Security Directory

D

Digital Freedom Foundation

documentfreedom.org

0

The Digital Freedom Foundation is a non-profit organization dedicated to promoting digital freedoms through global events such as Software Freedom Day, Hardware Freedom Day, and Document Freedom Day. Their website serves as a hub for event information, resources, and advocacy for open standards and user control over digital data. The organization targets individuals and groups interested in open source, open standards, and digital rights advocacy worldwide. Technically, the website is built on Joomla CMS with modern frameworks like Bootstrap and uses Matomo for privacy-conscious analytics. The site is mobile-optimized and provides multilingual support, reflecting a mature digital presence. Security-wise, the site enforces HTTPS and uses domain transfer protection but lacks DNSSEC and security headers, indicating room for improvement in hardening. Privacy compliance is basic, with cookie consent but no detailed privacy or security policies visible. Overall, the site is professional, trustworthy, and well-aligned with its mission, though it could enhance security and compliance transparency.

J

Jonatan Heyman

heyman.info

0

The website heyman.info is a personal technical blog and project showcase maintained by Jonatan Heyman. It features a wide range of technical articles, open source projects, and websites developed by the author, targeting developers and tech enthusiasts. The site has a consistent and professional design with content dating back to 2010, indicating a mature and established personal brand. The business model is primarily content publishing and personal branding with no direct commercial transactions evident. Technically, the site uses a static site generator (likely Pelican), Google Analytics for visitor tracking, and integrates external fonts and scripts for enhanced user experience. The site is mobile optimized and has good SEO practices but lacks explicit privacy and cookie policies. Security posture is moderate with HTTPS enabled but missing security headers and no visible incident response or security policies. Overall, the site is legitimate and trustworthy but could improve compliance and security transparency.

K

Knackeriet Coworking Space - Mariatorget - Stockholm

knackeriet.se

0

The website www.knackeriet.se appears to be a Wix-hosted site with minimal content and no visible business or contact information. The domain WHOIS data is missing or the domain is unregistered, raising significant legitimacy concerns. Technically, the site uses standard Wix scripts and polyfills but lacks security headers and privacy policies. There is no evidence of forms or data collection, and no social media or external business links are present. Overall, the site lacks essential trust and compliance indicators, making it unsuitable for business or customer engagement in its current state.

The Yes Men website represents a small, established activist collective founded in 2000, focusing on creative tactics and partnerships with other activist groups to further social campaigns. The organization provides educational resources, workshops, and media content such as movies and talks. The website is built on Drupal 9, indicating a modern CMS infrastructure, and integrates Google Analytics and Tag Manager with IP anonymization to track user engagement. While the site is professionally designed with good navigation and mobile optimization, it lacks explicit privacy, cookie, and terms of service policies, which are important for compliance and user trust. Security posture is moderate with HTTPS enabled but missing key security headers and incident response information. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the organization.

T

Ton

ton.com.br

0

Ton is a Brazilian fintech company specializing in payment processing solutions including card machines, mobile payment apps, and digital banking services. Positioned as a competitive player in the Brazilian market, Ton offers low transaction fees and integrated financial products targeting small and medium businesses, individual microentrepreneurs (MEI), and legal entities (PJ). The website demonstrates a professional and modern digital presence with comprehensive product information and customer testimonials. Technically, the site leverages modern frameworks such as Next.js and integrates multiple analytics and marketing tools, hosted on AWS infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although explicit security and incident response policies are not publicly available. Overall, Ton presents a trustworthy and well-structured online presence suitable for its target audience.

H

H2G Internetagentur AG

h2g.ch

0

H2G Internetagentur AG is a Swiss-based web agency located in Aarau, specializing in consulting, design, development, and hosting of websites and web applications. The company targets businesses and institutions seeking innovative and user-centric digital solutions. Their market position is that of a reputable regional agency with a diverse client base, including international companies and local institutions. The website reflects a professional and modern digital presence with clear service offerings and client references. Technically, the website employs modern web technologies including JavaScript, SVG graphics, and Matomo for privacy-conscious analytics. The site is well-optimized for mobile devices and demonstrates good SEO and accessibility practices. Hosting appears to be managed internally or via trusted providers, with HTTPS enforced and minimal tracking. From a security perspective, the site uses HTTPS and respects user privacy by disabling cookies in analytics and honoring Do Not Track signals. However, it lacks some advanced security headers and explicit security or incident response policies. No vulnerabilities or suspicious activities were detected. Overall, the website is trustworthy, professional, and compliant with GDPR requirements. The risk profile is low, with recommendations to enhance security headers and add explicit cookie consent mechanisms to further improve privacy compliance and security posture.

T

Tschudi Shipping Company AS

eml.ee

0

Tschudi Shipping Company AS is a well-established, family-owned Norwegian shipping and logistics group with a history dating back to 1883. The company offers a broad range of integrated services including shipping, ship management, transshipment, energy advisory, ocean industries support, offshore wind support, logistics, and financial services. With offices in 12 countries and a strong presence in the Nordics, Baltic, and Continental Europe, Tschudi Group positions itself as a reliable partner for maritime and logistics solutions worldwide. Technically, the website is built on the Webflow platform, utilizing modern web technologies such as jQuery, Google Analytics, and Google Tag Manager. The site is well-optimized for performance, mobile responsiveness, and SEO, providing an excellent user experience. Privacy and cookie policies are clearly presented with consent mechanisms, reflecting good privacy compliance practices. From a security perspective, the site uses HTTPS with good SSL configuration and anonymizes IPs in analytics. However, it lacks explicit security headers and does not provide a dedicated security policy or incident response contact information. The WHOIS data for the domain is incomplete or missing, which raises some concerns about domain registration transparency but does not directly contradict the legitimacy of the business given the strong branding and consistent subsidiary domains. Overall, the website demonstrates a high level of professionalism, trustworthiness, and technical maturity. The main risks relate to domain registration transparency and the absence of detailed security policies. Strategic recommendations include enhancing security headers, publishing incident response contacts, and verifying domain registration details to improve trust and compliance.

M

Mar-Com Rijeka

mar-com.hr

0

Mar-Com Rijeka is a small Croatian IT service company specializing in website creation, IT support, and graphic design with over 20 years of experience. The company targets local businesses and private individuals in Rijeka and surrounding areas, offering modern and affordable IT solutions. Their market position is supported by a portfolio of over 200 successful projects and positive client testimonials. Technically, the website employs modern web technologies such as jQuery, Slick Slider, and Google Fonts, with good mobile optimization and accessibility features including a UserWay widget. Security posture is solid with HTTPS enforced and a cookie consent mechanism in place, though there is room for improvement in security headers and incident response transparency. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, reflecting a mature digital presence for a small IT service provider.

The website ribarstvo.hr serves as the official information system for fisheries in Croatia, operated under the Ministry of Agriculture. It provides a suite of official applications, manuals, and resources aimed at government employees, fisheries professionals, and recreational fishers. The platform is co-financed by the European Maritime and Fisheries Fund, reinforcing its legitimacy and governmental backing. The domain is well-established since 2001 and registered with a reputable Croatian academic network registrar, aligning with the website's official nature. Technically, the site is built on ASP.NET Web Forms technology, featuring standard HTML and CSS with hidden form fields for state management. While the site is functional and content-rich, it shows basic mobile optimization and accessibility. No advanced SEO or modern frameworks are detected. Performance is moderate, and no analytics or tracking scripts are present, indicating minimal user tracking. From a security perspective, the site uses HTTPS (implied by domain and typical government standards), but no explicit security headers are detected in the provided content. There is no visible privacy or cookie policy, which is a compliance gap under GDPR. The absence of contact information and security policies reduces transparency. However, no vulnerabilities or suspicious elements are evident in the HTML content. The WHOIS data confirms domain legitimacy with consistent registration details. Overall, the site is a trustworthy government portal with good business credibility but requires improvements in privacy compliance, security headers, and user contact transparency to enhance its security posture and regulatory adherence.

C

CSL Computer Service Langenbach GmbH d/b/a joker.com

visitnovalja.net

0

visitnovalja.net is an established Croatian hospitality platform specializing in private accommodation listings on the island of Pag. The website offers a comprehensive catalog of apartments, rooms, villas, and family hotels with direct contact options for travelers. It targets tourists seeking affordable and diverse lodging options in popular destinations such as Novalja, Stara Novalja, and surrounding areas. The business model focuses on connecting travelers directly with property owners, avoiding intermediaries. Technically, the site uses a custom CMS with common web technologies including jQuery, Bootstrap, and Google services for analytics and bot protection. The site is mobile optimized and provides a user-friendly search experience. Security posture is moderate with HTTPS enabled and reCAPTCHA integration, but lacks advanced security headers and has minor form input issues. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or GDPR explicit statements. Overall, the domain registration is consistent and supports the legitimacy of the business. Strategic improvements in security and privacy compliance would enhance trust and user safety.

The website www.zrce.info serves as an informational and booking platform focused on the Zrce beach festival and party scene, providing accommodation and event details. It targets general audiences interested in travel and nightlife at Zrce beach. The site uses basic web technologies including jQuery, Bootstrap, and Google Analytics for tracking visitor behavior. However, the technical infrastructure lacks modern security features such as HTTPS and security headers, which exposes visitors to potential risks. The absence of privacy and cookie policies further indicates low compliance with data protection standards. The WHOIS data is unavailable due to a malformed request response, limiting the ability to verify domain registration legitimacy and ownership details, which reduces trustworthiness. Overall, the site is functional but basic in design and content quality, with significant room for improvement in security and compliance.

C

CSL Computer Service Langenbach GmbH d/b/a joker.com

visitpag.net

0

Visitpag.net is an established Croatian online accommodation platform specializing in private rentals on the island of Pag, particularly in Novalja and surrounding areas. The website offers a comprehensive catalog of apartments, rooms, villas, and family hotels with direct booking contact forms, targeting tourists seeking affordable and direct accommodation options. The business operates with a mature domain registered since 2014 and maintains a consistent brand presence with a focus on local hospitality services. Technically, the site uses a custom CMS with common web technologies such as jQuery, Bootstrap, and Google Analytics, providing a moderately optimized user experience including mobile responsiveness. Security posture is basic with HTTPS implied but lacking advanced security headers and best practices, and privacy compliance is minimal with no cookie consent mechanisms despite GDPR applicability. Overall, the site is functional and credible but would benefit from enhanced security and privacy features to improve trust and compliance.

W

WMD HOSTING

wmd.hr

0

WMD HOSTING is a Croatian-based web hosting and domain registration provider offering a range of services including web development, SEO marketing, SSL certificates, and internet marketing. The company targets businesses and individuals seeking comprehensive web solutions, positioning itself as a regional player with promotional offers such as 'Hosting AKCIJA 1+1'. The website demonstrates a good level of digital maturity with modern technologies like Craft CMS, Bootstrap, jQuery, and integration of analytics and chat services. Security posture is solid with HTTPS, CSRF protection, and cookie consent mechanisms, although some security headers and explicit privacy policies are missing. Overall, the site is professional and trustworthy but could improve compliance transparency and contact accessibility.

C

Catalystic

catalystic.cz

0

Catalystic.cz is a small, Czech Republic-based independent platform focused on interdisciplinary research, non-formal education, and public outreach related to exponential changes in technology and society. The website presents a clear business model centered on fostering creativity, criticality, and exponentiality through research initiatives, educational programs, and partnerships. The site uses modern web technologies including Three.js for interactive graphics and is hosted on Forpsi servers with Webflow CMS. While the website is well-designed with good navigation and mobile optimization, it lacks critical compliance documents such as privacy and cookie policies, and does not provide incident response or vulnerability disclosure information. Security posture is moderate with HTTPS assumed but no visible security headers or advanced protections. Overall, the site is professional and trustworthy but could improve compliance and security transparency.

B

Brejlando | take-away divadlo

brejlando.cz

0

Brejlando.cz is a Czech-based small media business specializing in delivering experimental theater recordings through virtual reality technology. The website offers users the ability to experience popular Prague theater performances from the comfort of their homes using modern VR technologies. The business appears to have been founded in 2021, consistent with the domain registration date. The website is built using modern frontend technologies such as Bootstrap and Nuxt.js, providing a good user experience with responsive design and clear navigation. However, the site lacks critical privacy and security policies, including privacy, cookie, and terms of service documents, as well as contact information for users or incident response. No analytics or advertising scripts were detected, indicating minimal user tracking. The domain registration data aligns well with the website content and business profile, supporting legitimacy. Overall, the website is safe for general audiences and professionally presented but requires improvements in privacy compliance and security posture.

B

BRAINZ STUDIOS

brainzstudios.cz

0

Brainz Studios is a medium-sized independent group of creative studios based in Prague, Czech Republic, founded in 2018. They offer a broad range of new media services including digital innovation, strategic communication, VR and AR immersive experiences, and brand building. The company operates multiple specialized studios and incubates startups and platforms, positioning itself as a creative and technological leader in the media industry. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site uses modern frameworks such as Webflow, Vue.js, and GSAP, with integrated analytics and cookie consent mechanisms, indicating good digital maturity. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security headers and policies are absent. Overall, the site demonstrates high professionalism and trustworthiness, with clear contact information and client endorsements. Recommendations include publishing privacy and security policies and enhancing security headers to further improve compliance and security.

P

PagFerry.com

pagferry.com

0

PagFerry.com is a small Croatian website providing up-to-date ferry schedules, real-time ferry status, weather forecasts, and webcam feeds for the Prizna - Žigljen ferry route. It serves a niche audience of travelers and locals seeking reliable maritime transport information. The website is well-branded and consistent, with a clear focus on transportation services in the Croatian region. Technically, the site leverages modern web technologies including AMP for mobile optimization, jQuery, Bootstrap, and integrates third-party services such as Google Analytics and Facebook SDK for analytics and social media engagement. The site is mobile-friendly and offers a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and registers a service worker, but lacks visible security headers and explicit privacy or terms of service pages, which are areas for improvement. The WHOIS data for the domain is missing or indicates the domain may not be registered, which raises concerns about domain legitimacy despite the professional appearance of the site. Overall, the site is functional and useful but would benefit from enhanced security practices and verified domain registration to improve trustworthiness.

The website pag-apartments.info serves as a regional accommodation portal focused on the Island Pag area in Croatia, offering listings of private apartments, rooms, and houses for vacationers. It facilitates direct booking with accommodation owners and targets tourists seeking lodging options on the island. The business model is a niche hospitality listing platform with a small market presence. Technically, the site is built with legacy HTML and CSS, lacking modern frameworks or CMS, and shows poor mobile optimization and accessibility. Security posture is weak, with no HTTPS detected and absence of security headers or privacy policies. No contact information or incident response details are provided, limiting trust and compliance. Overall, the site is functional for its purpose but requires significant improvements in security, privacy, and technical modernization to enhance user trust and compliance.

BitByte, obrt za IT usluge, is a Croatian small IT service provider specializing in computer servicing, network solutions, website development, and fiscal software hosting. The company targets both private and business customers, emphasizing professional diagnostics, OEM parts, and secure fiscal solutions via Remaris Master hosted in their data center. The website reflects a professional and consistent brand image with clear service offerings and distributor partnerships. Technically, the site is built on WordPress using Elementor and Yoast SEO, with HTTPS and Google reCAPTCHA implemented for security. However, the absence of privacy and cookie policies and limited WHOIS transparency due to GDPR reduce the overall privacy compliance and trust slightly. Security headers are not evident, suggesting room for improvement in security posture. Overall, the site is functional, well-structured, and suitable for its business purpose.

C

CARNET

evisitor.hr

0

The www.evisitor.hr website is an official Croatian government platform managed by CARNET, designed to facilitate the registration and deregistration of tourists in Croatia. It serves commercial and non-commercial accommodation providers, integrating with the national authentication system NIAS for secure user login. The platform is well-positioned as a critical digital service in the Croatian tourism sector, providing essential compliance and informational services to stakeholders. Technically, the site employs modern web technologies including JavaScript, CSS, and Kendo UI components, with a focus on accessibility and multilingual support. Security measures include HTTPS enforcement and anti-CSRF tokens, although some advanced security headers and policies are not visibly implemented. Privacy compliance is basic, with terms of service available but no explicit cookie or privacy policies on the login page. Overall, the site demonstrates a strong business credibility and trustworthy government affiliation, with a moderate to good technical and security posture.

Pag Outdoor is a small Croatian tourism and outdoor activity provider specializing in kayaking and related experiences on the island of Pag. The website is professionally designed using WordPress with Elementor and Astra theme, supporting multiple languages and optimized for SEO with structured data. The technical infrastructure is modern but lacks some security best practices such as security headers and explicit privacy policies. The security posture is moderate with HTTPS enabled but could be improved with additional headers and vulnerability disclosures. The domain WHOIS data is missing, which raises concerns about registration transparency and trustworthiness. Overall, the website serves its business purpose well but should enhance privacy compliance and security transparency to improve trust and compliance.

H

Human interaction company

burza.hr

0

Human interaction company is a specialized technology service provider focusing on AI and human-computer interaction solutions. The company positions itself as an end-to-end AI partner, offering services from concept through implementation. Their market presence is supported by global awards and a professional online presence, targeting businesses seeking advanced AI integration with human-centric design. Technically, the website is built on modern frameworks such as Next.js and integrates multiple analytics and tracking tools, indicating a mature digital infrastructure. The site is mobile-optimized and demonstrates good SEO practices. Security-wise, the site uses HTTPS and modern analytics scripts but lacks explicit security headers and published security policies, suggesting room for improvement in security posture. The WHOIS data is missing or privacy protected, which slightly reduces trust but is not uncommon for tech companies. Overall, the website is professional, secure, and compliant with privacy regulations, though it could benefit from enhanced transparency in security and terms of service documentation.

E

Eesti Hotellide ja Restoranide Liit

ehrl.ee

0

Eesti Hotellide ja Restoranide Liit (EHRL) is the largest professional association representing the hospitality sector in Estonia, including hotels, restaurants, schools, and supporting members. The organization focuses on advocacy, information dissemination, and training to support its members and the broader hospitality industry. The website reflects a mature digital presence with content primarily in Estonian and an English alternative, targeting hospitality businesses and professionals in Estonia. The business model is membership-based, emphasizing industry representation and service provision. The domain age and WHOIS data support the legitimacy and established nature of the organization. Technically, the website is built on WordPress 6.8.2 with common plugins such as Yoast SEO and CookieYes for cookie consent management. It uses modern JavaScript libraries like jQuery and Swiper for UI components. The site is hosted under Zone Media OÜ, a known Estonian registrar and hosting provider. Performance and mobile optimization are good, though accessibility features are basic. SEO is well addressed with proper meta tags and structured data. From a security perspective, the site enforces HTTPS and implements a detailed cookie consent mechanism, including granular user controls. However, no explicit security headers were detected, and there is no visible security policy or incident response contact information. No vulnerabilities or exposed sensitive data were found in the HTML content. The site uses tracking tools such as Google Analytics and Facebook Pixel, with moderate user tracking levels and basic privacy compliance. Overall, the website is professional, trustworthy, and aligned with its business purpose. The main risks relate to the absence of a published privacy policy and security headers, which could be improved to enhance compliance and security posture. The site is safe for general audiences with no adult or questionable content.

The website tallinn.ee is currently inaccessible due to a Cloudflare Turnstile human verification challenge page, which blocks access to the actual content. The domain is registered to Spin TEK AS, an Estonian company, consistent with the .ee country code top-level domain. The domain was created in 2010, indicating an established presence likely related to government or municipal services. Due to the access block, no business descriptions, contact information, or policies are visible on the site. The technical infrastructure includes Cloudflare security and analytics services, but no CMS or frameworks are detectable from the challenge page. Security posture cannot be fully assessed, but the presence of Cloudflare indicates some level of protection. Privacy and cookie policies are not found, and no contact or incident response information is visible. Overall, the site appears legitimate but inaccessible for detailed analysis.

E

Eesti E-kaubanduse Liit

e-kaubanduseliit.ee

0

Eesti E-kaubanduse Liit is a well-established non-profit association uniting over 530 reputable e-commerce businesses in Estonia, operating for more than 16 years. The organization focuses on fostering collaboration, trust, and growth within the Estonian e-commerce sector by providing education, events, legal guidance, and a recognized trustmark certification called 'Turvaline ostukoht'. The website reflects a mature market position with strong community engagement and a clear mission to improve the e-commerce ecosystem in Estonia. Technically, the site is built on Webflow, leveraging modern web technologies and Google Tag Manager for analytics and consent management. The site is mobile-optimized, accessible, and professionally designed, providing a positive user experience. Security posture is strong with HTTPS enforced and a comprehensive cookie consent mechanism integrated with Google Consent Mode, although some security headers could be improved. No critical vulnerabilities or suspicious patterns were detected. Overall, the website and business demonstrate high credibility and trustworthiness.

M

Ministarstvo gospodarstva i održivog razvoja Republike Hrvatske

mingor.hr

0

The website mingor.hr/login serves as a secure login portal for the Nextcloud platform used by the Ministry of Economy and Sustainable Development of the Republic of Croatia. It provides government employees and authorized users with a safe environment for data storage and collaboration. The site leverages modern web technologies including Vue.js and Nextcloud version 30, hosted by CARNET, the Croatian Academic and Research Network. The domain registration data aligns well with the government entity, confirming legitimacy and trustworthiness. Technically, the site demonstrates good security practices such as HTTPS enforcement, Content Security Policy with nonce, and session management. However, it lacks publicly accessible privacy, cookie, and terms of service policies, as well as contact or incident response information, which are important for compliance and user trust. The site is minimalistic as expected for a login page, with no advertising or tracking scripts detected, indicating a focus on privacy and security. Overall, the security posture is strong with no obvious vulnerabilities detected in the provided content. The site is well-optimized for mobile and has a professional design consistent with government branding. The main risks relate to the absence of visible privacy and compliance documentation, which should be addressed to improve transparency and regulatory adherence.

R

Regional Development Agency DUNEA LLC.

dubrovnik-neretva.eu

0

The website represents the official Representation Office of the Dubrovnik-Neretva Region in Brussels, serving as a liaison and promotional platform for the region within the European Union. It highlights the Regional Development Agency DUNEA, which coordinates sustainable development and project management for the region. The site targets regional stakeholders, investors, EU institutions, and the general public interested in regional development. Technically, the site is built on Joomla CMS with a modern but moderate tech stack including Bootstrap, jQuery, and Revolution Slider, offering good mobile optimization and user experience. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional, trustworthy, and content-rich but would benefit from enhanced privacy and security measures.

Europe Direct Dubrovačko-neretvanske županije operates as a regional EU information center in Croatia, providing citizens with access to EU-related information, events, and services. The website serves as a communication platform to engage the public in discussions about the European Union's future and policies. It is funded by the European Union and acts as a trusted source for regional EU news and resources. The organization targets local citizens and stakeholders interested in EU affairs, promoting transparency and participation.

P

Printshop • Digitalni tisak

printshop.hr

0

Printshop.hr is a Croatian digital printing service provider established in 2014, offering a wide range of business and promotional printing products such as business cards, flyers, posters, and canvas prints. The company operates an e-commerce platform allowing customers to calculate prices and order online, targeting businesses and individuals within Croatia. The website is professionally designed with good navigation, mobile optimization, and relevant content focused on its core services. Technically, the site uses modern web technologies including Bootstrap, Google Analytics, Microsoft Clarity, and October CMS, hosted likely within Croatia under the CARNET registrar. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is good with visible privacy and cookie policies aligned with GDPR requirements. No critical vulnerabilities or suspicious indicators were found. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

F

Fond za zaštitu okoliša i energetsku učinkovitost

fzoeu.hr

0

Fond za zaštitu okoliša i energetsku učinkovitost is a Croatian governmental fund dedicated to environmental protection and energy efficiency. Established in 2004, it serves as a national authority providing funding, regulatory oversight, and public information related to waste management, renewable energy, and environmental sustainability. The website offers comprehensive resources including public tenders, announcements, and educational content targeting Croatian citizens, businesses, and public institutions. The organization maintains a consistent and professional online presence aligned with its governmental role. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, with Google Analytics integrated for user tracking under a compliant cookie consent mechanism. Hosting and DNS services are supported by Cloudflare, ensuring reliable performance and security. The site is mobile optimized and includes accessibility features enhancing usability for diverse users. From a security perspective, the website enforces HTTPS and implements cookie consent, but lacks visible security policy documentation and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the organization's Croatian governmental identity, enhancing trustworthiness. Overall, the website presents a secure, professional, and informative platform supporting the fund's mission. Strategic improvements include publishing explicit security policies, incident response information, and enhancing security headers to further strengthen the security posture.

T

Tera Tehnopolis d.o.o.

tera.hr

0

Tera Tehnopolis d.o.o. is a Croatian business incubator and technology transfer organization established in 2003, focused on promoting innovation, entrepreneurship, and the connection between science and the economy. The company offers a range of services including business incubation, technology transfer, consulting, education, and 3D laboratory services, targeting entrepreneurs, startups, and SMEs primarily in the Osijek region and beyond. The website demonstrates a professional digital presence with consistent branding and active social media channels. Technically, the site is built on WordPress with modern plugins and SEO tools, providing moderate performance and good mobile optimization. Security posture is adequate with HTTPS and basic best practices, but lacks published security policies and vulnerability disclosure mechanisms. Privacy compliance is weak due to absence of explicit privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

Zakon.hr is a well-established Croatian legal information portal operated by cyber_Folks d.o.o., providing comprehensive access to laws, regulations, and legal documents. The website targets legal professionals, businesses, and the general public seeking reliable legal information. It maintains a strong market position as a leading legal resource in Croatia, supported by updated content and a related AI legal assistant service, Zakon.ai. The business model appears to be a combination of subscription and advertising revenue streams.

V

Vodovod i kanalizacija d.o.o.

vik-ka.hr

0

Vodovod i kanalizacija d.o.o. Karlovac is a well-established regional utility company founded in 2002, providing water supply and sewage management services primarily in Karlovac and surrounding areas in Croatia. The company emphasizes quality and environmental responsibility, as evidenced by its ISO 9001 and ISO 14001 certifications. Their website reflects a professional and user-focused approach, offering comprehensive information, customer support, and transparency through detailed policies and contact channels. Technically, the site uses Joomla CMS with modern web technologies and is hosted behind Cloudflare, ensuring good performance and security. The presence of cookie consent and privacy policies indicates compliance with GDPR regulations. However, explicit security policies and incident response contacts are not found, representing an area for improvement. Overall, the website and business demonstrate high legitimacy and trustworthiness with a solid digital presence.

STEM Practice is a technology company specializing in building a Private AI Reasoning Grid, enabling businesses and communities to deploy AI in a private and sovereign manner. They partner with Oracle to leverage Oracle Dedicated Region and Exadata systems, deploying AI infrastructure in distributed regional datacenters. Their business model focuses on transforming underutilized colocation facilities into AI inference nodes, emphasizing power-efficient AI software that significantly reduces energy consumption. The website is professionally designed, mobile-optimized, and provides rich content including downloadable whitepapers and datasheets, reflecting a mature digital presence. Technically, the website uses modern frontend technologies such as Tailwind CSS, Alpine.js, and Chart.js, built with the Hugo static site generator. The site demonstrates good performance, accessibility, and SEO practices. Security posture is strong with HTTPS enforced and secure form handling, though explicit security headers and vulnerability disclosure policies are absent. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the security posture is solid with no visible vulnerabilities or exposed sensitive data. The WHOIS data is privacy protected, which is common for technology companies, and does not raise immediate concerns. The site maintains credible partnerships and trust indicators, supporting its legitimacy. Strategic recommendations include enhancing privacy compliance with cookie consent, publishing security policies, and adding explicit security headers to further strengthen security. This analysis concludes that STEM Practice operates a credible, professional, and secure online presence aligned with its advanced technology business focus.

Ampere Computing is a technology company specializing in cloud native processors designed for efficient and scalable performance in data centers and edge computing environments. Founded in 2017, the company positions itself as a provider of high-efficiency CPUs that meet the growing demands of cloud computing with minimal resource consumption. The website reflects a modern, professional digital presence built on contemporary web frameworks such as Next.js and Chakra UI, hosted on Microsoft Azure infrastructure. The site is well-optimized for performance and mobile responsiveness, providing a good user experience with clear navigation and relevant content focused on their core business offerings. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms via OneTrust, indicating a baseline commitment to privacy compliance. However, explicit privacy policies, terms of service, and security policies are not found, which represents an area for improvement. The WHOIS data shows a consistent domain registration history aligned with the company's founding date, with standard registrar protections but lacking DNSSEC, which could enhance DNS security. Overall, the security posture is solid but could be strengthened by publishing formal security and privacy documentation, adding vulnerability disclosure mechanisms, and enabling DNSSEC. The absence of direct contact information and social media links on the main page limits immediate user engagement and trust signals. The website content is safe, professional, and targeted at a general audience interested in cloud computing technologies.

R

Runa Capital

runacap.com

0

Runa Capital is a well-established global venture capital firm specializing in early-stage investments in software and deep tech startups. With over $600 million in assets under management and a presence in multiple countries, the firm targets deeptech, enterprise software, and fintech infrastructure sectors. The website reflects a professional and consistent brand image, supported by a modern WordPress infrastructure and comprehensive SEO optimization. The firm maintains multiple global offices, reinforcing its international market position. Technically, the website employs a modern tech stack including Google Analytics, HubSpot, and Cloudflare DNS services, ensuring good performance and mobile optimization. The site is secured with HTTPS and domain registration protections, although DNSSEC is not enabled. Privacy compliance is partially addressed with a clear privacy policy, but lacks a cookie consent mechanism and explicit security policies. Security posture is solid with no visible vulnerabilities or exposed sensitive data, but could be improved by adding security headers, vulnerability disclosure policies, and incident response contacts. Overall, the website is trustworthy and professional, with moderate user tracking and good advertising transparency. Strategically, Runa Capital should focus on enhancing privacy compliance and security transparency to align with evolving regulatory requirements and improve user trust further.

A

Age-Friendly University Global Network

afugn.org

0

The Age-Friendly University Global Network is a non-profit organization focused on promoting positive and active aging through higher education institutions worldwide. The website serves as a hub for membership, resources, research, and advocacy related to age-friendly university principles. The network is affiliated with Arizona State University, which adds credibility and institutional support. The website is built on the Squarespace platform, featuring a professional design, clear navigation, and mobile optimization. However, the absence of a privacy policy and WHOIS registrant data limits full trust verification. Security posture is strong with HTTPS and HSTS enabled, but lacks explicit security policies or incident response contacts. Overall, the site is suitable for its educational and non-profit mission but could improve compliance and transparency.

Y

Yufe

yufe.hr

0

YUFE (Young Universities for the Future of Europe) is a European University Alliance comprising 10 partner universities, focused on providing innovative educational opportunities, civic engagement activities, and staff development across Europe. The alliance is recognized by the European Commission and aims to add a European dimension to studies and careers. The website is professionally designed, content-rich, and well-structured, targeting students, researchers, academic staff, citizens, and organizations. It leverages modern web technologies including WordPress, Google Tag Manager, and multimedia embeds to deliver an engaging user experience. Security posture is good with HTTPS and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is evident with GDPR-aligned policies and cookie management. The domain is privacy-protected under EURid, which is typical for .eu domains and justified for this type of organization. Overall, the website presents a trustworthy and credible digital presence for an educational alliance.

S

Sveučilšni računski centar - Srce

croris.hr

0

CroRIS is an official Croatian government-supported information system dedicated to the science sector, providing comprehensive data on researchers, projects, publications, and scientific infrastructure. It is operated by the University Computing Centre Srce in partnership with the Ministry of Science and Education and other academic institutions. The platform serves as a central hub for scientific data in Croatia, targeting researchers, academic institutions, and government stakeholders. Technically, the website employs modern web technologies including jQuery, Bootstrap, and Font Awesome, with a custom-built CMS and good mobile and accessibility support. Security measures include HTTPS, CSRF protection, and SAML2 authentication for user login, though some security headers and explicit cookie consent mechanisms are missing. The domain registration is consistent with the official nature of the site, registered under CARNET with Croatian country code and appropriate age. Overall, the site is professional, trustworthy, and well-positioned as a national science information resource.

Y

Yufe

yufe.eu

0

YUFE (Young Universities for the Future of Europe) is a European University Alliance comprising 10 partner universities. The organization focuses on providing innovative educational programs, including on and offline university-level courses, civic engagement activities, language courses, and staff development opportunities across Europe. The website presents a professional and well-structured digital presence, targeting students, researchers, academic staff, citizens, and organizations interested in European higher education collaboration. Technically, the site is built on WordPress with modern integrations such as Google Tag Manager, Mailchimp, and video embeds from Vimeo and YouTube, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and privacy compliance mechanisms in place, although no explicit security policy or incident response contacts are published. Overall, the site is trustworthy, well-branded, and compliant with GDPR, supporting its role as a reputable educational alliance.

Die Schlösserstrasse is a regional development association focused on promoting cultural tourism and heritage sites, specifically castles and fortresses in Southeast Austria and Slovenia. The website serves as an information hub for tourists and cultural enthusiasts, offering event announcements, booking options, and educational content. The organization appears to have a solid market position within its niche, supported by regional tourism partners and a network of castles. Technically, the website uses basic web technologies such as jQuery and JavaScript, with moderate performance and basic mobile optimization. Security posture is average, with no HTTPS or security headers information available from the provided data, and no cookie consent mechanism detected despite EU audience relevance. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy, although the website content and partner references suggest a legitimate operation. Overall, the site is professional and trustworthy but would benefit from improved technical and security measures.

The website www.prekmurjevsrcu.si is a small regional cultural site dedicated to the Prekmurje Slovene community, emphasizing cultural unity with the mother nation. The site is modest in content and design, primarily serving informational and community awareness purposes. It does not appear to operate as a commercial business and lacks detailed business information or contact channels. Technically, the site uses common frontend libraries such as jQuery, Bootstrap, Font Awesome, Fancybox, and Owl Carousel, indicating a basic but functional technical infrastructure. The site is mobile responsive and moderately performant but lacks advanced SEO and accessibility features. Security posture is weak due to the absence of HTTPS enforcement information, security headers, and privacy or cookie policies. No contact or incident response information is provided, limiting trust and compliance. Overall, the site is safe with no adult or questionable content but requires significant improvements in security, privacy compliance, and business transparency to enhance credibility and user trust.

Z

Zavod za kulturo, turizem in šport Murska Sobota

visitmurskasobota.si

0

Visit Murska Sobota is a regional tourism and cultural promotion website managed by the Zavod za kulturo, turizem in šport Murska Sobota. The site provides comprehensive information about local events, sustainable transport options, accommodation, dining, and cultural experiences targeting tourists and local visitors. The business operates as a small regional institute focused on enhancing the visibility and attractiveness of Murska Sobota and the Pomurje region. Technically, the website is built on WordPress with multilingual support and integrates common marketing and analytics tools such as Google Analytics and Tag Manager. The site is hosted by NEOSERV.si, a Slovenian hosting provider, and uses HTTPS with a good SSL configuration. Security posture is adequate with cookie consent and GDPR compliance, though it lacks some security headers and has an expired Instagram API token causing feed errors. Overall, the website is professional, trustworthy, and well-structured, with clear contact information and partner affiliations. Strategic improvements include renewing third-party API tokens, enhancing security headers, and improving accessibility features.

Museums.SI is a Slovenian cultural heritage portal operated by Semantika d.o.o., providing comprehensive information about museums, galleries, exhibitions, collections, educational programs, articles, authors, and virtual exhibitions in Slovenia. The website serves as a national platform to promote Slovenian cultural institutions and their activities to the general public and cultural enthusiasts. Technically, the site is built on the DNN CMS platform, utilizing Bootstrap and jQuery libraries, and integrates Google Analytics for visitor tracking. The site is mobile optimized with a moderate performance profile and basic accessibility features. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit security policies. Privacy compliance is basic with a privacy policy available in Slovenian and a cookie consent banner. No contact emails or phone numbers are explicitly provided on the homepage, which may affect direct communication. Overall, the website is professional, trustworthy, and safe for general audiences.

3

Trije gradovi,dve deželi,ena zgodba - 321 Go

321go.si

0

The website www.321go.si is a Slovenian regional or cultural site, likely focused on tourism or local heritage, as indicated by the title 'Trije gradovi,dve deželi,ena zgodba - 321 Go'. The domain was registered in 2019 with a local Slovenian registrar, consistent with the website's regional focus. The site is multilingual, offering Slovenian, English, and German versions. Technically, the site is built on WordPress and uses WPRocket for optimization, with Google Analytics integrated for visitor tracking. However, the site lacks visible privacy and cookie policies, and no contact information is explicitly provided in the analyzed content. Security headers are not detected, and SSL configuration details are not available, though HTTPS is used. Overall, the site presents good design and user experience but has gaps in privacy compliance and security best practices.

D

e-Documenta Pannonica – Čezmejna baza podatkov o kulturni dediščini izbranih 120 krajev na čezmejnem slovensko-madžarskem območju – Prekmurja v Sloveniji in Železne županije na Madžarskem

documenta-pannonica.si

0

The website www.documenta-pannonica.si serves as a cross-border cultural heritage database focusing on 120 selected locations in the Slovenian-Hungarian border region, specifically Prekmurje in Slovenia and the Železna županija in Hungary. It provides detailed information on archival materials, immovable and intangible cultural heritage, notable personalities, and audio-visual content. The platform targets researchers, historians, and cultural enthusiasts interested in this niche area. The multilingual support (Slovenian, Hungarian, English) enhances accessibility for a broader audience. Technically, the site is built on WordPress with common plugins for multilingual content and GDPR cookie compliance, hosted by a Slovenian provider. Performance is moderate with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS and cookie consent but lacks visible security headers and formal privacy or security policies. Analytics are implemented via Google Analytics with moderate user tracking. Overall, the site is professionally designed with consistent branding and trustworthy content, though it would benefit from enhanced privacy documentation and security hardening.

P

Pikant

pikant.hr

0

Pikant is a Croatian design and marketing studio providing a broad range of creative and IT services including web design, graphic design, product design, branding, IT support, and marketing consulting. The company positions itself as a regional leader with a focus on quality and client satisfaction, serving businesses primarily in Croatia and the EU. The website is professionally designed, mobile-optimized, and provides clear contact information and client references. Technically, the site uses modern web technologies such as Google Fonts, Revolution Slider, and Cognito Forms for contact management, with Google Analytics for traffic analysis. Security posture is good with HTTPS enabled and secure form handling, though some security headers and cookie consent mechanisms are missing. The WHOIS data is privacy protected due to GDPR, which is justified for this business type. Overall, the website reflects a legitimate, small-sized business with a solid digital presence.

H

Hrvatska katolička mreža

hkm.hr

0

Hrvatska katolička mreža (HKM) is a Croatian Catholic media organization providing news, spiritual content, and cultural commentary focused on the Catholic Church and related topics. The website serves as a central hub for Croatian-speaking audiences interested in religious life, evangelization, and social issues aligned with Church teachings. HKM maintains a professional online presence with multiple related partner sites and active social media channels. Technically, the site is built on WordPress with modern SEO and analytics tools, offering a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enforced, though some security headers and cookie consent mechanisms are missing. WHOIS data is unavailable due to GDPR and request limits, which is common for EU domains, but the website content and structure indicate legitimacy. Overall, HKM is a credible media outlet with a solid digital infrastructure and trustworthy content.

D

Direktno.hr

direktno.hr

0

Direktno.hr is a Croatian news media website delivering a wide range of news content including politics, local news, sports, and international affairs. The site targets a general Croatian-speaking audience and operates primarily on an advertising-supported business model. It holds a moderate market position as a regional news outlet with a medium-sized operation. The website features a professional design with consistent branding and good content quality, supporting user engagement and trust. Technically, the website employs a modern technology stack including Google Analytics, Google Tag Manager, Facebook SDK, Chartbeat, Hotjar, and New Relic for performance monitoring. It appears to be built on the Newscoop CMS platform, which is common for news organizations. The site is mobile optimized and performs moderately well, with basic accessibility and good SEO practices. From a security perspective, Direktno.hr enforces HTTPS and implements standard security headers such as Content-Security-Policy and Strict-Transport-Security. There is no evidence of exposed sensitive data or vulnerable libraries in the HTML content. However, the site lacks a dedicated security policy page, vulnerability disclosure program, and explicit incident response contacts, which are areas for improvement. Overall, the website is legitimate and trustworthy, with privacy policies and cookie consent mechanisms in place to comply with GDPR. The WHOIS data is privacy protected, which is justified given the EU jurisdiction and media nature of the site. No WAF or blocking mechanisms were detected, allowing full content access. Strategic recommendations include enhancing security transparency, improving accessibility, and maintaining regular audits of third-party scripts to mitigate risks.