Security Directory

C

Catalystic

catalystic.cz

0

Catalystic.cz is a small, Czech Republic-based independent platform focused on interdisciplinary research, non-formal education, and public outreach related to exponential changes in technology and society. The website presents a clear business model centered on fostering creativity, criticality, and exponentiality through research initiatives, educational programs, and partnerships. The site uses modern web technologies including Three.js for interactive graphics and is hosted on Forpsi servers with Webflow CMS. While the website is well-designed with good navigation and mobile optimization, it lacks critical compliance documents such as privacy and cookie policies, and does not provide incident response or vulnerability disclosure information. Security posture is moderate with HTTPS assumed but no visible security headers or advanced protections. Overall, the site is professional and trustworthy but could improve compliance and security transparency.

B

Brejlando | take-away divadlo

brejlando.cz

0

Brejlando.cz is a Czech-based small media business specializing in delivering experimental theater recordings through virtual reality technology. The website offers users the ability to experience popular Prague theater performances from the comfort of their homes using modern VR technologies. The business appears to have been founded in 2021, consistent with the domain registration date. The website is built using modern frontend technologies such as Bootstrap and Nuxt.js, providing a good user experience with responsive design and clear navigation. However, the site lacks critical privacy and security policies, including privacy, cookie, and terms of service documents, as well as contact information for users or incident response. No analytics or advertising scripts were detected, indicating minimal user tracking. The domain registration data aligns well with the website content and business profile, supporting legitimacy. Overall, the website is safe for general audiences and professionally presented but requires improvements in privacy compliance and security posture.

B

BRAINZ STUDIOS

brainzstudios.cz

0

Brainz Studios is a medium-sized independent group of creative studios based in Prague, Czech Republic, founded in 2018. They offer a broad range of new media services including digital innovation, strategic communication, VR and AR immersive experiences, and brand building. The company operates multiple specialized studios and incubates startups and platforms, positioning itself as a creative and technological leader in the media industry. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site uses modern frameworks such as Webflow, Vue.js, and GSAP, with integrated analytics and cookie consent mechanisms, indicating good digital maturity. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security headers and policies are absent. Overall, the site demonstrates high professionalism and trustworthiness, with clear contact information and client endorsements. Recommendations include publishing privacy and security policies and enhancing security headers to further improve compliance and security.

P

PagFerry.com

pagferry.com

0

PagFerry.com is a small Croatian website providing up-to-date ferry schedules, real-time ferry status, weather forecasts, and webcam feeds for the Prizna - Žigljen ferry route. It serves a niche audience of travelers and locals seeking reliable maritime transport information. The website is well-branded and consistent, with a clear focus on transportation services in the Croatian region. Technically, the site leverages modern web technologies including AMP for mobile optimization, jQuery, Bootstrap, and integrates third-party services such as Google Analytics and Facebook SDK for analytics and social media engagement. The site is mobile-friendly and offers a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and registers a service worker, but lacks visible security headers and explicit privacy or terms of service pages, which are areas for improvement. The WHOIS data for the domain is missing or indicates the domain may not be registered, which raises concerns about domain legitimacy despite the professional appearance of the site. Overall, the site is functional and useful but would benefit from enhanced security practices and verified domain registration to improve trustworthiness.

The website pag-apartments.info serves as a regional accommodation portal focused on the Island Pag area in Croatia, offering listings of private apartments, rooms, and houses for vacationers. It facilitates direct booking with accommodation owners and targets tourists seeking lodging options on the island. The business model is a niche hospitality listing platform with a small market presence. Technically, the site is built with legacy HTML and CSS, lacking modern frameworks or CMS, and shows poor mobile optimization and accessibility. Security posture is weak, with no HTTPS detected and absence of security headers or privacy policies. No contact information or incident response details are provided, limiting trust and compliance. Overall, the site is functional for its purpose but requires significant improvements in security, privacy, and technical modernization to enhance user trust and compliance.

BitByte, obrt za IT usluge, is a Croatian small IT service provider specializing in computer servicing, network solutions, website development, and fiscal software hosting. The company targets both private and business customers, emphasizing professional diagnostics, OEM parts, and secure fiscal solutions via Remaris Master hosted in their data center. The website reflects a professional and consistent brand image with clear service offerings and distributor partnerships. Technically, the site is built on WordPress using Elementor and Yoast SEO, with HTTPS and Google reCAPTCHA implemented for security. However, the absence of privacy and cookie policies and limited WHOIS transparency due to GDPR reduce the overall privacy compliance and trust slightly. Security headers are not evident, suggesting room for improvement in security posture. Overall, the site is functional, well-structured, and suitable for its business purpose.

Pag Outdoor is a small Croatian tourism and outdoor activity provider specializing in kayaking and related experiences on the island of Pag. The website is professionally designed using WordPress with Elementor and Astra theme, supporting multiple languages and optimized for SEO with structured data. The technical infrastructure is modern but lacks some security best practices such as security headers and explicit privacy policies. The security posture is moderate with HTTPS enabled but could be improved with additional headers and vulnerability disclosures. The domain WHOIS data is missing, which raises concerns about registration transparency and trustworthiness. Overall, the website serves its business purpose well but should enhance privacy compliance and security transparency to improve trust and compliance.

E

Eesti Hotellide ja Restoranide Liit

ehrl.ee

0

Eesti Hotellide ja Restoranide Liit (EHRL) is the largest professional association representing the hospitality sector in Estonia, including hotels, restaurants, schools, and supporting members. The organization focuses on advocacy, information dissemination, and training to support its members and the broader hospitality industry. The website reflects a mature digital presence with content primarily in Estonian and an English alternative, targeting hospitality businesses and professionals in Estonia. The business model is membership-based, emphasizing industry representation and service provision. The domain age and WHOIS data support the legitimacy and established nature of the organization. Technically, the website is built on WordPress 6.8.2 with common plugins such as Yoast SEO and CookieYes for cookie consent management. It uses modern JavaScript libraries like jQuery and Swiper for UI components. The site is hosted under Zone Media OÜ, a known Estonian registrar and hosting provider. Performance and mobile optimization are good, though accessibility features are basic. SEO is well addressed with proper meta tags and structured data. From a security perspective, the site enforces HTTPS and implements a detailed cookie consent mechanism, including granular user controls. However, no explicit security headers were detected, and there is no visible security policy or incident response contact information. No vulnerabilities or exposed sensitive data were found in the HTML content. The site uses tracking tools such as Google Analytics and Facebook Pixel, with moderate user tracking levels and basic privacy compliance. Overall, the website is professional, trustworthy, and aligned with its business purpose. The main risks relate to the absence of a published privacy policy and security headers, which could be improved to enhance compliance and security posture. The site is safe for general audiences with no adult or questionable content.

The website tallinn.ee is currently inaccessible due to a Cloudflare Turnstile human verification challenge page, which blocks access to the actual content. The domain is registered to Spin TEK AS, an Estonian company, consistent with the .ee country code top-level domain. The domain was created in 2010, indicating an established presence likely related to government or municipal services. Due to the access block, no business descriptions, contact information, or policies are visible on the site. The technical infrastructure includes Cloudflare security and analytics services, but no CMS or frameworks are detectable from the challenge page. Security posture cannot be fully assessed, but the presence of Cloudflare indicates some level of protection. Privacy and cookie policies are not found, and no contact or incident response information is visible. Overall, the site appears legitimate but inaccessible for detailed analysis.

R

Regional Development Agency DUNEA LLC.

dubrovnik-neretva.eu

0

The website represents the official Representation Office of the Dubrovnik-Neretva Region in Brussels, serving as a liaison and promotional platform for the region within the European Union. It highlights the Regional Development Agency DUNEA, which coordinates sustainable development and project management for the region. The site targets regional stakeholders, investors, EU institutions, and the general public interested in regional development. Technically, the site is built on Joomla CMS with a modern but moderate tech stack including Bootstrap, jQuery, and Revolution Slider, offering good mobile optimization and user experience. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional, trustworthy, and content-rich but would benefit from enhanced privacy and security measures.

Europe Direct Dubrovačko-neretvanske županije operates as a regional EU information center in Croatia, providing citizens with access to EU-related information, events, and services. The website serves as a communication platform to engage the public in discussions about the European Union's future and policies. It is funded by the European Union and acts as a trusted source for regional EU news and resources. The organization targets local citizens and stakeholders interested in EU affairs, promoting transparency and participation.

Die Schlösserstrasse is a regional development association focused on promoting cultural tourism and heritage sites, specifically castles and fortresses in Southeast Austria and Slovenia. The website serves as an information hub for tourists and cultural enthusiasts, offering event announcements, booking options, and educational content. The organization appears to have a solid market position within its niche, supported by regional tourism partners and a network of castles. Technically, the website uses basic web technologies such as jQuery and JavaScript, with moderate performance and basic mobile optimization. Security posture is average, with no HTTPS or security headers information available from the provided data, and no cookie consent mechanism detected despite EU audience relevance. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy, although the website content and partner references suggest a legitimate operation. Overall, the site is professional and trustworthy but would benefit from improved technical and security measures.

Museums.SI is a Slovenian cultural heritage portal operated by Semantika d.o.o., providing comprehensive information about museums, galleries, exhibitions, collections, educational programs, articles, authors, and virtual exhibitions in Slovenia. The website serves as a national platform to promote Slovenian cultural institutions and their activities to the general public and cultural enthusiasts. Technically, the site is built on the DNN CMS platform, utilizing Bootstrap and jQuery libraries, and integrates Google Analytics for visitor tracking. The site is mobile optimized with a moderate performance profile and basic accessibility features. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit security policies. Privacy compliance is basic with a privacy policy available in Slovenian and a cookie consent banner. No contact emails or phone numbers are explicitly provided on the homepage, which may affect direct communication. Overall, the website is professional, trustworthy, and safe for general audiences.

3

Trije gradovi,dve deželi,ena zgodba - 321 Go

321go.si

0

The website www.321go.si is a Slovenian regional or cultural site, likely focused on tourism or local heritage, as indicated by the title 'Trije gradovi,dve deželi,ena zgodba - 321 Go'. The domain was registered in 2019 with a local Slovenian registrar, consistent with the website's regional focus. The site is multilingual, offering Slovenian, English, and German versions. Technically, the site is built on WordPress and uses WPRocket for optimization, with Google Analytics integrated for visitor tracking. However, the site lacks visible privacy and cookie policies, and no contact information is explicitly provided in the analyzed content. Security headers are not detected, and SSL configuration details are not available, though HTTPS is used. Overall, the site presents good design and user experience but has gaps in privacy compliance and security best practices.

P

Pikant

pikant.hr

0

Pikant is a Croatian design and marketing studio providing a broad range of creative and IT services including web design, graphic design, product design, branding, IT support, and marketing consulting. The company positions itself as a regional leader with a focus on quality and client satisfaction, serving businesses primarily in Croatia and the EU. The website is professionally designed, mobile-optimized, and provides clear contact information and client references. Technically, the site uses modern web technologies such as Google Fonts, Revolution Slider, and Cognito Forms for contact management, with Google Analytics for traffic analysis. Security posture is good with HTTPS enabled and secure form handling, though some security headers and cookie consent mechanisms are missing. The WHOIS data is privacy protected due to GDPR, which is justified for this business type. Overall, the website reflects a legitimate, small-sized business with a solid digital presence.

Općina Krapinske Toplice operates an official municipal website providing comprehensive information and services to residents and stakeholders of the Krapinske Toplice municipality in Croatia. The site offers detailed administrative content including organizational structure, public notices, procurement, and community engagement resources. The website is positioned as a local government authority portal, serving a small-sized municipality with a focus on transparency and public service. Technically, the site is built on WordPress CMS using Elementor page builder, leveraging modern web technologies such as jQuery and Font Awesome for UI elements. Hosting and domain registration are consistent with a Croatian academic network provider, ensuring local presence and legitimacy. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though improvements in security headers and incident response documentation are recommended. Privacy compliance is supported by clear privacy and cookie policies, though a cookie consent mechanism is absent. Overall, the website is professional, trustworthy, and safe for general audiences, with a good balance of content quality and technical implementation.

R

Razvojna agencija Sotla

ra-sotla.si

0

Razvojna agencija Sotla is a Slovenian regional development agency established in 2003, focusing on regional development programs, entrepreneurship support, and project management primarily in the Obsotelje and Kozjansko regions. The agency operates as a non-profit entity serving local governments, entrepreneurs, and community stakeholders. Their website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to their target audience. Technically, the site is built on WordPress using modern plugins such as Elementor and Events Manager, ensuring good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and standard security headers present, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is trustworthy, compliant with GDPR cookie requirements, and free from suspicious indicators.

A

Askly OÜ

askly.me

0

Askly OÜ operates a professional SaaS platform providing AI-powered multilingual chat and customer support solutions primarily targeting e-commerce and retail businesses. The website demonstrates a strong market position with numerous notable clients and testimonials, emphasizing ease of use, automation, and enhanced customer engagement. The company leverages modern digital marketing and analytics tools, including Google Analytics, Facebook Pixel, Hotjar, and FullStory, indicating a mature digital infrastructure. The technical implementation is robust, with responsive design, fast performance, and comprehensive SEO and accessibility features. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and explicit security policies are absent. WHOIS data is unavailable due to privacy protection, which is typical for SaaS providers, but the website content and business presence support legitimacy. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

B

Baltic Human Rights Society

baltichumanrights.org

0

Baltic Human Rights Society (BHRS) is a non-profit organization dedicated to promoting human rights awareness and education in Latvia and the broader Baltic region. The organization focuses on fostering a culture of human rights through educational initiatives, advocacy, and collaborative projects with regional and international partners. The website reflects a well-structured platform aimed at human rights educators, activists, NGOs, and the general public interested in human rights issues. BHRS maintains partnerships with reputable European and Baltic institutions, enhancing its credibility and regional influence. Technically, the website employs standard web technologies including jQuery and SVG4Everybody for compatibility and user experience enhancements. It features a cookie consent mechanism compliant with GDPR principles, although no advanced security headers or analytics services are detected. The site is mobile-optimized with good navigation and content quality, though SEO and accessibility could be improved. The WHOIS data is unavailable or restricted, which limits domain trust verification but does not detract significantly from the site's legitimacy given the content and partner affiliations. From a security perspective, the site uses HTTPS (assumed from canonical URLs and modern standards) and implements cookie consent with opt-in, indicating privacy awareness. However, the absence of visible security headers and incident response contacts suggests room for improvement in security posture. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the site presents a moderate security maturity level appropriate for a non-profit educational organization. The overall risk assessment is low, with the primary concern being the lack of WHOIS transparency and limited security policy disclosures. Strategic recommendations include enhancing security headers, publishing explicit security and privacy policies, and providing clear contact information for incident response. These steps would improve trust and compliance, supporting BHRS's mission and stakeholder confidence.

C

Cilvēktiesību gids

cilvektiesibugids.lv

0

The website www.cilvektiesibugids.lv is a Latvian human rights guide providing educational content on various human rights topics and everyday situations. It targets the general public interested in human rights education and operates as a non-profit entity. The platform offers thematic articles, rights information, court practice summaries, and interactive tests in Latvian, Russian, and English. Technically, the site uses modern web technologies including self-hosted Matomo analytics for privacy-conscious tracking, Google Fonts, and cookie consent mechanisms. The design is professional, mobile-optimized, and accessible, with clear navigation and multilingual support. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published security policies. No vulnerabilities or suspicious content were detected. Overall, the site is trustworthy and serves as a valuable educational resource in the human rights domain.

K

Kiwis & Brownies GbR

brezel.io

0

Brezel.io is a German-based small technology company specializing in tailored enterprise software solutions including ERP, CRM, PIM, and DAM systems. Their business model focuses on providing customizable low-code and no-code platforms that enable businesses to digitize and automate complex workflows. The company emphasizes flexibility, security, and modern web technologies, targeting businesses that require bespoke digitalization solutions rather than off-the-shelf products. Their market position is niche but well-defined, with a focus on industrial, hospitality, and membership management sectors. Technically, the website is built on a modern stack including Laravel, Vue.js, and supports a Progressive Web App for cross-device compatibility. The site is mobile optimized and offers good user experience and navigation clarity. However, performance is moderate and accessibility features are basic. The hosting and DNS setup is standard with no DNSSEC enabled, and no CMS detected. From a security perspective, the site implements two-factor authentication and WebAuthn for user login security and includes CSRF tokens. However, it lacks visible HTTP security headers and DNSSEC, and does not publish security or incident response policies. Privacy compliance is weak due to absence of privacy and cookie policies and no visible consent mechanisms, despite the use of tracking scripts. WHOIS data is consistent and transparent, supporting legitimacy. Overall, the website presents a professional and trustworthy business front with good technical foundations but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

B

Brainz Immersive s. r. o.

immersive.cz

0

Brainz Immersive s. r. o. is a Prague-based immersive creative studio specializing in virtual and augmented reality experiences. Founded in 2019 and part of the BRAINZ STUDIOS group, the company offers a comprehensive suite of services including AR/VR creative development, 360° video production, multi-platform app development, and immersive installations. Their client portfolio includes notable brands such as ŠKODA AUTO, Vogue, and Czech Radio, positioning them as a niche leader in immersive technology solutions for brands and entertainment. The website reflects a professional and modern digital presence with rich multimedia content and clear navigation. Technically, the site uses modern web technologies and frameworks, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy or cookie policies, indicating room for compliance improvement. Analytics and marketing tracking are implemented via Google Analytics and Facebook Pixel, but without explicit cookie consent mechanisms. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, Brainz Immersive demonstrates a strong market position in immersive technology with a professional online presence but should enhance privacy compliance and security best practices to further strengthen trust and regulatory adherence.

B

BRAINZ DISRUPTIVE

disruptive.cz

0

BRAINZ DISRUPTIVE is a small, independent creative digital studio based in the Czech Republic, founded in 2019. The company focuses on helping brands adapt to future challenges by delivering innovative digital solutions, combining strategic, creative, and technological expertise. Their market position is that of a progressive digital studio emphasizing disruptive strategies and future-oriented services. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern frameworks such as Vue.js and Nuxt.js, with Webflow CSS for styling, and integrates Google Analytics for tracking. However, the site lacks visible privacy and cookie policies, and no explicit contact emails or phone numbers are provided, relying mainly on a contact form. Security posture is moderate with HTTPS usage but missing security headers and incident response information. Overall, the domain registration data is consistent and supports the legitimacy of the business.

C

Christian Kiewaldt & Benjamin Braun GbR

kiwis-and-brownies.de

0

KIWIS & BROWNIES is a small German software development company specializing in custom enterprise software, eCommerce solutions using Magento, and promotional applications to increase reach and lead generation. The company operates primarily in the Gummersbach and Oberberg regions of Germany, targeting local businesses seeking digital transformation and marketing services. Their website reflects a professional and modern digital presence with a focus on clear communication and customer engagement via WhatsApp and downloadable informational materials. Technically, the website employs standard modern web technologies including HTML5, CSS, JavaScript with jQuery, and Google Fonts. The hosting is managed via DomainControl nameservers, and Magento is indicated as the eCommerce platform. The site is moderately optimized for performance and mobile devices, though accessibility features are basic. SEO practices are adequately implemented with meta tags and structured content. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a formal security policy or incident response contacts. The privacy policy is comprehensive and GDPR compliant, but no cookie consent mechanism is present, which is a compliance gap. No vulnerability disclosure or security.txt files are found, limiting transparency in security practices. Overall, the website presents a trustworthy and professional image suitable for its business scope. The risk level is moderate with recommendations to enhance security headers, implement cookie consent, and publish security policies to improve compliance and trust. The domain registration aligns with the business identity, supporting legitimacy.

L

Lesoochranárske zoskupenie VLK

wolf.sk

0

Lesoochranárske zoskupenie VLK is a Slovak non-profit organization dedicated to the protection of natural forests, carnivores, and natural processes through the creation of no-intervention reserves. The organization has a strong grassroots presence with over 25 years of activity, focusing on environmental advocacy, legal interventions, and public education. Their website serves as an information hub for campaigns, petitions, and educational content primarily in Slovak, targeting environmental activists and the general public interested in nature conservation. Technically, the website is built on Drupal CMS with common libraries like jQuery and uses Google Analytics for visitor tracking. While the site is functional and content-rich, it lacks advanced security headers and cookie consent mechanisms, which are important for GDPR compliance. Contact information is primarily available via a contact page rather than directly on the homepage. Overall, the website reflects a moderate level of digital maturity with room for improvements in security and privacy compliance.

The website mep.lt is currently a parked domain page indicating that the domain is for sale. It does not represent an active business or service provider. The content is minimal, primarily advertising the domain sale with no substantive business information, contact details, or privacy policies. The technical infrastructure relies on basic HTML, CSS, and JavaScript with embedded third-party iframes and ad scripts, which introduces potential security risks. There is no evidence of HTTPS enforcement or security headers, and no compliance with privacy regulations is demonstrated. Overall, the site lacks professionalism and trustworthiness, reflecting its status as a domain parking page rather than an operational business website.

Ž

Žmogaus teisių gidas

zmogausteisiugidas.lt

0

Žmogaus teisių gidas is a Lithuanian educational website dedicated to human rights and civic education. It offers thematic articles, tests, court practice summaries, and resources to educate the public on human rights issues. The site targets a general audience interested in learning about human rights in everyday situations. The platform is supported by reputable European and Baltic organizations, indicating a non-profit educational mission. Technically, the website employs modern web technologies including Matomo analytics with privacy-respecting default settings, Google Fonts, and cookie consent mechanisms. The site is mobile optimized and accessible, with a clear navigation structure. Security posture is moderate, with HTTPS enforced but lacking explicit security headers and vulnerability disclosures. WHOIS data for the domain is unavailable, which reduces trustworthiness from a domain registration perspective. Overall, the website is a credible educational resource with room for improvement in privacy policy transparency and security best practices.

V

Valga Muuseum

valgamuuseum.ee

0

Valga Muuseum is a regional cultural and educational institution based in Valga, Estonia, providing museum exhibitions, educational programs, research activities, and a museum shop. The website reflects a stable and established organization with a domain registered since 2010. The museum targets a broad audience including local visitors, students, and researchers, offering a variety of cultural and educational services. Technically, the website uses a common CMS (Greativ), standard JavaScript libraries, and integrates Google Analytics and Facebook SDK for tracking. The site is mobile-optimized with good navigation and content relevance. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and a cookie consent mechanism, which impacts privacy compliance. Overall, the website is professional, trustworthy, and serves its purpose well.

Valga Sport is a local Estonian sports organization focused on promoting youth and community sports activities, managing sports facilities, and organizing events. The website serves as an information portal for sports opportunities, events, and news relevant to the Valga region. The organization appears to be a small-sized entity with a public or non-profit orientation, supported by local government affiliations. Technically, the website is built on the Greativ CMS platform and uses common web technologies including Google Analytics and Facebook Pixel for tracking. The site is mobile-optimized with a moderate performance profile and basic SEO and accessibility features. Hosting and domain registration are consistent with a local Estonian provider, Telia Eesti AS. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks advanced security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The WHOIS data is transparent and consistent with the business claims, supporting legitimacy. Overall, the website is professional and trustworthy for its intended audience but could improve in privacy compliance and security posture to better align with modern standards.

M

MAMFORCE

mamforce.hr

0

MAMFORCE is a Croatian-based organization specializing in Diversity, Equity, and Inclusion (DEI) certifications and consulting services aimed at improving workplace culture for families and women. Their offerings include multiple certification standards such as MAMFORCE Standard, DADFORCE Standard, and INC.Q EQUAL PAY, alongside training and employer branding services. The company positions itself as a leader in promoting fair and inclusive organizational cultures within Croatia. Technically, the website is built on WordPress with a modern tech stack including Google Analytics, Facebook Pixel, and various plugins enhancing user experience and tracking capabilities. The site is mobile-optimized and SEO-friendly, reflecting a good level of digital maturity. Security-wise, the site enforces HTTPS and uses some security best practices but lacks certain headers like Content-Security-Policy and X-Frame-Options, which are recommended for enhanced protection. No privacy policy or terms of service were found, which is a compliance gap. Overall, the domain registration is consistent with the business claims, and no suspicious patterns were detected, supporting a high legitimacy score.

R

Regionalni centar kompetentnosti u turizmu i ugostiteljstvu Zabok

rcktu-zabok.hr

0

The website represents the Regional Center of Competence in Tourism and Hospitality located in Zabok, Croatia. It serves as an educational institution offering secondary education, adult courses, workshops, retraining, and consulting services focused on tourism and hospitality sectors. The center aims to develop professional skills, creativity, and social responsibility among students and professionals, supported by EU funding. The site is well-structured, professionally designed, and targets students, adult learners, and regional businesses in the tourism and hospitality industry. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit privacy and terms of service pages and a vulnerability disclosure policy. Overall, the domain registration and hosting are consistent with the business profile, indicating legitimacy and trustworthiness.

R

Ride & Bike 2

rideandbike.eu

0

Ride & Bike 2 is a regional tourism promotion website focusing on the natural and cultural heritage of several regions in Croatia and Slovenia. It provides information about outdoor activities, cultural sites, and local attractions, targeting tourists and outdoor enthusiasts. The website leverages WordPress CMS with WPBakery Page Builder and integrates Google Tag Manager for analytics. While the site is well-structured and visually consistent, it lacks critical privacy and cookie policies, as well as explicit contact information, which impacts its compliance and trustworthiness. Security posture is moderate with HTTPS enabled but missing security headers and incident response contacts. Overall, the site is functional and serves its tourism promotion purpose but requires improvements in privacy compliance and security best practices.

D

Dom za žrtve nasilja u obitelji NOVI POČETAK

novipocetak.hr

0

Dom za žrtve nasilja u obitelji NOVI POČETAK is a Croatian social care institution dedicated to supporting victims of domestic violence and their children. Founded and operated under the auspices of the Krapinsko-zagorska županija regional government, it provides safe accommodation, psychosocial counseling, and professional social work services. The website reflects a well-structured, professionally designed platform with clear navigation and relevant content tailored to its target audience. Technically, the site is built on WordPress with Elementor and Yoast SEO, integrating Google Analytics and reCAPTCHA for security and analytics purposes. Security posture is strong with HTTPS enforced and appropriate security headers, though it lacks published security policies and cookie consent mechanisms. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the site is trustworthy, compliant with GDPR in terms of privacy policy presence, but could improve cookie consent and incident response transparency.

The website 'Crveni popis Hrvatske' is an official Croatian government portal managed by the Ministry of Environment and Green Transition, specifically the Institute for Environmental Protection and Nature. It serves as a comprehensive resource for data on endangered wild species in Croatia, providing risk assessments, conservation information, and public education. The portal targets a broad audience including researchers, policymakers, and the general public interested in biodiversity and environmental protection. Technically, the site employs modern web technologies such as HTML5, CSS3, JavaScript, Chart.js for data visualization, and Leaflet.js for mapping. The presence of a CSRF token and HTTPS indicates a secure infrastructure, although some security headers are missing. Accessibility is addressed but with room for improvement, particularly in image alt attributes and text scaling. The site is moderately performant and mobile-optimized. From a security perspective, the portal demonstrates good practices including GDPR compliance, cookie consent mechanisms, and secure form handling. However, it lacks explicit incident response contact details and a published vulnerability disclosure policy. No critical vulnerabilities or suspicious activities were detected. WHOIS data confirms the domain's legitimacy and alignment with the governmental nature of the site. Overall, the website is trustworthy, professionally maintained, and fulfills its mission effectively. Strategic improvements in security headers, accessibility, and incident response transparency would further enhance its posture.

P

Poliklinika Magdalena

magdalena.hr

0

Poliklinika Magdalena is a well-established healthcare provider specializing in cardiovascular care with over 25 years of experience. The organization operates multiple physical locations in Croatia, including Zagreb and Krapinske Toplice, and offers a comprehensive range of services from diagnostics to surgical interventions and telemedicine. The website reflects a professional and patient-focused approach, targeting individuals seeking specialized cardiovascular healthcare. Technically, the site is built on WordPress with modern tools such as Gravity Forms for data collection, Google Analytics and Facebook Pixel for analytics, and CookieYes for GDPR-compliant cookie consent. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website and domain registration details indicate a legitimate and trustworthy healthcare provider with a solid digital presence.

S

Specijalna bolnica za medicinsku rehabilitaciju Krapinske Toplice

sbkt.hr

0

Specijalna bolnica za medicinsku rehabilitaciju Krapinske Toplice is a specialized healthcare provider focused on medical rehabilitation services for neurological, cardiovascular, orthopedic, rheumatologic, and internal medicine patients, including both adults and children. The hospital also offers outpatient specialist services, health tourism, and preventive health programs. The website reflects a well-established regional medical institution with a clear market position and a comprehensive service portfolio. The target audience primarily includes patients and healthcare consumers seeking rehabilitation and wellness services in Croatia. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and various plugins for enhanced functionality such as forms and galleries. The site is mobile optimized, accessible, and SEO friendly, with good content quality and consistent branding. Security posture is solid with HTTPS enforced and CAPTCHA protection on forms, though there is room for improvement in implementing security headers and cookie consent mechanisms. Overall, the domain registration and WHOIS data align well with the business claims, supporting the legitimacy and trustworthiness of the entity.

Z

Zavod za javno zdravstvo Krapinsko-zagorske županije

zzjzkzz.hr

0

Zavod za javno zdravstvo Krapinsko-zagorske županije is a regional public health institute serving the Krapina-Zagorje County in Croatia. The organization provides a broad range of public health services including epidemiology, microbiology, health promotion, school medicine, environmental health, and mental health and addiction prevention. The website targets local residents and public health stakeholders, offering news, contact information, and resources relevant to the community. The business model is government-funded, positioning the institute as a key regional health authority. Technically, the website uses a custom ASP-based CMS with legacy JavaScript libraries such as jQuery 1.8.2 and Modernizr, alongside modern UI components like the Revolution Slider and UserWay accessibility widget. The site is moderately optimized for performance and mobile devices, with basic SEO and good accessibility features. However, some technical debt is evident due to outdated libraries and lack of advanced security headers. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, the use of outdated JavaScript libraries and absence of security headers like CSP and HSTS present potential vulnerabilities. No explicit security or incident response policies are published. Contact information is clearly provided, enhancing trust and transparency. Overall, the website is professional, trustworthy, and serves its public health mission effectively. Strategic improvements in updating technical components and enhancing security headers would strengthen its security posture and compliance. The site is safe for general audiences with no adult or questionable content detected.

D

Dom zdravlja Krapinsko zagorske županije

dzkzz.hr

0

Dom zdravlja Krapinsko zagorske županije is a public healthcare provider serving the Krapinsko-zagorska County in Croatia. The organization offers a range of primary healthcare services including family medicine, pediatrics, palliative care, and radiology. The website reflects a well-established regional healthcare institution with multiple branch offices, targeting local residents seeking accessible medical care. The business model is government-funded, focusing on essential healthcare delivery rather than commercial services. The website content is comprehensive and professionally presented, supporting patient engagement through news updates and satisfaction surveys. Technically, the website is built on WordPress with modern plugins such as Elementor and Smart Slider 3, ensuring a responsive and accessible user experience. The site uses HTTPS and includes GDPR-compliant cookie consent mechanisms, reflecting a mature digital infrastructure. Performance is moderate with good mobile optimization and SEO practices. However, some security headers are not explicitly detected, suggesting room for improvement in security hardening. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. The presence of GDPR compliance and a dedicated privacy policy page indicates attention to data protection. However, the absence of explicit security policy and incident response information could be addressed to enhance trust and preparedness. Overall, the domain registration data aligns well with the website's claims, supporting legitimacy and trustworthiness. The overall risk assessment is low, with no signs of malicious activity or suspicious content. Strategic recommendations include implementing additional security headers, maintaining up-to-date software, and publishing clear security and incident response policies to further strengthen the security posture and user trust.

L

Libela

libela.org

0

Libela.org is a Croatian non-profit organization dedicated to promoting gender equality and social justice through media and advocacy. The website serves as a platform for publishing articles, reports, and news focused on gender facts and social issues relevant to Croatia. It targets a general audience interested in social activism and equality. The organization has been active since 2009, reflecting a mature and stable presence in its niche. Technically, the website is built on WordPress and leverages modern web technologies such as jQuery, Lightbox2, and Swiper for enhanced user experience. It is hosted on Linode, ensuring reliable infrastructure. The site demonstrates good mobile optimization, accessibility features, and SEO practices, supported by plugins like Yoast SEO and GDPR cookie compliance tools. From a security perspective, the site uses HTTPS with a valid SSL certificate and employs domain transfer protection. However, DNSSEC is not enabled, and additional security headers could be implemented to strengthen defenses. Privacy compliance is well addressed with clear privacy and cookie policies and explicit user consent mechanisms. No critical vulnerabilities or suspicious activities were detected. Overall, Libela.org presents a trustworthy, professional, and content-rich platform with a solid security posture and compliance framework. Strategic improvements in DNS security and HTTP headers would further enhance its security maturity and resilience.

P

Pomurski muzej Murska Sobota

pomurski-muzej.si

0

Pomurski muzej Murska Sobota is a regional museum dedicated to preserving and showcasing the cultural heritage of the Pomurje region in Slovenia. The website provides comprehensive information about exhibitions, events, educational programs, and digital collections, targeting a broad audience including families, schools, and cultural enthusiasts. The museum positions itself as a key cultural institution in the region with a focus on both physical and digital heritage preservation. Technically, the website is built on the WBCE CMS platform with modern web technologies such as Bootstrap, jQuery, and Revolution Slider. It is hosted under a reputable Slovenian registrar (Arnes) and uses HTTPS with a valid SSL configuration. The site is mobile-optimized and includes basic accessibility features. Google Analytics is used for visitor tracking, and a cookie consent banner with opt-in is implemented, indicating good privacy compliance. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms but lacks advanced security headers and does not publish explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data aligns well with the website's claims, supporting legitimacy. Overall, the website is professional, trustworthy, and serves its cultural mission effectively. Strategic improvements in security headers, incident response transparency, and accessibility could enhance its security posture and compliance further.

H

Hosting i Domene AKCIJA 1+1

wmd.hosting

0

WMD Hosting operates as a regional web hosting and domain registration provider based in Croatia, offering a comprehensive suite of web services including domain registration, hosting packages, SSL certificates, and web development. The company targets web developers and businesses of various sizes, positioning itself with promotional offers such as the 'AKCIJA 1+1' campaign. Their market presence is supported by over 20 years of experience and a user base exceeding 10,000 clients across 73 countries. The website is professionally designed with multilingual support and integrates modern web technologies and accessibility features.

K

KB Studios

kbstudios.hr

0

KB Studios is a small business based in Croatia currently undergoing a website redesign to improve clarity and user experience. The company invites potential clients to contact them via phone or email for services, though specific services are not detailed on the homepage. The website uses WordPress with Elementor and integrates Google Analytics and Tag Manager for tracking, along with Google Translate for multilingual support. The technical infrastructure is modern but basic, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site is functional but underdeveloped in content and compliance aspects.

E

Europe Direct Informacijski ured Split

europedirect-split.hr

0

Europe Direct Informacijski ured Split operates as an official European Union information center serving the Split region in Croatia. The website provides comprehensive information and advisory services about the EU, targeting local citizens and residents. It is part of the Europe Direct network, offering free services and acting as a trusted source for EU-related news, publications, and guidance. The business model is non-profit and government-affiliated, focusing on public information dissemination. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Revolution Slider, ensuring good SEO and user experience. The site is mobile-optimized and includes accessibility features, enhancing usability for diverse audiences. External integrations include Google Tag Manager and Facebook SDK for analytics and social media engagement. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's claims, showing consistent registration details and domain age appropriate for the organization's history. Overall, the website demonstrates a solid security posture, good privacy compliance, and professional business credibility. Recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and expanding contact channels for security matters.

Municipal d.o.o. operates a website that currently serves as a minimal online presence, displaying only a logo on a plain blue background without any substantive business information or content. The lack of descriptive content, contact details, or service information limits the ability to assess the company's market position or business model. The website appears to be either under development or a placeholder. From a technical perspective, the website is very basic with no detectable scripts, frameworks, or CMS. There is no evidence of modern web technologies or SEO optimization. Mobile optimization and accessibility are minimal due to the lack of content and structure. Security posture is weak as there is no indication of HTTPS usage or security headers, and no privacy or cookie policies are present. The security evaluation highlights critical gaps including absence of HTTPS, lack of privacy and cookie policies, and no contact or incident response information. These factors significantly reduce trustworthiness and compliance with data protection regulations such as GDPR. The domain WHOIS data is privacy protected, which is common for small businesses but further limits transparency. Overall, the website poses a low risk in terms of content safety as it contains no adult or questionable material. However, the minimal content and lack of security and compliance features suggest a need for significant improvements to enhance trust, security, and user experience.

G

Gradska knjižnica i čitaonica Ivana Belostenca

gkc-ivanabelostenca.hr

0

Gradska knjižnica i čitaonica Ivana Belostenca is a small, non-profit public library and cultural institution located in Ozalj, Croatia. It offers library services, cultural events, and access to significant historical works such as the Gazophylacium bilingual dictionary. The website serves as an informational portal for the local community and cultural enthusiasts. Technically, the site is built on Joomla CMS using common web technologies including jQuery, Bootstrap, and Google Maps API. The hosting is provided by ZoNet, a reputable Croatian hosting provider. The site is accessible, with clear navigation and consistent branding, but shows room for improvement in mobile optimization and accessibility. Security posture is moderate with HTTPS enabled but lacking important security headers and privacy compliance documentation. No forms or tracking scripts are present, minimizing privacy risks but also limiting interactivity. Overall, the website is trustworthy and professionally presented but would benefit from enhanced security and privacy measures.

A

Azelija Eko d.o.o.

azelija-eko.hr

0

Azelija Eko d.o.o. is a Croatian municipal service company specializing in waste management, recycling, cemetery services, public lighting maintenance, and chimney sweeping within the Ozalj region and surrounding municipalities. The company operates fixed and mobile recycling yards and provides essential environmental services to local residents and businesses. The website reflects a local government service provider with clear contact information and service descriptions, targeting the regional community. Technically, the website is built on Joomla CMS with a Bootstrap framework and uses common JavaScript libraries such as jQuery and Font Awesome for UI elements. The site includes image sliders and responsive design elements, indicating moderate digital maturity. Hosting is provided by CARNET, a reputable Croatian academic network, which aligns with the local focus. From a security perspective, the site lacks visible security headers and explicit HTTPS enforcement in the provided data, which lowers its security posture. No privacy or cookie policies were found, indicating potential GDPR compliance gaps. The site does not use tracking or advertising technologies, which reduces privacy risks but also limits marketing insights. Overall, the website is functional and professional for its purpose but would benefit from enhanced security measures, privacy compliance improvements, and clearer policies to strengthen trust and regulatory adherence.

T

Turistička zajednica područja Kupa

tzp-kupa.hr

0

The website tzp-kupa.hr serves as the official tourism portal for the Kupa region in Croatia, managed by the Turistička zajednica područja Kupa. It provides comprehensive information about local attractions, events, accommodation, and gastronomy, targeting tourists and visitors interested in exploring the region. The site is positioned as a regional tourism authority with a focus on promoting natural heritage and active tourism. Technically, the site is built on WordPress using the Flatsome theme, with integrations such as Google Analytics and GTranslate for multilingual support. The infrastructure is modern and mobile-optimized, though performance is moderate. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks some security headers and formal security policies. Privacy compliance is basic, with privacy and cookie policies present but no explicit consent mechanism. Overall, the site is professional, trustworthy, and well-branded, serving its purpose effectively.

jQuery Tools is an open source JavaScript UI library providing essential user interface components such as tabs, tooltips, overlays, and form utilities. The website serves web developers and site creators by offering demos, documentation, and downloads of the library. It holds a moderate market position as a popular UI toolkit used by various websites worldwide. The business model is centered on open source distribution without direct commercial offerings. Technically, the site uses jQuery and the jQuery Tools library, hosted on HostGator, with moderate performance and basic mobile optimization. The site lacks HTTPS in the HTML content, uses HTTP for script loading, and does not implement security headers or privacy policies, indicating a low security posture. Google Analytics is used for tracking without visible cookie consent, raising privacy compliance concerns. Overall, the website is professional and functional but requires significant improvements in security and privacy compliance to enhance trust and protect users.

A

Agencija za gospodarenje otpadom d.o.o.

ago-dnz.hr

0

Agencija za gospodarenje otpadom d.o.o. operates as a regional governmental agency responsible for waste management in the Dubrovačko-neretvanska županija region of Croatia. The website serves as an informational and project communication platform, highlighting EU-funded initiatives under the Operational Programme Competitiveness and Cohesion 2014-2020. The agency provides key services including waste management infrastructure development, public education, and regulatory compliance support. Their market position is that of a specialized public sector entity with strong governmental and EU partnerships.

C

Centar za poduzetništvo d.o.o.

czp.hr

0

Centar za poduzetništvo d.o.o. is a regional entrepreneurial support center serving the Dubrovnik-Neretva County in Croatia. The organization focuses on providing a range of services including education, business consulting, credit programs, and assistance with EU funding projects. Their website reflects a government-affiliated entity aimed at fostering entrepreneurship and small business growth in the region. The target audience primarily consists of local entrepreneurs and small business owners seeking support and resources. Technically, the website employs a modern technology stack featuring jQuery, Bootstrap, FontAwesome, and various plugins for enhanced user experience and accessibility. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates Google Analytics and UserWay accessibility tools, indicating a mature digital infrastructure. The website content is well-structured, professionally designed, and includes clear navigation and relevant business information. From a security perspective, the site enforces HTTPS and obfuscates email addresses to reduce spam. However, it lacks explicit security policies and incident response contact details. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with GDPR-aligned privacy and cookie policies and a consent mechanism in place. The website demonstrates a good security posture but could improve by adding formal security documentation and security headers. Overall, the website is trustworthy, professional, and serves its business purpose effectively. The domain registration data aligns with the website's claims, reinforcing legitimacy. Strategic recommendations include enhancing security transparency, publishing incident response information, and maintaining regular security audits to sustain trust and compliance.