Security Directory

H

Hrvatski zavod za zdravstveno osiguranje

hzzo.hr

0

Hrvatski zavod za zdravstveno osiguranje (HZZO) is the Croatian Institute for Health Insurance, a government entity responsible for providing mandatory and supplementary health insurance services to Croatian citizens and business entities. The website serves as a comprehensive portal offering information on health insurance, parental support, e-health services, and access to various forms and contact points. It targets both individual citizens and business partners, positioning itself as the national authority in health insurance within Croatia. Technically, the website is built on Drupal 11 CMS, utilizing modern web technologies including jQuery, Hotjar for user behavior analytics, and Google Tag Manager for marketing and analytics integration. The site is mobile optimized, accessible, and well-structured with clear navigation and professional design. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While explicit security headers like Content-Security-Policy are not clearly detected, the site follows good security practices typical for government portals. No vulnerabilities or exposed sensitive data were found in the HTML content. However, incident response and security policy pages are not publicly available, which could be improved. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. The lack of WHOIS data is due to GDPR restrictions and does not detract from the legitimacy of the domain, which is a Croatian government domain. Strategic recommendations include enhancing security header implementation, publishing security and incident response policies, and adding a vulnerability disclosure policy to improve transparency and security posture.

Općina Krapinske Toplice operates an official municipal website providing comprehensive information and services to residents and stakeholders of the Krapinske Toplice municipality in Croatia. The site offers detailed administrative content including organizational structure, public notices, procurement, and community engagement resources. The website is positioned as a local government authority portal, serving a small-sized municipality with a focus on transparency and public service. Technically, the site is built on WordPress CMS using Elementor page builder, leveraging modern web technologies such as jQuery and Font Awesome for UI elements. Hosting and domain registration are consistent with a Croatian academic network provider, ensuring local presence and legitimacy. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though improvements in security headers and incident response documentation are recommended. Privacy compliance is supported by clear privacy and cookie policies, though a cookie consent mechanism is absent. Overall, the website is professional, trustworthy, and safe for general audiences, with a good balance of content quality and technical implementation.

N

Narodne novine d.d.

nn.hr

0

Narodne novine d.d. is a well-established Croatian company with a 190-year tradition specializing in official government publications, legal books, educational programs, and commercial office supplies. The company serves government entities, legal professionals, and the general public, maintaining a strong market position as the official publisher of Croatia. The website reflects this professional stature with comprehensive content and a consistent brand image. Technically, the site uses legacy technologies such as jQuery 1.8.2 and bxSlider, with Google Analytics and Tag Manager for user tracking. While the site is functional and moderately optimized for mobile, there is room for modernization and improved accessibility. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and updated libraries. Privacy compliance is adequate with a clear privacy policy but lacks a cookie consent mechanism. Overall, the site is trustworthy and professional, with a solid digital presence aligned with the company's business model and sector.

P

Povjerenik za informiranje

pristupinfo.hr

0

The website pristupinfo.hr serves as the official online presence of the Croatian Commissioner for Information, providing comprehensive resources related to the right of access to information. It targets both users seeking information and public authorities, offering legal frameworks, educational webinars, open data initiatives, and event calendars. The site is well-positioned as a government transparency and information access portal with a medium organizational size and a founding date consistent with its domain registration in 2013. Technically, the site is built on WordPress with a modern tech stack including Yoast SEO, Google Analytics, and Fusion Builder. It is hosted by CARNET, a reputable Croatian academic network, ensuring reliable infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for form protection. However, it lacks some advanced security headers and does not publish explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is trustworthy, professional, and aligned with its governmental role. Strategic improvements in privacy compliance, security policy transparency, and enhanced security headers would further strengthen its posture.

The website www.rogatec.si serves as the official digital presence for the Zavod za kulturo, turizem in razvoj Rogatec, a local government entity focused on cultural heritage, tourism, and community development in Rogatec, Slovenia. It provides comprehensive information about local attractions, events, visitor programs, and public procurement, positioning itself as a key resource for tourists and residents alike. The site demonstrates a strong commitment to cultural promotion and community engagement through detailed event calendars, virtual tours, and craft center offerings. Technically, the website is built on a modern WordPress platform with a robust tech stack including Yoast SEO, event calendar plugins, and GDPR compliance tools. It integrates well-known marketing and analytics services such as Google Analytics, Google Tag Manager, and Facebook Pixel, indicating a mature digital marketing approach. The site is mobile-optimized, accessible, and SEO-friendly, ensuring a positive user experience across devices. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not fully confirmed, the presence of security plugins and absence of exposed sensitive data suggest a reasonable security posture. No critical vulnerabilities or suspicious activities were detected. The WHOIS data aligns well with the website's claims, showing a consistent and legitimate registration history. Overall, www.rogatec.si is a professionally managed, secure, and compliant website that effectively supports its mission of cultural and tourism promotion. Strategic recommendations include enhancing security headers, maintaining up-to-date software, and improving incident response visibility to further strengthen its security and trustworthiness.

R

Razvojna agencija Sotla

ra-sotla.si

0

Razvojna agencija Sotla is a Slovenian regional development agency established in 2003, focusing on regional development programs, entrepreneurship support, and project management primarily in the Obsotelje and Kozjansko regions. The agency operates as a non-profit entity serving local governments, entrepreneurs, and community stakeholders. Their website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to their target audience. Technically, the site is built on WordPress using modern plugins such as Elementor and Events Manager, ensuring good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and standard security headers present, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is trustworthy, compliant with GDPR cookie requirements, and free from suspicious indicators.

M

MAMFORCE

incq-all.com

0

INC.Q, operated by MAMFORCE, is a recently established company (founded in 2023) specializing in Diversity, Equity, and Inclusion (DEI) certifications, consulting, and training services. The company positions itself as a leader in DEI initiatives across Europe, offering a range of services including DEI certification, equal pay certification, ESG data reporting, and employer branding. The website reflects a professional and consistent brand image, targeting businesses seeking to improve their DEI practices and employee engagement. The digital infrastructure is built on WordPress with modern marketing and analytics integrations, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and some best practices, though improvements such as enabling DNSSEC and publishing security policies are recommended. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the website is trustworthy and professionally maintained, though the domain is very new, aligning with the company's recent founding.

A

Askly OÜ

askly.me

0

Askly OÜ operates a professional SaaS platform providing AI-powered multilingual chat and customer support solutions primarily targeting e-commerce and retail businesses. The website demonstrates a strong market position with numerous notable clients and testimonials, emphasizing ease of use, automation, and enhanced customer engagement. The company leverages modern digital marketing and analytics tools, including Google Analytics, Facebook Pixel, Hotjar, and FullStory, indicating a mature digital infrastructure. The technical implementation is robust, with responsive design, fast performance, and comprehensive SEO and accessibility features. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and explicit security policies are absent. WHOIS data is unavailable due to privacy protection, which is typical for SaaS providers, but the website content and business presence support legitimacy. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

M

Ministerie van Algemene Zaken

government.nl

0

The website government.nl serves as the official online portal for the Government of the Netherlands, managed by the Ministerie van Algemene Zaken. It provides comprehensive information on government services, policies, immigration, housing benefits, citizenship, and current news. The site targets a broad audience including residents, expatriates, and businesses interacting with Dutch government entities. It holds a strong market position as the authoritative source of government information in the Netherlands. Technically, the website employs modern JavaScript libraries such as jQuery UI and integrates Piwik PRO analytics and Pastease survey tools, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and performs well with fast loading times. The CMS is not explicitly identified but appears to be a custom or government-specific platform. From a security perspective, the site enforces HTTPS and employs secure forms without visible vulnerabilities. However, explicit security headers and a dedicated security policy page are absent, and no incident response contacts are provided. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. No vulnerabilities or suspicious domains were detected. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance suitable for a government entity. Strategic recommendations include enhancing security headers, publishing a security policy, and providing incident response contacts to further strengthen the security posture.

B

Baltic Human Rights Society

baltichumanrights.org

0

Baltic Human Rights Society (BHRS) is a non-profit organization dedicated to promoting human rights awareness and education in Latvia and the broader Baltic region. The organization focuses on fostering a culture of human rights through educational initiatives, advocacy, and collaborative projects with regional and international partners. The website reflects a well-structured platform aimed at human rights educators, activists, NGOs, and the general public interested in human rights issues. BHRS maintains partnerships with reputable European and Baltic institutions, enhancing its credibility and regional influence. Technically, the website employs standard web technologies including jQuery and SVG4Everybody for compatibility and user experience enhancements. It features a cookie consent mechanism compliant with GDPR principles, although no advanced security headers or analytics services are detected. The site is mobile-optimized with good navigation and content quality, though SEO and accessibility could be improved. The WHOIS data is unavailable or restricted, which limits domain trust verification but does not detract significantly from the site's legitimacy given the content and partner affiliations. From a security perspective, the site uses HTTPS (assumed from canonical URLs and modern standards) and implements cookie consent with opt-in, indicating privacy awareness. However, the absence of visible security headers and incident response contacts suggests room for improvement in security posture. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the site presents a moderate security maturity level appropriate for a non-profit educational organization. The overall risk assessment is low, with the primary concern being the lack of WHOIS transparency and limited security policy disclosures. Strategic recommendations include enhancing security headers, publishing explicit security and privacy policies, and providing clear contact information for incident response. These steps would improve trust and compliance, supporting BHRS's mission and stakeholder confidence.

S

Swedish Council for Higher Education

nordplusonline.org

0

Nordplusonline.org is the official platform for Nordic-Baltic educational collaboration, administered by the Swedish Council for Higher Education on behalf of the Nordic Council of Ministers. The website facilitates funding applications, project management, and dissemination of educational projects and events within Nordic and Baltic countries. It targets educational institutions and project coordinators seeking collaboration and funding opportunities. The platform holds a strong market position as an official government-backed initiative with a clear focus on education and regional cooperation. Technically, the website employs modern web technologies including Bootstrap for responsive design, privacy-friendly Plausible Analytics for user insights, and Klaro for cookie consent management. The CMS appears to be Episerver, indicating a mature content management infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance. Hosting and domain registration are consistent with a legitimate government-related entity. From a security perspective, the site uses HTTPS with a good SSL configuration and enforces clientTransferProhibited status on the domain. Cookie consent mechanisms and privacy policies are in place, reflecting GDPR compliance. However, DNSSEC is not enabled, and security headers are not explicitly detected, suggesting room for improvement. No critical vulnerabilities or exposed sensitive data were found. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic recommendations include enabling DNSSEC, publishing explicit security policies, and adding terms of service to enhance transparency and trust.

C

Cilvēktiesību gids

cilvektiesibugids.lv

0

The website www.cilvektiesibugids.lv is a Latvian human rights guide providing educational content on various human rights topics and everyday situations. It targets the general public interested in human rights education and operates as a non-profit entity. The platform offers thematic articles, rights information, court practice summaries, and interactive tests in Latvian, Russian, and English. Technically, the site uses modern web technologies including self-hosted Matomo analytics for privacy-conscious tracking, Google Fonts, and cookie consent mechanisms. The design is professional, mobile-optimized, and accessible, with clear navigation and multilingual support. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published security policies. No vulnerabilities or suspicious content were detected. Overall, the site is trustworthy and serves as a valuable educational resource in the human rights domain.

S

SEO.Domains

seo.domains

0

SEO.Domains operates a leading global marketplace specializing in aged and expired domains, boasting ownership of approximately 70% of the global supply with over 150,000 domains. Their services cater primarily to SEO professionals, digital marketers, and agencies seeking domains for PBNs, 301 redirects, or money sites, alongside backlink offerings and managed SEO services. The company has established a strong market position since its founding in 2014, supported by multiple registrar accreditations and a broad international client base.

WBS.LEGAL is a well-established German law firm specializing in media, internet, e-commerce, and related legal fields with over 30 years of experience. The firm operates nationwide with a strong digital presence, offering comprehensive legal services and free initial consultations. Their website reflects a professional and trustworthy brand with extensive content, client testimonials, and active social media engagement. Technically, the site is built on WordPress with modern frameworks and integrates multiple analytics and marketing tools, ensuring good performance and user experience. Security posture is solid with HTTPS and consent management, though explicit security headers could be enhanced. Overall, the domain's WHOIS data is privacy-protected, which is typical for professional legal entities, and no suspicious indicators were found.

D

DGD Deutsche Gesellschaft für Datenschutz

dg-datenschutz.de

0

DGD Deutsche Gesellschaft für Datenschutz is a specialized small business providing professional external data protection officer services and consulting for companies, trade businesses, works councils, associations, and internal whistleblower offices under the German Whistleblower Protection Act. Their market position is that of a niche GDPR compliance and data protection consultancy focused on delivering expert advice and risk minimization to clients. The website is built on WordPress using Elementor, reflecting a moderate to good level of digital maturity with a professional design and good mobile optimization. Security posture is solid with HTTPS enforced and a comprehensive cookie consent mechanism, though lacking explicit security headers and incident response information. Overall, the site is trustworthy, compliant, and well-structured, serving its target audience effectively.

K

KAB Page

kab.page

0

KAB Page is a technology-focused company offering a modern, AI-powered SEO website builder platform designed to enable users to quickly launch fast, secure, and search engine optimized websites. The business targets individuals and businesses seeking competitive online presence with easy-to-use tools and AI assistance. The website demonstrates a good level of digital maturity, leveraging the Astro framework for performance and SEO optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is professional, trustworthy, and well-positioned in its niche.

K

Kiwis & Brownies GbR

brezel.io

0

Brezel.io is a German-based small technology company specializing in tailored enterprise software solutions including ERP, CRM, PIM, and DAM systems. Their business model focuses on providing customizable low-code and no-code platforms that enable businesses to digitize and automate complex workflows. The company emphasizes flexibility, security, and modern web technologies, targeting businesses that require bespoke digitalization solutions rather than off-the-shelf products. Their market position is niche but well-defined, with a focus on industrial, hospitality, and membership management sectors. Technically, the website is built on a modern stack including Laravel, Vue.js, and supports a Progressive Web App for cross-device compatibility. The site is mobile optimized and offers good user experience and navigation clarity. However, performance is moderate and accessibility features are basic. The hosting and DNS setup is standard with no DNSSEC enabled, and no CMS detected. From a security perspective, the site implements two-factor authentication and WebAuthn for user login security and includes CSRF tokens. However, it lacks visible HTTP security headers and DNSSEC, and does not publish security or incident response policies. Privacy compliance is weak due to absence of privacy and cookie policies and no visible consent mechanisms, despite the use of tracking scripts. WHOIS data is consistent and transparent, supporting legitimacy. Overall, the website presents a professional and trustworthy business front with good technical foundations but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

T

Tech Funding News

techfundingnews.com

0

Tech Funding News is a specialized online media platform delivering global technology startup funding news, covering sectors such as AI, fintech, crypto, and venture capital. The website targets technology startup founders, investors, and industry professionals seeking timely funding updates and insights. The platform operates on WordPress with a modern tech stack including Yoast SEO, Mailchimp integration, and Google Analytics for tracking and marketing. Hosting and DNS services involve GoDaddy and Cloudflare respectively, ensuring reliable domain management and performance. Security posture is solid with HTTPS enforced and domain locks in place, though DNSSEC is not enabled and no explicit privacy or security policies are published. The site includes cookie consent mechanisms but lacks a formal privacy policy and terms of service, which are critical for GDPR compliance. Contact is primarily through newsletter subscription forms without direct emails or phone numbers. Overall, the website presents professional content with good design and navigation, but could improve privacy transparency and security disclosures.

T

Tech Nation

technation.io

0

Tech Nation is a prominent UK-based growth platform and industry body dedicated to supporting tech startups and entrepreneurs across the UK. Powered by Founders Forum Group, it offers a comprehensive suite of programmes, events, and policy advocacy initiatives designed to empower startups from seed stage to IPO and beyond. The organization targets ambitious tech founders, providing them with practical knowledge, networking opportunities, and peer communities to scale their ventures effectively. Its market position as a leading UK tech ecosystem enabler is reinforced by partnerships with major entities such as HSBC Innovation Banking and a strong alumni network including notable companies like Revolut and Deliveroo. Technically, the website is built on WordPress and leverages a modern technology stack including jQuery, slick.js, flatpickr, and multiple analytics and marketing tools such as Google Analytics, HubSpot, Facebook Pixel, and CookieHub. The site demonstrates excellent performance, mobile optimization, accessibility, and SEO practices. Hosting is via Amazon AWS, and the domain is secured with HTTPS and domain locking mechanisms, although DNSSEC is not enabled. From a security perspective, the site follows best practices with HTTPS, security headers, and cookie consent mechanisms. However, it lacks a publicly available security policy, incident response contacts, and vulnerability disclosure information. The domain WHOIS data is privacy protected but consistent with a legitimate and mature organization. No critical vulnerabilities or suspicious patterns were detected. Overall, Tech Nation presents a professional, trustworthy, and well-maintained digital presence aligned with its mission to support UK tech entrepreneurship. Strategic recommendations include enabling DNSSEC, publishing a security policy and incident response contacts, and adding a security.txt file to enhance transparency and security posture.

L

London AI Hub Ltd

londonaihub.co.uk

0

London AI Hub Ltd operates as a central hub for the UK's artificial intelligence ecosystem, providing a collaborative space for AI entrepreneurs, researchers, and industry leaders. The organization facilitates innovation through community engagement, events, and residency programs, positioning itself as a key player in the UK AI landscape. The website reflects a professional and modern digital presence, leveraging Webflow CMS, HubSpot forms, and advanced front-end technologies such as GSAP animations and smooth scrolling to deliver a compelling user experience. Security posture is solid with HTTPS enforced and secure form handling, though improvements are recommended in security headers and cookie consent mechanisms. Overall, the domain's legitimacy is supported by the presence of reputable founding partners, despite the lack of WHOIS transparency due to query errors. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing detailed security and incident response policies to strengthen trust and compliance.

M

Merantix AI Campus

merantix-aicampus.com

0

Merantix AI Campus is a prominent AI innovation hub based in Berlin, hosting over 80 AI teams and organizing more than 300 events annually. It serves as a collaborative workspace and community platform for AI founders, investors, engineers, researchers, and operators, focusing on advancing AI infrastructure and applications across various sectors. The website reflects a professional and modern digital presence, leveraging Webflow CMS, HubSpot forms, and Google Tag Manager for analytics and marketing. The site is well-optimized for mobile and desktop users, with a strong emphasis on community engagement and event promotion. Security posture is generally good with HTTPS enforced and GDPR-compliant data collection via forms, though some security headers and cookie consent mechanisms are missing. The absence of WHOIS data for the domain is a notable anomaly that warrants further investigation to confirm domain legitimacy. Overall, the website presents a trustworthy and professional front for a medium-sized technology entity focused on AI innovation and community building.

M

Merantix Momentum

merantix-momentum.com

0

Merantix Momentum is a German-based technology company specializing in AI and machine learning solutions tailored for businesses across various industries. The company positions itself as a partner for developing and operating customized AI use cases, targeting a broad B2B audience. The website content is professional, well-structured, and localized in German, indicating a focus on the German-speaking market. The digital infrastructure leverages modern web technologies including Webflow CMS, Cookiebot for consent management, HubSpot for marketing and analytics, and Google Tag Manager, reflecting a mature digital presence. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and vulnerability disclosure mechanisms are absent. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website appearance. Overall, the site demonstrates good privacy compliance and marketing transparency but would benefit from enhanced security disclosures and verified domain registration information.

M

Merantix Capital

merantix-capital.com

0

Merantix Capital is a technology-focused venture capital and venture studio firm specializing in AI startups, partnering with visionary AI founders from pre-idea to seed stage since 2016. The company positions itself as an established player in the AI investment ecosystem, offering venture studio services, capital investment, and community building to foster AI innovation. The website reflects a professional and consistent brand image with comprehensive content and active news updates, targeting entrepreneurs and investors in the AI domain. Technically, the website is built on the Webflow CMS platform, utilizing modern JavaScript libraries such as jQuery and Slick Carousel, and integrates Google Tag Manager for analytics. The site is well-optimized for performance, mobile responsiveness, and SEO, with a fast loading experience and good accessibility features. Hosting is provided via Webflow's CDN infrastructure, ensuring reliable delivery. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks certain security headers and a cookie consent mechanism, which are recommended for enhanced security and privacy compliance. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the professional website and active content mitigate some trust issues. No vulnerability disclosure or incident response information is publicly available. Overall, the website presents a low-risk profile with strong business credibility and technical maturity but would benefit from improved transparency in domain registration and enhanced security/privacy practices to bolster trust and compliance.

B

Brainz Narrative s.r.o.

brainznarrative.cz

0

Brainz Narrative s.r.o. is a creative PR studio based in the Czech Republic, specializing in bold communication strategies with a focus on innovative projects, fast-growing technology startups, and the cultural industry. The company is part of the Brainz Studios group, which includes related entities such as Brainz Disruptive and Brainz Immersive. Their business model centers on delivering tailor-made PR solutions emphasizing authenticity, insight, and chemistry with clients. The website reflects a professional and modern digital presence, leveraging Webflow CMS and various JavaScript libraries to provide a responsive and engaging user experience. Contact information and social media links are clearly presented, supporting business credibility.

B

Brainz Immersive s. r. o.

immersive.cz

0

Brainz Immersive s. r. o. is a Prague-based immersive creative studio specializing in virtual and augmented reality experiences. Founded in 2019 and part of the BRAINZ STUDIOS group, the company offers a comprehensive suite of services including AR/VR creative development, 360° video production, multi-platform app development, and immersive installations. Their client portfolio includes notable brands such as ŠKODA AUTO, Vogue, and Czech Radio, positioning them as a niche leader in immersive technology solutions for brands and entertainment. The website reflects a professional and modern digital presence with rich multimedia content and clear navigation. Technically, the site uses modern web technologies and frameworks, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy or cookie policies, indicating room for compliance improvement. Analytics and marketing tracking are implemented via Google Analytics and Facebook Pixel, but without explicit cookie consent mechanisms. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, Brainz Immersive demonstrates a strong market position in immersive technology with a professional online presence but should enhance privacy compliance and security best practices to further strengthen trust and regulatory adherence.

B

BRAINZ DISRUPTIVE

disruptive.cz

0

BRAINZ DISRUPTIVE is a small, independent creative digital studio based in the Czech Republic, founded in 2019. The company focuses on helping brands adapt to future challenges by delivering innovative digital solutions, combining strategic, creative, and technological expertise. Their market position is that of a progressive digital studio emphasizing disruptive strategies and future-oriented services. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern frameworks such as Vue.js and Nuxt.js, with Webflow CSS for styling, and integrates Google Analytics for tracking. However, the site lacks visible privacy and cookie policies, and no explicit contact emails or phone numbers are provided, relying mainly on a contact form. Security posture is moderate with HTTPS usage but missing security headers and incident response information. Overall, the domain registration data is consistent and supports the legitimacy of the business.

C

Christian Kiewaldt & Benjamin Braun GbR

kiwis-and-brownies.de

0

KIWIS & BROWNIES is a small German software development company specializing in custom enterprise software, eCommerce solutions using Magento, and promotional applications to increase reach and lead generation. The company operates primarily in the Gummersbach and Oberberg regions of Germany, targeting local businesses seeking digital transformation and marketing services. Their website reflects a professional and modern digital presence with a focus on clear communication and customer engagement via WhatsApp and downloadable informational materials. Technically, the website employs standard modern web technologies including HTML5, CSS, JavaScript with jQuery, and Google Fonts. The hosting is managed via DomainControl nameservers, and Magento is indicated as the eCommerce platform. The site is moderately optimized for performance and mobile devices, though accessibility features are basic. SEO practices are adequately implemented with meta tags and structured content. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a formal security policy or incident response contacts. The privacy policy is comprehensive and GDPR compliant, but no cookie consent mechanism is present, which is a compliance gap. No vulnerability disclosure or security.txt files are found, limiting transparency in security practices. Overall, the website presents a trustworthy and professional image suitable for its business scope. The risk level is moderate with recommendations to enhance security headers, implement cookie consent, and publish security policies to improve compliance and trust. The domain registration aligns with the business identity, supporting legitimacy.

L

Lesoochranárske zoskupenie VLK

wolf.sk

0

Lesoochranárske zoskupenie VLK is a Slovak non-profit organization dedicated to the protection of natural forests, carnivores, and natural processes through the creation of no-intervention reserves. The organization has a strong grassroots presence with over 25 years of activity, focusing on environmental advocacy, legal interventions, and public education. Their website serves as an information hub for campaigns, petitions, and educational content primarily in Slovak, targeting environmental activists and the general public interested in nature conservation. Technically, the website is built on Drupal CMS with common libraries like jQuery and uses Google Analytics for visitor tracking. While the site is functional and content-rich, it lacks advanced security headers and cookie consent mechanisms, which are important for GDPR compliance. Contact information is primarily available via a contact page rather than directly on the homepage. Overall, the website reflects a moderate level of digital maturity with room for improvements in security and privacy compliance.

The website mep.lt is currently a parked domain page indicating that the domain is for sale. It does not represent an active business or service provider. The content is minimal, primarily advertising the domain sale with no substantive business information, contact details, or privacy policies. The technical infrastructure relies on basic HTML, CSS, and JavaScript with embedded third-party iframes and ad scripts, which introduces potential security risks. There is no evidence of HTTPS enforcement or security headers, and no compliance with privacy regulations is demonstrated. Overall, the site lacks professionalism and trustworthiness, reflecting its status as a domain parking page rather than an operational business website.

Ž

Žinau, ką renku

zinaukarenku.lt

0

Žinau, ką renku is a Lithuanian non-profit political monitoring platform focused on engaging young citizens across Lithuania in election processes and political awareness. The website provides election information, candidate monitoring, volunteer opportunities, and a blog to inform and empower voters. The platform positions itself as a neutral and civic-minded entity, leveraging modern web technologies to deliver content effectively. Technically, the site uses Laravel Livewire, Alpine.js, and Cloudflare DNS services, ensuring a modern and responsive user experience with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and CSRF protections in place, although some security headers could be improved. Privacy compliance is evident through a clear privacy policy and cookie consent mechanism, aligning with GDPR requirements. Overall, the site is trustworthy, professional, and well-maintained, with no detected blocking or WAF interference.

Ž

Žmogaus teisių gidas

zmogausteisiugidas.lt

0

Žmogaus teisių gidas is a Lithuanian educational website dedicated to human rights and civic education. It offers thematic articles, tests, court practice summaries, and resources to educate the public on human rights issues. The site targets a general audience interested in learning about human rights in everyday situations. The platform is supported by reputable European and Baltic organizations, indicating a non-profit educational mission. Technically, the website employs modern web technologies including Matomo analytics with privacy-respecting default settings, Google Fonts, and cookie consent mechanisms. The site is mobile optimized and accessible, with a clear navigation structure. Security posture is moderate, with HTTPS enforced but lacking explicit security headers and vulnerability disclosures. WHOIS data for the domain is unavailable, which reduces trustworthiness from a domain registration perspective. Overall, the website is a credible educational resource with room for improvement in privacy policy transparency and security best practices.

T

T1 Tallinn

t1tallinn.com

0

T1 Tallinn operates as a large retail and entertainment shopping center located in Tallinn, Estonia. The website presents a comprehensive overview of the business offerings including retail stores, dining options, entertainment venues, and additional customer services. The site targets a broad audience including families and general shoppers, positioning itself as a key shopping and leisure destination in the region. The business appears well-established with a domain age consistent with its operational history since 2016. Technically, the website is built on WordPress CMS, leveraging modern web technologies such as jQuery, Video.js, and Google Fonts. It uses Cloudflare for DNS and CDN services, ensuring good performance and security. The site is mobile-optimized, accessible, and SEO-friendly, with structured data and meta tags implemented effectively. Analytics and marketing tools like Google Analytics and Facebook Pixel are used for user tracking and marketing purposes. From a security perspective, the website enforces HTTPS and uses clientTransferProhibited domain status to prevent unauthorized transfers. However, DNSSEC is not enabled, and security headers are not explicitly observed, indicating room for improvement. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear cookie consent mechanisms and a comprehensive privacy policy aligned with GDPR requirements. Contact information is transparent and professionally presented. Overall, the website demonstrates a solid security posture and business credibility with no major red flags. Recommendations include enabling DNSSEC, adding security headers, publishing a security policy, and considering a vulnerability disclosure program to further enhance trust and security maturity.

M

MTÜ Eesti Lasterikaste Perede Liit

perekaart.ee

0

Perekaart is a well-established non-profit organization in Estonia providing a discount card service targeted at large families with three or more children. The website serves as a platform to promote the discount network, which includes over 600 partners offering more than 800 unique discounts across various sectors such as leisure, culture, and food services. The organization is positioned as a key player in supporting family welfare in Estonia, with a strong partnership ecosystem and a clear mission to add value to families' everyday lives. Technically, the website is built using modern web technologies including React and Material-UI, hosted behind Cloudflare DNS services, and integrates Google Tag Manager for analytics and SendSmaily for newsletter management. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. Privacy compliance is addressed through a cookie consent mechanism and a privacy policy page, reflecting awareness of GDPR requirements. From a security perspective, the website uses HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks explicit security headers and detailed security or incident response policies on the site. No vulnerabilities or suspicious patterns were detected in the analysis. Overall, the security posture is adequate but could be improved with additional headers and documented policies. The overall risk assessment is low, with the website showing high trustworthiness and professionalism. Strategic recommendations include enhancing security headers, expanding privacy and incident response disclosures, and improving SEO and accessibility features to further strengthen the site's digital maturity and compliance posture.

V

Valga Muuseum

valgamuuseum.ee

0

Valga Muuseum is a regional cultural and educational institution based in Valga, Estonia, providing museum exhibitions, educational programs, research activities, and a museum shop. The website reflects a stable and established organization with a domain registered since 2010. The museum targets a broad audience including local visitors, students, and researchers, offering a variety of cultural and educational services. Technically, the website uses a common CMS (Greativ), standard JavaScript libraries, and integrates Google Analytics and Facebook SDK for tracking. The site is mobile-optimized with good navigation and content relevance. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and a cookie consent mechanism, which impacts privacy compliance. Overall, the website is professional, trustworthy, and serves its purpose well.

Valga Sport is a local Estonian sports organization focused on promoting youth and community sports activities, managing sports facilities, and organizing events. The website serves as an information portal for sports opportunities, events, and news relevant to the Valga region. The organization appears to be a small-sized entity with a public or non-profit orientation, supported by local government affiliations. Technically, the website is built on the Greativ CMS platform and uses common web technologies including Google Analytics and Facebook Pixel for tracking. The site is mobile-optimized with a moderate performance profile and basic SEO and accessibility features. Hosting and domain registration are consistent with a local Estonian provider, Telia Eesti AS. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks advanced security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The WHOIS data is transparent and consistent with the business claims, supporting legitimacy. Overall, the website is professional and trustworthy for its intended audience but could improve in privacy compliance and security posture to better align with modern standards.

D

Domino dizajn

domino-dizajn.hr

0

Domino dizajn is a Croatian creative studio specializing in graphic design, printing, digital marketing, and modern web solutions including web shops and mobile applications. With nearly two decades of experience, the company serves businesses seeking comprehensive branding and digital presence services. The website is built on WordPress with Elementor, featuring good SEO, accessibility, and mobile optimization. Security posture is solid with HTTPS and cookie consent, though lacks explicit security policies and incident response contacts. Overall, the site reflects a professional and trustworthy business with a clear market position in the technology and creative services sector.

M

MAMFORCE

mamforce.hr

0

MAMFORCE is a Croatian-based organization specializing in Diversity, Equity, and Inclusion (DEI) certifications and consulting services aimed at improving workplace culture for families and women. Their offerings include multiple certification standards such as MAMFORCE Standard, DADFORCE Standard, and INC.Q EQUAL PAY, alongside training and employer branding services. The company positions itself as a leader in promoting fair and inclusive organizational cultures within Croatia. Technically, the website is built on WordPress with a modern tech stack including Google Analytics, Facebook Pixel, and various plugins enhancing user experience and tracking capabilities. The site is mobile-optimized and SEO-friendly, reflecting a good level of digital maturity. Security-wise, the site enforces HTTPS and uses some security best practices but lacks certain headers like Content-Security-Policy and X-Frame-Options, which are recommended for enhanced protection. No privacy policy or terms of service were found, which is a compliance gap. Overall, the domain registration is consistent with the business claims, and no suspicious patterns were detected, supporting a high legitimacy score.

L

LIBUSOFT CICOM d.o.o.

otvorenazupanija.hr

0

LIBUSOFT CICOM d.o.o. operates the website www.spi.hr, offering the LC Platforma Otvoreno software platform and related IT services primarily targeting businesses in Croatia and neighboring countries. The company has been established since 2011 and maintains a medium-sized business profile with a regional market presence. The website reflects a basic but consistent branding and content quality, focusing on business and technology solutions. Technically, the site is built on WordPress, hosted on AWS infrastructure, and integrates modern tools such as Google Tag Manager, Google Analytics, and reCAPTCHA for bot protection. Security posture is adequate with HTTPS enabled and some best practices observed, though security headers and explicit privacy and cookie policies are missing. Contact information is limited to a phone number and social media links, with no email or physical address explicitly provided. Overall, the website is safe, professional, and trustworthy but could improve in privacy compliance and security transparency.

R

Regionalni centar kompetentnosti u turizmu i ugostiteljstvu Zabok

rcktu-zabok.hr

0

The website represents the Regional Center of Competence in Tourism and Hospitality located in Zabok, Croatia. It serves as an educational institution offering secondary education, adult courses, workshops, retraining, and consulting services focused on tourism and hospitality sectors. The center aims to develop professional skills, creativity, and social responsibility among students and professionals, supported by EU funding. The site is well-structured, professionally designed, and targets students, adult learners, and regional businesses in the tourism and hospitality industry. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit privacy and terms of service pages and a vulnerability disclosure policy. Overall, the domain registration and hosting are consistent with the business profile, indicating legitimacy and trustworthiness.

B

Business Angels Impact Fund

baif.hr

0

Business Angels Impact Fund is a Croatian-based investment fund focused on supporting startups and companies that generate social and environmental impact. The website presents a professional and consistent brand image, targeting investors and social enterprises. The technical infrastructure is built on WordPress using Elementor and Astra theme, indicating a moderate level of digital maturity with good mobile optimization and basic SEO. Security posture is moderate with HTTPS enabled but lacking advanced security headers and policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and trustworthy but would benefit from enhanced security and compliance measures.

R

Ride & Bike 2

rideandbike.eu

0

Ride & Bike 2 is a regional tourism promotion website focusing on the natural and cultural heritage of several regions in Croatia and Slovenia. It provides information about outdoor activities, cultural sites, and local attractions, targeting tourists and outdoor enthusiasts. The website leverages WordPress CMS with WPBakery Page Builder and integrates Google Tag Manager for analytics. While the site is well-structured and visually consistent, it lacks critical privacy and cookie policies, as well as explicit contact information, which impacts its compliance and trustworthiness. Security posture is moderate with HTTPS enabled but missing security headers and incident response contacts. Overall, the site is functional and serves its tourism promotion purpose but requires improvements in privacy compliance and security best practices.

Z

Zagorska razvojna agencija

cro-si-safe.eu

0

The CRO-SI-SAFE website represents a regional cooperation project aimed at enhancing cross-border partnerships among emergency rescue services in the Krapinsko-zagorska and Savinjska regions. The project focuses on improving civil protection systems and increasing resilience to disasters. The website is professionally designed using WordPress and Elementor, with clear navigation and multilingual support in Croatian, Slovenian, and English. Key services include training, publications, and collaborative activities supported by EU funding. The site demonstrates a solid market position as a government/non-profit regional initiative with trusted partners.

D

Dom za žrtve nasilja u obitelji NOVI POČETAK

novipocetak.hr

0

Dom za žrtve nasilja u obitelji NOVI POČETAK is a Croatian social care institution dedicated to supporting victims of domestic violence and their children. Founded and operated under the auspices of the Krapinsko-zagorska županija regional government, it provides safe accommodation, psychosocial counseling, and professional social work services. The website reflects a well-structured, professionally designed platform with clear navigation and relevant content tailored to its target audience. Technically, the site is built on WordPress with Elementor and Yoast SEO, integrating Google Analytics and reCAPTCHA for security and analytics purposes. Security posture is strong with HTTPS enforced and appropriate security headers, though it lacks published security policies and cookie consent mechanisms. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the site is trustworthy, compliant with GDPR in terms of privacy policy presence, but could improve cookie consent and incident response transparency.

The website 'Crveni popis Hrvatske' is an official Croatian government portal managed by the Ministry of Environment and Green Transition, specifically the Institute for Environmental Protection and Nature. It serves as a comprehensive resource for data on endangered wild species in Croatia, providing risk assessments, conservation information, and public education. The portal targets a broad audience including researchers, policymakers, and the general public interested in biodiversity and environmental protection. Technically, the site employs modern web technologies such as HTML5, CSS3, JavaScript, Chart.js for data visualization, and Leaflet.js for mapping. The presence of a CSRF token and HTTPS indicates a secure infrastructure, although some security headers are missing. Accessibility is addressed but with room for improvement, particularly in image alt attributes and text scaling. The site is moderately performant and mobile-optimized. From a security perspective, the portal demonstrates good practices including GDPR compliance, cookie consent mechanisms, and secure form handling. However, it lacks explicit incident response contact details and a published vulnerability disclosure policy. No critical vulnerabilities or suspicious activities were detected. WHOIS data confirms the domain's legitimacy and alignment with the governmental nature of the site. Overall, the website is trustworthy, professionally maintained, and fulfills its mission effectively. Strategic improvements in security headers, accessibility, and incident response transparency would further enhance its posture.

H

HZHM

hzhm.hr

0

Hrvatski zavod za hitnu medicinu (HZHM) is a Croatian public healthcare institution specializing in emergency medicine and telemedicine services across Croatia. The website serves as an informational portal primarily in Croatian, with an English language option, targeting the general public and healthcare professionals. The institution operates within the healthcare sector, providing essential emergency medical services and telemedicine support, positioning itself as a key national healthcare entity. Technically, the website is built on WordPress using the Divi theme, incorporating Google Tag Manager for analytics. The site demonstrates moderate performance and good mobile optimization, with basic accessibility features and good SEO practices. Security posture is adequate with HTTPS enabled, but lacks several recommended security headers and explicit security policies. Privacy compliance is limited due to the absence of privacy and cookie policies or consent mechanisms. Overall, the domain registration data aligns well with the institution's identity and location, supporting its legitimacy. Strategic improvements in privacy compliance, security headers, and incident response transparency would enhance trust and security maturity.

P

Poliklinika Magdalena

magdalena.hr

0

Poliklinika Magdalena is a well-established healthcare provider specializing in cardiovascular care with over 25 years of experience. The organization operates multiple physical locations in Croatia, including Zagreb and Krapinske Toplice, and offers a comprehensive range of services from diagnostics to surgical interventions and telemedicine. The website reflects a professional and patient-focused approach, targeting individuals seeking specialized cardiovascular healthcare. Technically, the site is built on WordPress with modern tools such as Gravity Forms for data collection, Google Analytics and Facebook Pixel for analytics, and CookieYes for GDPR-compliant cookie consent. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website and domain registration details indicate a legitimate and trustworthy healthcare provider with a solid digital presence.

S

Specijalna bolnica za medicinsku rehabilitaciju Krapinske Toplice

sbkt.hr

0

Specijalna bolnica za medicinsku rehabilitaciju Krapinske Toplice is a specialized healthcare provider focused on medical rehabilitation services for neurological, cardiovascular, orthopedic, rheumatologic, and internal medicine patients, including both adults and children. The hospital also offers outpatient specialist services, health tourism, and preventive health programs. The website reflects a well-established regional medical institution with a clear market position and a comprehensive service portfolio. The target audience primarily includes patients and healthcare consumers seeking rehabilitation and wellness services in Croatia. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and various plugins for enhanced functionality such as forms and galleries. The site is mobile optimized, accessible, and SEO friendly, with good content quality and consistent branding. Security posture is solid with HTTPS enforced and CAPTCHA protection on forms, though there is room for improvement in implementing security headers and cookie consent mechanisms. Overall, the domain registration and WHOIS data align well with the business claims, supporting the legitimacy and trustworthiness of the entity.

Z

Zavod za javno zdravstvo Krapinsko-zagorske županije

zzjzkzz.hr

0

Zavod za javno zdravstvo Krapinsko-zagorske županije is a regional public health institute serving the Krapina-Zagorje County in Croatia. The organization provides a broad range of public health services including epidemiology, microbiology, health promotion, school medicine, environmental health, and mental health and addiction prevention. The website targets local residents and public health stakeholders, offering news, contact information, and resources relevant to the community. The business model is government-funded, positioning the institute as a key regional health authority. Technically, the website uses a custom ASP-based CMS with legacy JavaScript libraries such as jQuery 1.8.2 and Modernizr, alongside modern UI components like the Revolution Slider and UserWay accessibility widget. The site is moderately optimized for performance and mobile devices, with basic SEO and good accessibility features. However, some technical debt is evident due to outdated libraries and lack of advanced security headers. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, the use of outdated JavaScript libraries and absence of security headers like CSP and HSTS present potential vulnerabilities. No explicit security or incident response policies are published. Contact information is clearly provided, enhancing trust and transparency. Overall, the website is professional, trustworthy, and serves its public health mission effectively. Strategic improvements in updating technical components and enhancing security headers would strengthen its security posture and compliance. The site is safe for general audiences with no adult or questionable content detected.

D

Dom zdravlja Krapinsko zagorske županije

dzkzz.hr

0

Dom zdravlja Krapinsko zagorske županije is a public healthcare provider serving the Krapinsko-zagorska County in Croatia. The organization offers a range of primary healthcare services including family medicine, pediatrics, palliative care, and radiology. The website reflects a well-established regional healthcare institution with multiple branch offices, targeting local residents seeking accessible medical care. The business model is government-funded, focusing on essential healthcare delivery rather than commercial services. The website content is comprehensive and professionally presented, supporting patient engagement through news updates and satisfaction surveys. Technically, the website is built on WordPress with modern plugins such as Elementor and Smart Slider 3, ensuring a responsive and accessible user experience. The site uses HTTPS and includes GDPR-compliant cookie consent mechanisms, reflecting a mature digital infrastructure. Performance is moderate with good mobile optimization and SEO practices. However, some security headers are not explicitly detected, suggesting room for improvement in security hardening. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. The presence of GDPR compliance and a dedicated privacy policy page indicates attention to data protection. However, the absence of explicit security policy and incident response information could be addressed to enhance trust and preparedness. Overall, the domain registration data aligns well with the website's claims, supporting legitimacy and trustworthiness. The overall risk assessment is low, with no signs of malicious activity or suspicious content. Strategic recommendations include implementing additional security headers, maintaining up-to-date software, and publishing clear security and incident response policies to further strengthen the security posture and user trust.

R

Radnica.org

radnica.org

0

Radnica.org is a Croatian non-profit platform dedicated to supporting individuals facing workplace discrimination, particularly gender-based discrimination. The website offers educational content, guidance on rights, and an anonymous reporting form to help victims. It is affiliated with CESI, a recognized organization, enhancing its credibility. Technically, the site is built on Webflow with modern web fonts and scripts, delivering a good user experience with mobile optimization and clear navigation. Security-wise, the site uses HTTPS and Cloudflare Turnstile captcha for form protection, but lacks visible security headers and explicit incident response policies. Privacy compliance is well addressed with a cookie consent banner and a privacy policy page. Overall, the site is trustworthy and serves a niche audience effectively.