Security Directory

L

AS Levira | Väljastus,võrguteenused, IT-teenused,striiming ja TV-tootmine, satelliit

levira.ee

52

The analyzed URL corresponds to a Chrome internal error page (chrome-error://chromewebdata/) rather than an actual website. This page is a standard offline or error page embedded within the Chrome browser, featuring the well-known Chrome dinosaur game. No real business or website content is accessible, and therefore no metadata, contact information, or policies are present. The technical infrastructure is limited to embedded JavaScript and CSS for the offline game, with no external hosting or CMS detected. Security posture is minimal, with no HTTPS or security headers applicable to this internal page. Overall, the site is inaccessible for meaningful analysis, and no business or compliance information can be derived.

A

AS Postimees Grupp

postimees.ee

59

Postimees is a leading Estonian news media company providing comprehensive news coverage from Estonia and abroad. The website serves a broad Estonian-speaking audience with diverse content including politics, economy, culture, sports, and regional news. It operates a subscription-based business model complemented by advertising revenue. The company maintains multiple regional and thematic subsidiaries, enhancing its market reach and content diversity. Technically, the website employs modern web technologies including advanced analytics, consent management, and subscription/paywall systems, ensuring a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance mechanisms, though explicit security policies and incident response contacts are not publicly detailed. Overall, the website demonstrates high professionalism, trustworthiness, and technical sophistication, positioning it well in the Estonian media landscape.

T

TERE AS

tere.eu

51

Tere dairy (TERE AS) is a medium-sized Estonian dairy product manufacturer and retailer offering a variety of dairy and plant-based products such as kefir drinks and puddings. The company targets consumers in Estonia and neighboring regions, providing products in multiple languages to cater to a diverse audience. The website is professionally designed with good content quality and clear navigation, supporting the company's market presence. Technically, the website is built on the Voog CMS platform, utilizing modern web technologies including HTML5, CSS3, JavaScript, Google Tag Manager, and Google Fonts. The site is mobile-optimized and performs moderately well, though accessibility and SEO optimizations could be improved. The presence of Google Tag Manager indicates moderate user tracking and analytics capabilities. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not provide visible privacy policies, terms of service, or incident response information, which are critical for compliance and trust. Cookie consent is implemented, but GDPR compliance indicators are minimal. WHOIS data is unavailable due to privacy restrictions, which is common but reduces transparency. Overall, the website demonstrates a solid business and technical foundation but requires improvements in privacy compliance, security headers, and transparency to enhance trust and regulatory adherence.

N

Neste

neste.ee

60

Neste Eesti AS operates as a leading energy company in Estonia, specializing in renewable fuels and sustainable energy solutions. The company is part of the larger Neste Oyj group, which has a strong market presence in the Baltic region and globally. Neste's website reflects a professional and modern digital presence, targeting both consumers and business clients interested in sustainable energy products. The site offers comprehensive information about products, services, and corporate responsibility initiatives, supporting Neste's market positioning as a sustainability leader. Technically, the website is built on Drupal CMS with integrations of modern JavaScript libraries and third-party marketing and analytics tools, including Piwik PRO and Google Tag Manager. The presence of a chatbot enhances customer engagement and support capabilities. Security-wise, the site enforces HTTPS with robust security headers and cookie consent mechanisms compliant with GDPR, although explicit security policies and incident response contacts are not publicly detailed. Overall, Neste's digital infrastructure and business information demonstrate a mature and trustworthy online presence with room for improvement in security transparency and accessibility.

U

United Partners Group OÜ

unitedpartners.ee

40

United Partners Group OÜ is an Estonian investment company specializing in providing growth capital to small and medium-sized enterprises in the Baltic region, with a focus on private equity and real estate sectors including commercial and residential properties. The company positions itself as a regional growth capital fund with a clear business model centered on investment and asset management. The website reflects a professional and consistent brand image, targeting investors and Baltic SMEs seeking capital for growth. Technically, the website is built on WordPress and employs modern web technologies such as lazy loading scripts and Google Fonts. The site is mobile optimized and performs moderately well, though accessibility features are basic. Hosting and domain registration are consistent with the company's Estonian location, and the domain age supports the legitimacy of the business. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance. There is no incident response or vulnerability disclosure information available, which could be improved to enhance trust and security posture. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency to reduce risk and improve user confidence.

AS Stallion Ltd. is an established Estonian cybersecurity company founded in 1994, specializing in network security solutions such as firewalls, VPNs, data protection, and malware prevention. With over 30 years of experience and offices in Tallinn and Riga, Stallion serves business clients requiring comprehensive IT security and network infrastructure solutions. The company partners with leading global cybersecurity vendors, reinforcing its market position as a trusted provider in the Baltic region. Technically, the website employs basic web technologies including HTML, CSS, and JavaScript, with Google Analytics for visitor tracking. However, the site lacks modern security implementations such as HTTPS enforcement and security headers, and does not provide privacy or cookie policies, which are critical for GDPR compliance. The site’s design and navigation are functional but could benefit from improved mobile optimization and accessibility. From a security perspective, the absence of HTTPS and security headers represents a significant risk, potentially exposing users to data interception and other attacks. The lack of privacy and cookie policies also indicates compliance gaps. No forms or input fields are present on the main page, reducing attack surface but also limiting user interaction. The company’s domain registration data aligns well with its business claims, supporting legitimacy. Overall, while Stallion demonstrates strong business credibility and domain trustworthiness, the website’s security posture and privacy compliance require urgent improvements to meet modern standards and regulatory requirements.

S

Smart MasterKey

blelocking.com

57

Smart MasterKey is a technology company specializing in cloud-based access control solutions that unify mobile smart keys with property systems. The company offers a SaaS platform with features such as digital access administration, multiple access types, integration with existing security infrastructure, and white-label options. Positioned as an innovator with TÜV SÜD certifications and industry awards, Smart MasterKey targets businesses and organizations across sectors including energy, real estate, hospitality, and critical infrastructure. The website demonstrates a high level of professionalism, clear navigation, and multilingual support, reflecting a mature digital presence for a company founded in 2024. Technically, the website is built on WordPress hosted on Amazon AWS infrastructure, utilizing modern JavaScript libraries and analytics tools such as Google Analytics and HubSpot. Performance and mobile optimization are good, with SEO best practices implemented. Security posture is solid with HTTPS enforced and no exposed sensitive data, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is addressed with clear privacy and cookie policies and consent mechanisms. Overall, the security posture is strong but could be enhanced by publishing explicit security policies and incident response contacts, enabling DNSSEC, and adding vulnerability disclosure mechanisms. The domain registration is consistent with the company's founding timeline and shows no suspicious patterns, supporting legitimacy. Strategic recommendations include improving DNS security, enhancing transparency around security policies, and continuing to build trust through certifications and clear contact channels.

1

1Partner

1partner.ee

54

1Partner is a well-established Estonian real estate company offering comprehensive property services including buying, selling, renting, and valuation. With over 20 years of market presence and more than 45,000 satisfied clients, it holds a strong position in the Estonian real estate sector. The website reflects a professional and consistent brand image, targeting both private and business clients. Technically, the site uses modern web technologies such as Bootstrap and Google Tag Manager, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are absent. Overall, the site is trustworthy and compliant with GDPR, but could improve transparency around security policies and vulnerability disclosures.

The website frens.ee currently serves only a 404 Page Not Found error page with no active business content or user engagement features. The domain is registered with Zone Media OÜ, an Estonian registrar, since 2010, indicating a legitimate and aged domain. However, the lack of content and absence of privacy, cookie, or terms of service policies suggest the site is inactive or a placeholder. Technically, the site uses basic HTML, CSS, and JavaScript with minimal security headers, notably a weak Content-Security-Policy allowing 'unsafe-inline' scripts, which reduces security effectiveness. No HTTPS status was explicitly provided, but the domain status is 'ok' and presumably supports HTTPS given the registrar and hosting provider. No analytics, tracking, or social media integrations are present, indicating minimal digital maturity. Security posture is weak due to missing standard headers and lack of secure forms or incident response information. Overall, the site scores low on content quality, privacy compliance, and business credibility, reflecting its inactive state.

K

Krabu

krabugrupp.ee

51

Krabu is an established Estonian IT services company specializing in software development, project management, UX/UI design, and AI solutions. The company serves a diverse clientele including public sector entities and private businesses, emphasizing innovation and quality, supported by ISO 9001 certification. Their website reflects a professional digital presence with clear service offerings and project references. Technically, the site uses WordPress CMS with modern plugins and SEO tools, delivering a good user experience and mobile optimization. Security posture is solid with HTTPS and reCAPTCHA integration, though it lacks some advanced security headers and explicit privacy and cookie policies. Overall, the company demonstrates strong business credibility and technical maturity, with room for improvement in privacy compliance and security transparency.

The website astangu.ee is currently inaccessible beyond a Cloudflare Turnstile security challenge page, which prevents access to any substantive content. The domain is registered since 2010 with an Estonian registrar, indicating a legitimate and established domain. However, no business information, contact details, or policies are available on the accessible page. The technical infrastructure relies on Cloudflare for security and performance, but no CMS or additional technologies are detected. The security posture is limited to Cloudflare's WAF and captcha challenge, with no further visible security headers or configurations. Due to the content being blocked, a full analysis of business, compliance, and security posture is not possible, resulting in a low overall AI score.

H

Heateo Sihtasutus

heategu.ee

42

Heateo Sihtasutus operates as a non-profit organization in Estonia, focusing on promoting social change and charitable activities. The website serves as a platform to engage the Estonian community in good deeds and social initiatives. The organization has an established presence since 2010, supported by a professionally designed website built on WordPress and hosted by a reputable Estonian provider. The technical infrastructure is modern and secure, with HTTPS and security headers properly configured. However, the site lacks visible privacy and cookie policies, which impacts its compliance posture. No explicit contact information or incident response details are provided, limiting direct communication channels. Overall, the website demonstrates a solid business credibility and technical foundation but requires improvements in privacy compliance and transparency to enhance trust and regulatory adherence.

1

101domain GRS Limited

acino-pharma.com

47

The website acino-pharma.com is currently a parked domain managed by 101domain GRS Limited, a domain registrar and service provider established in 1999. The site does not host any active business content related to Acino Pharma but instead displays a placeholder page offering domain management and upsell services such as Google Workspace, web hosting, and corporate brand services. The target audience appears to be individuals or businesses interested in acquiring or managing domain names. The business model is that of a domain registrar and related service provider with a moderate market presence. Technically, the site uses standard HTML5, CSS3, and JavaScript technologies including jQuery and Modernizr. It is hosted on infrastructure associated with 101datacenter.net. The site is moderately optimized for mobile devices and has basic accessibility and SEO features. However, it lacks HTTPS, security headers, and advanced technical frameworks or CMS platforms. From a security perspective, the site has several weaknesses including the absence of HTTPS, no DNSSEC enabled, and no visible security policies or incident response contacts. The domain is locked against transfer but is not actively used for business purposes. No privacy or cookie policies are present, and no contact information is provided, limiting compliance with GDPR and other regulations. Overall, the security posture is weak, and the site is primarily a parked domain with minimal risk but also minimal trust signals. The overall risk assessment is low due to the lack of active business operations on the domain. Strategic recommendations include enabling HTTPS, adding privacy and cookie policies, implementing DNSSEC, and providing clear contact and security information to improve trust and compliance if the domain is to be used actively in the future.

C

CYBERNETICA AS

cyber.ee

57

Cybernetica AS is a well-established Estonian technology company specializing in secure digital society technologies, including e-governance, cybersecurity, digital identity, and maritime surveillance. The company has a strong market position as the architect of e-Estonia and serves governments and enterprises globally. Their website reflects a mature digital presence with comprehensive content, clear navigation, and professional design. Technically, the site uses modern frameworks such as Nuxt.js and Vue.js, is mobile-optimized, and performs well. Security posture is strong with HTTPS enforced and privacy compliance evident through cookie consent and privacy policies. However, explicit security policies and vulnerability disclosure mechanisms are absent. Overall, Cybernetica demonstrates high business credibility and technical maturity, making it a trustworthy and professional entity in its sector.

D

DUX

dux.ee

43

DUX is a small, established UX and UI design studio based in Estonia, founded in 2014. They specialize in creating digital experiences including mobile and desktop applications, websites, e-commerce platforms, and SaaS products. Their portfolio showcases over 200 projects, targeting NGOs, startups, SMEs, and global/local leaders, positioning them as a reputable design partner in the technology sector. The website is professionally designed with excellent content quality and clear navigation, reflecting a mature digital presence. Technically, the site uses modern JavaScript libraries, Google Analytics, and Google Tag Manager, hosted by Elkdata OÜ, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and no exposed sensitive data, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

Sportlyzer LLC. operates a SaaS platform focused on player development and team management software tailored for youth and amateur sports clubs. The platform facilitates membership management, invoicing, attendance tracking, communication, and athlete homework assignments, serving coaches, managers, players, and parents globally. The company maintains a professional web presence with mobile apps on iOS and Android, and a consistent brand image emphasizing ease of use and comprehensive sports club management. The website content is well-structured, informative, and targets sports organizations seeking digital management solutions. Technically, the website employs modern JavaScript frameworks and integrates multiple marketing and analytics tools such as Google Tag Manager, Google Analytics, and Facebook Pixel. The site is mobile-optimized and uses HTTPS exclusively, ensuring secure data transmission. However, some security best practices like security headers and cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. From a security perspective, the site shows no signs of vulnerabilities or exposed sensitive data. The lack of WHOIS data transparency is a moderate concern but does not outweigh the professional presentation and trust signals on the site. Privacy and terms of service pages are present and comprehensive, indicating attention to compliance, though explicit cookie consent is absent. Overall, the security posture is good but could benefit from additional transparency and policy disclosures. Strategically, Sportlyzer is positioned as a specialized SaaS provider in the sports management niche with a solid user base and positive testimonials. The company should focus on improving security headers, cookie consent, and publishing incident response policies to strengthen trust and compliance. Enhancing WHOIS transparency or providing verified domain registration details would also improve legitimacy perception.

W

WHSmith PLC

whsmithcareers.co.uk

68

WHSmith PLC is a well-established global retailer with a rich history dating back to 1792. The company operates over 1,700 stores across more than 30 countries, encompassing a diverse portfolio of retail and online brands including WHSmith Travel, WHSmith High Street, funkypigeon.com, and cultpens.com. The careers website serves as a comprehensive portal for job seekers, highlighting the company's growth, culture, and opportunities across various business areas. Technically, the website employs modern web technologies such as Google Tag Manager, Vimeo for video content, and a chatbot powered by Chatter Communications, ensuring a user-friendly and interactive experience. The site is mobile-optimized, accessible, and SEO-friendly, with clear navigation and professional design. Security posture is strong with HTTPS enforced, secure forms, and cookie consent mechanisms, although there is room for improvement by adding explicit security policies and incident response contacts. Overall, the domain registration and WHOIS data align well with the company's legitimacy and long-standing market presence, supporting a high trustworthiness rating.

E

East West Connection – Official Website

ewcmeetings.com

48

East West Connection's website is a WordPress-based site using the Astra theme and Divi builder compatibility, hosted via GoDaddy.com, LLC. The domain is mature, registered since 1998, indicating a long-standing presence. However, the website content is minimal, lacking critical business descriptions, contact information, and privacy or cookie policies. Technically, the site uses modern CMS technologies but lacks advanced security headers and comprehensive privacy compliance mechanisms. The security posture is basic with HTTPS enabled but missing other best practices. Overall, the site presents a low level of trustworthiness and professionalism due to missing policies and contact details, which could impact user confidence and regulatory compliance.

T

Timbeter

timbeter.com

54

Timbeter is a forest technology company specializing in digital supply chain management solutions for the timber industry. Their offerings include AI-powered mobile applications and a cloud-based dashboard that enable accurate timber measurement, inventory management, and logistics planning. The company has established a strong global presence with clients in over 50 countries and has made over 2.1 million measurements, positioning itself as a leader in sustainable forestry technology. The website reflects a professional and consistent brand image with comprehensive content tailored to forestry professionals and government entities. Technically, the website is built using modern frameworks such as Astro and Bootstrap, ensuring fast performance and excellent mobile optimization. The use of cloud platforms and integration with third-party services like Calendly and Mailjet indicates a mature digital infrastructure. SEO and accessibility are well addressed, contributing to a positive user experience. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but lacks DNSSEC and explicit security headers. There is no visible cookie consent mechanism or published security policies, which are areas for improvement. No direct contact emails or phone numbers are provided, relying instead on an embedded contact form. Overall, the security posture is good but could be enhanced with additional best practices. The overall risk assessment is moderate to low, with no critical vulnerabilities detected. Strategic recommendations include enabling DNSSEC, implementing security headers, adding cookie consent, and publishing incident response and vulnerability disclosure information to strengthen trust and compliance.

O

Online store Bauhof

bauhof.ee

67

Bauhof is a large Estonian retail company specializing in construction, garden, tools, and interior finishing products. The company operates an e-commerce platform built on Vue Storefront 2, offering customers fast pickup and delivery options, flexible payment terms, and a customer-friendly return policy. The website demonstrates a good level of digital maturity with modern frameworks and a responsive design optimized for mobile users. Security posture is solid with HTTPS enforced and cookie consent managed via Cookiebot, though explicit security policies and incident response contacts are absent. Overall, the site is professional and trustworthy, with room for improvement in privacy compliance and security transparency.

The website ubiksolutions.eu is currently a parked domain with no active business content or services. It primarily serves as a domain for sale landing page, with advertising scripts and tracking mechanisms embedded. There is no evidence of an operational company or business model on the site. The technical infrastructure is basic, relying on standard HTML, CSS, and JavaScript with third-party ad networks such as Google Adsense and Youseasky. The site lacks modern security practices, including HTTPS enforcement and security headers, and does not provide privacy or cookie consent mechanisms. Overall, the security posture is weak, and the site does not comply with GDPR or other privacy regulations. The domain registration is consistent with a domain parking service provider, indicating no active business ownership. Strategic recommendations include implementing HTTPS, adding clear privacy and cookie policies with consent, providing legitimate business contact information, and improving site content and design to enhance trust and compliance.

The website regionaalhaigla.ee is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks direct access to the actual content. The domain is registered since 2010 with an Estonian registrar, consistent with the domain's regional healthcare focus. No business content, contact information, or compliance policies are visible in the provided HTML, limiting the ability to perform a full analysis. The technical infrastructure relies on Cloudflare services for security and performance, but the lack of accessible content prevents evaluation of the website's design, user experience, and compliance posture. Security headers and policies are not visible, and no forms or data collection mechanisms are present beyond the security challenge. Overall, the site appears legitimate based on WHOIS data but is currently inaccessible for detailed review.

G

GreatStudio

greatstudio.com.br

54

GreatStudio is a Brazilian technology company offering a SaaS platform tailored for photographers and photography studios. The platform provides tools for photo selection, online photo sales, album approval, and business management including financial and scheduling features. It serves over 18,000 photographers across 11 countries, positioning itself as a professional and easy-to-use solution with a free 7-day trial to attract new users. The website is well-branded, mobile-optimized, and uses Cloudflare for DNS and SSL, indicating a modern technical infrastructure. However, the site lacks explicit privacy, cookie, and terms of service policies, which are critical for compliance and user trust. No direct contact information or incident response channels are visible, which could impact customer support and security responsiveness.

Port of Antwerp-Bruges is a major European port authority, operating the second largest port in Europe with extensive shipping and logistics services. The website reflects a mature digital presence with comprehensive content targeting businesses and individuals involved in maritime transport and port operations. The technical infrastructure is modern, leveraging Next.js and React frameworks, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy and cookie policies are comprehensive and GDPR compliant. However, the lack of WHOIS data reduces transparency slightly, though the overall trustworthiness remains high due to consistent branding and official social media presence.

DPG Media Group operates a privacy consent gate page for its digital media properties, primarily targeting users in the Netherlands. The page is minimalistic, serving as a redirect and consent mechanism rather than a full website. The technical infrastructure includes JavaScript-based consent management and Google Tag Manager for analytics. The security posture is moderate with HTTPS usage implied but lacks visible security headers and explicit privacy or cookie policies on this page. The absence of WHOIS data for the subdomain reduces trustworthiness, though the branding and domain structure align with the known media group. Overall, the site functions as a compliance gateway but lacks comprehensive transparency and contact information.

D

Duvel

duvel.com

73

Duvel is a well-established Belgian beer brand with a rich history dating back to 1871. The company operates a professional website that showcases its premium beer products, brand heritage, and visitor experiences. The site targets beer enthusiasts primarily in Belgium and internationally, offering detailed product information, awards, and an e-commerce platform. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, and Flowbox for social media integration, with good mobile optimization and accessibility features. Security-wise, the site enforces HTTPS, includes an age verification modal to comply with legal drinking age requirements, and implements cookie consent mechanisms aligned with GDPR. However, no explicit security policy or incident response information is published, and WHOIS data for the domain is unavailable, which slightly impacts trust analysis. Overall, the website is professional, secure, and compliant, supporting Duvel's market position as a premium beer brand.

The website farnoststodulky.cz is currently inaccessible due to a Cloudflare Turnstile security challenge page, which blocks direct content access. Based on the domain name and WHOIS data, it appears to be a small local entity, likely a parish or community organization in the Czech Republic, registered in 2020. The site uses Cloudflare services for security and performance, including the Turnstile CAPTCHA mechanism. Due to the content being blocked, no business details, contact information, or policies are visible, limiting the ability to assess the website's digital maturity or compliance posture. The security posture cannot be fully evaluated, but the use of Cloudflare indicates a baseline security measure. Overall, the site presents a low trustworthiness score due to lack of accessible content and transparency.

A

Action for Happiness

actionforhappiness.cz

56

The website 'Action for Happiness' is a Czech language site hosted on the Wix platform, representing a social initiative focused on promoting happiness and wellbeing. The site targets Czech-speaking individuals interested in positive social change and wellbeing. The business model appears to be non-profit or community-oriented, with no commercial or transactional elements detected. Technically, the site uses Wix's standard infrastructure and scripts, ensuring basic performance and mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and policies. The absence of privacy, cookie, and terms of service policies, as well as contact information, limits compliance and trust. WHOIS data is unavailable, which raises concerns about domain legitimacy. Overall, the site is functional but basic in content and security, with room for improvement in compliance and transparency.

B

Byro

byro.works

56

Byro is a small, Czech Republic-based community platform focused on creative professionals working in public administration. It aims to foster a more creative, open, and inclusive bureaucracy through networking, education, mentoring, and events. The platform targets public officials who want to improve their work and the functioning of the state. Technically, the website is built on Squarespace, leveraging modern web technologies and delivering a good user experience with mobile optimization and decent SEO. Security posture is solid with HTTPS and HSTS enabled, though some advanced security headers and privacy policies are missing. The absence of WHOIS data limits trust but is likely due to privacy protection. Overall, Byro presents as a legitimate niche community platform with room for improvement in privacy compliance and security transparency.

D

Dieter Schwarz Stiftung gGmbH

dieter-schwarz-stiftung.de

55

The Dieter Schwarz Stiftung gGmbH is a well-established non-profit foundation focused on promoting lifelong learning and scientific advancement in the Heilbronn-Franken region of Germany. With a history dating back to 1999 and over 1300 supported projects, the foundation plays a significant role in regional education and innovation. Their website reflects a professional and comprehensive digital presence, offering detailed information about their initiatives, events, and news updates. The target audience includes educational institutions, researchers, students, and the local community. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern web technologies such as SCSS, JavaScript libraries like Splide.js for carousels, and Matomo for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly, indicating a mature digital infrastructure. From a security standpoint, the site enforces HTTPS and employs privacy consent mechanisms compliant with GDPR. While no explicit security headers were detected in the provided data, no vulnerabilities or exposed sensitive data were found. The absence of a published security policy or incident response contact is noted as an area for improvement. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. The domain registration data aligns well with the organization's profile, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and considering a vulnerability disclosure program to further strengthen security posture.

The website www.lancome.cz is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks access to the actual site content. This prevents extraction of any meaningful business, technical, or security information. The WHOIS lookup for the domain returned no entries, indicating either privacy protection or lack of public registration data, which further limits trust and legitimacy assessment. Without access to the site content, no privacy policies, contact information, or business details can be confirmed. The technical infrastructure appears to rely on Cloudflare services for security and hosting, but no further details are available. The security posture is limited to the presence of Cloudflare's WAF, but no other security headers or configurations can be verified. Overall, the site cannot be fully analyzed, and the risk assessment remains low due to lack of accessible data.

Strohmy a.s. is a Czech-based company specializing in electricity trading across European markets. Founded in 2022, it leverages expertise from energy, trading, investment banking, and professional poker to deliver precise decision-making supported by advanced mathematical and data analysis tools. The company emphasizes a respectful and trusting team environment and actively contributes to societal well-being through charitable donations and partnerships. The website reflects a professional and consistent brand image, targeting experienced professionals and partners in the energy sector. Technically, the site is built on WordPress with modern plugins and demonstrates good SEO and mobile optimization, though some security best practices like security headers and explicit privacy policies are missing. Overall, the security posture is adequate with HTTPS enabled and GDPR consent integrated in forms, but could be improved with additional policies and headers. The domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

The website 42firenze.it currently serves a security challenge page that blocks direct access to its main content, indicating the presence of a Web Application Firewall or similar security mechanism. The domain is registered since 2021 and is active without DNSSEC enabled. The visible page uses outdated CMS technologies such as Joomla 1.5 and WordPress 2.5, which are known to have multiple security vulnerabilities. No business or contact information, privacy, cookie, or terms of service policies are present on the accessible page, limiting the ability to assess the business or compliance posture. The site includes a security check powered by BitNinja, suggesting some level of security awareness but lacks modern security headers and best practices. Overall, the site’s digital maturity is low, with poor content quality and minimal SEO or accessibility features.

4

42 beirut

42beirut.com

50

42 Beirut is a non-profit educational institution offering a tuition-free, project-based computer science program focused on peer-to-peer learning and practical skills development. Positioned within the global 42 network, it aims to prepare students for careers in software development, AI, blockchain, cybersecurity, and related fields. The website is professionally designed using WordPress and modern web technologies, providing a good user experience and clear navigation. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is adequate with HTTPS enabled but could be improved by adding DNSSEC and security headers. Overall, the domain registration details align well with the business claims, supporting legitimacy.

4

42 Luanda

42luanda.com

44

42 Luanda is a free programming education center based in Angola, part of a global network offering innovative peer-to-peer learning without traditional teachers. The website presents a clear business focus on empowering youth through gamified programming challenges and practical projects. Technically, the site uses modern frontend technologies and is hosted with Cloudflare DNS, ensuring good availability and performance. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced security headers and explicit privacy or cookie policies. Tracking technologies like Facebook Pixel and Google Tag Manager are used without visible consent mechanisms, indicating privacy compliance gaps. Overall, the site is professional and credible but would benefit from enhanced security and privacy transparency.

G

GreatPages

greatpages.com.br

54

GreatPages is a Brazilian technology company specializing in providing high-performance landing page templates and a platform for infoproduct creators and online course sellers. Their service enables users to create optimized landing pages with marketing tool integrations and SEO configurations, targeting the Brazilian market. The website is professionally designed with good content quality and moderate technical implementation, including Cloudflare DNS for hosting and performance. However, the site lacks visible privacy and cookie policies, contact information, and security headers, which are important for compliance and trust. The security posture is moderate but could be improved with better security practices and transparency. Overall, the website is functional and credible but would benefit from enhanced privacy compliance and security measures.

G

GreatSoftwares

greatsoftwares.com.br

54

GreatSoftwares is a Brazilian technology company offering a suite of software solutions primarily targeting photographers, studios, and businesses requiring digital tools. Their portfolio includes management systems, website builders, payment processing, email marketing, e-commerce, and membership platforms. The company positions itself as a comprehensive provider with a growing international presence. Technically, the website is built with modern web standards, uses HTTPS, and is hosted on a specialized platform, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the website is professional and trustworthy, with clear business information and compliance with privacy regulations.

D

Dynamate

dynamate.be

75

Dynamate is a Belgian technology company specializing in digital transformation services that connect people and technology to empower businesses. Their market position is that of a well-established digital partner offering a broad range of IT services including business applications, cloud infrastructure, modern workplace solutions, security, web and mobile development, and digital marketing. The company targets businesses seeking impactful and innovative digital solutions to enhance operational efficiency and competitiveness. Technically, the website is built on modern frameworks such as Astro and integrates multiple third-party platforms like Microsoft 365, Shopify Plus, and HubSpot, indicating a mature digital infrastructure. The site is well-optimized for performance, mobile responsiveness, and SEO, reflecting a high level of digital maturity. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance mechanisms including cookie consent and a responsible disclosure page. No critical vulnerabilities or exposed sensitive data were detected. However, the WHOIS data is incomplete and restricted, which slightly reduces domain trustworthiness. Overall, the website presents a professional, trustworthy, and compliant digital presence.

E

Europ Assistance

europ-assistance.be

62

Europ Assistance Belgium operates as a provider of travel insurance and assistance services including roadside, cancellation, and home assistance insurance. The website targets travelers and vehicle owners in Belgium, positioning itself as a trusted expert in the insurance sector. The digital presence is professionally designed with good content quality and clear navigation, supporting a positive user experience. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and consent management tools, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly disclosed. The domain WHOIS data is restricted by DNS Belgium, which is common for .be domains but slightly reduces transparency. Overall, the website is credible and trustworthy with room for improvement in security transparency and accessibility compliance.

N

Nyrstar

nyrstar.com

59

Nyrstar is a well-established company specializing in the manufacturing and processing of zinc, lead, and other metals with a strong commitment to sustainability. The website presents a professional and comprehensive overview of their operations, products, and corporate responsibility initiatives, targeting industrial customers and partners in the metals and mining sectors. The company positions itself as a leading player with over 150 years of history, although domain registration data is not available to confirm this age. Technically, the website uses modern JavaScript frameworks such as Alpine.js and integrates analytics and tracking tools like Google Analytics and Hotjar. The presence of a cookie consent banner indicates some level of privacy compliance, but explicit privacy and terms of service policies are not found in the provided content. Security posture appears adequate with HTTPS usage and CSRF protections, but lacks visible security headers and incident response information. Overall, the website is functional and professional but would benefit from improved transparency in domain registration, privacy policies, and contact information to enhance trust and compliance.

The analyzed content corresponds to a Chrome internal error page (chrome-error://chromewebdata/) which is not a public website but an internal browser error or offline page. The page includes embedded JavaScript and CSS for the Chrome Dino game, which is a browser Easter egg displayed when there is no internet connectivity. There is no business-related content, no privacy or security policies, no contact information, and no external links. The technical infrastructure is limited to client-side JavaScript and HTML5 canvas game code. Security posture cannot be meaningfully assessed due to the nature of the content. Overall, this is not a public-facing website but a browser internal page, and thus no business credibility or compliance can be established.

J

James Cook Languages

jcl.cz

58

James Cook Languages is a well-established language education provider specializing in corporate language training, professional courses, translation, and interpreting services across Central Europe. With over 20 years of experience and a client base exceeding 600 companies, it holds a strong market position supported by its membership in the EDUA Group. The website reflects a professional and consistent brand image, targeting corporate clients seeking tailored language solutions. Technically, the site employs modern JavaScript libraries and tracking tools, with good mobile optimization and moderate performance. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit privacy and security policies are absent. Overall, the domain registration and website content align well, indicating a legitimate and credible business.

D

Digiskills

digiskills.cz

54

Digiskills.cz is a Czech-based digital education platform specializing in corporate training, online courses, and digital transformation services. The company targets businesses and professionals aiming to enhance their digital skills, offering a comprehensive library of practical courses focused on Microsoft 365 tools, AI, automation, and digital productivity. The website demonstrates a strong market position with over 500 corporate clients and a history of 7 years in e-learning. Technically, the site uses modern JavaScript frameworks, Google Tag Manager, and integrates various analytics and marketing tools with a good privacy consent mechanism. Security posture is solid with HTTPS and secure form handling, though explicit security policies and incident response contacts are absent. The absence of WHOIS data is a concern for domain legitimacy but is offset by professional content and trust signals. Overall, the site is well-designed, user-friendly, and trustworthy for its intended audience.

W

WocaBee

wocademy.cz

44

WocaBee operates an educational platform focused on language learning and teacher support, exemplified by the WocaDemy conference targeting future and novice language teachers. The website serves as an event landing page providing detailed program information, speaker bios, partner affiliations, and a registration form. Technically, the site uses standard web technologies including jQuery and Animate.css, with a responsive design and moderate performance. However, it lacks key privacy and security disclosures such as privacy and cookie policies, security headers, and incident response contacts, which are critical for compliance and trust. The registration form collects personal data but does not show visible anti-bot protections. Overall, the site is functional and professional but would benefit from enhanced security and privacy measures to improve compliance and user trust.

N

Nakladatelství Fraus, s.r.o.

fraus.cz

64

Nakladatelství Fraus, s.r.o. is a well-established Czech educational publisher with over 34 years of experience, specializing in printed and digital educational materials for primary, secondary, and language schools. The company holds a strong market position supported by European awards and a comprehensive portfolio including textbooks, digital publications, online exercises, and professional development services for educators. Their target audience includes schools, teachers, parents, and students within the Czech Republic. Technically, the website employs modern JavaScript frameworks, Google Analytics, and Google Tag Manager, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforced and consent management implemented, though explicit security headers and incident response information are lacking. Overall, the site presents a professional, trustworthy, and user-friendly experience, though the absence of WHOIS data slightly reduces domain trustworthiness. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms.

F

Footshop a.s.

footshop.lv

65

Footshop a.s. operates a professional e-commerce platform specializing in sneakers and streetwear, targeting consumers primarily in Latvia and broader European markets. The company offers a wide range of branded footwear and apparel, supported by physical retail locations and a loyalty program. The website is well-branded, with consistent design and clear navigation, supporting a positive user experience. Technically, the site uses modern web technologies including Google Tag Manager, Cookiebot for consent management, and Typekit fonts, built likely on PrestaShop CMS. Performance and mobile optimization are good, though accessibility features are basic. Security posture is strong with HTTPS enforced and cookie consent mechanisms, but could benefit from additional security headers and a published security policy. Privacy compliance is robust, with a comprehensive privacy policy and cookie consent banner. WHOIS data confirms the legitimacy and consistency of the domain registration with the business identity. Overall, the site is professional, secure, and compliant, supporting Footshop's market position as a leading sneaker retailer in the region.

F

Footshop a.s.

footshop.si

66

Footshop a.s. is a well-established Slovenian e-commerce retailer specializing in sneakers, apparel, and fashion accessories. The company operates a professional and comprehensive online platform targeting sneaker enthusiasts and fashion consumers primarily in Slovenia and across Europe. Their market position is strong, supported by multiple regional partner sites and physical stores in key European cities. The website demonstrates a mature digital infrastructure with modern technologies such as Google Tag Manager, Cookiebot for consent management, and a responsive design optimized for mobile and desktop users. Security posture is robust with HTTPS enforced, security headers present, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear GDPR-aligned policies and cookie consent mechanisms. Overall, the site reflects a professional, trustworthy, and user-friendly e-commerce platform with a solid business foundation.

F

Footshop a.s.

footshop.hr

67

Footshop a.s. operates a professional e-commerce platform specializing in sneakers, clothing, and accessories, targeting consumers primarily in Croatia and Central Europe. The company maintains a strong market position as a leading sneaker retailer with multiple physical stores and a loyalty program. The website is well-designed, mobile-optimized, and integrates modern technologies such as Google Tag Manager, Cookiebot, and Typekit fonts, hosted with reputable providers including Hrvatski Telekom and Cloudflare DNS. Security posture is solid with enforced HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the site demonstrates good compliance with GDPR and privacy standards, supporting a trustworthy user experience.

F

Footshop a.s.

footshop.ie

65

Footshop a.s. operates a well-established e-commerce platform specializing in sneakers, clothing, and accessories, targeting sneaker enthusiasts and fashion consumers primarily in Ireland and across Europe. The company maintains a strong market position as a large European sneaker retailer with multiple country-specific domains and physical stores. Their website offers a broad selection of products from popular brands and includes loyalty programs to enhance customer engagement. Technically, the website leverages modern web technologies including JavaScript frameworks, Google Tag Manager, Cookiebot for consent management, and Typekit fonts, built on the PrestaShop CMS platform. The site demonstrates good mobile optimization, SEO practices, and a professional design, contributing to a positive user experience. Security-wise, the site enforces HTTPS, employs cookie consent mechanisms, and avoids exposing sensitive data, though it lacks explicit security headers and published security policies. Overall, the website presents a solid security posture with room for improvement in transparency and incident response readiness. The absence of WHOIS data limits domain registration trust verification, but the website content and business information appear consistent and credible. Strategic recommendations include enhancing security headers, publishing security policies, and continuing to improve accessibility and privacy compliance.

S

SPN Interactive

spninteractive.cz

49

SPN Interactive operates a virtual school platform primarily targeting the Czech educational market. The website serves as a digital front for their educational services, linking to partner sites and social media channels. The technical infrastructure is modern with usage of Vite for frontend build and Sentry for error monitoring, indicating a contemporary development approach. However, the website content is minimal with no visible contact information or interactive forms, limiting user engagement and transparency. Security posture is basic with no detected security headers and minimal SSL configuration. Privacy policies exist but are hosted externally, and no cookie consent mechanism is present, which may impact GDPR compliance. The absence of WHOIS data reduces domain legitimacy and trustworthiness. Overall, the site functions as a basic informational portal with room for significant improvements in security, privacy, and business transparency.