not possible, resulting in a low overall AI score.

The website mkm.ee is currently inaccessible beyond a Cloudflare security challenge page that requires human verification via Turnstile captcha. Due to this, no actual business content, policies, or contact information is available for analysis. The domain is registered since 2010 with Zone Media OÜ, an Estonian registrar, indicating a legitimate and stable domain ownership. The technical infrastructure relies on Cloudflare services for security and performance. However, the lack of accessible content and policies limits the ability to assess the business model, security posture, and compliance status. The site appears to be protected by a robust WAF, but this also restricts external analysis.

The Archimedes Foundation website serves as a minimal informational page indicating that as of January 1, 2021, its activities were transferred to the Estonian Education and Youth Board and the Erasmus+ and European Solidarity Corps Agency. The foundation historically managed European educational and youth programs such as Erasmus+. The website content is very limited, with no privacy, cookie, or terms of service policies, and no contact information provided. Technically, the site uses basic HTML and CSS with Google Fonts, hosted under an Estonian registrar. No advanced security headers or analytics tools are detected, and the site lacks modern SEO and accessibility features. Security posture is minimal but no critical vulnerabilities are evident. Overall, the site appears to be a legacy informational page rather than an active service platform.

S

Softrend

softrend.ee

0

Softrend is an established Estonian furniture company specializing in sofas, beds, and home accessories, with a strong emphasis on sustainability and quality craftsmanship. The company operates a professional e-commerce website built on WordPress, featuring modern technologies such as Google Tag Manager, reCAPTCHA, and performance optimizations via WP Rocket. The website is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. However, it lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security posture is strong with HTTPS and bot protection, but could be improved with additional security headers and a vulnerability disclosure policy. Overall, the domain registration data supports the legitimacy of the business, and the website reflects a credible and professional retail operation.

H

Heateo Sihtasutus

heategu.ee

0

Heateo Sihtasutus operates as a non-profit organization in Estonia, focusing on promoting social change and charitable activities. The website serves as a platform to engage the Estonian community in good deeds and social initiatives. The organization has an established presence since 2010, supported by a professionally designed website built on WordPress and hosted by a reputable Estonian provider. The technical infrastructure is modern and secure, with HTTPS and security headers properly configured. However, the site lacks visible privacy and cookie policies, which impacts its compliance posture. No explicit contact information or incident response details are provided, limiting direct communication channels. Overall, the website demonstrates a solid business credibility and technical foundation but requires improvements in privacy compliance and transparency to enhance trust and regulatory adherence.

The website bytetrain.com currently serves as a login portal for konsoleH, a server and account administration interface likely associated with the Hetzner hosting provider. The site provides minimal content focused on navigation to webmail and account administration services, with no direct business description or contact information visible. The domain is well-established, registered since 2012, and shows stable registration status, but the website itself lacks modern security and privacy features. Technically, the site uses basic HTML and CSS without any detected modern frameworks or CMS. It is hosted likely by Hetzner, as inferred from URLs and copyright notices. The site lacks HTTPS, DNSSEC, security headers, and any form of privacy or cookie policy, indicating a low level of digital maturity and security posture. No analytics or tracking technologies are present, and the site is not optimized for mobile or accessibility. From a security perspective, the absence of HTTPS is a critical issue, exposing users to potential interception risks. The lack of security headers and privacy policies further reduces trust and compliance with GDPR. No incident response or vulnerability disclosure information is provided. The WHOIS data is consistent and legitimate, but the website's security and privacy posture require significant improvement. Overall, the site scores low on content quality, technical implementation, security, privacy compliance, and business credibility. Strategic recommendations include immediate HTTPS enablement, publishing privacy and cookie policies, adding security headers, and improving content and contact transparency to enhance trust and compliance.

1

101domain GRS Limited

acino-pharma.com

0

The website acino-pharma.com is currently a parked domain managed by 101domain GRS Limited, a domain registrar and service provider established in 1999. The site does not host any active business content related to Acino Pharma but instead displays a placeholder page offering domain management and upsell services such as Google Workspace, web hosting, and corporate brand services. The target audience appears to be individuals or businesses interested in acquiring or managing domain names. The business model is that of a domain registrar and related service provider with a moderate market presence. Technically, the site uses standard HTML5, CSS3, and JavaScript technologies including jQuery and Modernizr. It is hosted on infrastructure associated with 101datacenter.net. The site is moderately optimized for mobile devices and has basic accessibility and SEO features. However, it lacks HTTPS, security headers, and advanced technical frameworks or CMS platforms. From a security perspective, the site has several weaknesses including the absence of HTTPS, no DNSSEC enabled, and no visible security policies or incident response contacts. The domain is locked against transfer but is not actively used for business purposes. No privacy or cookie policies are present, and no contact information is provided, limiting compliance with GDPR and other regulations. Overall, the security posture is weak, and the site is primarily a parked domain with minimal risk but also minimal trust signals. The overall risk assessment is low due to the lack of active business operations on the domain. Strategic recommendations include enabling HTTPS, adding privacy and cookie policies, implementing DNSSEC, and providing clear contact and security information to improve trust and compliance if the domain is to be used actively in the future.

I

ITT Group

ittgroup.ee

0

ITT Group is a small Estonian company specializing in education-related innovative mechatronic products, training, and e-solution development, primarily targeting educational institutions in Estonia, Scandinavia, and Europe. With over 20 years of experience, the company has evolved to include consulting and development services in autonomous systems, collaborating with European and US higher-education institutions. The website is built on Joomla CMS, featuring a consistent and professional design with moderate performance and good mobile optimization. However, it lacks critical compliance documentation such as privacy and cookie policies, and no contact information is provided, which impacts trust and compliance perception. Security posture is basic with HTTPS enabled but missing advanced security headers and incident response details. Overall, the site is functional and informative but requires improvements in compliance and security transparency to enhance trustworthiness and regulatory adherence.

The website www.esplan.ee is currently non-functional due to a fatal PHP error caused by an outdated WordPress plugin (wpml-string-translation). This prevents any content from being displayed, including business information, policies, or contact details. The domain is registered in Estonia with consistent WHOIS data, suggesting legitimacy, but the website itself lacks operational status and visible content. The technical infrastructure relies on WordPress CMS but suffers from plugin compatibility issues that must be addressed to restore functionality. Security posture is weak due to lack of visible security headers, unknown SSL status, and absence of privacy or cookie policies. Overall, the website presents a high risk due to inaccessibility and lack of compliance indicators.

A

AS Kevelt

kevelt.ee

0

AS Kevelt is an established Estonian pharmaceutical company specializing in the manufacturing, resale, and subcontracting of pharmaceuticals. The company emphasizes scientific approaches and strict quality controls to produce original and generic medicines, with ongoing research and innovation efforts to support long-term growth. The website targets healthcare industry stakeholders, partners, and investors, presenting a professional and consistent brand image with multilingual support in English, Russian, and Estonian. The business model focuses on pharmaceutical production and related services, positioning AS Kevelt as a reputable player in the Estonian healthcare sector. Technically, the website is built on WordPress CMS using a modern tech stack including Bootstrap, jQuery, Google Maps API, and several plugins such as Yoast SEO and Contact Form 7. The site is mobile-optimized with good SEO practices and moderate performance. Hosting and domain registration are managed by Zone Media OÜ, a legitimate Estonian registrar, with the domain active since 2010, aligning with the company's history. From a security perspective, the site enforces HTTPS and integrates Google reCAPTCHA v3 for form protection. However, it lacks several security headers and does not publish a security or incident response policy. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is partial, with no cookie consent mechanism or detailed privacy policy visible, which could be improved to meet GDPR standards fully. Overall, AS Kevelt's website demonstrates a solid business presence with good technical implementation and a moderate security posture. Strategic improvements in privacy compliance and security policy transparency would enhance trust and regulatory adherence, supporting the company's professional image and operational security.

Eolane France was an electronics manufacturing services company operating production sites in France and Morocco. The company has ceased operations and is undergoing judicial liquidation, with its activities acquired by the Cicor Group, a pan-European EMS provider. The website serves primarily as an informational notice about this transition and does not provide active business or customer engagement features. The technical infrastructure appears minimal, with no detected CMS, scripts, or advanced technologies. The site lacks privacy, cookie, and terms of service policies, and no contact information is provided, limiting user engagement and transparency. Security posture is basic with no DNSSEC and no visible security headers, though the domain registration is consistent and legitimate with a long history dating back to 2000. Overall, the website functions as a static notice rather than an active business platform.

D

DUX

dux.ee

0

DUX is a small, established UX and UI design studio based in Estonia, founded in 2014. They specialize in creating digital experiences including mobile and desktop applications, websites, e-commerce platforms, and SaaS products. Their portfolio showcases over 200 projects, targeting NGOs, startups, SMEs, and global/local leaders, positioning them as a reputable design partner in the technology sector. The website is professionally designed with excellent content quality and clear navigation, reflecting a mature digital presence. Technically, the site uses modern JavaScript libraries, Google Analytics, and Google Tag Manager, hosted by Elkdata OÜ, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and no exposed sensitive data, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

B

Bellcom Estonia

bellcom.ee

0

Bellcom Estonia is a small but established technology service provider specializing in custom website development, hosting, and technical support. Founded in 2013, the company serves businesses and organizations seeking agile and innovative digital solutions. Their market position is supported by a portfolio of case studies and client testimonials, emphasizing their expertise in Drupal and other web technologies. Technically, the website is built on Drupal 8 with modern frontend libraries such as Bootstrap and jQuery, and integrates Google Analytics with IP anonymization for user tracking. The site is mobile optimized and presents a professional user experience. Security posture is moderate; while HTTPS usage is assumed but not confirmed, no security headers or explicit security policies are published, representing an area for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is credible and trustworthy but would benefit from enhanced security and privacy disclosures.

E

East West Connection – Official Website

ewcmeetings.com

0

East West Connection's website is a WordPress-based site using the Astra theme and Divi builder compatibility, hosted via GoDaddy.com, LLC. The domain is mature, registered since 1998, indicating a long-standing presence. However, the website content is minimal, lacking critical business descriptions, contact information, and privacy or cookie policies. Technically, the site uses modern CMS technologies but lacks advanced security headers and comprehensive privacy compliance mechanisms. The security posture is basic with HTTPS enabled but missing other best practices. Overall, the site presents a low level of trustworthiness and professionalism due to missing policies and contact details, which could impact user confidence and regulatory compliance.

T

Tammiste Personalibüroo OÜ

tammistepersonal.ee

0

Tammiste Personalibüroo OÜ is an established Estonian recruitment and training company with over 25 years of experience. The company specializes in recruitment services, training programs, emotional intelligence assessments, coaching, and outplacement services. Their website reflects a professional and consistent brand image, targeting Estonian businesses and job seekers. The technical infrastructure is based on WordPress with Elementor, leveraging modern web technologies and tracking tools such as Google Tag Manager and Facebook Pixel. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though some security headers are missing. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service detected. Overall, the website is trustworthy and well-positioned in its market segment, though improvements in privacy and security documentation are recommended.

B

BCS Itera

itera.ee

0

BCS Itera is a medium-sized Estonian technology company specializing in consulting and implementing business software solutions including ERP, HRM, CRM, and BI systems. The company has a solid market position in the Baltic region, supported by partnerships and certifications such as the LS Retail Platinum Partner status. Their website reflects a professional and consistent brand image with good content quality and active client engagement. Technically, the site is built on WordPress with modern SEO and analytics tools, and it demonstrates good performance and mobile optimization. Security posture is strong with HTTPS and consent management in place, though explicit security headers and policies could be improved. Overall, the domain registration aligns well with the business claims, indicating legitimacy and trustworthiness.

F

Fontes PMP OÜ

fontes.ee

0

Fontes PMP OÜ is a well-established Estonian company specializing in talent management, recruitment, mentoring, and consulting services. With 35 years of experience, it holds a strong market position as a trusted partner for organizations seeking to develop and retain talent. The website reflects a professional and comprehensive digital presence, leveraging WordPress CMS and modern web technologies to deliver a fast, mobile-optimized, and accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms in place, though explicit security policies and incident response details are absent. Overall, the site demonstrates high business credibility and privacy compliance, supporting Fontes' reputation as a leading talent management consultancy in Estonia.

DF / DESIGN FACTORY is a small Estonian consulting and design firm established in 1992, specializing in innovation acceleration, brand and business model overhauls, and product and service design. The company targets corporate intrapreneurship teams and businesses seeking transformative growth. Their website is built on WordPress with modern plugins such as Elementor and Yoast SEO, reflecting a moderate level of digital maturity. The site is well-designed, mobile-optimized, and uses privacy-respecting analytics. Security posture is adequate with HTTPS enabled but lacks explicit security headers and formal privacy and cookie policies. No incident response or vulnerability disclosure information is provided, indicating room for improvement in security governance. Overall, the website is professional and trustworthy, with a domain registration consistent with the business profile.

B

Brightway.ro

brightway.ro

0

Brightway.ro is a Romanian company specializing in professional and personal development training, coaching, consulting, recruitment, and team building services. Established since 2004, it offers a broad portfolio of courses and programs aimed at individuals and organizations seeking to enhance leadership, sales, technical skills, and organizational culture. The company leverages expert trainers and innovative methodologies to deliver value and growth opportunities to its clients. The website reflects a mature digital presence with comprehensive content, client testimonials, and multiple service offerings.

The website technoland.jo currently presents an empty HTML structure with no visible content, metadata, or business information. This lack of content prevents any meaningful assessment of the company's business operations, market position, or services. The absence of contact details, privacy policies, or security information indicates the site is either under construction or inactive. Technically, the site lacks modern web technologies, SEO optimizations, and accessibility features, resulting in a poor digital maturity profile. Security posture is minimal with no HTTPS or security headers detected, exposing the site to potential risks. Overall, the site poses a high risk due to lack of transparency and security controls, and it is recommended to implement foundational web content, security policies, and compliance mechanisms before further analysis.

R

Responda Group

h1.se

0

Responda Group is a Swedish telecommunications service provider specializing in customer service and answering services, handling over 10 million customer contacts annually for more than 3,500 clients. The company consolidates several subsidiaries including Kalix Tele24, Personlig Svarsservice, Call4U, K2C, and H1 Communication, positioning itself as a significant player in the Nordic customer service market. The website is professionally designed using WordPress with Elementor and Astra theme, reflecting a modern digital infrastructure with good SEO and mobile optimization. Security posture is solid with HTTPS enabled and cookie consent managed via Usercentrics CMP, though DNSSEC is not enabled and no explicit security or incident response policies are published. Overall, the domain registration data is consistent and transparent, supporting the legitimacy of the business.

M

ML Staffing Inc

mlstaffinginc.com

0

ML Staffing Inc operates as a specialized staffing and recruitment firm focusing on engineering, IT, metals, food, and chemical manufacturing sectors. The company emphasizes providing qualified candidates and tailored hiring solutions leveraging over 50 years of combined recruiter experience. Their market position is that of a small, niche staffing provider with claims of strong client relationships and ethical hiring practices. Technically, the website is built on an outdated WordPress 4.9.3 platform with legacy JavaScript libraries such as jQuery 1.6.4, indicating a need for modernization. The site lacks HTTPS, exposing visitors to security risks and undermining trust. Security posture is weak due to missing SSL, outdated software, and absence of security headers. Privacy compliance is minimal with only a basic privacy policy linked and no cookie consent mechanisms. The absence of WHOIS registration data for the domain raises significant legitimacy concerns. Overall, the website presents basic business information but requires urgent technical and security improvements to enhance trust and compliance.

A

Advokaadibüroo Concordia

concordia.ee

0

Advokaadibüroo Concordia is an established Estonian law firm founded in 2010, providing legal services primarily in Estonia and across the European Union through its membership in the European Law Firm network. The firm targets clients requiring professional legal representation and consulting services with a cross-border reach within the EU. The website reflects a professional and consistent brand image with clear contact details and multilingual support (Estonian and English). Technically, the website employs a modern technology stack including Laravel Livewire, Alpine.js, jQuery, and integrates Google reCAPTCHA for bot protection. The site is hosted by Zone Media OÜ, a known Estonian hosting provider, and uses HTTPS with a valid SSL configuration. Performance and mobile optimization are good, though accessibility features are basic. SEO is implemented at a basic level with meta tags and Open Graph properties. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, CSRF token usage, and a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No security headers were detected in the provided data, which could be improved to enhance security posture. Overall, the website is trustworthy and professionally maintained with a strong domain registration history consistent with the business claims. Recommendations include enhancing security headers, publishing formal security and incident response policies, and adding a vulnerability disclosure page to improve transparency and security maturity.

The website ubiksolutions.eu is currently a parked domain with no active business content or services. It primarily serves as a domain for sale landing page, with advertising scripts and tracking mechanisms embedded. There is no evidence of an operational company or business model on the site. The technical infrastructure is basic, relying on standard HTML, CSS, and JavaScript with third-party ad networks such as Google Adsense and Youseasky. The site lacks modern security practices, including HTTPS enforcement and security headers, and does not provide privacy or cookie consent mechanisms. Overall, the security posture is weak, and the site does not comply with GDPR or other privacy regulations. The domain registration is consistent with a domain parking service provider, indicating no active business ownership. Strategic recommendations include implementing HTTPS, adding clear privacy and cookie policies with consent, providing legitimate business contact information, and improving site content and design to enhance trust and compliance.

The website regionaalhaigla.ee is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks direct access to the actual content. The domain is registered since 2010 with an Estonian registrar, consistent with the domain's regional healthcare focus. No business content, contact information, or compliance policies are visible in the provided HTML, limiting the ability to perform a full analysis. The technical infrastructure relies on Cloudflare services for security and performance, but the lack of accessible content prevents evaluation of the website's design, user experience, and compliance posture. Security headers and policies are not visible, and no forms or data collection mechanisms are present beyond the security challenge. Overall, the site appears legitimate based on WHOIS data but is currently inaccessible for detailed review.

L

Lumi Capital

lumicapital.eu

0

Lumi Capital is a Baltic real estate company specializing in the development and management of residential rental apartment buildings across Tallinn, Riga, and Vilnius. Managing a portfolio of approximately 2000 apartments, the company partners with institutional investors such as insurance companies and pension funds. Their business model focuses on long-term rental housing with an emphasis on sustainability, innovation, and digital services, positioning themselves as a preferred brand for urban renters valuing flexibility and community. Technically, the website is built on Joomla CMS with Bootstrap and jQuery frameworks, integrating Google Analytics for user tracking. The site is mobile-optimized and presents a professional design with clear navigation. While performance is moderate, the technical stack is modern and well-maintained. From a security perspective, the site enforces HTTPS and obfuscates email addresses to reduce spam. However, it lacks explicit security headers and published security policies or incident response contacts. Privacy compliance is partial, with a cookie consent banner present but no dedicated privacy or terms of service pages. The WHOIS data is unavailable due to EURid privacy restrictions, but the website content and business information appear legitimate and consistent. Overall, Lumi Capital's digital presence reflects a professional real estate business with good technical implementation and moderate security posture. Enhancements in privacy documentation, security headers, and incident response transparency would strengthen trust and compliance.

E

Eesti Rahva Muuseum

erm.ee

0

Eesti Rahva Muuseum (ERM) is a prominent national museum in Estonia dedicated to preserving and showcasing Estonian ethnography, culture, and history. Operated under the Estonian Ministry of Education and Research, ERM offers a wide range of exhibitions, educational programs, events, and visitor services including a restaurant and retail shop. The museum targets a broad audience including the general public, educators, researchers, and cultural enthusiasts, positioning itself as a leading cultural institution in Estonia. Technically, the website is built on Drupal CMS with modern web technologies such as jQuery, Bootstrap, and various JavaScript libraries for enhanced user experience. It integrates analytics and marketing tools like Google Analytics, Google Tag Manager, and Facebook Pixel, demonstrating a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS and employs Google reCAPTCHA on forms to prevent abuse. However, it lacks some security headers that could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is evident through a GDPR-compliant privacy policy, though a cookie consent mechanism is not clearly present. Overall, ERM's website reflects a professional, trustworthy, and well-maintained digital presence suitable for a government cultural institution. The domain registration aligns with the official entity, reinforcing legitimacy. Strategic improvements in security headers and cookie consent transparency could further strengthen the site's security and compliance posture.

R

Regionální agentura pro rozvoj střední Moravy

rarsm.cz

0

Regionální agentura pro rozvoj střední Moravy (RARSM) is a Czech non-profit association focused on supporting regional development in Central Moravia. Founded in 1996, it provides project preparation, grant application support, and administrative services primarily to municipalities and regional authorities. The agency manages a regional fund and participates in EU co-financed projects aimed at employment and administrative capacity building. The website is built on WordPress with a dated theme but contains relevant and structured content in Czech. Contact information and official documents are clearly presented, supporting business credibility. However, WHOIS data is missing, which impacts domain trustworthiness. Technically, the site uses standard WordPress technologies with jQuery and PDF embedding plugins. It enforces HTTPS but lacks modern security headers and cookie consent mechanisms, which are recommended for GDPR compliance. No analytics or tracking scripts were detected, indicating minimal user tracking. The website's design and mobile optimization are basic but functional, with good navigation clarity. Security posture is generally good due to HTTPS and absence of exposed sensitive data, but improvements are needed in security headers and privacy compliance. The absence of WHOIS data and security policies reduces overall trust. Strategic recommendations include implementing security headers, adding cookie consent, maintaining up-to-date software, and publishing incident response contacts to enhance security and compliance.

K

KROČKA & Partners s.r.o.

krockapartners.sk

0

KROČKA & Partners s.r.o. is a Slovak legal consultancy firm specializing in mediation, debt collection, labor law, and data protection services including GDPR compliance. Founded in 2016, the company serves both businesses and individuals in Slovakia, offering a range of legal and compliance-related services supported by a team of qualified legal and data protection experts. The website reflects a professional and consistent brand presence with clear service offerings and team member credentials. Technically, the website employs a stable but somewhat dated technology stack including Bootstrap 3 and jQuery 2.2.4, with good mobile optimization and SEO practices. The site is fully accessible without any WAF or blocking mechanisms, uses HTTPS with strong SSL configuration, and implements cookie consent via Consentmanager.net. However, some modern security headers are missing, and no explicit security policy or incident response contacts are provided. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. GDPR compliance is supported by comprehensive privacy and cookie policies available as downloadable PDFs. The absence of direct contact emails or phone numbers on the site is noted but social media channels are provided. Overall, the site scores well on business credibility and privacy compliance but could improve in security policy transparency and accessibility. Strategically, the company should focus on enhancing security headers, publishing incident response information, and improving accessibility features to strengthen trust and compliance posture. The technical stack could be modernized over time to improve performance and maintainability.

W

wissensstadt heilbronn

wissensstadt.hn

0

wissensstadt heilbronn is a German educational and community platform focused on fostering lifelong learning, research, and innovation in the Heilbronn region. The website serves as a hub for projects, events, and community engagement, targeting students, researchers, and local institutions. Technically, the site is built on WordPress with modern plugins such as Elementor and Yoast SEO, indicating a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The WHOIS data presents inconsistencies, showing a prohibited registration status despite the active website, which warrants caution. Overall, the site is professional and content-rich but lacks explicit privacy and terms of service pages, impacting privacy compliance scores.

Lifeworld is a Belgian real estate development business led by Serge Hannecart, with over three decades of experience in residential, commercial, and international real estate projects. The company also engages in creative ventures such as a unique gin and a rock musical, reflecting a diversified business model. The website presents a professional and visually rich experience, showcasing multiple related ventures and projects. Technically, the site uses concrete5 CMS and common JavaScript libraries, with good mobile optimization and moderate performance. Security posture is solid with HTTPS enabled and cookie consent implemented, though security headers are not explicitly detected. WHOIS data is restricted by the registry, limiting domain ownership transparency, which impacts trust assessment. Overall, the website is professional and credible but would benefit from enhanced security headers and clearer contact information.

O

OZ Na konci sveta

nakoncisveta.sk

0

OZ Na konci sveta is a Slovak non-profit organization dedicated to animal rescue and adoption. The website serves as a platform to showcase animals available for adoption, provide information on how to help, and facilitate donations or support through an e-commerce system powered by PrestaShop. The organization appears to be small and locally focused, with clear contact information and a consistent brand presence. The website content is relevant and well-structured for its audience of animal lovers and potential adopters. Technically, the website uses PrestaShop CMS with common web technologies such as jQuery and responsive design elements. Hosting is provided by a Slovak hosting provider (webhost.cnet.sk), and HTTPS is properly configured, ensuring secure communication. However, the site lacks several security headers and privacy compliance elements such as privacy and cookie policies, which are important for GDPR compliance and user trust. From a security perspective, the site shows a moderate posture with HTTPS enabled but missing security headers and no visible incident response or vulnerability disclosure information. No analytics or tracking scripts were detected, indicating minimal user tracking. The WHOIS data aligns well with the website's stated purpose and origin, supporting legitimacy. Overall, the website is functional and professional for a small non-profit but would benefit from enhanced privacy compliance, security hardening, and transparency to improve trust and regulatory adherence.

P

Patron dětí

patrondeti.cz

0

Patron dětí is a Czech non-profit organization established in 2017, dedicated to supporting children who have faced adversity. The website serves as a platform to share stories of these children and connect donors and volunteers willing to help. The organization positions itself as a trusted charity within the Czech Republic, leveraging modern web technologies such as Nuxt.js and Vue.js to provide a responsive and user-friendly experience. The site integrates standard analytics and marketing tools including Google Analytics, Facebook Pixel, and Hotjar, while maintaining GDPR compliance through cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response procedures are not publicly disclosed. Overall, the website demonstrates a good balance of professional design, technical implementation, and privacy compliance, supporting its mission effectively.

S

Svoboda zvířat

svobodazvirat.cz

0

Svoboda zvířat is a well-established Czech non-profit organization focused on animal rights and welfare advocacy. Founded in 2000, it operates primarily through public awareness campaigns, legislative advocacy, and volunteer engagement. The website reflects a mature digital presence with clear branding, good content quality, and active social media integration. Technically, the site is built on WordPress with modern plugins and libraries, delivering moderate performance and good mobile responsiveness. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and GDPR-aligned cookie consent. Overall, the organization presents a trustworthy and professional image with no critical security or compliance issues detected.

C

Creduo

creduo.cz

0

Creduo is a Czech Republic-based language education studio specializing in group and individual English courses primarily for children from preschool age to teenagers, as well as online Spanish courses for beginners and intermediate learners. The business emphasizes quality teaching, individual approach, and uses accredited methods such as Teddy Eddie. The website reflects a small but professional local education provider with a clear market niche and positive customer testimonials. Technically, the site is built on WordPress with Elementor and Yoast SEO, showing good digital maturity and SEO optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking explicit security policies or incident response information. Overall, the site is trustworthy and well-maintained, suitable for its target audience.