Security Directory

The website mep.lt is currently a parked domain page indicating that the domain is for sale. It does not represent an active business or service provider. The content is minimal, primarily advertising the domain sale with no substantive business information, contact details, or privacy policies. The technical infrastructure relies on basic HTML, CSS, and JavaScript with embedded third-party iframes and ad scripts, which introduces potential security risks. There is no evidence of HTTPS enforcement or security headers, and no compliance with privacy regulations is demonstrated. Overall, the site lacks professionalism and trustworthiness, reflecting its status as a domain parking page rather than an operational business website.

Ž

Žmogaus teisių gidas

zmogausteisiugidas.lt

0

Žmogaus teisių gidas is a Lithuanian educational website dedicated to human rights and civic education. It offers thematic articles, tests, court practice summaries, and resources to educate the public on human rights issues. The site targets a general audience interested in learning about human rights in everyday situations. The platform is supported by reputable European and Baltic organizations, indicating a non-profit educational mission. Technically, the website employs modern web technologies including Matomo analytics with privacy-respecting default settings, Google Fonts, and cookie consent mechanisms. The site is mobile optimized and accessible, with a clear navigation structure. Security posture is moderate, with HTTPS enforced but lacking explicit security headers and vulnerability disclosures. WHOIS data for the domain is unavailable, which reduces trustworthiness from a domain registration perspective. Overall, the website is a credible educational resource with room for improvement in privacy policy transparency and security best practices.

V

Valga Muuseum

valgamuuseum.ee

0

Valga Muuseum is a regional cultural and educational institution based in Valga, Estonia, providing museum exhibitions, educational programs, research activities, and a museum shop. The website reflects a stable and established organization with a domain registered since 2010. The museum targets a broad audience including local visitors, students, and researchers, offering a variety of cultural and educational services. Technically, the website uses a common CMS (Greativ), standard JavaScript libraries, and integrates Google Analytics and Facebook SDK for tracking. The site is mobile-optimized with good navigation and content relevance. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and a cookie consent mechanism, which impacts privacy compliance. Overall, the website is professional, trustworthy, and serves its purpose well.

Valga Sport is a local Estonian sports organization focused on promoting youth and community sports activities, managing sports facilities, and organizing events. The website serves as an information portal for sports opportunities, events, and news relevant to the Valga region. The organization appears to be a small-sized entity with a public or non-profit orientation, supported by local government affiliations. Technically, the website is built on the Greativ CMS platform and uses common web technologies including Google Analytics and Facebook Pixel for tracking. The site is mobile-optimized with a moderate performance profile and basic SEO and accessibility features. Hosting and domain registration are consistent with a local Estonian provider, Telia Eesti AS. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks advanced security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The WHOIS data is transparent and consistent with the business claims, supporting legitimacy. Overall, the website is professional and trustworthy for its intended audience but could improve in privacy compliance and security posture to better align with modern standards.

M

MAMFORCE

mamforce.hr

0

MAMFORCE is a Croatian-based organization specializing in Diversity, Equity, and Inclusion (DEI) certifications and consulting services aimed at improving workplace culture for families and women. Their offerings include multiple certification standards such as MAMFORCE Standard, DADFORCE Standard, and INC.Q EQUAL PAY, alongside training and employer branding services. The company positions itself as a leader in promoting fair and inclusive organizational cultures within Croatia. Technically, the website is built on WordPress with a modern tech stack including Google Analytics, Facebook Pixel, and various plugins enhancing user experience and tracking capabilities. The site is mobile-optimized and SEO-friendly, reflecting a good level of digital maturity. Security-wise, the site enforces HTTPS and uses some security best practices but lacks certain headers like Content-Security-Policy and X-Frame-Options, which are recommended for enhanced protection. No privacy policy or terms of service were found, which is a compliance gap. Overall, the domain registration is consistent with the business claims, and no suspicious patterns were detected, supporting a high legitimacy score.

R

Regionalni centar kompetentnosti u turizmu i ugostiteljstvu Zabok

rcktu-zabok.hr

0

The website represents the Regional Center of Competence in Tourism and Hospitality located in Zabok, Croatia. It serves as an educational institution offering secondary education, adult courses, workshops, retraining, and consulting services focused on tourism and hospitality sectors. The center aims to develop professional skills, creativity, and social responsibility among students and professionals, supported by EU funding. The site is well-structured, professionally designed, and targets students, adult learners, and regional businesses in the tourism and hospitality industry. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit privacy and terms of service pages and a vulnerability disclosure policy. Overall, the domain registration and hosting are consistent with the business profile, indicating legitimacy and trustworthiness.

R

Ride & Bike 2

rideandbike.eu

0

Ride & Bike 2 is a regional tourism promotion website focusing on the natural and cultural heritage of several regions in Croatia and Slovenia. It provides information about outdoor activities, cultural sites, and local attractions, targeting tourists and outdoor enthusiasts. The website leverages WordPress CMS with WPBakery Page Builder and integrates Google Tag Manager for analytics. While the site is well-structured and visually consistent, it lacks critical privacy and cookie policies, as well as explicit contact information, which impacts its compliance and trustworthiness. Security posture is moderate with HTTPS enabled but missing security headers and incident response contacts. Overall, the site is functional and serves its tourism promotion purpose but requires improvements in privacy compliance and security best practices.

D

Dom za žrtve nasilja u obitelji NOVI POČETAK

novipocetak.hr

0

Dom za žrtve nasilja u obitelji NOVI POČETAK is a Croatian social care institution dedicated to supporting victims of domestic violence and their children. Founded and operated under the auspices of the Krapinsko-zagorska županija regional government, it provides safe accommodation, psychosocial counseling, and professional social work services. The website reflects a well-structured, professionally designed platform with clear navigation and relevant content tailored to its target audience. Technically, the site is built on WordPress with Elementor and Yoast SEO, integrating Google Analytics and reCAPTCHA for security and analytics purposes. Security posture is strong with HTTPS enforced and appropriate security headers, though it lacks published security policies and cookie consent mechanisms. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the site is trustworthy, compliant with GDPR in terms of privacy policy presence, but could improve cookie consent and incident response transparency.

The website 'Crveni popis Hrvatske' is an official Croatian government portal managed by the Ministry of Environment and Green Transition, specifically the Institute for Environmental Protection and Nature. It serves as a comprehensive resource for data on endangered wild species in Croatia, providing risk assessments, conservation information, and public education. The portal targets a broad audience including researchers, policymakers, and the general public interested in biodiversity and environmental protection. Technically, the site employs modern web technologies such as HTML5, CSS3, JavaScript, Chart.js for data visualization, and Leaflet.js for mapping. The presence of a CSRF token and HTTPS indicates a secure infrastructure, although some security headers are missing. Accessibility is addressed but with room for improvement, particularly in image alt attributes and text scaling. The site is moderately performant and mobile-optimized. From a security perspective, the portal demonstrates good practices including GDPR compliance, cookie consent mechanisms, and secure form handling. However, it lacks explicit incident response contact details and a published vulnerability disclosure policy. No critical vulnerabilities or suspicious activities were detected. WHOIS data confirms the domain's legitimacy and alignment with the governmental nature of the site. Overall, the website is trustworthy, professionally maintained, and fulfills its mission effectively. Strategic improvements in security headers, accessibility, and incident response transparency would further enhance its posture.

P

Poliklinika Magdalena

magdalena.hr

0

Poliklinika Magdalena is a well-established healthcare provider specializing in cardiovascular care with over 25 years of experience. The organization operates multiple physical locations in Croatia, including Zagreb and Krapinske Toplice, and offers a comprehensive range of services from diagnostics to surgical interventions and telemedicine. The website reflects a professional and patient-focused approach, targeting individuals seeking specialized cardiovascular healthcare. Technically, the site is built on WordPress with modern tools such as Gravity Forms for data collection, Google Analytics and Facebook Pixel for analytics, and CookieYes for GDPR-compliant cookie consent. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website and domain registration details indicate a legitimate and trustworthy healthcare provider with a solid digital presence.

S

Specijalna bolnica za medicinsku rehabilitaciju Krapinske Toplice

sbkt.hr

0

Specijalna bolnica za medicinsku rehabilitaciju Krapinske Toplice is a specialized healthcare provider focused on medical rehabilitation services for neurological, cardiovascular, orthopedic, rheumatologic, and internal medicine patients, including both adults and children. The hospital also offers outpatient specialist services, health tourism, and preventive health programs. The website reflects a well-established regional medical institution with a clear market position and a comprehensive service portfolio. The target audience primarily includes patients and healthcare consumers seeking rehabilitation and wellness services in Croatia. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and various plugins for enhanced functionality such as forms and galleries. The site is mobile optimized, accessible, and SEO friendly, with good content quality and consistent branding. Security posture is solid with HTTPS enforced and CAPTCHA protection on forms, though there is room for improvement in implementing security headers and cookie consent mechanisms. Overall, the domain registration and WHOIS data align well with the business claims, supporting the legitimacy and trustworthiness of the entity.

Z

Zavod za javno zdravstvo Krapinsko-zagorske županije

zzjzkzz.hr

0

Zavod za javno zdravstvo Krapinsko-zagorske županije is a regional public health institute serving the Krapina-Zagorje County in Croatia. The organization provides a broad range of public health services including epidemiology, microbiology, health promotion, school medicine, environmental health, and mental health and addiction prevention. The website targets local residents and public health stakeholders, offering news, contact information, and resources relevant to the community. The business model is government-funded, positioning the institute as a key regional health authority. Technically, the website uses a custom ASP-based CMS with legacy JavaScript libraries such as jQuery 1.8.2 and Modernizr, alongside modern UI components like the Revolution Slider and UserWay accessibility widget. The site is moderately optimized for performance and mobile devices, with basic SEO and good accessibility features. However, some technical debt is evident due to outdated libraries and lack of advanced security headers. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, the use of outdated JavaScript libraries and absence of security headers like CSP and HSTS present potential vulnerabilities. No explicit security or incident response policies are published. Contact information is clearly provided, enhancing trust and transparency. Overall, the website is professional, trustworthy, and serves its public health mission effectively. Strategic improvements in updating technical components and enhancing security headers would strengthen its security posture and compliance. The site is safe for general audiences with no adult or questionable content detected.

D

Dom zdravlja Krapinsko zagorske županije

dzkzz.hr

0

Dom zdravlja Krapinsko zagorske županije is a public healthcare provider serving the Krapinsko-zagorska County in Croatia. The organization offers a range of primary healthcare services including family medicine, pediatrics, palliative care, and radiology. The website reflects a well-established regional healthcare institution with multiple branch offices, targeting local residents seeking accessible medical care. The business model is government-funded, focusing on essential healthcare delivery rather than commercial services. The website content is comprehensive and professionally presented, supporting patient engagement through news updates and satisfaction surveys. Technically, the website is built on WordPress with modern plugins such as Elementor and Smart Slider 3, ensuring a responsive and accessible user experience. The site uses HTTPS and includes GDPR-compliant cookie consent mechanisms, reflecting a mature digital infrastructure. Performance is moderate with good mobile optimization and SEO practices. However, some security headers are not explicitly detected, suggesting room for improvement in security hardening. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. The presence of GDPR compliance and a dedicated privacy policy page indicates attention to data protection. However, the absence of explicit security policy and incident response information could be addressed to enhance trust and preparedness. Overall, the domain registration data aligns well with the website's claims, supporting legitimacy and trustworthiness. The overall risk assessment is low, with no signs of malicious activity or suspicious content. Strategic recommendations include implementing additional security headers, maintaining up-to-date software, and publishing clear security and incident response policies to further strengthen the security posture and user trust.

L

Libela

libela.org

0

Libela.org is a Croatian non-profit organization dedicated to promoting gender equality and social justice through media and advocacy. The website serves as a platform for publishing articles, reports, and news focused on gender facts and social issues relevant to Croatia. It targets a general audience interested in social activism and equality. The organization has been active since 2009, reflecting a mature and stable presence in its niche. Technically, the website is built on WordPress and leverages modern web technologies such as jQuery, Lightbox2, and Swiper for enhanced user experience. It is hosted on Linode, ensuring reliable infrastructure. The site demonstrates good mobile optimization, accessibility features, and SEO practices, supported by plugins like Yoast SEO and GDPR cookie compliance tools. From a security perspective, the site uses HTTPS with a valid SSL certificate and employs domain transfer protection. However, DNSSEC is not enabled, and additional security headers could be implemented to strengthen defenses. Privacy compliance is well addressed with clear privacy and cookie policies and explicit user consent mechanisms. No critical vulnerabilities or suspicious activities were detected. Overall, Libela.org presents a trustworthy, professional, and content-rich platform with a solid security posture and compliance framework. Strategic improvements in DNS security and HTTP headers would further enhance its security maturity and resilience.

P

Pomurski muzej Murska Sobota

pomurski-muzej.si

0

Pomurski muzej Murska Sobota is a regional museum dedicated to preserving and showcasing the cultural heritage of the Pomurje region in Slovenia. The website provides comprehensive information about exhibitions, events, educational programs, and digital collections, targeting a broad audience including families, schools, and cultural enthusiasts. The museum positions itself as a key cultural institution in the region with a focus on both physical and digital heritage preservation. Technically, the website is built on the WBCE CMS platform with modern web technologies such as Bootstrap, jQuery, and Revolution Slider. It is hosted under a reputable Slovenian registrar (Arnes) and uses HTTPS with a valid SSL configuration. The site is mobile-optimized and includes basic accessibility features. Google Analytics is used for visitor tracking, and a cookie consent banner with opt-in is implemented, indicating good privacy compliance. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms but lacks advanced security headers and does not publish explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data aligns well with the website's claims, supporting legitimacy. Overall, the website is professional, trustworthy, and serves its cultural mission effectively. Strategic improvements in security headers, incident response transparency, and accessibility could enhance its security posture and compliance further.

H

Hosting i Domene AKCIJA 1+1

wmd.hosting

0

WMD Hosting operates as a regional web hosting and domain registration provider based in Croatia, offering a comprehensive suite of web services including domain registration, hosting packages, SSL certificates, and web development. The company targets web developers and businesses of various sizes, positioning itself with promotional offers such as the 'AKCIJA 1+1' campaign. Their market presence is supported by over 20 years of experience and a user base exceeding 10,000 clients across 73 countries. The website is professionally designed with multilingual support and integrates modern web technologies and accessibility features.

K

KB Studios

kbstudios.hr

0

KB Studios is a small business based in Croatia currently undergoing a website redesign to improve clarity and user experience. The company invites potential clients to contact them via phone or email for services, though specific services are not detailed on the homepage. The website uses WordPress with Elementor and integrates Google Analytics and Tag Manager for tracking, along with Google Translate for multilingual support. The technical infrastructure is modern but basic, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site is functional but underdeveloped in content and compliance aspects.

E

Europe Direct Informacijski ured Split

europedirect-split.hr

0

Europe Direct Informacijski ured Split operates as an official European Union information center serving the Split region in Croatia. The website provides comprehensive information and advisory services about the EU, targeting local citizens and residents. It is part of the Europe Direct network, offering free services and acting as a trusted source for EU-related news, publications, and guidance. The business model is non-profit and government-affiliated, focusing on public information dissemination. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Revolution Slider, ensuring good SEO and user experience. The site is mobile-optimized and includes accessibility features, enhancing usability for diverse audiences. External integrations include Google Tag Manager and Facebook SDK for analytics and social media engagement. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's claims, showing consistent registration details and domain age appropriate for the organization's history. Overall, the website demonstrates a solid security posture, good privacy compliance, and professional business credibility. Recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and expanding contact channels for security matters.

Municipal d.o.o. operates a website that currently serves as a minimal online presence, displaying only a logo on a plain blue background without any substantive business information or content. The lack of descriptive content, contact details, or service information limits the ability to assess the company's market position or business model. The website appears to be either under development or a placeholder. From a technical perspective, the website is very basic with no detectable scripts, frameworks, or CMS. There is no evidence of modern web technologies or SEO optimization. Mobile optimization and accessibility are minimal due to the lack of content and structure. Security posture is weak as there is no indication of HTTPS usage or security headers, and no privacy or cookie policies are present. The security evaluation highlights critical gaps including absence of HTTPS, lack of privacy and cookie policies, and no contact or incident response information. These factors significantly reduce trustworthiness and compliance with data protection regulations such as GDPR. The domain WHOIS data is privacy protected, which is common for small businesses but further limits transparency. Overall, the website poses a low risk in terms of content safety as it contains no adult or questionable material. However, the minimal content and lack of security and compliance features suggest a need for significant improvements to enhance trust, security, and user experience.

G

Gradska knjižnica i čitaonica Ivana Belostenca

gkc-ivanabelostenca.hr

0

Gradska knjižnica i čitaonica Ivana Belostenca is a small, non-profit public library and cultural institution located in Ozalj, Croatia. It offers library services, cultural events, and access to significant historical works such as the Gazophylacium bilingual dictionary. The website serves as an informational portal for the local community and cultural enthusiasts. Technically, the site is built on Joomla CMS using common web technologies including jQuery, Bootstrap, and Google Maps API. The hosting is provided by ZoNet, a reputable Croatian hosting provider. The site is accessible, with clear navigation and consistent branding, but shows room for improvement in mobile optimization and accessibility. Security posture is moderate with HTTPS enabled but lacking important security headers and privacy compliance documentation. No forms or tracking scripts are present, minimizing privacy risks but also limiting interactivity. Overall, the website is trustworthy and professionally presented but would benefit from enhanced security and privacy measures.

A

Azelija Eko d.o.o.

azelija-eko.hr

0

Azelija Eko d.o.o. is a Croatian municipal service company specializing in waste management, recycling, cemetery services, public lighting maintenance, and chimney sweeping within the Ozalj region and surrounding municipalities. The company operates fixed and mobile recycling yards and provides essential environmental services to local residents and businesses. The website reflects a local government service provider with clear contact information and service descriptions, targeting the regional community. Technically, the website is built on Joomla CMS with a Bootstrap framework and uses common JavaScript libraries such as jQuery and Font Awesome for UI elements. The site includes image sliders and responsive design elements, indicating moderate digital maturity. Hosting is provided by CARNET, a reputable Croatian academic network, which aligns with the local focus. From a security perspective, the site lacks visible security headers and explicit HTTPS enforcement in the provided data, which lowers its security posture. No privacy or cookie policies were found, indicating potential GDPR compliance gaps. The site does not use tracking or advertising technologies, which reduces privacy risks but also limits marketing insights. Overall, the website is functional and professional for its purpose but would benefit from enhanced security measures, privacy compliance improvements, and clearer policies to strengthen trust and regulatory adherence.

T

Turistička zajednica područja Kupa

tzp-kupa.hr

0

The website tzp-kupa.hr serves as the official tourism portal for the Kupa region in Croatia, managed by the Turistička zajednica područja Kupa. It provides comprehensive information about local attractions, events, accommodation, and gastronomy, targeting tourists and visitors interested in exploring the region. The site is positioned as a regional tourism authority with a focus on promoting natural heritage and active tourism. Technically, the site is built on WordPress using the Flatsome theme, with integrations such as Google Analytics and GTranslate for multilingual support. The infrastructure is modern and mobile-optimized, though performance is moderate. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks some security headers and formal security policies. Privacy compliance is basic, with privacy and cookie policies present but no explicit consent mechanism. Overall, the site is professional, trustworthy, and well-branded, serving its purpose effectively.

jQuery Tools is an open source JavaScript UI library providing essential user interface components such as tabs, tooltips, overlays, and form utilities. The website serves web developers and site creators by offering demos, documentation, and downloads of the library. It holds a moderate market position as a popular UI toolkit used by various websites worldwide. The business model is centered on open source distribution without direct commercial offerings. Technically, the site uses jQuery and the jQuery Tools library, hosted on HostGator, with moderate performance and basic mobile optimization. The site lacks HTTPS in the HTML content, uses HTTP for script loading, and does not implement security headers or privacy policies, indicating a low security posture. Google Analytics is used for tracking without visible cookie consent, raising privacy compliance concerns. Overall, the website is professional and functional but requires significant improvements in security and privacy compliance to enhance trust and protect users.

A

Agencija za gospodarenje otpadom d.o.o.

ago-dnz.hr

0

Agencija za gospodarenje otpadom d.o.o. operates as a regional governmental agency responsible for waste management in the Dubrovačko-neretvanska županija region of Croatia. The website serves as an informational and project communication platform, highlighting EU-funded initiatives under the Operational Programme Competitiveness and Cohesion 2014-2020. The agency provides key services including waste management infrastructure development, public education, and regulatory compliance support. Their market position is that of a specialized public sector entity with strong governmental and EU partnerships.

C

Centar za poduzetništvo d.o.o.

czp.hr

0

Centar za poduzetništvo d.o.o. is a regional entrepreneurial support center serving the Dubrovnik-Neretva County in Croatia. The organization focuses on providing a range of services including education, business consulting, credit programs, and assistance with EU funding projects. Their website reflects a government-affiliated entity aimed at fostering entrepreneurship and small business growth in the region. The target audience primarily consists of local entrepreneurs and small business owners seeking support and resources. Technically, the website employs a modern technology stack featuring jQuery, Bootstrap, FontAwesome, and various plugins for enhanced user experience and accessibility. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates Google Analytics and UserWay accessibility tools, indicating a mature digital infrastructure. The website content is well-structured, professionally designed, and includes clear navigation and relevant business information. From a security perspective, the site enforces HTTPS and obfuscates email addresses to reduce spam. However, it lacks explicit security policies and incident response contact details. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with GDPR-aligned privacy and cookie policies and a consent mechanism in place. The website demonstrates a good security posture but could improve by adding formal security documentation and security headers. Overall, the website is trustworthy, professional, and serves its business purpose effectively. The domain registration data aligns with the website's claims, reinforcing legitimacy. Strategic recommendations include enhancing security transparency, publishing incident response information, and maintaining regular security audits to sustain trust and compliance.

J

Javna ustanova za upravljanje zaštićenim dijelovima prirode Dubrovačko-neretvanske županije

zastita-prirode-dnz.hr

0

The website represents the official public institution responsible for managing protected natural areas in the Dubrovnik-Neretva County of Croatia. It provides information about environmental protection projects, permits, public procurement, and general organizational details. The site targets the general public, environmental stakeholders, and government entities, positioning itself as a regional governmental authority with a focus on nature conservation. Technically, the website is built on WordPress using the Enfold theme and several plugins including Yoast SEO and Event Organiser. It employs Google Analytics and Tag Manager for traffic analysis and has implemented cookie consent mechanisms, indicating GDPR awareness. The security posture is solid with HTTPS enabled and no obvious vulnerabilities detected, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-maintained, with clear branding and consistent content quality.

R

Regionalna razvojna agencija Dubrovačko-neretvanske županije - DUNEA

dunea.hr

0

Regionalna razvojna agencija Dubrovačko-neretvanske županije (DUNEA) is a government-established regional development agency founded in 2006 in Dubrovnik, Croatia. The agency focuses on promoting sustainable and balanced regional development, coordinating existing development activities, and aligning with national and EU requirements. Their key services include strategic planning, EU project management, and regional economic development initiatives. The website reflects a professional and consistent brand presence targeting regional stakeholders, local government, and businesses involved in development projects. Technically, the site is built on Joomla CMS with modern frontend frameworks and libraries, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent but lacks advanced security headers and explicit incident response policies. Overall, the site is trustworthy and compliant with GDPR, providing clear contact information and partner links.

M

Ministarstvo zaštite okoliša i zelene tranzicije

bioportal.hr

0

Bioportal.hr is the official web portal for the Information System for Nature Protection in Croatia, operated by the Ministry of Environment and Green Transition. It serves as a comprehensive platform providing biodiversity data, observation reporting tools, red list assessments, and other resources aimed at supporting nature conservation efforts. The website targets researchers, environmental professionals, government agencies, and the general public interested in Croatian natural heritage. It holds a strong market position as the authoritative national resource for environmental data and reporting. Technically, the website is built on WordPress with multilingual support via WPML, leveraging modern JavaScript libraries such as jQuery and Swiper.js for interactive features. The site includes a GDPR-compliant cookie consent mechanism and integrates Google Analytics for visitor insights. Performance and mobile optimization are good, with accessibility features implemented to support diverse users. From a security perspective, the site enforces HTTPS and uses cookie consent best practices. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. No vulnerabilities or exposed sensitive data were found. The WHOIS data confirms the domain's legitimacy and alignment with the governmental entity operating the site. Overall, bioportal.hr demonstrates a solid security posture, good privacy compliance, and professional digital presence. It is a trustworthy platform for environmental data dissemination with room for minor security enhancements.

Plus Hosting is a Croatian-based hosting service provider offering a range of services including domain registration, web hosting, reseller hosting, dedicated servers, VPS servers, SSL certificates, affiliate programs, and business mail solutions. The website analyzed is a placeholder page indicating that no active website is configured at the domain lun.hr. The business targets individuals and companies seeking hosting and domain services primarily in Croatia. The market position appears regional with a focus on technology infrastructure services. Technically, the website uses modern HTML5 and CSS3 standards with SVG graphics and a web font from a CDN. However, the site is minimalistic with no dynamic content, forms, or tracking scripts. The hosting provider is Plus Hosting itself, and the site performance and mobile optimization are basic but functional. There is no evidence of a CMS or advanced frameworks. From a security perspective, the site lacks visible HTTPS confirmation and security headers, which lowers its security posture. No privacy or cookie policies are present, and no incident response or security contact information is provided. The WHOIS data is unavailable due to GDPR restrictions and query limits, but this is consistent with privacy regulations and does not raise immediate suspicion. Overall, the security score is low due to missing best practices and policies. The overall risk is moderate given the site is a placeholder with no active content or user interaction. Strategic recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and improving contact and compliance information to enhance trust and security posture.

D

Dječji vrtić Carić Novalja

vrtic-caric.hr

0

Dječji vrtić Carić Novalja is a small educational institution providing kindergarten and childcare services in Novalja, Croatia. The website serves as an informational portal for parents and guardians seeking early childhood education options. The business appears locally focused with a consistent domain registration and a website built on WordPress using the Avada theme, indicating a moderate level of digital maturity. Technically, the site uses standard web technologies including jQuery and has a cookie consent mechanism, but lacks advanced security headers and explicit privacy or terms of service documentation. Security posture is adequate with HTTPS enabled, but could be improved by implementing additional security headers and clearer compliance documentation. Overall, the site is safe, professional, and trustworthy for its intended audience, but would benefit from enhanced privacy and security practices to align with best practices and regulatory requirements.

G

Gradski muzej Novalja

gradskimuzejnovalja.hr

0

Gradski muzej Novalja is a small government/non-profit cultural institution based in Croatia, focused on preserving and presenting the cultural heritage of Novalja and its surroundings. The website serves as an informational and educational platform offering museum exhibitions, lectures, and workshops to the local community and visitors. The digital presence is built on a modern WordPress CMS with Elementor and Astra theme, providing a good user experience with mobile optimization and SEO enhancements. Security posture is adequate with HTTPS enabled and no visible exposed sensitive data, but lacks advanced security headers and incident response information. Privacy compliance is limited, with no explicit cookie consent or detailed GDPR policy. Overall, the website is trustworthy and professionally maintained, suitable for its cultural mission.

C

Centar za kulturu Grada Novalje

czknovalja.hr

0

Centar za kulturu Grada Novalje is a Croatian cultural center focused on promoting and organizing cultural and sports events in Novalja and surrounding areas. The website serves as an information hub for upcoming and past events, official documents, and community engagement. It targets local residents and visitors interested in cultural activities. The site is built on WordPress with a modern theme and multilingual support, reflecting a moderate level of digital maturity. Security posture is solid with HTTPS and GDPR-compliant cookie consent, though some security headers are missing and no explicit security policies are published. Overall, the site is trustworthy and professionally maintained, suitable for its public cultural institution role.

TZ Stara Novalja is a local tourism organization dedicated to promoting the town of Stara Novalja on the island of Pag, Croatia. The website serves as a comprehensive portal offering event calendars, local attractions, outdoor activities, and useful information for tourists and property renters. It targets visitors interested in cultural events, outdoor sports, and local hospitality services. The organization appears well-established with a domain registered since 2001 and consistent WHOIS data. Technically, the website is built on WordPress using the Avada theme, leveraging common web technologies such as jQuery and MediaElement.js. It integrates Google Analytics for visitor tracking and implements cookie consent mechanisms. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS, includes standard security headers, and avoids exposing sensitive data. However, it lacks a formal security policy, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is basic, with a privacy notice present but limited GDPR-specific details. Overall, the website is trustworthy and professional, serving its purpose as a tourism information hub effectively. Strategic improvements in privacy compliance, security transparency, and accessibility could further enhance its posture and user trust.

DVD Novalja is a small, local volunteer firefighting organization based in Novalja, Croatia, serving the community on the island of Pag. The website provides information about their firefighting activities, technical interventions, and community safety efforts. The organization appears to be well-established with a domain age dating back to 2005, consistent with their operational history. The site targets local residents and visitors needing emergency and safety information. Technically, the website uses older web technologies such as jQuery 1.4.2 and lacks modern security features like HTTPS and security headers. The site is basic in design and functionality, with limited mobile optimization and no visible analytics or tracking tools. Contact information is clearly presented, but there are no privacy or cookie policies, which is a compliance gap. From a security perspective, the absence of HTTPS and use of outdated libraries pose risks. No advanced security policies or incident response contacts are provided. The site does not appear to collect user data via forms, reducing exposure but also limiting engagement. Overall, the security posture is weak and requires improvements to protect users and enhance trust. The overall risk is moderate due to the lack of encryption and outdated technology, but the site content is safe and non-malicious. Strategic recommendations include implementing HTTPS, updating libraries, adding privacy and cookie policies, and enhancing security headers to improve compliance and user trust.

V

Vodovod d.o.o. – Podružnica Novalja

aglomeracijanovalja.hr

0

The website represents a public infrastructure project managed by Vodovod d.o.o. – Podružnica Novalja, focused on improving water supply and wastewater treatment infrastructure in the Novalja region of Croatia. The project is co-financed by the European Union through the Cohesion Fund and national funds, emphasizing environmental protection and public utility enhancement. The site provides detailed project descriptions, progress updates, and contact information for stakeholders and the public. Technically, the website is built on WordPress CMS, utilizing common technologies such as jQuery, Yoast SEO for search engine optimization, and Swiper.js for interactive sliders. Hosting is provided by Plus Hosting Grupa d.o.o., a Croatian hosting provider. The site is mobile-optimized with good navigation and moderate performance. Google Analytics is used for visitor tracking, with a cookie consent mechanism in place to comply with GDPR. From a security perspective, the site enforces HTTPS and employs cookie consent banners, but lacks explicit security headers and public security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the hosting provider and the domain age aligns with the project timeline, supporting legitimacy. Overall, the website is professional, trustworthy, and compliant with privacy regulations. It effectively serves its purpose as an informational portal for a public utility project. Strategic improvements could include enhanced security headers, public incident response information, and accessibility enhancements to further strengthen security posture and user experience.

ECOLINE CROATIA offers a specialized IT solution named EKO PRIJAVA designed for efficient reporting and monitoring of field problems such as communal, construction, and road issues. Their solution includes a mobile application for quick problem reporting and a web-based administrative portal for managing reports, analytics, and work orders. The business targets municipalities, communal companies, construction firms, and other organizations requiring precise field issue tracking. The website is built on WordPress using the Enfold theme, employing standard web technologies and cloud hosting for accessibility. Security posture is moderate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content is professional and business-focused. Overall, the site provides a functional and informative platform but would benefit from enhanced security and compliance measures.

D

Dizajn Studio Novalja

ds-novalja.com

0

Dizajn Studio Novalja is a small, locally focused business established in 2003, specializing in web design, digital printing, advertising, and photography services primarily targeting the tourism sector and local companies on the island of Pag, Croatia. The company offers a range of services including website creation for tourist accommodations, graphic design, digital printing, signage, key and stamp making, and photography. Their market position is that of a regional service provider with a solid reputation, supported by positive aggregate ratings and social media presence. Technically, the website employs older JavaScript libraries such as jQuery 1.6.0 and uses Google Tag Manager for analytics. The site lacks HTTPS, which is a significant security concern, and no advanced security headers or policies are detected. The website design and content quality are good, with clear navigation and relevant business information, but mobile optimization and accessibility are basic. SEO is supported by structured data but could be improved. From a security perspective, the absence of HTTPS and security headers, along with outdated libraries, exposes the site to potential vulnerabilities. No privacy, cookie, or terms of service policies are present, indicating poor privacy compliance. Incident response and security policy information are also missing, which could impact trust and regulatory compliance. Overall, the website is functional and professional but requires urgent improvements in security and privacy compliance to reduce risk and enhance trustworthiness. Strategic recommendations include implementing HTTPS, updating libraries, adding privacy and cookie policies, and improving security headers and incident response readiness.

C

CSL Computer Service Langenbach GmbH d/b/a joker.com

novalja-pag.net

0

Novalja-pag.net is a well-established Croatian hospitality website specializing in private accommodation listings on the island of Pag. Founded in 2002, it offers a comprehensive catalog of apartments, rooms, villas, and hotels with direct booking contact options. The platform targets tourists seeking affordable and diverse lodging options near popular destinations such as Novalja and Zrće beach. Technically, the site uses a custom CMS with common web technologies including jQuery, Bootstrap, and Google services for analytics and reCAPTCHA. While the site is mobile-optimized and provides a good user experience, it lacks HTTPS enforcement and advanced security headers, which are critical for protecting user data and enhancing trust. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is credible and functional but would benefit from security and privacy improvements.

D

Dizajn Studio Novalja

novalja.info

0

Novalja.info is a regional tourism portal dedicated to providing comprehensive information and direct booking options for private accommodation on the island of Pag, Croatia, focusing on the city of Novalja and surrounding destinations. The website offers a variety of services including accommodation listings, live web cameras, weather forecasts, ferry schedules, and local news, targeting tourists and visitors planning their holidays. The business operates as a small-sized entity with a long-standing presence since 2005, managed by Dizajn Studio Novalja. Technically, the website relies on legacy technologies such as an outdated jQuery version and lacks HTTPS, which impacts its security posture and user trust. The site uses Google Analytics and Tag Manager for visitor tracking but does not provide visible privacy or cookie policies, indicating limited privacy compliance. Security-wise, the absence of HTTPS and modern security headers, combined with outdated libraries, exposes the site to potential vulnerabilities. Overall, the website is functional and content-rich but requires significant improvements in security and privacy to meet modern standards.

N

Novalja Tourist Board

tz-novalja.hr

0

The website tz-novalja.hr represents the official Tourist Board of the town of Novalja, Croatia, focusing on promoting local tourism, accommodation, and travel information. It serves as a regional informational portal targeting tourists and visitors interested in Novalja and the island of Pag. The business operates as a local government entity with a small organizational size and a long-established presence since 2003. The site content is primarily in Croatian with some English references, providing basic tourism-related information and contact details. From a technical perspective, the website uses basic HTML, CSS, and JavaScript without modern CMS or frameworks. The site lacks mobile optimization and accessibility features, and performance is moderate. There is no evidence of advanced analytics or tracking technologies, which limits data-driven insights but also reduces privacy concerns. The site redirects visitors to a related tourism site after a short delay. Security posture is weak, with no visible HTTPS enforcement, security headers, or privacy and cookie policies. No forms or user data collection mechanisms are present, reducing attack surface but also limiting user engagement. The WHOIS data is consistent and trustworthy, indicating a legitimate domain with a long history aligned with the business purpose. Overall, the website is functional for basic tourism information but requires significant improvements in security, privacy compliance, and technical modernization to enhance trust, user experience, and regulatory adherence.

H

Hrvatski savez za sportski ribolov na moru

hssrm.hr

0

Hrvatski savez za sportski ribolov na moru (HSSRM) is a well-established Croatian non-profit sports federation dedicated to marine sport fishing. Founded in 1953, it serves approximately 25,000 members and provides key services such as fishing permit distribution, organizing competitions, and educational programs. The website reflects a consistent brand and offers relevant content for its target audience of fishing enthusiasts in Croatia. Technically, the site uses modern web technologies including Bootstrap, jQuery, FontAwesome, and Leaflet.js, with integration of Facebook social plugins for community engagement. The site is moderately optimized for mobile and performance, with clear navigation and good content quality. Security posture is adequate but could be improved by adding security headers and formal policies. Privacy compliance is lacking as no privacy or cookie policies are present. WHOIS data confirms domain legitimacy and consistency with the organization's profile. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security measures.

V

Valga Muusikakool

valgamuusikakool.ee

0

Valga Muusikakool is a well-established music school based in Valga, Estonia, with a history spanning approximately 100 years. The institution provides structured music education programs, organizes academic concerts, and participates in projects aimed at enhancing inclusive education and modernizing public services. The website serves as an information hub for students, parents, and the local community, offering event calendars, news updates, and application submission forms. The business model focuses on education and cultural enrichment within the local region, positioning the school as a key regional player in music education. Technically, the website is built on the Greativ CMS platform and incorporates modern web technologies such as Google Analytics, Facebook SDK, and Owl Carousel for interactive content. The site is mobile-optimized with good navigation and content quality, although some SEO and accessibility features could be improved. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and includes some best practices like secure form handling and analytics integration. However, it lacks explicit security headers, a cookie consent mechanism, and published security or incident response policies. No vulnerabilities or exposed sensitive data were found, indicating a generally sound security posture but with room for improvement in compliance and transparency. Overall, the website is professional, trustworthy, and serves its educational purpose effectively. Strategic recommendations include implementing cookie consent, enhancing security headers, publishing security policies, and considering a vulnerability disclosure program to strengthen trust and compliance.

M

Mulgi Elamuskeskus MTÜ

mulgielamuskeskus.ee

0

Mulgi Elamuskeskus MTÜ operates a cultural and experience center in Mulgimaa, Estonia, dedicated to showcasing the region's history, traditions, and cultural heritage. The center functions as a museum, event venue, and local product sales point, targeting tourists, families, and educational groups. The website is professionally designed using WordPress and Elementor, providing clear navigation and relevant content about visiting hours, ticketing, and events. Social media integration with Facebook and Instagram supports community engagement. Technically, the site uses modern web technologies and enforces HTTPS, but lacks advanced security headers and privacy compliance features such as cookie consent and privacy policies. Contact information is clearly presented, enhancing business credibility.

J

Javna ustanova za Zaštitu i očuvanje prirode Ličko senjske Županije

zop-lsz.hr

0

The website represents a Croatian public institution dedicated to the protection and preservation of nature in the Ličko-senjska County. It provides comprehensive information about protected areas, educational programs, projects, and public announcements. The institution targets local citizens, environmental professionals, and visitors interested in nature conservation. The business model is that of a government entity focused on environmental stewardship and public service. Technically, the website is built on WordPress using popular plugins such as Elementor, WPBakery, LayerSlider, and Slider Revolution. It employs modern web technologies including HTTPS, jQuery, and Google Fonts. The site is mobile-optimized and includes accessibility features, enhancing user experience for diverse audiences. From a security perspective, the site uses HTTPS with good SSL configuration and security headers. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit security policies or incident response information. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, aligned with GDPR requirements. Overall, the website is trustworthy, professionally maintained, and serves its public institution role effectively. Strategic recommendations include publishing a dedicated security policy, incident response contacts, and vulnerability disclosure information to further enhance trust and compliance.

Ž

ŽUPANIJSKA UPRAVA ZA CESTE LIČKO-SENJSKE ŽUPANIJE

zuc-ls.hr

0

ŽUPANIJSKA UPRAVA ZA CESTE LIČKO-SENJSKE ŽUPANIJE is a Croatian regional government agency responsible for the management and maintenance of roads within Ličko-Senjska County. The website serves as an official communication channel providing public notices, procurement information, road maps, and contact details to residents, contractors, and stakeholders. The agency positions itself as a trusted authority in transportation infrastructure within the region. Technically, the website is built on WordPress with Elementor and several plugins, offering a modern, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS and security headers, though it lacks published security policies and cookie consent mechanisms. Overall, the site is professional, trustworthy, and serves its public function effectively.

Z

Zavod za prostorno uređenje Ličko-senjske županije

zzpulsz.hr

0

Zavod za prostorno uređenje Ličko-senjske županije is a Croatian government agency established in 2008, responsible for coordinating, monitoring, and implementing spatial planning within the Ličko-senjska county. The website serves as an official portal providing information about spatial plans, reports, and institutional activities targeting local residents, government officials, and urban planning professionals. The business model is focused on public sector service delivery with a clear mandate and regional authority. Technically, the website employs a modern but straightforward technology stack including jQuery, Modernizr, and Owl Carousel, hosted on a CMS platform developed by VIT. The site is mobile-optimized, accessible with multiple user-friendly features such as font resizing and contrast modes, and implements cookie consent mechanisms. SEO and metadata are well handled, though no structured JSON-LD data was found. From a security perspective, the site uses HTTPS with a good SSL configuration and basic security best practices like form validation and cookie consent. However, it lacks advanced security headers and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is trustworthy, professional, and serves its government function well. The main risks relate to missing privacy and security policy documentation and absence of explicit incident response information. Addressing these gaps would improve compliance and user trust.

L

Lika ceste d.o.o.

likaceste.hr

0

Lika ceste d.o.o. is a Croatian company specializing in the maintenance, protection, reconstruction, and construction of roads and related infrastructure, primarily serving the Gospić region. The company positions itself as a regional service provider focused on public roadways, offering key services such as road maintenance and winter services. The website reflects a medium-sized enterprise with a clear focus on transportation infrastructure, targeting local government entities and public road users. Technically, the website is built on WordPress using Bootstrap for responsive design, enhanced with several JavaScript libraries including jQuery, Owl Carousel, and Google Maps API. SEO is supported by the Yoast SEO plugin, and user interaction is facilitated through Contact Form 7 with Google reCAPTCHA v3 for spam protection. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. From a security perspective, the site uses HTTPS and includes a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers and published security policies or incident response information. No vulnerability disclosure or security.txt files are present, indicating room for improvement in transparency and security maturity. Overall, the website is professional and trustworthy with moderate tracking and analytics usage. It is safe for general audiences and does not contain adult or questionable content. The domain registration data aligns well with the business identity, supporting legitimacy. Strategic improvements in security headers, incident response policies, and accessibility would enhance the site's security posture and compliance.

Športsko ribolovno društvo LUC Novalja is a well-established Croatian sports fishing society founded in 1973. The organization focuses on promoting fishing sports through competitions and community events, serving a local and regional audience of fishing enthusiasts. Their website reflects a community-oriented non-profit model with clear contact information and active event updates. Technically, the site uses a modern tech stack including AMP for mobile optimization, Bootstrap for responsive design, and JavaScript libraries for enhanced user experience. However, the CMS is custom or unknown, and hosting details are not explicit. Security posture is moderate; HTTPS is used, and cookie consent is implemented, but security headers and vulnerability disclosures are lacking. Privacy compliance is basic with a cookie banner and a linked cookie policy page but no explicit privacy policy or terms of service pages. Overall, the website is professional and trustworthy but could improve in security and compliance areas.

A

Arburoža d.o.o.

arburoza.hr

0

Arburoža d.o.o. is a municipal service company serving the city of Novalja, Croatia, specializing in waste management, public procurement, financial planning, and cemetery services. The website is well-structured, providing clear information and easy navigation for residents and businesses. The company maintains a local government service profile with transparent contact details and public tenders. Technically, the site is built on WordPress with modern plugins and is optimized for mobile devices. Security posture is solid with HTTPS, security headers, and GDPR compliance, though it lacks explicit security and incident response policies. Overall, the site reflects a trustworthy and professional municipal service provider with room for enhanced security transparency.

K

Komunalije d.o.o. Novalja

komunalije-novalja.hr

0

Komunalije d.o.o. Novalja is a municipal utility company serving the Novalja area on the island of Pag, Croatia. The company provides essential services such as water supply, sewage management, and public procurement transparency. The website serves as an information portal for residents and businesses, offering news updates, service pricing, and contact information. The business operates as a local public utility with a focus on community service and compliance with local regulations. Technically, the website uses legacy technologies including an outdated jQuery version, and lacks modern mobile optimization and advanced security headers. While HTTPS is assumed, no explicit security policies or incident response contacts are published. Privacy compliance is partially addressed with a privacy policy page but lacks cookie consent mechanisms. Overall, the site is functional and trustworthy but would benefit from modernization and enhanced security practices.