Security Directory

T

TJ studio d.o.o.

tjstudio.info

0

TJ studio d.o.o. is a Croatian-based technology company specializing in web hosting, web design, and internet application development. Established since 2009, the company positions itself as a reliable and innovative service provider for businesses and individuals seeking professional digital solutions. Their offerings include a variety of hosting packages, domain registration, website maintenance, and custom web development services. The company maintains an active online presence with social media channels and a customer support portal, emphasizing customer service and technical support availability. Technically, the website is built on WordPress using the Betheme theme and integrates modern plugins such as Yoast SEO Premium and Slider Revolution. It employs Google Analytics for traffic analysis and Google reCAPTCHA for form security. The site is mobile-optimized and demonstrates good SEO practices. However, some security headers are not explicitly detected, and there is no dedicated security policy or incident response contact information visible. From a security perspective, the site uses HTTPS with a valid SSL certificate and implements GDPR-compliant cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is limited due to privacy protection, with no public registrant details, but the website content and contact information appear consistent and professional. Overall, TJ studio d.o.o. presents a trustworthy and professional digital presence with a solid technical foundation and compliance with privacy regulations. Strategic improvements in security headers and incident response transparency could further enhance their security posture and customer trust.

H

Hrvatski autoklub

hak.hr

0

Hrvatski autoklub (HAK) is a well-established national automobile club in Croatia, founded in 1997, providing a broad range of services including roadside assistance, travel and traffic information, driver education, and vehicle technical inspections. The website reflects a mature digital presence with comprehensive content tailored to drivers and vehicle owners in Croatia. The technical infrastructure leverages modern web technologies such as jQuery and Google Fonts, hosted with Cloudflare DNS, and includes a cookie consent mechanism aligned with GDPR requirements. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though improvements in security headers and incident response disclosures are recommended. Overall, the website is professional, trustworthy, and serves its audience effectively.

O

otocniproizvod.hr

otocniproizvod.hr

0

The website otocniproizvod.hr is a Croatian language health and wellness content platform focusing on articles and reviews of health supplements and related products. It targets a general audience interested in health improvement and wellness products. The business model appears to be content publishing with affiliate marketing or product promotion as revenue streams. The site is built on WordPress using common plugins for SEO, ratings, and link management, indicating a moderate level of digital maturity. Technically, the site is well-structured, mobile-optimized, and uses HTTPS with no visible SSL issues, but lacks some security headers and cookie consent mechanisms. Security posture is adequate for a content site, with no visible vulnerabilities or exposed sensitive data. Privacy compliance is partial, with a privacy policy present but no cookie consent banner. Overall, the site is safe, professional, and trustworthy, though improvements in security headers and privacy compliance are recommended.

Plus Hosting is a Croatian-based hosting service provider offering a range of services including domain registration, web hosting, reseller hosting, dedicated servers, VPS servers, SSL certificates, affiliate programs, and business mail solutions. The website analyzed is a placeholder page indicating that no active website is configured at the domain lun.hr. The business targets individuals and companies seeking hosting and domain services primarily in Croatia. The market position appears regional with a focus on technology infrastructure services. Technically, the website uses modern HTML5 and CSS3 standards with SVG graphics and a web font from a CDN. However, the site is minimalistic with no dynamic content, forms, or tracking scripts. The hosting provider is Plus Hosting itself, and the site performance and mobile optimization are basic but functional. There is no evidence of a CMS or advanced frameworks. From a security perspective, the site lacks visible HTTPS confirmation and security headers, which lowers its security posture. No privacy or cookie policies are present, and no incident response or security contact information is provided. The WHOIS data is unavailable due to GDPR restrictions and query limits, but this is consistent with privacy regulations and does not raise immediate suspicion. Overall, the security score is low due to missing best practices and policies. The overall risk is moderate given the site is a placeholder with no active content or user interaction. Strategic recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and improving contact and compliance information to enhance trust and security posture.

D

Dječji vrtić Carić Novalja

vrtic-caric.hr

0

Dječji vrtić Carić Novalja is a small educational institution providing kindergarten and childcare services in Novalja, Croatia. The website serves as an informational portal for parents and guardians seeking early childhood education options. The business appears locally focused with a consistent domain registration and a website built on WordPress using the Avada theme, indicating a moderate level of digital maturity. Technically, the site uses standard web technologies including jQuery and has a cookie consent mechanism, but lacks advanced security headers and explicit privacy or terms of service documentation. Security posture is adequate with HTTPS enabled, but could be improved by implementing additional security headers and clearer compliance documentation. Overall, the site is safe, professional, and trustworthy for its intended audience, but would benefit from enhanced privacy and security practices to align with best practices and regulatory requirements.

G

Gradski muzej Novalja

gradskimuzejnovalja.hr

0

Gradski muzej Novalja is a small government/non-profit cultural institution based in Croatia, focused on preserving and presenting the cultural heritage of Novalja and its surroundings. The website serves as an informational and educational platform offering museum exhibitions, lectures, and workshops to the local community and visitors. The digital presence is built on a modern WordPress CMS with Elementor and Astra theme, providing a good user experience with mobile optimization and SEO enhancements. Security posture is adequate with HTTPS enabled and no visible exposed sensitive data, but lacks advanced security headers and incident response information. Privacy compliance is limited, with no explicit cookie consent or detailed GDPR policy. Overall, the website is trustworthy and professionally maintained, suitable for its cultural mission.

C

Centar za kulturu Grada Novalje

czknovalja.hr

0

Centar za kulturu Grada Novalje is a Croatian cultural center focused on promoting and organizing cultural and sports events in Novalja and surrounding areas. The website serves as an information hub for upcoming and past events, official documents, and community engagement. It targets local residents and visitors interested in cultural activities. The site is built on WordPress with a modern theme and multilingual support, reflecting a moderate level of digital maturity. Security posture is solid with HTTPS and GDPR-compliant cookie consent, though some security headers are missing and no explicit security policies are published. Overall, the site is trustworthy and professionally maintained, suitable for its public cultural institution role.

TZ Stara Novalja is a local tourism organization dedicated to promoting the town of Stara Novalja on the island of Pag, Croatia. The website serves as a comprehensive portal offering event calendars, local attractions, outdoor activities, and useful information for tourists and property renters. It targets visitors interested in cultural events, outdoor sports, and local hospitality services. The organization appears well-established with a domain registered since 2001 and consistent WHOIS data. Technically, the website is built on WordPress using the Avada theme, leveraging common web technologies such as jQuery and MediaElement.js. It integrates Google Analytics for visitor tracking and implements cookie consent mechanisms. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS, includes standard security headers, and avoids exposing sensitive data. However, it lacks a formal security policy, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is basic, with a privacy notice present but limited GDPR-specific details. Overall, the website is trustworthy and professional, serving its purpose as a tourism information hub effectively. Strategic improvements in privacy compliance, security transparency, and accessibility could further enhance its posture and user trust.

DVD Novalja is a small, local volunteer firefighting organization based in Novalja, Croatia, serving the community on the island of Pag. The website provides information about their firefighting activities, technical interventions, and community safety efforts. The organization appears to be well-established with a domain age dating back to 2005, consistent with their operational history. The site targets local residents and visitors needing emergency and safety information. Technically, the website uses older web technologies such as jQuery 1.4.2 and lacks modern security features like HTTPS and security headers. The site is basic in design and functionality, with limited mobile optimization and no visible analytics or tracking tools. Contact information is clearly presented, but there are no privacy or cookie policies, which is a compliance gap. From a security perspective, the absence of HTTPS and use of outdated libraries pose risks. No advanced security policies or incident response contacts are provided. The site does not appear to collect user data via forms, reducing exposure but also limiting engagement. Overall, the security posture is weak and requires improvements to protect users and enhance trust. The overall risk is moderate due to the lack of encryption and outdated technology, but the site content is safe and non-malicious. Strategic recommendations include implementing HTTPS, updating libraries, adding privacy and cookie policies, and enhancing security headers to improve compliance and user trust.

V

Vodovod d.o.o. – Podružnica Novalja

aglomeracijanovalja.hr

0

The website represents a public infrastructure project managed by Vodovod d.o.o. – Podružnica Novalja, focused on improving water supply and wastewater treatment infrastructure in the Novalja region of Croatia. The project is co-financed by the European Union through the Cohesion Fund and national funds, emphasizing environmental protection and public utility enhancement. The site provides detailed project descriptions, progress updates, and contact information for stakeholders and the public. Technically, the website is built on WordPress CMS, utilizing common technologies such as jQuery, Yoast SEO for search engine optimization, and Swiper.js for interactive sliders. Hosting is provided by Plus Hosting Grupa d.o.o., a Croatian hosting provider. The site is mobile-optimized with good navigation and moderate performance. Google Analytics is used for visitor tracking, with a cookie consent mechanism in place to comply with GDPR. From a security perspective, the site enforces HTTPS and employs cookie consent banners, but lacks explicit security headers and public security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the hosting provider and the domain age aligns with the project timeline, supporting legitimacy. Overall, the website is professional, trustworthy, and compliant with privacy regulations. It effectively serves its purpose as an informational portal for a public utility project. Strategic improvements could include enhanced security headers, public incident response information, and accessibility enhancements to further strengthen security posture and user experience.

I

Institut za Neuromarketing

neuromarketinginstitut.com

0

Institut za Neuromarketing is a specialized Croatian institute providing neuromarketing services including neuroadvertising, neurobranding, scientific and expert research, and advanced technologies such as EEG, eye tracking, biometric methods, and facial coding. The website positions the institute as a market leader in Croatia with a focus on business and scientific clients. The digital infrastructure is built on WordPress with modern plugins and tools, ensuring good performance and mobile optimization. Privacy and cookie policies are well implemented, reflecting GDPR compliance. Security posture is adequate with HTTPS and reCAPTCHA usage, though improvements in DNSSEC and security headers are recommended. Overall, the website is professional, trustworthy, and well-maintained, supporting the institute's credibility and market presence.

ECOLINE CROATIA offers a specialized IT solution named EKO PRIJAVA designed for efficient reporting and monitoring of field problems such as communal, construction, and road issues. Their solution includes a mobile application for quick problem reporting and a web-based administrative portal for managing reports, analytics, and work orders. The business targets municipalities, communal companies, construction firms, and other organizations requiring precise field issue tracking. The website is built on WordPress using the Enfold theme, employing standard web technologies and cloud hosting for accessibility. Security posture is moderate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content is professional and business-focused. Overall, the site provides a functional and informative platform but would benefit from enhanced security and compliance measures.

D

Dizajn Studio Novalja

ds-novalja.com

0

Dizajn Studio Novalja is a small, locally focused business established in 2003, specializing in web design, digital printing, advertising, and photography services primarily targeting the tourism sector and local companies on the island of Pag, Croatia. The company offers a range of services including website creation for tourist accommodations, graphic design, digital printing, signage, key and stamp making, and photography. Their market position is that of a regional service provider with a solid reputation, supported by positive aggregate ratings and social media presence. Technically, the website employs older JavaScript libraries such as jQuery 1.6.0 and uses Google Tag Manager for analytics. The site lacks HTTPS, which is a significant security concern, and no advanced security headers or policies are detected. The website design and content quality are good, with clear navigation and relevant business information, but mobile optimization and accessibility are basic. SEO is supported by structured data but could be improved. From a security perspective, the absence of HTTPS and security headers, along with outdated libraries, exposes the site to potential vulnerabilities. No privacy, cookie, or terms of service policies are present, indicating poor privacy compliance. Incident response and security policy information are also missing, which could impact trust and regulatory compliance. Overall, the website is functional and professional but requires urgent improvements in security and privacy compliance to reduce risk and enhance trustworthiness. Strategic recommendations include implementing HTTPS, updating libraries, adding privacy and cookie policies, and improving security headers and incident response readiness.

C

CSL Computer Service Langenbach GmbH d/b/a joker.com

novalja-pag.net

0

Novalja-pag.net is a well-established Croatian hospitality website specializing in private accommodation listings on the island of Pag. Founded in 2002, it offers a comprehensive catalog of apartments, rooms, villas, and hotels with direct booking contact options. The platform targets tourists seeking affordable and diverse lodging options near popular destinations such as Novalja and Zrće beach. Technically, the site uses a custom CMS with common web technologies including jQuery, Bootstrap, and Google services for analytics and reCAPTCHA. While the site is mobile-optimized and provides a good user experience, it lacks HTTPS enforcement and advanced security headers, which are critical for protecting user data and enhancing trust. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is credible and functional but would benefit from security and privacy improvements.

D

Dizajn Studio Novalja

novalja.info

0

Novalja.info is a regional tourism portal dedicated to providing comprehensive information and direct booking options for private accommodation on the island of Pag, Croatia, focusing on the city of Novalja and surrounding destinations. The website offers a variety of services including accommodation listings, live web cameras, weather forecasts, ferry schedules, and local news, targeting tourists and visitors planning their holidays. The business operates as a small-sized entity with a long-standing presence since 2005, managed by Dizajn Studio Novalja. Technically, the website relies on legacy technologies such as an outdated jQuery version and lacks HTTPS, which impacts its security posture and user trust. The site uses Google Analytics and Tag Manager for visitor tracking but does not provide visible privacy or cookie policies, indicating limited privacy compliance. Security-wise, the absence of HTTPS and modern security headers, combined with outdated libraries, exposes the site to potential vulnerabilities. Overall, the website is functional and content-rich but requires significant improvements in security and privacy to meet modern standards.

N

Novalja Tourist Board

tz-novalja.hr

0

The website tz-novalja.hr represents the official Tourist Board of the town of Novalja, Croatia, focusing on promoting local tourism, accommodation, and travel information. It serves as a regional informational portal targeting tourists and visitors interested in Novalja and the island of Pag. The business operates as a local government entity with a small organizational size and a long-established presence since 2003. The site content is primarily in Croatian with some English references, providing basic tourism-related information and contact details. From a technical perspective, the website uses basic HTML, CSS, and JavaScript without modern CMS or frameworks. The site lacks mobile optimization and accessibility features, and performance is moderate. There is no evidence of advanced analytics or tracking technologies, which limits data-driven insights but also reduces privacy concerns. The site redirects visitors to a related tourism site after a short delay. Security posture is weak, with no visible HTTPS enforcement, security headers, or privacy and cookie policies. No forms or user data collection mechanisms are present, reducing attack surface but also limiting user engagement. The WHOIS data is consistent and trustworthy, indicating a legitimate domain with a long history aligned with the business purpose. Overall, the website is functional for basic tourism information but requires significant improvements in security, privacy compliance, and technical modernization to enhance trust, user experience, and regulatory adherence.

H

Hrvatski savez za sportski ribolov na moru

hssrm.hr

0

Hrvatski savez za sportski ribolov na moru (HSSRM) is a well-established Croatian non-profit sports federation dedicated to marine sport fishing. Founded in 1953, it serves approximately 25,000 members and provides key services such as fishing permit distribution, organizing competitions, and educational programs. The website reflects a consistent brand and offers relevant content for its target audience of fishing enthusiasts in Croatia. Technically, the site uses modern web technologies including Bootstrap, jQuery, FontAwesome, and Leaflet.js, with integration of Facebook social plugins for community engagement. The site is moderately optimized for mobile and performance, with clear navigation and good content quality. Security posture is adequate but could be improved by adding security headers and formal policies. Privacy compliance is lacking as no privacy or cookie policies are present. WHOIS data confirms domain legitimacy and consistency with the organization's profile. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security measures.

V

VIT - Obrt za informatičke usluge

vitmedia.hr

0

VIT - Obrt za informatičke usluge is a small Croatian IT service business specializing in web site creation and related informatics services. The website serves as a basic informational portal providing contact details and company branding. The business appears to be locally focused with a straightforward service offering and a small market presence. The domain registration data aligns well with the business profile, indicating legitimacy and consistency. Technically, the website uses a simple tech stack including jQuery and Bootstrap, hosted under a Croatian registrar and DNS provider. The site is basic in design and mobile optimization, with minimal SEO and accessibility features. Security posture is weak due to lack of HTTPS enforcement, absence of security headers, and no visible privacy or cookie policies. No forms or user data collection mechanisms are present, reducing attack surface but also limiting functionality. Overall, the site is safe for general audiences but requires improvements in security and compliance to enhance trust and professionalism.

Nikola Tesla Network is a small, non-profit cultural and educational project focused on promoting the legacy of Nikola Tesla through an international cultural and touristic route. The website serves as a hub for information about the network, its partners, events, and educational initiatives such as the Teslina STEM Academy. The project is supported by reputable partners including the Croatian National Tourist Board and is co-financed by the European Union, indicating a solid market position within cultural tourism and education sectors. Technically, the website employs a moderate technology stack including jQuery, Modernizr, and various UI plugins, hosted on infrastructure linked to the NETIM registrar and VIT Web Hosting. The site is mobile optimized with good SEO practices and clear navigation, though accessibility features are basic. Security posture is adequate with HTTPS enforced and CSRF protections in forms, but lacks advanced security headers and a formal security policy. Privacy compliance is partial; a cookie policy and consent mechanism are present, but no explicit privacy policy page was found, representing a compliance gap. Contact information is clearly provided, enhancing business credibility. No signs of malicious content or WAF blocking were detected, and the site content is safe for general audiences. Overall, the website is professionally maintained with good content quality and business credibility but would benefit from enhanced privacy and security policies to improve compliance and trustworthiness.

T

Turistička zajednica Ličko-senjske županije

lika-active.com

0

The website lika-active.com serves as a regional tourism promotion platform for the Lika region in Croatia, focusing on active and adventure tourism activities such as cycling, trekking, climbing, hunting, and fishing. It is operated by the regional tourism board (Turistička zajednica Ličko-senjske županije) and targets tourists seeking outdoor and nature-based experiences. The site provides relevant information, brochures, event details, and transport options to support tourism in the region. Technically, the site uses an older technology stack including Bootstrap 2.x and jQuery 1.10.2, with basic mobile responsiveness and SEO. Security posture is moderate with no visible security headers and outdated libraries posing potential risks. Privacy compliance is lacking as no privacy or cookie policies are found. Contact information is clearly presented, enhancing business credibility. Overall, the site is functional and informative but requires updates in security and compliance to improve trust and protection.

T

Turistička zajednica Ličko-senjske županije

lika-gastro.com

0

The website 'lika-gastro.com' serves as a regional gastronomy and tourism portal for the Lika-Senj region in Croatia, promoting traditional local cuisine and culinary culture. It targets tourists and food enthusiasts interested in authentic regional dishes and local gastronomic events. The business is small-scale, operated likely by the regional tourism board, and focuses on cultural and culinary promotion rather than commercial sales. Technically, the site uses older but functional web technologies including Bootstrap 2.x and jQuery 1.10.2, with basic mobile optimization and SEO. Security posture is moderate with no advanced security headers or DNSSEC, and outdated libraries pose some risk. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is accessible, content-rich, and trustworthy but would benefit from modernization and improved security and privacy practices.

J

Javna ustanova za Zaštitu i očuvanje prirode Ličko senjske Županije

zop-lsz.hr

0

The website represents a Croatian public institution dedicated to the protection and preservation of nature in the Ličko-senjska County. It provides comprehensive information about protected areas, educational programs, projects, and public announcements. The institution targets local citizens, environmental professionals, and visitors interested in nature conservation. The business model is that of a government entity focused on environmental stewardship and public service. Technically, the website is built on WordPress using popular plugins such as Elementor, WPBakery, LayerSlider, and Slider Revolution. It employs modern web technologies including HTTPS, jQuery, and Google Fonts. The site is mobile-optimized and includes accessibility features, enhancing user experience for diverse audiences. From a security perspective, the site uses HTTPS with good SSL configuration and security headers. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit security policies or incident response information. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, aligned with GDPR requirements. Overall, the website is trustworthy, professionally maintained, and serves its public institution role effectively. Strategic recommendations include publishing a dedicated security policy, incident response contacts, and vulnerability disclosure information to further enhance trust and compliance.

Ž

ŽUPANIJSKA UPRAVA ZA CESTE LIČKO-SENJSKE ŽUPANIJE

zuc-ls.hr

0

ŽUPANIJSKA UPRAVA ZA CESTE LIČKO-SENJSKE ŽUPANIJE is a Croatian regional government agency responsible for the management and maintenance of roads within Ličko-Senjska County. The website serves as an official communication channel providing public notices, procurement information, road maps, and contact details to residents, contractors, and stakeholders. The agency positions itself as a trusted authority in transportation infrastructure within the region. Technically, the website is built on WordPress with Elementor and several plugins, offering a modern, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS and security headers, though it lacks published security policies and cookie consent mechanisms. Overall, the site is professional, trustworthy, and serves its public function effectively.

T

Turistička zajednica Ličko-senjske županije

visit-lika.com

0

The website visit-lika.com serves as the official regional tourism portal for Ličko-senjska County in Croatia, providing comprehensive information on travel planning, cultural heritage, activities, and gastronomy. It targets tourists and visitors interested in exploring the region, positioning itself as a key regional tourism authority. The site offers event announcements, travel resources, and promotes local attractions and services. Technically, the website uses a custom CMS with Bootstrap and jQuery, integrates Google Analytics for tracking, and AddToAny for social sharing. The design is professional, mobile-optimized, and offers clear navigation, though accessibility features are basic. Security posture is moderate with domain transfer protection but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and well-established with a domain age consistent with its business history.

J

Javna ustanova Razvojna agencija Ličko-senjske županije - LIRA

lsz-lira.hr

0

Javna ustanova Razvojna agencija Ličko-senjske županije - LIRA is a Croatian regional government agency established in 2008, focused on promoting and coordinating regional development activities in Ličko-senjska županija. The agency facilitates investment climate improvement, entrepreneurship, and socio-economic growth through project management, funding administration, and strategic planning. Their website reflects a professional and consistent brand presence, targeting regional stakeholders, investors, and public entities. Technically, the site uses modern frameworks like Bootstrap and jQuery, includes accessibility features, and is mobile optimized, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and secure forms, though some security headers are missing and no explicit incident response or vulnerability disclosure policies are found. Overall, the site is trustworthy, compliant with GDPR, and provides comprehensive contact and policy information.

Z

Zavod za prostorno uređenje Ličko-senjske županije

zzpulsz.hr

0

Zavod za prostorno uređenje Ličko-senjske županije is a Croatian government agency established in 2008, responsible for coordinating, monitoring, and implementing spatial planning within the Ličko-senjska county. The website serves as an official portal providing information about spatial plans, reports, and institutional activities targeting local residents, government officials, and urban planning professionals. The business model is focused on public sector service delivery with a clear mandate and regional authority. Technically, the website employs a modern but straightforward technology stack including jQuery, Modernizr, and Owl Carousel, hosted on a CMS platform developed by VIT. The site is mobile-optimized, accessible with multiple user-friendly features such as font resizing and contrast modes, and implements cookie consent mechanisms. SEO and metadata are well handled, though no structured JSON-LD data was found. From a security perspective, the site uses HTTPS with a good SSL configuration and basic security best practices like form validation and cookie consent. However, it lacks advanced security headers and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is trustworthy, professional, and serves its government function well. The main risks relate to missing privacy and security policy documentation and absence of explicit incident response information. Addressing these gaps would improve compliance and user trust.

L

Lika ceste d.o.o.

likaceste.hr

0

Lika ceste d.o.o. is a Croatian company specializing in the maintenance, protection, reconstruction, and construction of roads and related infrastructure, primarily serving the Gospić region. The company positions itself as a regional service provider focused on public roadways, offering key services such as road maintenance and winter services. The website reflects a medium-sized enterprise with a clear focus on transportation infrastructure, targeting local government entities and public road users. Technically, the website is built on WordPress using Bootstrap for responsive design, enhanced with several JavaScript libraries including jQuery, Owl Carousel, and Google Maps API. SEO is supported by the Yoast SEO plugin, and user interaction is facilitated through Contact Form 7 with Google reCAPTCHA v3 for spam protection. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. From a security perspective, the site uses HTTPS and includes a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers and published security policies or incident response information. No vulnerability disclosure or security.txt files are present, indicating room for improvement in transparency and security maturity. Overall, the website is professional and trustworthy with moderate tracking and analytics usage. It is safe for general audiences and does not contain adult or questionable content. The domain registration data aligns well with the business identity, supporting legitimacy. Strategic improvements in security headers, incident response policies, and accessibility would enhance the site's security posture and compliance.

Športsko ribolovno društvo LUC Novalja is a well-established Croatian sports fishing society founded in 1973. The organization focuses on promoting fishing sports through competitions and community events, serving a local and regional audience of fishing enthusiasts. Their website reflects a community-oriented non-profit model with clear contact information and active event updates. Technically, the site uses a modern tech stack including AMP for mobile optimization, Bootstrap for responsive design, and JavaScript libraries for enhanced user experience. However, the CMS is custom or unknown, and hosting details are not explicit. Security posture is moderate; HTTPS is used, and cookie consent is implemented, but security headers and vulnerability disclosures are lacking. Privacy compliance is basic with a cookie banner and a linked cookie policy page but no explicit privacy policy or terms of service pages. Overall, the website is professional and trustworthy but could improve in security and compliance areas.

A

Arburoža d.o.o.

arburoza.hr

0

Arburoža d.o.o. is a municipal service company serving the city of Novalja, Croatia, specializing in waste management, public procurement, financial planning, and cemetery services. The website is well-structured, providing clear information and easy navigation for residents and businesses. The company maintains a local government service profile with transparent contact details and public tenders. Technically, the site is built on WordPress with modern plugins and is optimized for mobile devices. Security posture is solid with HTTPS, security headers, and GDPR compliance, though it lacks explicit security and incident response policies. Overall, the site reflects a trustworthy and professional municipal service provider with room for enhanced security transparency.

K

Komunalije d.o.o. Novalja

komunalije-novalja.hr

0

Komunalije d.o.o. Novalja is a municipal utility company serving the Novalja area on the island of Pag, Croatia. The company provides essential services such as water supply, sewage management, and public procurement transparency. The website serves as an information portal for residents and businesses, offering news updates, service pricing, and contact information. The business operates as a local public utility with a focus on community service and compliance with local regulations. Technically, the website uses legacy technologies including an outdated jQuery version, and lacks modern mobile optimization and advanced security headers. While HTTPS is assumed, no explicit security policies or incident response contacts are published. Privacy compliance is partially addressed with a privacy policy page but lacks cookie consent mechanisms. Overall, the site is functional and trustworthy but would benefit from modernization and enhanced security practices.

T

Turistička zajednica grada Novalje

visitnovalja.hr

0

Visit Novalja is the official tourism website for the city of Novalja and the island of Pag in Croatia, operated by the local tourism board (Turistička zajednica grada Novalje). The site provides comprehensive information for tourists including local attractions, events, gastronomy, accommodation options, and cultural heritage. It targets tourists and visitors seeking detailed and official travel information about the region. The business model is focused on tourism promotion and information dissemination, positioning itself as a trusted local authority in the hospitality sector.

G

Gradska uprava Novalja

novalja.hr

0

The website www.novalja.hr serves as the official digital portal for the city of Novalja, Croatia, providing residents, tourists, and businesses with comprehensive information about municipal services, news, public procurement, and community events. It holds a strong position as the primary communication channel for the local government, offering transparency and accessibility to public data and administrative resources. The site targets a broad audience including local citizens, government officials, and visitors interested in the city. Technically, the website employs a modern tech stack including Bootstrap, jQuery, and various JavaScript libraries to deliver a responsive and user-friendly experience. While the site is mobile-optimized and well-structured, there is room for improvement in accessibility and SEO practices. Security-wise, the site uses HTTPS and trusted external libraries but lacks several important security headers and does not provide visible incident response or vulnerability disclosure policies. Privacy compliance is partially met with a clear privacy policy but lacks cookie consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced security and privacy features to align with best practices and regulatory requirements.

Lučka uprava Novalja is the official Port Authority for Novalja, Croatia, managing port infrastructure and providing public services related to maritime transport and port operations. The website serves as an information hub for public procurement, tariffs, projects, and user inquiries, targeting residents, businesses, and maritime users in the region. The business operates as a small government entity with a domain age consistent with its establishment in 2011. Technically, the website is built on WordPress with common plugins such as Smart Slider 3 and uses modern web fonts and responsive design, providing a good user experience and accessibility. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC, indicating room for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable gap for GDPR compliance. Overall, the website is professional and trustworthy but would benefit from enhanced security and privacy practices.

U

Udruga Biom

biom.hr

0

Udruga Biom is a Croatian non-profit organization dedicated to nature conservation and environmental education. The website serves as a platform to communicate their projects, publications, events, and opportunities for public involvement. It targets environmentalists, researchers, volunteers, and the general public interested in ecological issues. The organization operates primarily through donations, partnerships, and project funding, positioning itself as a reputable local NGO with active community engagement. Technically, the website is built on WordPress using modern technologies such as Tailwind CSS, Google Tag Manager, and reCAPTCHA for form security. The site is mobile-optimized with good SEO and accessibility basics, though some improvements could be made in accessibility and performance tuning. Analytics are implemented via Google Analytics, with moderate user tracking and GDPR-compliant privacy and cookie policies. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. Forms are protected with reCAPTCHA, and no obvious vulnerabilities or exposed sensitive data were detected. However, the absence of a public security policy or vulnerability disclosure page suggests room for maturity in security governance. Overall, the website is professional, trustworthy, and well-aligned with the organization's mission. It presents low risk from a security and compliance standpoint but would benefit from enhanced transparency in security policies and incident response readiness.

J

Javna ustanova "Priroda"

ju-priroda.hr

0

Javna ustanova "Priroda" is a governmental institution responsible for managing protected natural areas in the Primorsko-goranska County of Croatia. The website serves as an informative portal offering educational content, visitor center information, and publications related to nature conservation. The organization targets the general public, local communities, and stakeholders interested in environmental protection. The business model is non-profit and government-funded, focusing on regional nature preservation and education. Technically, the website is built on WordPress with a modern tech stack including Visual Composer, WPML for multilingual support, and various plugins for galleries and PDF viewing. The site is mobile optimized, accessible, and uses HTTPS with Google Tag Manager for analytics. Performance is moderate with good SEO and accessibility practices. Security posture is solid with HTTPS enforced and no exposed sensitive data, but lacks some security headers and formal incident response information. Privacy and cookie policies are missing, representing compliance gaps. Social media integration is present and professional. Overall, the website is trustworthy and professional, with room for improvement in privacy compliance and security hardening. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, and establishing a vulnerability disclosure channel.

Z

Zavod za prostorno uređenje Dubrovačko-neretvanske županije

zzpudnz.hr

0

The website zzpudnz.hr is the official online portal for the Zavod za prostorno uređenje Dubrovačko-neretvanske županije, a governmental spatial planning institute serving the Dubrovnik-Neretva County in Croatia. It provides comprehensive spatial planning documentation, project information, and news updates relevant to local government officials, urban planners, and the public. The site is well-structured, professionally designed, and offers extensive archives of news and legal documents related to spatial planning. The target audience includes government entities, municipalities, and citizens interested in regional planning and development. Technically, the website is built on the DotNetNuke (DNN) CMS platform, utilizing modern JavaScript libraries such as jQuery, Vue.js, and Bootstrap for responsive design and user experience. The site is mobile optimized and includes accessibility features. Security best practices are observed with HTTPS enforced, appropriate security headers, and secure form handling. Google Analytics is used for visitor tracking, with a cookie consent mechanism in place to comply with GDPR requirements. From a security perspective, the site shows a mature posture with no detected vulnerabilities or exposed sensitive data. However, there is no explicit public security policy or vulnerability disclosure page, and incident response contact information is not provided. The WHOIS data confirms the domain's legitimacy, consistent with the Croatian governmental entity it represents, and the domain age aligns with the institution's operational history. Overall, zzpudnz.hr is a credible, secure, and professionally maintained governmental website that effectively serves its informational and public service role. Strategic recommendations include publishing a dedicated security policy, adding vulnerability disclosure information, and providing clear incident response contacts to enhance transparency and trust.

D

Dubrovačko-neretvanska županija

dnz.hr

0

Dubrovačko-neretvanska županija operates as the official regional government authority for the Dubrovnik-Neretva County in Croatia. The website serves as a comprehensive portal for residents and stakeholders, providing news, administrative services, public notices, and access to official documents. It targets local citizens and government officials, positioning itself as a trusted source of regional governance information. Technically, the website is built on WordPress 6.6.1 with a modern theme and plugins such as WPML for multilingual support and Cookie Law Info for GDPR compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices, although hosting provider details are not explicitly identified. From a security perspective, the site enforces HTTPS, employs standard security headers, and implements a cookie consent mechanism aligned with GDPR. However, it lacks explicit privacy policies, security policies, incident response information, and vulnerability disclosure mechanisms, which are recommended for enhanced transparency and compliance. Overall, the website presents a professional and trustworthy digital presence for a government entity, with moderate technical maturity and a solid security posture. Strategic improvements in privacy and security documentation would further strengthen its compliance and user trust.

Lokalna Hrvatska is a Croatian non-profit organization operating a national news service focused on local government and municipal news. The website serves as a platform for disseminating news, event calendars, weather updates, and email newsletters targeted at local authorities and citizens interested in local governance. The organization appears well-established with a domain age consistent with its founding year of 2013 and transparent registrant information matching the website's claims. Technically, the website uses a custom CMS and integrates several legacy and modern technologies including jQuery 1.8.3, Leaflet for mapping, and multiple analytics and advertising platforms such as Google Analytics, Yandex Metrika, Facebook Pixel, and Mailchimp. While the site is functional and moderately optimized for mobile, it lacks some modern security headers and uses outdated JavaScript libraries, which could pose security risks. From a security perspective, HTTPS is enforced, and no sensitive data is exposed in the HTML. However, the absence of active Content-Security-Policy headers and the use of outdated jQuery versions are notable vulnerabilities. Privacy compliance is partially addressed with a GDPR privacy statement, but no cookie consent mechanism is present despite active tracking scripts. Overall, the website is moderately secure and credible, with clear business information and contact details. Strategic improvements in updating libraries, enhancing security headers, and implementing cookie consent would strengthen its security posture and privacy compliance.

S

Splitsko-dalmatinski filmski ured

filmingindalmatia.hr

0

The website filmingindalmatia.hr represents the Splitsko-dalmatinski filmski ured, a regional film office dedicated to supporting film, TV, and commercial productions in the Dalmatia region of Croatia. It offers services such as location scouting, permit facilitation, and production collaboration, targeting filmmakers and production companies interested in shooting in this area. The site is well-structured with good SEO practices and integrates Google Maps for location visualization, enhancing its utility for its audience. Technically, the website is built on WordPress using Elementor and Yoast SEO plugins, leveraging modern web technologies including Google Fonts and Google Maps API. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. Security is robust with HTTPS enabled and several security headers present, though explicit security policies and incident response information are absent. From a security and compliance perspective, the site maintains a good posture with no visible vulnerabilities or exposed sensitive data. However, it lacks visible privacy and cookie policies, which are important for GDPR compliance. Contact information is primarily available via a contact form, with no direct emails or phone numbers found. WHOIS data aligns well with the website's regional and business claims, supporting its legitimacy. Overall, the website is a credible and professional platform serving a niche regional market with good technical and security standards but would benefit from enhanced privacy compliance and explicit security documentation.

D

Dalmatia Storytelling

dalmatiastorytelling.com

0

Dalmatia Storytelling is a niche cultural tourism business founded in 2021, offering storytelling experiences in the Dalmatia region through interpretive guides, theatrical groups, and technology. The website is professionally designed using WordPress and Elementor, with multilingual support and a clear focus on cultural and travel audiences. The technical infrastructure is modern and includes popular libraries and frameworks, hosted by a reputable provider Hetzner Online GmbH. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is good with a comprehensive cookie policy and GDPR consent. Business credibility is supported by consistent branding and structured data.

S

Splitsko-dalmatinska Županija

digitalnadalmacija.hr

0

Digitalna Dalmacija is a regional technology and education initiative led by the Split-Dalmatia County, focused on fostering digital skills, startup ecosystem growth, and a vibrant technology community in Croatia. The website serves as a hub for educational programs, startup acceleration, and community events, targeting students, professionals, retirees, and entrepreneurs. It is well-positioned as a government-backed regional technology hub with strong partnerships and community engagement. The technical infrastructure is based on ASP.NET WebForms with modern JavaScript libraries and CMS (DNN), providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and some best practices, but lacks explicit security headers and vulnerability disclosure mechanisms. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional, trustworthy, and content-rich, but could improve in privacy and security transparency.

Javna ustanova RERA S.D. za koordinaciju i razvoj Splitsko-dalmatinske županije is a Croatian public institution focused on regional development and coordination within the Split-Dalmatia County. The organization provides technical assistance, project preparation, and manages EU fund utilization to support local government, entrepreneurs, and NGOs. The website reflects its authoritative role with comprehensive content, official documentation, and transparent public procurement information. Technically, the site uses modern web technologies including Bootstrap, jQuery, and analytics tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though additional security headers and explicit security policies could enhance protection. Overall, the domain registration and WHOIS data align well with the institution's identity, indicating legitimacy and trustworthiness.

U

Underwater heritage

underwater-heritage.hr

0

The website 'Underwater heritage' serves as an informational platform dedicated to underwater cultural heritage in Croatia, including catalogues, maps, and detailed information about ancient architecture, shipwrecks, and other underwater archaeological sites. It targets researchers, historians, archaeologists, and tourists interested in maritime heritage. The site is built on the Wix platform, leveraging Wix's Thunderbolt framework and associated UI libraries, with additional integrations such as Sentry for error monitoring and Vidjet for chat support. The technical infrastructure is modern and well-implemented, with HTTPS enforced and moderate performance and mobile optimization. However, the site lacks explicit privacy, cookie, and terms of service policies, and no direct contact information is provided, which impacts privacy compliance and business credibility scores. Security posture is decent with HTTPS and some best practices, but missing security headers and formal policies reduce the overall security maturity. Overall, the site is a good quality, niche cultural heritage resource with moderate trustworthiness but would benefit from enhanced privacy and security disclosures.

G

Grad Ozalj

ozalj.hr

0

Grad Ozalj operates as the official municipal government website for the city of Ozalj in Croatia, providing comprehensive information and services to residents, investors, businesses, and tourists. The site covers a wide range of municipal functions including city governance, budget transparency, procurement, local projects, and community engagement. It serves as a central digital platform for public communication and administrative transparency. Technically, the website is built on WordPress using the Elementor page builder, enhanced with SEO tools like Rank Math and privacy compliance plugins such as Complianz. The infrastructure supports modern web standards including HTTPS and responsive design, ensuring accessibility across devices. Google Analytics is employed for visitor tracking with an explicit cookie consent mechanism, reflecting a mature digital presence. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks explicit advanced security headers and published incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data confirms the domain's legitimacy and consistency with the municipal entity, reinforcing trustworthiness. Overall, Grad Ozalj's website demonstrates a solid balance of content quality, technical implementation, and privacy compliance suitable for a government entity. Strategic improvements in security headers and incident response transparency could further enhance its security posture and public trust.

G

Grad Duga Resa

dugaresa.hr

0

Grad Duga Resa operates an official municipal website serving the city of Duga Resa in Croatia. The site provides public information, news, and municipal services to residents and visitors. It positions itself as the authoritative source for local government communications and community engagement. The website is built on WordPress using the Divi theme, enhanced with SEO and GDPR compliance plugins, reflecting a moderate level of digital maturity. The technical infrastructure supports responsive design and basic accessibility, ensuring usability across devices. Security posture is adequate with HTTPS enabled and cookie consent implemented, though additional security headers and explicit policies could enhance protection. Overall, the site is legitimate and trustworthy, though WHOIS privacy limits domain ownership transparency. Strategic recommendations include improving security headers, publishing privacy and incident response policies, and enhancing contact information visibility.

J

Javna ustanova Regionalna razvojna agencija Karlovačke županije

ra-kazup.hr

0

Javna ustanova Regionalna razvojna agencija Karlovačke županije (JURRA) is a regional government agency established by Karlovačka županija to coordinate and promote regional development. The agency provides free expert assistance in project preparation and implementation, educational and advisory services primarily targeting public legal entities and institutions within the Karlovačka županija region. The website is professionally designed, well-structured, and optimized for SEO and accessibility, reflecting a mature digital presence. Technically, it is built on WordPress with modern plugins for SEO, cookie consent, and analytics, ensuring compliance with GDPR and user privacy standards. Security posture is good with HTTPS enabled and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the domain is privacy protected in WHOIS as per GDPR, which is justified for this type of public institution. The website content and structured data strongly support the legitimacy and trustworthiness of the agency.

Muzej Međimurja Čakovec is a well-established regional museum in Croatia, offering a broad range of cultural, historical, and artistic exhibits. The website reflects a mature digital presence with detailed content about museum collections, exhibitions, and educational programs. The institution targets general audiences including tourists, researchers, and local visitors. Technically, the website uses modern web technologies such as Bootstrap, jQuery, and Google Tag Manager, hosted on a Croatian hosting provider. Security posture is adequate with HTTPS enabled but lacks some security headers and formal privacy and cookie policies, which are important for compliance and trust. Overall, the site is professional and trustworthy but could improve privacy compliance and security best practices.

M

Muzej nematerijalne baštine "Riznica Međimurja"

riznica.hr

0

Muzej nematerijalne baštine "Riznica Međimurja" operates as a cultural heritage museum and multimedia portal dedicated to preserving and promoting the intangible cultural heritage of the Međimurje region in Croatia. The website serves as a digital gateway to museum exhibitions, educational content, virtual tours, and cultural events, targeting a general audience including tourists, students, and cultural enthusiasts. The institution holds a regional market position as a key cultural and tourism entity in Northern Croatia. Technically, the website is built on WordPress CMS with modern plugins and frameworks such as Bootstrap and Revolution Slider, ensuring a responsive and visually appealing user experience. The site is hosted by Orbis d.o.o., a Croatian registrar and hosting provider, with a domain age consistent with the museum's recent establishment in 2018. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though security headers and explicit security policies could be improved. Privacy compliance is demonstrated through a privacy policy and cookie banner, reflecting GDPR awareness. Overall, the website is professional, trustworthy, and well-structured, supporting the museum's mission effectively.

Ž

Županijska uprava za ceste Međimurske županije

zuc-ck.hr

0

Županijska uprava za ceste Međimurske županije is a Croatian government agency responsible for managing county and local roads within Međimurje County. The website serves as an informational portal providing details on road maintenance, construction projects, legal frameworks, public procurement, and access to official information. The target audience includes local residents, government officials, contractors, and other stakeholders interested in regional road infrastructure. The agency operates under the Croatian national registrar CARNET, with a domain established in 2005, reflecting a mature and stable online presence. Technically, the website is built on Joomla CMS using the Helix Ultimate framework and SP Page Builder, incorporating modern web technologies such as Bootstrap 5 and jQuery. Hosting is provided by Totohost, a Croatian hosting provider. The site demonstrates moderate performance and good mobile optimization, with basic accessibility features. SEO optimization is basic but functional, and the site uses HTTPS with a good SSL configuration. Security practices include CSRF token implementation and HTTPS enforcement, though explicit security headers are not clearly present. From a security perspective, the site shows a solid posture for a government informational portal, with no visible vulnerabilities or exposed sensitive data. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance and user trust. There is no evidence of incident response or vulnerability disclosure mechanisms. The absence of tracking or advertising technologies indicates a privacy-conscious approach, though formal policies are missing. Overall, the website is professional, trustworthy, and serves its governmental function well. Strategic improvements include adding comprehensive privacy and cookie policies, enhancing security headers, and publishing incident response and vulnerability disclosure information to strengthen compliance and security transparency.

C

Centar dr. R. Steinera

centar-rudolf-steiner.com

0

Centar dr. R. Steinera is a small educational/spiritual center based in Donji Kraljevec, Croatia, focused on Rudolf Steiner's teachings. The website is multilingual and built on WordPress using the Divi theme, indicating a moderate level of digital maturity. The technical infrastructure includes modern elements such as HTTPS, Google reCAPTCHA, and Cloudflare DNS, but lacks advanced security headers and DNSSEC. The security posture is adequate but could be improved by implementing additional security headers and publishing formal security policies. Privacy compliance is limited due to the absence of a privacy policy and terms of service, although a cookie consent mechanism is present. Overall, the website is functional and moderately professional but would benefit from enhanced compliance and security documentation.