Security Directory

Općina Krapinske Toplice operates an official municipal website providing comprehensive information and services to residents and stakeholders of the Krapinske Toplice municipality in Croatia. The site offers detailed administrative content including organizational structure, public notices, procurement, and community engagement resources. The website is positioned as a local government authority portal, serving a small-sized municipality with a focus on transparency and public service. Technically, the site is built on WordPress CMS using Elementor page builder, leveraging modern web technologies such as jQuery and Font Awesome for UI elements. Hosting and domain registration are consistent with a Croatian academic network provider, ensuring local presence and legitimacy. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though improvements in security headers and incident response documentation are recommended. Privacy compliance is supported by clear privacy and cookie policies, though a cookie consent mechanism is absent. Overall, the website is professional, trustworthy, and safe for general audiences, with a good balance of content quality and technical implementation.

R

Razvojna agencija Sotla

ra-sotla.si

0

Razvojna agencija Sotla is a Slovenian regional development agency established in 2003, focusing on regional development programs, entrepreneurship support, and project management primarily in the Obsotelje and Kozjansko regions. The agency operates as a non-profit entity serving local governments, entrepreneurs, and community stakeholders. Their website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to their target audience. Technically, the site is built on WordPress using modern plugins such as Elementor and Events Manager, ensuring good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and standard security headers present, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is trustworthy, compliant with GDPR cookie requirements, and free from suspicious indicators.

A

Askly OÜ

askly.me

0

Askly OÜ operates a professional SaaS platform providing AI-powered multilingual chat and customer support solutions primarily targeting e-commerce and retail businesses. The website demonstrates a strong market position with numerous notable clients and testimonials, emphasizing ease of use, automation, and enhanced customer engagement. The company leverages modern digital marketing and analytics tools, including Google Analytics, Facebook Pixel, Hotjar, and FullStory, indicating a mature digital infrastructure. The technical implementation is robust, with responsive design, fast performance, and comprehensive SEO and accessibility features. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and explicit security policies are absent. WHOIS data is unavailable due to privacy protection, which is typical for SaaS providers, but the website content and business presence support legitimacy. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

B

Baltic Human Rights Society

baltichumanrights.org

0

Baltic Human Rights Society (BHRS) is a non-profit organization dedicated to promoting human rights awareness and education in Latvia and the broader Baltic region. The organization focuses on fostering a culture of human rights through educational initiatives, advocacy, and collaborative projects with regional and international partners. The website reflects a well-structured platform aimed at human rights educators, activists, NGOs, and the general public interested in human rights issues. BHRS maintains partnerships with reputable European and Baltic institutions, enhancing its credibility and regional influence. Technically, the website employs standard web technologies including jQuery and SVG4Everybody for compatibility and user experience enhancements. It features a cookie consent mechanism compliant with GDPR principles, although no advanced security headers or analytics services are detected. The site is mobile-optimized with good navigation and content quality, though SEO and accessibility could be improved. The WHOIS data is unavailable or restricted, which limits domain trust verification but does not detract significantly from the site's legitimacy given the content and partner affiliations. From a security perspective, the site uses HTTPS (assumed from canonical URLs and modern standards) and implements cookie consent with opt-in, indicating privacy awareness. However, the absence of visible security headers and incident response contacts suggests room for improvement in security posture. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the site presents a moderate security maturity level appropriate for a non-profit educational organization. The overall risk assessment is low, with the primary concern being the lack of WHOIS transparency and limited security policy disclosures. Strategic recommendations include enhancing security headers, publishing explicit security and privacy policies, and providing clear contact information for incident response. These steps would improve trust and compliance, supporting BHRS's mission and stakeholder confidence.

C

Cilvēktiesību gids

cilvektiesibugids.lv

0

The website www.cilvektiesibugids.lv is a Latvian human rights guide providing educational content on various human rights topics and everyday situations. It targets the general public interested in human rights education and operates as a non-profit entity. The platform offers thematic articles, rights information, court practice summaries, and interactive tests in Latvian, Russian, and English. Technically, the site uses modern web technologies including self-hosted Matomo analytics for privacy-conscious tracking, Google Fonts, and cookie consent mechanisms. The design is professional, mobile-optimized, and accessible, with clear navigation and multilingual support. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published security policies. No vulnerabilities or suspicious content were detected. Overall, the site is trustworthy and serves as a valuable educational resource in the human rights domain.

K

Kiwis & Brownies GbR

brezel.io

0

Brezel.io is a German-based small technology company specializing in tailored enterprise software solutions including ERP, CRM, PIM, and DAM systems. Their business model focuses on providing customizable low-code and no-code platforms that enable businesses to digitize and automate complex workflows. The company emphasizes flexibility, security, and modern web technologies, targeting businesses that require bespoke digitalization solutions rather than off-the-shelf products. Their market position is niche but well-defined, with a focus on industrial, hospitality, and membership management sectors. Technically, the website is built on a modern stack including Laravel, Vue.js, and supports a Progressive Web App for cross-device compatibility. The site is mobile optimized and offers good user experience and navigation clarity. However, performance is moderate and accessibility features are basic. The hosting and DNS setup is standard with no DNSSEC enabled, and no CMS detected. From a security perspective, the site implements two-factor authentication and WebAuthn for user login security and includes CSRF tokens. However, it lacks visible HTTP security headers and DNSSEC, and does not publish security or incident response policies. Privacy compliance is weak due to absence of privacy and cookie policies and no visible consent mechanisms, despite the use of tracking scripts. WHOIS data is consistent and transparent, supporting legitimacy. Overall, the website presents a professional and trustworthy business front with good technical foundations but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

B

Brainz Immersive s. r. o.

immersive.cz

0

Brainz Immersive s. r. o. is a Prague-based immersive creative studio specializing in virtual and augmented reality experiences. Founded in 2019 and part of the BRAINZ STUDIOS group, the company offers a comprehensive suite of services including AR/VR creative development, 360° video production, multi-platform app development, and immersive installations. Their client portfolio includes notable brands such as ŠKODA AUTO, Vogue, and Czech Radio, positioning them as a niche leader in immersive technology solutions for brands and entertainment. The website reflects a professional and modern digital presence with rich multimedia content and clear navigation. Technically, the site uses modern web technologies and frameworks, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy or cookie policies, indicating room for compliance improvement. Analytics and marketing tracking are implemented via Google Analytics and Facebook Pixel, but without explicit cookie consent mechanisms. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, Brainz Immersive demonstrates a strong market position in immersive technology with a professional online presence but should enhance privacy compliance and security best practices to further strengthen trust and regulatory adherence.

B

BRAINZ DISRUPTIVE

disruptive.cz

0

BRAINZ DISRUPTIVE is a small, independent creative digital studio based in the Czech Republic, founded in 2019. The company focuses on helping brands adapt to future challenges by delivering innovative digital solutions, combining strategic, creative, and technological expertise. Their market position is that of a progressive digital studio emphasizing disruptive strategies and future-oriented services. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern frameworks such as Vue.js and Nuxt.js, with Webflow CSS for styling, and integrates Google Analytics for tracking. However, the site lacks visible privacy and cookie policies, and no explicit contact emails or phone numbers are provided, relying mainly on a contact form. Security posture is moderate with HTTPS usage but missing security headers and incident response information. Overall, the domain registration data is consistent and supports the legitimacy of the business.

C

Christian Kiewaldt & Benjamin Braun GbR

kiwis-and-brownies.de

0

KIWIS & BROWNIES is a small German software development company specializing in custom enterprise software, eCommerce solutions using Magento, and promotional applications to increase reach and lead generation. The company operates primarily in the Gummersbach and Oberberg regions of Germany, targeting local businesses seeking digital transformation and marketing services. Their website reflects a professional and modern digital presence with a focus on clear communication and customer engagement via WhatsApp and downloadable informational materials. Technically, the website employs standard modern web technologies including HTML5, CSS, JavaScript with jQuery, and Google Fonts. The hosting is managed via DomainControl nameservers, and Magento is indicated as the eCommerce platform. The site is moderately optimized for performance and mobile devices, though accessibility features are basic. SEO practices are adequately implemented with meta tags and structured content. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a formal security policy or incident response contacts. The privacy policy is comprehensive and GDPR compliant, but no cookie consent mechanism is present, which is a compliance gap. No vulnerability disclosure or security.txt files are found, limiting transparency in security practices. Overall, the website presents a trustworthy and professional image suitable for its business scope. The risk level is moderate with recommendations to enhance security headers, implement cookie consent, and publish security policies to improve compliance and trust. The domain registration aligns with the business identity, supporting legitimacy.

L

Lesoochranárske zoskupenie VLK

wolf.sk

0

Lesoochranárske zoskupenie VLK is a Slovak non-profit organization dedicated to the protection of natural forests, carnivores, and natural processes through the creation of no-intervention reserves. The organization has a strong grassroots presence with over 25 years of activity, focusing on environmental advocacy, legal interventions, and public education. Their website serves as an information hub for campaigns, petitions, and educational content primarily in Slovak, targeting environmental activists and the general public interested in nature conservation. Technically, the website is built on Drupal CMS with common libraries like jQuery and uses Google Analytics for visitor tracking. While the site is functional and content-rich, it lacks advanced security headers and cookie consent mechanisms, which are important for GDPR compliance. Contact information is primarily available via a contact page rather than directly on the homepage. Overall, the website reflects a moderate level of digital maturity with room for improvements in security and privacy compliance.

The website mep.lt is currently a parked domain page indicating that the domain is for sale. It does not represent an active business or service provider. The content is minimal, primarily advertising the domain sale with no substantive business information, contact details, or privacy policies. The technical infrastructure relies on basic HTML, CSS, and JavaScript with embedded third-party iframes and ad scripts, which introduces potential security risks. There is no evidence of HTTPS enforcement or security headers, and no compliance with privacy regulations is demonstrated. Overall, the site lacks professionalism and trustworthiness, reflecting its status as a domain parking page rather than an operational business website.

Ž

Žmogaus teisių gidas

zmogausteisiugidas.lt

0

Žmogaus teisių gidas is a Lithuanian educational website dedicated to human rights and civic education. It offers thematic articles, tests, court practice summaries, and resources to educate the public on human rights issues. The site targets a general audience interested in learning about human rights in everyday situations. The platform is supported by reputable European and Baltic organizations, indicating a non-profit educational mission. Technically, the website employs modern web technologies including Matomo analytics with privacy-respecting default settings, Google Fonts, and cookie consent mechanisms. The site is mobile optimized and accessible, with a clear navigation structure. Security posture is moderate, with HTTPS enforced but lacking explicit security headers and vulnerability disclosures. WHOIS data for the domain is unavailable, which reduces trustworthiness from a domain registration perspective. Overall, the website is a credible educational resource with room for improvement in privacy policy transparency and security best practices.

V

Valga Muuseum

valgamuuseum.ee

0

Valga Muuseum is a regional cultural and educational institution based in Valga, Estonia, providing museum exhibitions, educational programs, research activities, and a museum shop. The website reflects a stable and established organization with a domain registered since 2010. The museum targets a broad audience including local visitors, students, and researchers, offering a variety of cultural and educational services. Technically, the website uses a common CMS (Greativ), standard JavaScript libraries, and integrates Google Analytics and Facebook SDK for tracking. The site is mobile-optimized with good navigation and content relevance. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and a cookie consent mechanism, which impacts privacy compliance. Overall, the website is professional, trustworthy, and serves its purpose well.

Valga Sport is a local Estonian sports organization focused on promoting youth and community sports activities, managing sports facilities, and organizing events. The website serves as an information portal for sports opportunities, events, and news relevant to the Valga region. The organization appears to be a small-sized entity with a public or non-profit orientation, supported by local government affiliations. Technically, the website is built on the Greativ CMS platform and uses common web technologies including Google Analytics and Facebook Pixel for tracking. The site is mobile-optimized with a moderate performance profile and basic SEO and accessibility features. Hosting and domain registration are consistent with a local Estonian provider, Telia Eesti AS. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks advanced security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The WHOIS data is transparent and consistent with the business claims, supporting legitimacy. Overall, the website is professional and trustworthy for its intended audience but could improve in privacy compliance and security posture to better align with modern standards.

M

MAMFORCE

mamforce.hr

0

MAMFORCE is a Croatian-based organization specializing in Diversity, Equity, and Inclusion (DEI) certifications and consulting services aimed at improving workplace culture for families and women. Their offerings include multiple certification standards such as MAMFORCE Standard, DADFORCE Standard, and INC.Q EQUAL PAY, alongside training and employer branding services. The company positions itself as a leader in promoting fair and inclusive organizational cultures within Croatia. Technically, the website is built on WordPress with a modern tech stack including Google Analytics, Facebook Pixel, and various plugins enhancing user experience and tracking capabilities. The site is mobile-optimized and SEO-friendly, reflecting a good level of digital maturity. Security-wise, the site enforces HTTPS and uses some security best practices but lacks certain headers like Content-Security-Policy and X-Frame-Options, which are recommended for enhanced protection. No privacy policy or terms of service were found, which is a compliance gap. Overall, the domain registration is consistent with the business claims, and no suspicious patterns were detected, supporting a high legitimacy score.

R

Regionalni centar kompetentnosti u turizmu i ugostiteljstvu Zabok

rcktu-zabok.hr

0

The website represents the Regional Center of Competence in Tourism and Hospitality located in Zabok, Croatia. It serves as an educational institution offering secondary education, adult courses, workshops, retraining, and consulting services focused on tourism and hospitality sectors. The center aims to develop professional skills, creativity, and social responsibility among students and professionals, supported by EU funding. The site is well-structured, professionally designed, and targets students, adult learners, and regional businesses in the tourism and hospitality industry. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit privacy and terms of service pages and a vulnerability disclosure policy. Overall, the domain registration and hosting are consistent with the business profile, indicating legitimacy and trustworthiness.

R

Ride & Bike 2

rideandbike.eu

0

Ride & Bike 2 is a regional tourism promotion website focusing on the natural and cultural heritage of several regions in Croatia and Slovenia. It provides information about outdoor activities, cultural sites, and local attractions, targeting tourists and outdoor enthusiasts. The website leverages WordPress CMS with WPBakery Page Builder and integrates Google Tag Manager for analytics. While the site is well-structured and visually consistent, it lacks critical privacy and cookie policies, as well as explicit contact information, which impacts its compliance and trustworthiness. Security posture is moderate with HTTPS enabled but missing security headers and incident response contacts. Overall, the site is functional and serves its tourism promotion purpose but requires improvements in privacy compliance and security best practices.

D

Dom za žrtve nasilja u obitelji NOVI POČETAK

novipocetak.hr

0

Dom za žrtve nasilja u obitelji NOVI POČETAK is a Croatian social care institution dedicated to supporting victims of domestic violence and their children. Founded and operated under the auspices of the Krapinsko-zagorska županija regional government, it provides safe accommodation, psychosocial counseling, and professional social work services. The website reflects a well-structured, professionally designed platform with clear navigation and relevant content tailored to its target audience. Technically, the site is built on WordPress with Elementor and Yoast SEO, integrating Google Analytics and reCAPTCHA for security and analytics purposes. Security posture is strong with HTTPS enforced and appropriate security headers, though it lacks published security policies and cookie consent mechanisms. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the site is trustworthy, compliant with GDPR in terms of privacy policy presence, but could improve cookie consent and incident response transparency.

The website 'Crveni popis Hrvatske' is an official Croatian government portal managed by the Ministry of Environment and Green Transition, specifically the Institute for Environmental Protection and Nature. It serves as a comprehensive resource for data on endangered wild species in Croatia, providing risk assessments, conservation information, and public education. The portal targets a broad audience including researchers, policymakers, and the general public interested in biodiversity and environmental protection. Technically, the site employs modern web technologies such as HTML5, CSS3, JavaScript, Chart.js for data visualization, and Leaflet.js for mapping. The presence of a CSRF token and HTTPS indicates a secure infrastructure, although some security headers are missing. Accessibility is addressed but with room for improvement, particularly in image alt attributes and text scaling. The site is moderately performant and mobile-optimized. From a security perspective, the portal demonstrates good practices including GDPR compliance, cookie consent mechanisms, and secure form handling. However, it lacks explicit incident response contact details and a published vulnerability disclosure policy. No critical vulnerabilities or suspicious activities were detected. WHOIS data confirms the domain's legitimacy and alignment with the governmental nature of the site. Overall, the website is trustworthy, professionally maintained, and fulfills its mission effectively. Strategic improvements in security headers, accessibility, and incident response transparency would further enhance its posture.

P

Poliklinika Magdalena

magdalena.hr

0

Poliklinika Magdalena is a well-established healthcare provider specializing in cardiovascular care with over 25 years of experience. The organization operates multiple physical locations in Croatia, including Zagreb and Krapinske Toplice, and offers a comprehensive range of services from diagnostics to surgical interventions and telemedicine. The website reflects a professional and patient-focused approach, targeting individuals seeking specialized cardiovascular healthcare. Technically, the site is built on WordPress with modern tools such as Gravity Forms for data collection, Google Analytics and Facebook Pixel for analytics, and CookieYes for GDPR-compliant cookie consent. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website and domain registration details indicate a legitimate and trustworthy healthcare provider with a solid digital presence.

S

Specijalna bolnica za medicinsku rehabilitaciju Krapinske Toplice

sbkt.hr

0

Specijalna bolnica za medicinsku rehabilitaciju Krapinske Toplice is a specialized healthcare provider focused on medical rehabilitation services for neurological, cardiovascular, orthopedic, rheumatologic, and internal medicine patients, including both adults and children. The hospital also offers outpatient specialist services, health tourism, and preventive health programs. The website reflects a well-established regional medical institution with a clear market position and a comprehensive service portfolio. The target audience primarily includes patients and healthcare consumers seeking rehabilitation and wellness services in Croatia. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and various plugins for enhanced functionality such as forms and galleries. The site is mobile optimized, accessible, and SEO friendly, with good content quality and consistent branding. Security posture is solid with HTTPS enforced and CAPTCHA protection on forms, though there is room for improvement in implementing security headers and cookie consent mechanisms. Overall, the domain registration and WHOIS data align well with the business claims, supporting the legitimacy and trustworthiness of the entity.

Z

Zavod za javno zdravstvo Krapinsko-zagorske županije

zzjzkzz.hr

0

Zavod za javno zdravstvo Krapinsko-zagorske županije is a regional public health institute serving the Krapina-Zagorje County in Croatia. The organization provides a broad range of public health services including epidemiology, microbiology, health promotion, school medicine, environmental health, and mental health and addiction prevention. The website targets local residents and public health stakeholders, offering news, contact information, and resources relevant to the community. The business model is government-funded, positioning the institute as a key regional health authority. Technically, the website uses a custom ASP-based CMS with legacy JavaScript libraries such as jQuery 1.8.2 and Modernizr, alongside modern UI components like the Revolution Slider and UserWay accessibility widget. The site is moderately optimized for performance and mobile devices, with basic SEO and good accessibility features. However, some technical debt is evident due to outdated libraries and lack of advanced security headers. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, the use of outdated JavaScript libraries and absence of security headers like CSP and HSTS present potential vulnerabilities. No explicit security or incident response policies are published. Contact information is clearly provided, enhancing trust and transparency. Overall, the website is professional, trustworthy, and serves its public health mission effectively. Strategic improvements in updating technical components and enhancing security headers would strengthen its security posture and compliance. The site is safe for general audiences with no adult or questionable content detected.

D

Dom zdravlja Krapinsko zagorske županije

dzkzz.hr

0

Dom zdravlja Krapinsko zagorske županije is a public healthcare provider serving the Krapinsko-zagorska County in Croatia. The organization offers a range of primary healthcare services including family medicine, pediatrics, palliative care, and radiology. The website reflects a well-established regional healthcare institution with multiple branch offices, targeting local residents seeking accessible medical care. The business model is government-funded, focusing on essential healthcare delivery rather than commercial services. The website content is comprehensive and professionally presented, supporting patient engagement through news updates and satisfaction surveys. Technically, the website is built on WordPress with modern plugins such as Elementor and Smart Slider 3, ensuring a responsive and accessible user experience. The site uses HTTPS and includes GDPR-compliant cookie consent mechanisms, reflecting a mature digital infrastructure. Performance is moderate with good mobile optimization and SEO practices. However, some security headers are not explicitly detected, suggesting room for improvement in security hardening. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and no visible vulnerabilities or exposed sensitive data. The presence of GDPR compliance and a dedicated privacy policy page indicates attention to data protection. However, the absence of explicit security policy and incident response information could be addressed to enhance trust and preparedness. Overall, the domain registration data aligns well with the website's claims, supporting legitimacy and trustworthiness. The overall risk assessment is low, with no signs of malicious activity or suspicious content. Strategic recommendations include implementing additional security headers, maintaining up-to-date software, and publishing clear security and incident response policies to further strengthen the security posture and user trust.

L

Libela

libela.org

0

Libela.org is a Croatian non-profit organization dedicated to promoting gender equality and social justice through media and advocacy. The website serves as a platform for publishing articles, reports, and news focused on gender facts and social issues relevant to Croatia. It targets a general audience interested in social activism and equality. The organization has been active since 2009, reflecting a mature and stable presence in its niche. Technically, the website is built on WordPress and leverages modern web technologies such as jQuery, Lightbox2, and Swiper for enhanced user experience. It is hosted on Linode, ensuring reliable infrastructure. The site demonstrates good mobile optimization, accessibility features, and SEO practices, supported by plugins like Yoast SEO and GDPR cookie compliance tools. From a security perspective, the site uses HTTPS with a valid SSL certificate and employs domain transfer protection. However, DNSSEC is not enabled, and additional security headers could be implemented to strengthen defenses. Privacy compliance is well addressed with clear privacy and cookie policies and explicit user consent mechanisms. No critical vulnerabilities or suspicious activities were detected. Overall, Libela.org presents a trustworthy, professional, and content-rich platform with a solid security posture and compliance framework. Strategic improvements in DNS security and HTTP headers would further enhance its security maturity and resilience.

P

Pomurski muzej Murska Sobota

pomurski-muzej.si

0

Pomurski muzej Murska Sobota is a regional museum dedicated to preserving and showcasing the cultural heritage of the Pomurje region in Slovenia. The website provides comprehensive information about exhibitions, events, educational programs, and digital collections, targeting a broad audience including families, schools, and cultural enthusiasts. The museum positions itself as a key cultural institution in the region with a focus on both physical and digital heritage preservation. Technically, the website is built on the WBCE CMS platform with modern web technologies such as Bootstrap, jQuery, and Revolution Slider. It is hosted under a reputable Slovenian registrar (Arnes) and uses HTTPS with a valid SSL configuration. The site is mobile-optimized and includes basic accessibility features. Google Analytics is used for visitor tracking, and a cookie consent banner with opt-in is implemented, indicating good privacy compliance. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms but lacks advanced security headers and does not publish explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data aligns well with the website's claims, supporting legitimacy. Overall, the website is professional, trustworthy, and serves its cultural mission effectively. Strategic improvements in security headers, incident response transparency, and accessibility could enhance its security posture and compliance further.

H

Hosting i Domene AKCIJA 1+1

wmd.hosting

0

WMD Hosting operates as a regional web hosting and domain registration provider based in Croatia, offering a comprehensive suite of web services including domain registration, hosting packages, SSL certificates, and web development. The company targets web developers and businesses of various sizes, positioning itself with promotional offers such as the 'AKCIJA 1+1' campaign. Their market presence is supported by over 20 years of experience and a user base exceeding 10,000 clients across 73 countries. The website is professionally designed with multilingual support and integrates modern web technologies and accessibility features.

K

KB Studios

kbstudios.hr

0

KB Studios is a small business based in Croatia currently undergoing a website redesign to improve clarity and user experience. The company invites potential clients to contact them via phone or email for services, though specific services are not detailed on the homepage. The website uses WordPress with Elementor and integrates Google Analytics and Tag Manager for tracking, along with Google Translate for multilingual support. The technical infrastructure is modern but basic, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site is functional but underdeveloped in content and compliance aspects.

E

Europe Direct Informacijski ured Split

europedirect-split.hr

0

Europe Direct Informacijski ured Split operates as an official European Union information center serving the Split region in Croatia. The website provides comprehensive information and advisory services about the EU, targeting local citizens and residents. It is part of the Europe Direct network, offering free services and acting as a trusted source for EU-related news, publications, and guidance. The business model is non-profit and government-affiliated, focusing on public information dissemination. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Revolution Slider, ensuring good SEO and user experience. The site is mobile-optimized and includes accessibility features, enhancing usability for diverse audiences. External integrations include Google Tag Manager and Facebook SDK for analytics and social media engagement. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's claims, showing consistent registration details and domain age appropriate for the organization's history. Overall, the website demonstrates a solid security posture, good privacy compliance, and professional business credibility. Recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and expanding contact channels for security matters.

Municipal d.o.o. operates a website that currently serves as a minimal online presence, displaying only a logo on a plain blue background without any substantive business information or content. The lack of descriptive content, contact details, or service information limits the ability to assess the company's market position or business model. The website appears to be either under development or a placeholder. From a technical perspective, the website is very basic with no detectable scripts, frameworks, or CMS. There is no evidence of modern web technologies or SEO optimization. Mobile optimization and accessibility are minimal due to the lack of content and structure. Security posture is weak as there is no indication of HTTPS usage or security headers, and no privacy or cookie policies are present. The security evaluation highlights critical gaps including absence of HTTPS, lack of privacy and cookie policies, and no contact or incident response information. These factors significantly reduce trustworthiness and compliance with data protection regulations such as GDPR. The domain WHOIS data is privacy protected, which is common for small businesses but further limits transparency. Overall, the website poses a low risk in terms of content safety as it contains no adult or questionable material. However, the minimal content and lack of security and compliance features suggest a need for significant improvements to enhance trust, security, and user experience.

G

Gradska knjižnica i čitaonica Ivana Belostenca

gkc-ivanabelostenca.hr

0

Gradska knjižnica i čitaonica Ivana Belostenca is a small, non-profit public library and cultural institution located in Ozalj, Croatia. It offers library services, cultural events, and access to significant historical works such as the Gazophylacium bilingual dictionary. The website serves as an informational portal for the local community and cultural enthusiasts. Technically, the site is built on Joomla CMS using common web technologies including jQuery, Bootstrap, and Google Maps API. The hosting is provided by ZoNet, a reputable Croatian hosting provider. The site is accessible, with clear navigation and consistent branding, but shows room for improvement in mobile optimization and accessibility. Security posture is moderate with HTTPS enabled but lacking important security headers and privacy compliance documentation. No forms or tracking scripts are present, minimizing privacy risks but also limiting interactivity. Overall, the website is trustworthy and professionally presented but would benefit from enhanced security and privacy measures.

A

Azelija Eko d.o.o.

azelija-eko.hr

0

Azelija Eko d.o.o. is a Croatian municipal service company specializing in waste management, recycling, cemetery services, public lighting maintenance, and chimney sweeping within the Ozalj region and surrounding municipalities. The company operates fixed and mobile recycling yards and provides essential environmental services to local residents and businesses. The website reflects a local government service provider with clear contact information and service descriptions, targeting the regional community. Technically, the website is built on Joomla CMS with a Bootstrap framework and uses common JavaScript libraries such as jQuery and Font Awesome for UI elements. The site includes image sliders and responsive design elements, indicating moderate digital maturity. Hosting is provided by CARNET, a reputable Croatian academic network, which aligns with the local focus. From a security perspective, the site lacks visible security headers and explicit HTTPS enforcement in the provided data, which lowers its security posture. No privacy or cookie policies were found, indicating potential GDPR compliance gaps. The site does not use tracking or advertising technologies, which reduces privacy risks but also limits marketing insights. Overall, the website is functional and professional for its purpose but would benefit from enhanced security measures, privacy compliance improvements, and clearer policies to strengthen trust and regulatory adherence.

T

Turistička zajednica područja Kupa

tzp-kupa.hr

0

The website tzp-kupa.hr serves as the official tourism portal for the Kupa region in Croatia, managed by the Turistička zajednica područja Kupa. It provides comprehensive information about local attractions, events, accommodation, and gastronomy, targeting tourists and visitors interested in exploring the region. The site is positioned as a regional tourism authority with a focus on promoting natural heritage and active tourism. Technically, the site is built on WordPress using the Flatsome theme, with integrations such as Google Analytics and GTranslate for multilingual support. The infrastructure is modern and mobile-optimized, though performance is moderate. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks some security headers and formal security policies. Privacy compliance is basic, with privacy and cookie policies present but no explicit consent mechanism. Overall, the site is professional, trustworthy, and well-branded, serving its purpose effectively.

jQuery Tools is an open source JavaScript UI library providing essential user interface components such as tabs, tooltips, overlays, and form utilities. The website serves web developers and site creators by offering demos, documentation, and downloads of the library. It holds a moderate market position as a popular UI toolkit used by various websites worldwide. The business model is centered on open source distribution without direct commercial offerings. Technically, the site uses jQuery and the jQuery Tools library, hosted on HostGator, with moderate performance and basic mobile optimization. The site lacks HTTPS in the HTML content, uses HTTP for script loading, and does not implement security headers or privacy policies, indicating a low security posture. Google Analytics is used for tracking without visible cookie consent, raising privacy compliance concerns. Overall, the website is professional and functional but requires significant improvements in security and privacy compliance to enhance trust and protect users.

A

Agencija za gospodarenje otpadom d.o.o.

ago-dnz.hr

0

Agencija za gospodarenje otpadom d.o.o. operates as a regional governmental agency responsible for waste management in the Dubrovačko-neretvanska županija region of Croatia. The website serves as an informational and project communication platform, highlighting EU-funded initiatives under the Operational Programme Competitiveness and Cohesion 2014-2020. The agency provides key services including waste management infrastructure development, public education, and regulatory compliance support. Their market position is that of a specialized public sector entity with strong governmental and EU partnerships.

C

Centar za poduzetništvo d.o.o.

czp.hr

0

Centar za poduzetništvo d.o.o. is a regional entrepreneurial support center serving the Dubrovnik-Neretva County in Croatia. The organization focuses on providing a range of services including education, business consulting, credit programs, and assistance with EU funding projects. Their website reflects a government-affiliated entity aimed at fostering entrepreneurship and small business growth in the region. The target audience primarily consists of local entrepreneurs and small business owners seeking support and resources. Technically, the website employs a modern technology stack featuring jQuery, Bootstrap, FontAwesome, and various plugins for enhanced user experience and accessibility. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates Google Analytics and UserWay accessibility tools, indicating a mature digital infrastructure. The website content is well-structured, professionally designed, and includes clear navigation and relevant business information. From a security perspective, the site enforces HTTPS and obfuscates email addresses to reduce spam. However, it lacks explicit security policies and incident response contact details. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with GDPR-aligned privacy and cookie policies and a consent mechanism in place. The website demonstrates a good security posture but could improve by adding formal security documentation and security headers. Overall, the website is trustworthy, professional, and serves its business purpose effectively. The domain registration data aligns with the website's claims, reinforcing legitimacy. Strategic recommendations include enhancing security transparency, publishing incident response information, and maintaining regular security audits to sustain trust and compliance.

J

Javna ustanova za upravljanje zaštićenim dijelovima prirode Dubrovačko-neretvanske županije

zastita-prirode-dnz.hr

0

The website represents the official public institution responsible for managing protected natural areas in the Dubrovnik-Neretva County of Croatia. It provides information about environmental protection projects, permits, public procurement, and general organizational details. The site targets the general public, environmental stakeholders, and government entities, positioning itself as a regional governmental authority with a focus on nature conservation. Technically, the website is built on WordPress using the Enfold theme and several plugins including Yoast SEO and Event Organiser. It employs Google Analytics and Tag Manager for traffic analysis and has implemented cookie consent mechanisms, indicating GDPR awareness. The security posture is solid with HTTPS enabled and no obvious vulnerabilities detected, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-maintained, with clear branding and consistent content quality.

R

Regionalna razvojna agencija Dubrovačko-neretvanske županije - DUNEA

dunea.hr

0

Regionalna razvojna agencija Dubrovačko-neretvanske županije (DUNEA) is a government-established regional development agency founded in 2006 in Dubrovnik, Croatia. The agency focuses on promoting sustainable and balanced regional development, coordinating existing development activities, and aligning with national and EU requirements. Their key services include strategic planning, EU project management, and regional economic development initiatives. The website reflects a professional and consistent brand presence targeting regional stakeholders, local government, and businesses involved in development projects. Technically, the site is built on Joomla CMS with modern frontend frameworks and libraries, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent but lacks advanced security headers and explicit incident response policies. Overall, the site is trustworthy and compliant with GDPR, providing clear contact information and partner links.

M

Ministarstvo zaštite okoliša i zelene tranzicije

bioportal.hr

0

Bioportal.hr is the official web portal for the Information System for Nature Protection in Croatia, operated by the Ministry of Environment and Green Transition. It serves as a comprehensive platform providing biodiversity data, observation reporting tools, red list assessments, and other resources aimed at supporting nature conservation efforts. The website targets researchers, environmental professionals, government agencies, and the general public interested in Croatian natural heritage. It holds a strong market position as the authoritative national resource for environmental data and reporting. Technically, the website is built on WordPress with multilingual support via WPML, leveraging modern JavaScript libraries such as jQuery and Swiper.js for interactive features. The site includes a GDPR-compliant cookie consent mechanism and integrates Google Analytics for visitor insights. Performance and mobile optimization are good, with accessibility features implemented to support diverse users. From a security perspective, the site enforces HTTPS and uses cookie consent best practices. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. No vulnerabilities or exposed sensitive data were found. The WHOIS data confirms the domain's legitimacy and alignment with the governmental entity operating the site. Overall, bioportal.hr demonstrates a solid security posture, good privacy compliance, and professional digital presence. It is a trustworthy platform for environmental data dissemination with room for minor security enhancements.

Plus Hosting is a Croatian-based hosting service provider offering a range of services including domain registration, web hosting, reseller hosting, dedicated servers, VPS servers, SSL certificates, affiliate programs, and business mail solutions. The website analyzed is a placeholder page indicating that no active website is configured at the domain lun.hr. The business targets individuals and companies seeking hosting and domain services primarily in Croatia. The market position appears regional with a focus on technology infrastructure services. Technically, the website uses modern HTML5 and CSS3 standards with SVG graphics and a web font from a CDN. However, the site is minimalistic with no dynamic content, forms, or tracking scripts. The hosting provider is Plus Hosting itself, and the site performance and mobile optimization are basic but functional. There is no evidence of a CMS or advanced frameworks. From a security perspective, the site lacks visible HTTPS confirmation and security headers, which lowers its security posture. No privacy or cookie policies are present, and no incident response or security contact information is provided. The WHOIS data is unavailable due to GDPR restrictions and query limits, but this is consistent with privacy regulations and does not raise immediate suspicion. Overall, the security score is low due to missing best practices and policies. The overall risk is moderate given the site is a placeholder with no active content or user interaction. Strategic recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and improving contact and compliance information to enhance trust and security posture.

D

Dječji vrtić Carić Novalja

vrtic-caric.hr

0

Dječji vrtić Carić Novalja is a small educational institution providing kindergarten and childcare services in Novalja, Croatia. The website serves as an informational portal for parents and guardians seeking early childhood education options. The business appears locally focused with a consistent domain registration and a website built on WordPress using the Avada theme, indicating a moderate level of digital maturity. Technically, the site uses standard web technologies including jQuery and has a cookie consent mechanism, but lacks advanced security headers and explicit privacy or terms of service documentation. Security posture is adequate with HTTPS enabled, but could be improved by implementing additional security headers and clearer compliance documentation. Overall, the site is safe, professional, and trustworthy for its intended audience, but would benefit from enhanced privacy and security practices to align with best practices and regulatory requirements.

G

Gradski muzej Novalja

gradskimuzejnovalja.hr

0

Gradski muzej Novalja is a small government/non-profit cultural institution based in Croatia, focused on preserving and presenting the cultural heritage of Novalja and its surroundings. The website serves as an informational and educational platform offering museum exhibitions, lectures, and workshops to the local community and visitors. The digital presence is built on a modern WordPress CMS with Elementor and Astra theme, providing a good user experience with mobile optimization and SEO enhancements. Security posture is adequate with HTTPS enabled and no visible exposed sensitive data, but lacks advanced security headers and incident response information. Privacy compliance is limited, with no explicit cookie consent or detailed GDPR policy. Overall, the website is trustworthy and professionally maintained, suitable for its cultural mission.

C

Centar za kulturu Grada Novalje

czknovalja.hr

0

Centar za kulturu Grada Novalje is a Croatian cultural center focused on promoting and organizing cultural and sports events in Novalja and surrounding areas. The website serves as an information hub for upcoming and past events, official documents, and community engagement. It targets local residents and visitors interested in cultural activities. The site is built on WordPress with a modern theme and multilingual support, reflecting a moderate level of digital maturity. Security posture is solid with HTTPS and GDPR-compliant cookie consent, though some security headers are missing and no explicit security policies are published. Overall, the site is trustworthy and professionally maintained, suitable for its public cultural institution role.

TZ Stara Novalja is a local tourism organization dedicated to promoting the town of Stara Novalja on the island of Pag, Croatia. The website serves as a comprehensive portal offering event calendars, local attractions, outdoor activities, and useful information for tourists and property renters. It targets visitors interested in cultural events, outdoor sports, and local hospitality services. The organization appears well-established with a domain registered since 2001 and consistent WHOIS data. Technically, the website is built on WordPress using the Avada theme, leveraging common web technologies such as jQuery and MediaElement.js. It integrates Google Analytics for visitor tracking and implements cookie consent mechanisms. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS, includes standard security headers, and avoids exposing sensitive data. However, it lacks a formal security policy, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is basic, with a privacy notice present but limited GDPR-specific details. Overall, the website is trustworthy and professional, serving its purpose as a tourism information hub effectively. Strategic improvements in privacy compliance, security transparency, and accessibility could further enhance its posture and user trust.

DVD Novalja is a small, local volunteer firefighting organization based in Novalja, Croatia, serving the community on the island of Pag. The website provides information about their firefighting activities, technical interventions, and community safety efforts. The organization appears to be well-established with a domain age dating back to 2005, consistent with their operational history. The site targets local residents and visitors needing emergency and safety information. Technically, the website uses older web technologies such as jQuery 1.4.2 and lacks modern security features like HTTPS and security headers. The site is basic in design and functionality, with limited mobile optimization and no visible analytics or tracking tools. Contact information is clearly presented, but there are no privacy or cookie policies, which is a compliance gap. From a security perspective, the absence of HTTPS and use of outdated libraries pose risks. No advanced security policies or incident response contacts are provided. The site does not appear to collect user data via forms, reducing exposure but also limiting engagement. Overall, the security posture is weak and requires improvements to protect users and enhance trust. The overall risk is moderate due to the lack of encryption and outdated technology, but the site content is safe and non-malicious. Strategic recommendations include implementing HTTPS, updating libraries, adding privacy and cookie policies, and enhancing security headers to improve compliance and user trust.

V

Vodovod d.o.o. – Podružnica Novalja

aglomeracijanovalja.hr

0

The website represents a public infrastructure project managed by Vodovod d.o.o. – Podružnica Novalja, focused on improving water supply and wastewater treatment infrastructure in the Novalja region of Croatia. The project is co-financed by the European Union through the Cohesion Fund and national funds, emphasizing environmental protection and public utility enhancement. The site provides detailed project descriptions, progress updates, and contact information for stakeholders and the public. Technically, the website is built on WordPress CMS, utilizing common technologies such as jQuery, Yoast SEO for search engine optimization, and Swiper.js for interactive sliders. Hosting is provided by Plus Hosting Grupa d.o.o., a Croatian hosting provider. The site is mobile-optimized with good navigation and moderate performance. Google Analytics is used for visitor tracking, with a cookie consent mechanism in place to comply with GDPR. From a security perspective, the site enforces HTTPS and employs cookie consent banners, but lacks explicit security headers and public security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the hosting provider and the domain age aligns with the project timeline, supporting legitimacy. Overall, the website is professional, trustworthy, and compliant with privacy regulations. It effectively serves its purpose as an informational portal for a public utility project. Strategic improvements could include enhanced security headers, public incident response information, and accessibility enhancements to further strengthen security posture and user experience.

ECOLINE CROATIA offers a specialized IT solution named EKO PRIJAVA designed for efficient reporting and monitoring of field problems such as communal, construction, and road issues. Their solution includes a mobile application for quick problem reporting and a web-based administrative portal for managing reports, analytics, and work orders. The business targets municipalities, communal companies, construction firms, and other organizations requiring precise field issue tracking. The website is built on WordPress using the Enfold theme, employing standard web technologies and cloud hosting for accessibility. Security posture is moderate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content is professional and business-focused. Overall, the site provides a functional and informative platform but would benefit from enhanced security and compliance measures.

D

Dizajn Studio Novalja

ds-novalja.com

0

Dizajn Studio Novalja is a small, locally focused business established in 2003, specializing in web design, digital printing, advertising, and photography services primarily targeting the tourism sector and local companies on the island of Pag, Croatia. The company offers a range of services including website creation for tourist accommodations, graphic design, digital printing, signage, key and stamp making, and photography. Their market position is that of a regional service provider with a solid reputation, supported by positive aggregate ratings and social media presence. Technically, the website employs older JavaScript libraries such as jQuery 1.6.0 and uses Google Tag Manager for analytics. The site lacks HTTPS, which is a significant security concern, and no advanced security headers or policies are detected. The website design and content quality are good, with clear navigation and relevant business information, but mobile optimization and accessibility are basic. SEO is supported by structured data but could be improved. From a security perspective, the absence of HTTPS and security headers, along with outdated libraries, exposes the site to potential vulnerabilities. No privacy, cookie, or terms of service policies are present, indicating poor privacy compliance. Incident response and security policy information are also missing, which could impact trust and regulatory compliance. Overall, the website is functional and professional but requires urgent improvements in security and privacy compliance to reduce risk and enhance trustworthiness. Strategic recommendations include implementing HTTPS, updating libraries, adding privacy and cookie policies, and improving security headers and incident response readiness.

C

CSL Computer Service Langenbach GmbH d/b/a joker.com

novalja-pag.net

0

Novalja-pag.net is a well-established Croatian hospitality website specializing in private accommodation listings on the island of Pag. Founded in 2002, it offers a comprehensive catalog of apartments, rooms, villas, and hotels with direct booking contact options. The platform targets tourists seeking affordable and diverse lodging options near popular destinations such as Novalja and Zrće beach. Technically, the site uses a custom CMS with common web technologies including jQuery, Bootstrap, and Google services for analytics and reCAPTCHA. While the site is mobile-optimized and provides a good user experience, it lacks HTTPS enforcement and advanced security headers, which are critical for protecting user data and enhancing trust. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is credible and functional but would benefit from security and privacy improvements.

D

Dizajn Studio Novalja

novalja.info

0

Novalja.info is a regional tourism portal dedicated to providing comprehensive information and direct booking options for private accommodation on the island of Pag, Croatia, focusing on the city of Novalja and surrounding destinations. The website offers a variety of services including accommodation listings, live web cameras, weather forecasts, ferry schedules, and local news, targeting tourists and visitors planning their holidays. The business operates as a small-sized entity with a long-standing presence since 2005, managed by Dizajn Studio Novalja. Technically, the website relies on legacy technologies such as an outdated jQuery version and lacks HTTPS, which impacts its security posture and user trust. The site uses Google Analytics and Tag Manager for visitor tracking but does not provide visible privacy or cookie policies, indicating limited privacy compliance. Security-wise, the absence of HTTPS and modern security headers, combined with outdated libraries, exposes the site to potential vulnerabilities. Overall, the website is functional and content-rich but requires significant improvements in security and privacy to meet modern standards.

N

Novalja Tourist Board

tz-novalja.hr

0

The website tz-novalja.hr represents the official Tourist Board of the town of Novalja, Croatia, focusing on promoting local tourism, accommodation, and travel information. It serves as a regional informational portal targeting tourists and visitors interested in Novalja and the island of Pag. The business operates as a local government entity with a small organizational size and a long-established presence since 2003. The site content is primarily in Croatian with some English references, providing basic tourism-related information and contact details. From a technical perspective, the website uses basic HTML, CSS, and JavaScript without modern CMS or frameworks. The site lacks mobile optimization and accessibility features, and performance is moderate. There is no evidence of advanced analytics or tracking technologies, which limits data-driven insights but also reduces privacy concerns. The site redirects visitors to a related tourism site after a short delay. Security posture is weak, with no visible HTTPS enforcement, security headers, or privacy and cookie policies. No forms or user data collection mechanisms are present, reducing attack surface but also limiting user engagement. The WHOIS data is consistent and trustworthy, indicating a legitimate domain with a long history aligned with the business purpose. Overall, the website is functional for basic tourism information but requires significant improvements in security, privacy compliance, and technical modernization to enhance trust, user experience, and regulatory adherence.