Security Directory

L

Libela

libela.org

0

Libela.org is a Croatian non-profit organization dedicated to promoting gender equality and social justice through media and advocacy. The website serves as a platform for publishing articles, reports, and news focused on gender facts and social issues relevant to Croatia. It targets a general audience interested in social activism and equality. The organization has been active since 2009, reflecting a mature and stable presence in its niche. Technically, the website is built on WordPress and leverages modern web technologies such as jQuery, Lightbox2, and Swiper for enhanced user experience. It is hosted on Linode, ensuring reliable infrastructure. The site demonstrates good mobile optimization, accessibility features, and SEO practices, supported by plugins like Yoast SEO and GDPR cookie compliance tools. From a security perspective, the site uses HTTPS with a valid SSL certificate and employs domain transfer protection. However, DNSSEC is not enabled, and additional security headers could be implemented to strengthen defenses. Privacy compliance is well addressed with clear privacy and cookie policies and explicit user consent mechanisms. No critical vulnerabilities or suspicious activities were detected. Overall, Libela.org presents a trustworthy, professional, and content-rich platform with a solid security posture and compliance framework. Strategic improvements in DNS security and HTTP headers would further enhance its security maturity and resilience.

C

CESI – Centar za edukaciju, savjetovanje i istraživanje

sezamweb.net

0

SeZaM is a Croatian non-profit educational website focused on sexual education for youth, operated under the auspices of CESI – Centar za edukaciju, savjetovanje i istraživanje. The platform provides comprehensive thematic content on sexuality, gender equality, reproductive health, and related social issues, targeting young people and educators. It includes interactive elements such as a virtual assistant and links to related educational services. The website is well-structured and professionally designed, with clear navigation and relevant content for its audience. Technically, the site uses modern web technologies including Google Fonts, FontAwesome, Turbolinks, and Google Analytics, and is hosted on Linode. The presence of CSRF tokens and HTTPS indicates a baseline security posture, although some security best practices such as DNSSEC and security headers are missing. The website is mobile-optimized and SEO-friendly but lacks explicit privacy and cookie policies, which are important for GDPR compliance. From a security perspective, the domain is mature and registered with a reputable registrar, with protections against unauthorized transfers. No WAF or blocking mechanisms are detected, and the site is fully accessible. However, the absence of privacy and cookie policies, security headers, and vulnerability disclosure mechanisms represent compliance and security gaps. Overall, the site is trustworthy but could improve its security and privacy posture. Strategically, the site serves an important educational role in Croatia, with a clear mission and target audience. It benefits from partnerships with CESI and related services, enhancing its credibility and reach.

P

Pomurski muzej Murska Sobota

pomurski-muzej.si

0

Pomurski muzej Murska Sobota is a regional museum dedicated to preserving and showcasing the cultural heritage of the Pomurje region in Slovenia. The website provides comprehensive information about exhibitions, events, educational programs, and digital collections, targeting a broad audience including families, schools, and cultural enthusiasts. The museum positions itself as a key cultural institution in the region with a focus on both physical and digital heritage preservation. Technically, the website is built on the WBCE CMS platform with modern web technologies such as Bootstrap, jQuery, and Revolution Slider. It is hosted under a reputable Slovenian registrar (Arnes) and uses HTTPS with a valid SSL configuration. The site is mobile-optimized and includes basic accessibility features. Google Analytics is used for visitor tracking, and a cookie consent banner with opt-in is implemented, indicating good privacy compliance. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms but lacks advanced security headers and does not publish explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data aligns well with the website's claims, supporting legitimacy. Overall, the website is professional, trustworthy, and serves its cultural mission effectively. Strategic improvements in security headers, incident response transparency, and accessibility could enhance its security posture and compliance further.

A

ArhivPRO d.o.o.

eindigo.net

0

ArhivPRO d.o.o. is a Croatian technology company specializing in digital archiving and cataloguing solutions, primarily through their INDIGO platform. The platform targets institutions such as libraries, archives, museums, and schools, enabling them to digitize, manage, and publish diverse materials including books, photographs, and multimedia. The company demonstrates a strong market position in the cultural heritage and education sectors, supported by client references and EU project funding. Technically, the website employs modern web technologies and responsive design, providing a professional user experience. Security posture is moderate with HTTPS usage but lacks visible security headers and formal privacy/cookie policies. The WHOIS data is privacy protected due to GDPR, which is justified given the nature of the business. Overall, the website and business present a trustworthy and professional image with room for improvement in privacy and security transparency.

H

Hosting i Domene AKCIJA 1+1

wmd.hosting

0

WMD Hosting operates as a regional web hosting and domain registration provider based in Croatia, offering a comprehensive suite of web services including domain registration, hosting packages, SSL certificates, and web development. The company targets web developers and businesses of various sizes, positioning itself with promotional offers such as the 'AKCIJA 1+1' campaign. Their market presence is supported by over 20 years of experience and a user base exceeding 10,000 clients across 73 countries. The website is professionally designed with multilingual support and integrates modern web technologies and accessibility features.

H

HDIT

hdit.hr

0

HDIT is a Croatian IT integration company established in 2006, specializing in IT system implementation, maintenance, custom software and web development, cybersecurity, and IT consulting. The company holds a strong market position as a leading system integrator and helpdesk support provider in Croatia. Their services cover comprehensive IT infrastructure and application solutions, supported by partnerships with major technology vendors. The website reflects a mature digital presence with professional design, clear navigation, and mobile optimization. Technically, the site is built on WordPress with modern plugins and follows good performance and accessibility standards. Security posture is solid with HTTPS, GDPR compliance, and ISO certifications, though some security headers and incident response disclosures could be improved. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

A

Acki Nacki

ackinacki.com

0

Acki Nacki is a newly established blockchain platform launched in 2023, positioning itself as the fastest and most scalable blockchain solution with unique features such as gas-free transactions and full decentralization from block zero. The platform targets developers, blockchain users, and technology companies, offering services including token mining, wallet applications, security simulations, and reward calculators. The website reflects a professional and consistent brand image with strong community engagement across multiple social media channels. Technically, the site is built on Webflow, uses modern web technologies, and is hosted with Cloudflare DNS, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and domain transfer protections, but lacks published privacy, cookie, and terms policies, as well as explicit contact information for security incidents. Overall, the domain registration and website content are consistent and legitimate, though privacy compliance and security best practices could be improved.

S

Sveučilište u Rijeci

uniri.hr

0

Sveučilište u Rijeci is a well-established public university in Croatia, recognized as the second oldest with continuous operation in the country. The institution offers a broad range of higher education programs, research initiatives, and community engagement activities. The website reflects a strong academic and institutional presence, targeting students, researchers, and the general public interested in education and research. It maintains a consistent brand identity and provides comprehensive information about its services and partnerships, including international collaborations such as ERASMUS and YUFE.

K

KB Studios

kbstudios.hr

0

KB Studios is a small business based in Croatia currently undergoing a website redesign to improve clarity and user experience. The company invites potential clients to contact them via phone or email for services, though specific services are not detailed on the homepage. The website uses WordPress with Elementor and integrates Google Analytics and Tag Manager for tracking, along with Google Translate for multilingual support. The technical infrastructure is modern but basic, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site is functional but underdeveloped in content and compliance aspects.

H

Hrvatske ceste d.o.o.

hrvatske-ceste.hr

0

Hrvatske ceste d.o.o. is a Croatian state-owned company responsible for the management, construction, reconstruction, and maintenance of the national road network. The website reflects its official status with consistent branding and clear presentation of its services and public information. The target audience includes government entities, contractors, drivers, and the general public interested in road infrastructure and related services. The company operates under the ownership of the Republic of Croatia, positioning itself as the authoritative body for state roads.

E

Europe Direct Informacijski ured Split

europedirect-split.hr

0

Europe Direct Informacijski ured Split operates as an official European Union information center serving the Split region in Croatia. The website provides comprehensive information and advisory services about the EU, targeting local citizens and residents. It is part of the Europe Direct network, offering free services and acting as a trusted source for EU-related news, publications, and guidance. The business model is non-profit and government-affiliated, focusing on public information dissemination. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Revolution Slider, ensuring good SEO and user experience. The site is mobile-optimized and includes accessibility features, enhancing usability for diverse audiences. External integrations include Google Tag Manager and Facebook SDK for analytics and social media engagement. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's claims, showing consistent registration details and domain age appropriate for the organization's history. Overall, the website demonstrates a solid security posture, good privacy compliance, and professional business credibility. Recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and expanding contact channels for security matters.

V

Vidjet

vidjet.io

0

Vidjet is a SaaS company specializing in shoppable video solutions for modern e-commerce stores. Their platform enables merchants to embed short videos and stories on product pages at scale without coding, enhancing customer engagement and conversion rates. The website showcases strong branding, customer testimonials, and integrations with major e-commerce platforms like Shopify, PrestaShop, and WooCommerce. Technically, the site is built on Webflow CMS and leverages modern analytics and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, and Intercom, with appropriate cookie consent mechanisms in place. Security posture is generally good with HTTPS enforced, though explicit security headers are not clearly detected, and no public security policy or incident response information is available. The absence of WHOIS registration data is a notable concern, potentially indicating domain registration issues, but the website content and business presence appear professional and trustworthy. Overall, Vidjet presents a mature digital presence with room for improvement in transparency and security disclosures.

P

Placehold

placehold.co

0

Placehold is a small technology service offering a free, fast, and simple image placeholder generation platform supporting multiple image formats and customization options. The website is well designed, mobile optimized, and provides clear documentation for users, primarily targeting developers and designers needing placeholder images for projects. The technical infrastructure is modern, leveraging standard web technologies and Google Analytics for tracking, with advertising via Carbon Ads. Security posture is good with HTTPS enforced, but lacks security headers and formal policies such as privacy or cookie policies. No forms or sensitive data collection reduces risk exposure. Overall, the site is professional and trustworthy but could improve compliance and security transparency. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, and adding vulnerability disclosure information.

Municipal d.o.o. operates a website that currently serves as a minimal online presence, displaying only a logo on a plain blue background without any substantive business information or content. The lack of descriptive content, contact details, or service information limits the ability to assess the company's market position or business model. The website appears to be either under development or a placeholder. From a technical perspective, the website is very basic with no detectable scripts, frameworks, or CMS. There is no evidence of modern web technologies or SEO optimization. Mobile optimization and accessibility are minimal due to the lack of content and structure. Security posture is weak as there is no indication of HTTPS usage or security headers, and no privacy or cookie policies are present. The security evaluation highlights critical gaps including absence of HTTPS, lack of privacy and cookie policies, and no contact or incident response information. These factors significantly reduce trustworthiness and compliance with data protection regulations such as GDPR. The domain WHOIS data is privacy protected, which is common for small businesses but further limits transparency. Overall, the website poses a low risk in terms of content safety as it contains no adult or questionable material. However, the minimal content and lack of security and compliance features suggest a need for significant improvements to enhance trust, security, and user experience.

P

Pučko otvoreno učilište Katarina Zrinska – Ozalj

poukz.hr

0

Pučko otvoreno učilište Katarina Zrinska – Ozalj is a small educational institution based in Croatia, founded in 2022. The organization offers a variety of educational and creative programs targeting children, youth, retirees, and adults, focusing on lifelong learning and community engagement. The website reflects a local community-oriented business model with clear contact information and social media presence, positioning itself as a trusted local educational provider. Technically, the website employs modern front-end technologies including Bootstrap, jQuery, and various JavaScript libraries to provide a responsive and visually appealing user experience. While the site is mobile-optimized and well-structured, there is room for improvement in accessibility and SEO optimization. Hosting and domain registration are consistent with the business location, enhancing trustworthiness. From a security perspective, the website implements a cookie consent mechanism compliant with GDPR, but lacks visible advanced security headers and incident response information. No critical vulnerabilities or exposed sensitive data were detected in the provided content. The absence of terms of service and security policies suggests an opportunity to strengthen compliance and user trust. Overall, the website is functional, professional, and safe for general audiences. The risk level is low, but strategic improvements in security posture and privacy transparency would enhance the institution's digital maturity and trustworthiness.

G

Gradska knjižnica i čitaonica Ivana Belostenca

gkc-ivanabelostenca.hr

0

Gradska knjižnica i čitaonica Ivana Belostenca is a small, non-profit public library and cultural institution located in Ozalj, Croatia. It offers library services, cultural events, and access to significant historical works such as the Gazophylacium bilingual dictionary. The website serves as an informational portal for the local community and cultural enthusiasts. Technically, the site is built on Joomla CMS using common web technologies including jQuery, Bootstrap, and Google Maps API. The hosting is provided by ZoNet, a reputable Croatian hosting provider. The site is accessible, with clear navigation and consistent branding, but shows room for improvement in mobile optimization and accessibility. Security posture is moderate with HTTPS enabled but lacking important security headers and privacy compliance documentation. No forms or tracking scripts are present, minimizing privacy risks but also limiting interactivity. Overall, the website is trustworthy and professionally presented but would benefit from enhanced security and privacy measures.

Z

Zavičajni Muzej Ozalj

zmo.hr

0

Zavičajni Muzej Ozalj is a small cultural heritage museum located in Ozalj, Croatia, dedicated to preserving and showcasing 6000 years of local history through diverse collections including archaeological, ethnographic, and photographic artifacts. The museum also operates an open-air Ethno Park that exhibits traditional architecture and pre-industrial everyday items, targeting general visitors interested in history and culture. The website is professionally designed with good content quality, clear navigation, and accessibility features implemented via the EqualWeb plugin. Technically, it uses a modern but basic tech stack including Bootstrap and jQuery, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though it lacks explicit security policies and incident response information. Overall, the domain registration data aligns well with the museum's identity, indicating legitimacy and trustworthiness.

A

Azelija Eko d.o.o.

azelija-eko.hr

0

Azelija Eko d.o.o. is a Croatian municipal service company specializing in waste management, recycling, cemetery services, public lighting maintenance, and chimney sweeping within the Ozalj region and surrounding municipalities. The company operates fixed and mobile recycling yards and provides essential environmental services to local residents and businesses. The website reflects a local government service provider with clear contact information and service descriptions, targeting the regional community. Technically, the website is built on Joomla CMS with a Bootstrap framework and uses common JavaScript libraries such as jQuery and Font Awesome for UI elements. The site includes image sliders and responsive design elements, indicating moderate digital maturity. Hosting is provided by CARNET, a reputable Croatian academic network, which aligns with the local focus. From a security perspective, the site lacks visible security headers and explicit HTTPS enforcement in the provided data, which lowers its security posture. No privacy or cookie policies were found, indicating potential GDPR compliance gaps. The site does not use tracking or advertising technologies, which reduces privacy risks but also limits marketing insights. Overall, the website is functional and professional for its purpose but would benefit from enhanced security measures, privacy compliance improvements, and clearer policies to strengthen trust and regulatory adherence.

K

Komunalno Ozalj d.o.o.

komunalno-ozalj.com

0

Komunalno Ozalj d.o.o. is a municipal utility company based in Ozalj, Croatia, providing essential services such as water supply, sewage, and wastewater treatment to local residents and businesses. The website serves as an informational portal offering updates on infrastructure projects, regulatory documents, and contact information. The company appears to be a small-sized government sector entity with a domain registered since 2007, consistent with its operational history. Technically, the website is built on Joomla CMS and uses older JavaScript libraries like jQuery and MooTools. The site demonstrates basic mobile responsiveness and SEO optimization but lacks advanced technical features or modern frameworks. Hosting is inferred to be with zonet.com.hr based on DNS data. Performance is moderate with room for improvement in accessibility and mobile optimization. From a security perspective, the site uses HTTPS but lacks DNSSEC and security headers, which lowers its security posture. There is no evidence of privacy or cookie policies, which indicates compliance gaps with GDPR and related regulations. No incident response or vulnerability disclosure information is present. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional and trustworthy for its purpose but would benefit from enhanced security measures, privacy compliance, and modernization to improve user trust and regulatory adherence.

T

Turistička zajednica područja Kupa

tzp-kupa.hr

0

The website tzp-kupa.hr serves as the official tourism portal for the Kupa region in Croatia, managed by the Turistička zajednica područja Kupa. It provides comprehensive information about local attractions, events, accommodation, and gastronomy, targeting tourists and visitors interested in exploring the region. The site is positioned as a regional tourism authority with a focus on promoting natural heritage and active tourism. Technically, the site is built on WordPress using the Flatsome theme, with integrations such as Google Analytics and GTranslate for multilingual support. The infrastructure is modern and mobile-optimized, though performance is moderate. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks some security headers and formal security policies. Privacy compliance is basic, with privacy and cookie policies present but no explicit consent mechanism. Overall, the site is professional, trustworthy, and well-branded, serving its purpose effectively.

jQuery Tools is an open source JavaScript UI library providing essential user interface components such as tabs, tooltips, overlays, and form utilities. The website serves web developers and site creators by offering demos, documentation, and downloads of the library. It holds a moderate market position as a popular UI toolkit used by various websites worldwide. The business model is centered on open source distribution without direct commercial offerings. Technically, the site uses jQuery and the jQuery Tools library, hosted on HostGator, with moderate performance and basic mobile optimization. The site lacks HTTPS in the HTML content, uses HTTP for script loading, and does not implement security headers or privacy policies, indicating a low security posture. Google Analytics is used for tracking without visible cookie consent, raising privacy compliance concerns. Overall, the website is professional and functional but requires significant improvements in security and privacy compliance to enhance trust and protect users.

A

Agencija za gospodarenje otpadom d.o.o.

ago-dnz.hr

0

Agencija za gospodarenje otpadom d.o.o. operates as a regional governmental agency responsible for waste management in the Dubrovačko-neretvanska županija region of Croatia. The website serves as an informational and project communication platform, highlighting EU-funded initiatives under the Operational Programme Competitiveness and Cohesion 2014-2020. The agency provides key services including waste management infrastructure development, public education, and regulatory compliance support. Their market position is that of a specialized public sector entity with strong governmental and EU partnerships.

C

Centar za poduzetništvo d.o.o.

czp.hr

0

Centar za poduzetništvo d.o.o. is a regional entrepreneurial support center serving the Dubrovnik-Neretva County in Croatia. The organization focuses on providing a range of services including education, business consulting, credit programs, and assistance with EU funding projects. Their website reflects a government-affiliated entity aimed at fostering entrepreneurship and small business growth in the region. The target audience primarily consists of local entrepreneurs and small business owners seeking support and resources. Technically, the website employs a modern technology stack featuring jQuery, Bootstrap, FontAwesome, and various plugins for enhanced user experience and accessibility. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates Google Analytics and UserWay accessibility tools, indicating a mature digital infrastructure. The website content is well-structured, professionally designed, and includes clear navigation and relevant business information. From a security perspective, the site enforces HTTPS and obfuscates email addresses to reduce spam. However, it lacks explicit security policies and incident response contact details. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with GDPR-aligned privacy and cookie policies and a consent mechanism in place. The website demonstrates a good security posture but could improve by adding formal security documentation and security headers. Overall, the website is trustworthy, professional, and serves its business purpose effectively. The domain registration data aligns with the website's claims, reinforcing legitimacy. Strategic recommendations include enhancing security transparency, publishing incident response information, and maintaining regular security audits to sustain trust and compliance.

J

Javna ustanova za upravljanje zaštićenim dijelovima prirode Dubrovačko-neretvanske županije

zastita-prirode-dnz.hr

0

The website represents the official public institution responsible for managing protected natural areas in the Dubrovnik-Neretva County of Croatia. It provides information about environmental protection projects, permits, public procurement, and general organizational details. The site targets the general public, environmental stakeholders, and government entities, positioning itself as a regional governmental authority with a focus on nature conservation. Technically, the website is built on WordPress using the Enfold theme and several plugins including Yoast SEO and Event Organiser. It employs Google Analytics and Tag Manager for traffic analysis and has implemented cookie consent mechanisms, indicating GDPR awareness. The security posture is solid with HTTPS enabled and no obvious vulnerabilities detected, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-maintained, with clear branding and consistent content quality.

R

Regionalna razvojna agencija Dubrovačko-neretvanske županije - DUNEA

dunea.hr

0

Regionalna razvojna agencija Dubrovačko-neretvanske županije (DUNEA) is a government-established regional development agency founded in 2006 in Dubrovnik, Croatia. The agency focuses on promoting sustainable and balanced regional development, coordinating existing development activities, and aligning with national and EU requirements. Their key services include strategic planning, EU project management, and regional economic development initiatives. The website reflects a professional and consistent brand presence targeting regional stakeholders, local government, and businesses involved in development projects. Technically, the site is built on Joomla CMS with modern frontend frameworks and libraries, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent but lacks advanced security headers and explicit incident response policies. Overall, the site is trustworthy and compliant with GDPR, providing clear contact information and partner links.

D

Dubrovačko-neretvanska županija

edubrovnik.org

0

Dubrovačko-neretvanska županija operates as the official regional government website for the Dubrovnik-Neretva County in Croatia. The site provides comprehensive information about county administration, public notices, events, documents, and contact details, targeting residents and stakeholders within the region. It serves as a key communication channel for government services and public information dissemination. Technically, the website is built on WordPress 6.6.1 with multilingual support via WPML, uses modern web technologies including jQuery and Google Fonts, and implements a cookie consent mechanism to comply with privacy regulations. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Security-wise, the website enforces HTTPS and uses updated software versions, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or malicious indicators were detected. Overall, the website is trustworthy and professional, though improvements in privacy policy visibility and security disclosures are recommended.

M

Ministarstvo zaštite okoliša i zelene tranzicije

bioportal.hr

0

Bioportal.hr is the official web portal for the Information System for Nature Protection in Croatia, operated by the Ministry of Environment and Green Transition. It serves as a comprehensive platform providing biodiversity data, observation reporting tools, red list assessments, and other resources aimed at supporting nature conservation efforts. The website targets researchers, environmental professionals, government agencies, and the general public interested in Croatian natural heritage. It holds a strong market position as the authoritative national resource for environmental data and reporting. Technically, the website is built on WordPress with multilingual support via WPML, leveraging modern JavaScript libraries such as jQuery and Swiper.js for interactive features. The site includes a GDPR-compliant cookie consent mechanism and integrates Google Analytics for visitor insights. Performance and mobile optimization are good, with accessibility features implemented to support diverse users. From a security perspective, the site enforces HTTPS and uses cookie consent best practices. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. No vulnerabilities or exposed sensitive data were found. The WHOIS data confirms the domain's legitimacy and alignment with the governmental entity operating the site. Overall, bioportal.hr demonstrates a solid security posture, good privacy compliance, and professional digital presence. It is a trustworthy platform for environmental data dissemination with room for minor security enhancements.

APIS IT d.o.o. operates as an IT service provider specializing in identity federation and authentication services primarily for Croatian government entities such as Grad Zagreb and the Ministry of Culture. The website analyzed is a Home Realm Discovery page facilitating user authentication selection among trusted identity providers. The business targets organizational users within government and affiliated institutions, leveraging Microsoft Active Directory Federation Services (ADFS) technology to provide secure access management. The company holds a moderate market position as a government IT service provider with a medium-sized organizational footprint in Croatia. Technically, the site employs standard web technologies including HTML5, JavaScript, and CSS, integrated with Microsoft ADFS frameworks. The site is functional with basic mobile optimization and accessibility features but lacks advanced SEO and performance optimizations. The infrastructure appears stable but could benefit from enhanced security headers and improved user experience elements. From a security perspective, the site uses HTTPS and implements basic input validation on forms. However, it lacks explicit security headers such as Content-Security-Policy and Strict-Transport-Security, which are recommended for modern secure web applications. No privacy or cookie policies are present, indicating gaps in compliance and user transparency. No contact or incident response information is provided, limiting user support and security communication channels. Overall, the website is safe and professional for its intended government audience but requires improvements in privacy compliance, security hardening, and user support to enhance trust and regulatory adherence.

E

Edhotels OÜ

edhotels.com

0

ED Hotels (Edhotels OÜ) is a small Estonian company specializing in web design and a proprietary hotel sales and management system called BOUK. The company targets hospitality providers such as hotels, guest apartments, and other accommodation services primarily in Estonia and neighboring countries. Their market position is that of an established regional player with a decade-plus history and a loyal client base. Technically, the website is built on WordPress with modern analytics and marketing integrations including Google Tag Manager, Facebook Pixel, Hotjar, and MailerLite, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS registration data is a notable concern for domain legitimacy, but the professional website content and client testimonials support business credibility. Overall, the site is well-designed, user-friendly, and compliant with GDPR requirements.

O

OpenHotels

bouk.io

0

Bouk is a technology platform focused on providing next-generation hospitality system solutions. The company behind the domain is OpenHotels, registered in Estonia since 2021, indicating a relatively new but legitimate business entity in the hospitality technology sector. The website presents minimal visible content, primarily a React-based single-page application with integration of Stripe for payments and FullStory for analytics. The technical infrastructure leverages modern web technologies and is hosted on AWS, as inferred from DNS records. Security posture is moderate with HTTPS enforced and domain transfer protection enabled, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy and cookie policies are absent, which impacts compliance and user trust. Overall, the website is safe with no adult or questionable content detected, but lacks comprehensive transparency and contact information. Strategic improvements in security policies, privacy compliance, and user engagement features are advised to strengthen trust and regulatory adherence.

The website www.peresobralik.ee represents the Estonian non-profit organization Eesti Lasterikaste Perede Liit, which focuses on promoting family-friendly dining establishments through a certification mark. The site targets families with children in Estonia and provides information about the certification, news updates, and regional member organizations. The business model is non-profit and community-oriented, aiming to enhance societal recognition and support for families with children. Technically, the website is built on WordPress and utilizes common web technologies such as jQuery, Owl Carousel, Font Awesome, and Google Fonts. The site is moderately performant, mobile-optimized, and has a clear navigation structure. However, it lacks advanced SEO and accessibility features. The hosting provider is not explicitly identified from the content. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is present. The site does not use analytics or tracking services, indicating minimal user tracking. Overall, the website is legitimate, safe, and professionally presented but has room for improvement in privacy compliance and security best practices. The WHOIS data aligns well with the website's claims, supporting its trustworthiness.

T

Tallinn Restaurant Week MTÜ

tallinnrestaurantweek.ee

0

Tallinn Restaurant Week MTÜ operates a well-established hospitality event promoting fine dining experiences across over 100 restaurants in Tallinn, Estonia. The website serves as an informational and promotional platform, highlighting event dates, restaurant participation, awards, and green dining initiatives. The business targets general audiences interested in culinary experiences and positions itself as a reputable local event with international quality standards. Technically, the website is built using modern frameworks such as SvelteKit and integrates common analytics and marketing tools like Google Analytics and Facebook Pixel. The site is performant, mobile-optimized, and professionally designed, though it lacks some advanced accessibility features and explicit cookie consent mechanisms. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but the absence of security headers and incident response information suggests room for improvement. Overall, the website is trustworthy and credible, with consistent WHOIS data supporting legitimacy. Strategic recommendations include enhancing privacy compliance, adding security headers, and publishing security policies to strengthen user trust and regulatory adherence.

T

TableOnline.fi

tableonline.fi

0

TableOnline.fi is a professional online restaurant reservation platform targeting consumers in Finland and Tallinn. It offers services such as restaurant bookings, user reviews, and special offers, positioning itself as a leading service in the hospitality sector within its geographic focus. The website demonstrates a modern technical infrastructure leveraging Preact, AWS hosting, and integrations with major analytics and advertising platforms like Google Analytics, Facebook Pixel, and Stripe for payment processing. Security posture is strong with HTTPS enforcement, security headers, and secure payment mechanisms, although explicit security policies and incident response information are not publicly available. Privacy compliance is supported by a comprehensive cookie consent mechanism, but lacks a clearly accessible privacy policy and terms of service. Overall, the site is well-designed, mobile-optimized, and trustworthy, with no adult or questionable content detected.

S

SHOEI CO., LTD.

shoei.com

0

SHOEI CO., LTD. is a globally recognized premium motorcycle helmet manufacturer with a strong market presence and a network of regional distributors worldwide. The website serves as a hub for worldwide distributor contacts and product information tailored to regional markets. The company targets motorcycle riders and distributors, emphasizing safety, design, and performance in its product offerings. Technically, the website employs modern JavaScript libraries and tracking tools, including Google Analytics, Facebook SDK, and Line Tag, indicating a mature digital infrastructure. The site is mobile-optimized with good navigation and professional design, though it lacks some privacy and security policy disclosures. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but the absence of security headers and incident response information suggests room for improvement. The WHOIS data is unavailable, which raises some concerns about domain registration transparency but does not detract from the professional presentation and legitimacy of the business. Overall, the website is safe, professional, and functional, with recommendations to enhance privacy compliance and security transparency.

S

Stokker AS

stokker.com

0

Stokker AS is a leading sales and service company specializing in professional tools, machinery, and maintenance services primarily serving the Baltic region and Europe. With over 30 years of experience, it operates both physical tool centers and an e-commerce platform, offering a broad range of products and services including a loyalty program and financing solutions. The company positions itself as a reliable partner with extensive expertise and a large maintenance team. Technically, the website is built on modern frameworks such as Next.js and React, integrating Google Tag Manager and Salesforce Live Agent for analytics and customer support. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although some advanced security policies and incident response information are not publicly disclosed. Privacy and cookie policies are present and GDPR compliant. Overall, the website is professional, user-friendly, and trustworthy, though the absence of WHOIS data introduces some uncertainty about domain registration details.

T

TJ studio d.o.o.

tjstudio.info

0

TJ studio d.o.o. is a Croatian-based technology company specializing in web hosting, web design, and internet application development. Established since 2009, the company positions itself as a reliable and innovative service provider for businesses and individuals seeking professional digital solutions. Their offerings include a variety of hosting packages, domain registration, website maintenance, and custom web development services. The company maintains an active online presence with social media channels and a customer support portal, emphasizing customer service and technical support availability. Technically, the website is built on WordPress using the Betheme theme and integrates modern plugins such as Yoast SEO Premium and Slider Revolution. It employs Google Analytics for traffic analysis and Google reCAPTCHA for form security. The site is mobile-optimized and demonstrates good SEO practices. However, some security headers are not explicitly detected, and there is no dedicated security policy or incident response contact information visible. From a security perspective, the site uses HTTPS with a valid SSL certificate and implements GDPR-compliant cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is limited due to privacy protection, with no public registrant details, but the website content and contact information appear consistent and professional. Overall, TJ studio d.o.o. presents a trustworthy and professional digital presence with a solid technical foundation and compliance with privacy regulations. Strategic improvements in security headers and incident response transparency could further enhance their security posture and customer trust.

H

Hrvatski autoklub

hak.hr

0

Hrvatski autoklub (HAK) is a well-established national automobile club in Croatia, founded in 1997, providing a broad range of services including roadside assistance, travel and traffic information, driver education, and vehicle technical inspections. The website reflects a mature digital presence with comprehensive content tailored to drivers and vehicle owners in Croatia. The technical infrastructure leverages modern web technologies such as jQuery and Google Fonts, hosted with Cloudflare DNS, and includes a cookie consent mechanism aligned with GDPR requirements. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though improvements in security headers and incident response disclosures are recommended. Overall, the website is professional, trustworthy, and serves its audience effectively.

O

otocniproizvod.hr

otocniproizvod.hr

0

The website otocniproizvod.hr is a Croatian language health and wellness content platform focusing on articles and reviews of health supplements and related products. It targets a general audience interested in health improvement and wellness products. The business model appears to be content publishing with affiliate marketing or product promotion as revenue streams. The site is built on WordPress using common plugins for SEO, ratings, and link management, indicating a moderate level of digital maturity. Technically, the site is well-structured, mobile-optimized, and uses HTTPS with no visible SSL issues, but lacks some security headers and cookie consent mechanisms. Security posture is adequate for a content site, with no visible vulnerabilities or exposed sensitive data. Privacy compliance is partial, with a privacy policy present but no cookie consent banner. Overall, the site is safe, professional, and trustworthy, though improvements in security headers and privacy compliance are recommended.

Plus Hosting is a Croatian-based hosting service provider offering a range of services including domain registration, web hosting, reseller hosting, dedicated servers, VPS servers, SSL certificates, affiliate programs, and business mail solutions. The website analyzed is a placeholder page indicating that no active website is configured at the domain lun.hr. The business targets individuals and companies seeking hosting and domain services primarily in Croatia. The market position appears regional with a focus on technology infrastructure services. Technically, the website uses modern HTML5 and CSS3 standards with SVG graphics and a web font from a CDN. However, the site is minimalistic with no dynamic content, forms, or tracking scripts. The hosting provider is Plus Hosting itself, and the site performance and mobile optimization are basic but functional. There is no evidence of a CMS or advanced frameworks. From a security perspective, the site lacks visible HTTPS confirmation and security headers, which lowers its security posture. No privacy or cookie policies are present, and no incident response or security contact information is provided. The WHOIS data is unavailable due to GDPR restrictions and query limits, but this is consistent with privacy regulations and does not raise immediate suspicion. Overall, the security score is low due to missing best practices and policies. The overall risk is moderate given the site is a placeholder with no active content or user interaction. Strategic recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and improving contact and compliance information to enhance trust and security posture.

D

Dječji vrtić Carić Novalja

vrtic-caric.hr

0

Dječji vrtić Carić Novalja is a small educational institution providing kindergarten and childcare services in Novalja, Croatia. The website serves as an informational portal for parents and guardians seeking early childhood education options. The business appears locally focused with a consistent domain registration and a website built on WordPress using the Avada theme, indicating a moderate level of digital maturity. Technically, the site uses standard web technologies including jQuery and has a cookie consent mechanism, but lacks advanced security headers and explicit privacy or terms of service documentation. Security posture is adequate with HTTPS enabled, but could be improved by implementing additional security headers and clearer compliance documentation. Overall, the site is safe, professional, and trustworthy for its intended audience, but would benefit from enhanced privacy and security practices to align with best practices and regulatory requirements.

G

Gradski muzej Novalja

gradskimuzejnovalja.hr

0

Gradski muzej Novalja is a small government/non-profit cultural institution based in Croatia, focused on preserving and presenting the cultural heritage of Novalja and its surroundings. The website serves as an informational and educational platform offering museum exhibitions, lectures, and workshops to the local community and visitors. The digital presence is built on a modern WordPress CMS with Elementor and Astra theme, providing a good user experience with mobile optimization and SEO enhancements. Security posture is adequate with HTTPS enabled and no visible exposed sensitive data, but lacks advanced security headers and incident response information. Privacy compliance is limited, with no explicit cookie consent or detailed GDPR policy. Overall, the website is trustworthy and professionally maintained, suitable for its cultural mission.

C

Centar za kulturu Grada Novalje

czknovalja.hr

0

Centar za kulturu Grada Novalje is a Croatian cultural center focused on promoting and organizing cultural and sports events in Novalja and surrounding areas. The website serves as an information hub for upcoming and past events, official documents, and community engagement. It targets local residents and visitors interested in cultural activities. The site is built on WordPress with a modern theme and multilingual support, reflecting a moderate level of digital maturity. Security posture is solid with HTTPS and GDPR-compliant cookie consent, though some security headers are missing and no explicit security policies are published. Overall, the site is trustworthy and professionally maintained, suitable for its public cultural institution role.

TZ Stara Novalja is a local tourism organization dedicated to promoting the town of Stara Novalja on the island of Pag, Croatia. The website serves as a comprehensive portal offering event calendars, local attractions, outdoor activities, and useful information for tourists and property renters. It targets visitors interested in cultural events, outdoor sports, and local hospitality services. The organization appears well-established with a domain registered since 2001 and consistent WHOIS data. Technically, the website is built on WordPress using the Avada theme, leveraging common web technologies such as jQuery and MediaElement.js. It integrates Google Analytics for visitor tracking and implements cookie consent mechanisms. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS, includes standard security headers, and avoids exposing sensitive data. However, it lacks a formal security policy, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is basic, with a privacy notice present but limited GDPR-specific details. Overall, the website is trustworthy and professional, serving its purpose as a tourism information hub effectively. Strategic improvements in privacy compliance, security transparency, and accessibility could further enhance its posture and user trust.

DVD Novalja is a small, local volunteer firefighting organization based in Novalja, Croatia, serving the community on the island of Pag. The website provides information about their firefighting activities, technical interventions, and community safety efforts. The organization appears to be well-established with a domain age dating back to 2005, consistent with their operational history. The site targets local residents and visitors needing emergency and safety information. Technically, the website uses older web technologies such as jQuery 1.4.2 and lacks modern security features like HTTPS and security headers. The site is basic in design and functionality, with limited mobile optimization and no visible analytics or tracking tools. Contact information is clearly presented, but there are no privacy or cookie policies, which is a compliance gap. From a security perspective, the absence of HTTPS and use of outdated libraries pose risks. No advanced security policies or incident response contacts are provided. The site does not appear to collect user data via forms, reducing exposure but also limiting engagement. Overall, the security posture is weak and requires improvements to protect users and enhance trust. The overall risk is moderate due to the lack of encryption and outdated technology, but the site content is safe and non-malicious. Strategic recommendations include implementing HTTPS, updating libraries, adding privacy and cookie policies, and enhancing security headers to improve compliance and user trust.

V

Vodovod d.o.o. – Podružnica Novalja

aglomeracijanovalja.hr

0

The website represents a public infrastructure project managed by Vodovod d.o.o. – Podružnica Novalja, focused on improving water supply and wastewater treatment infrastructure in the Novalja region of Croatia. The project is co-financed by the European Union through the Cohesion Fund and national funds, emphasizing environmental protection and public utility enhancement. The site provides detailed project descriptions, progress updates, and contact information for stakeholders and the public. Technically, the website is built on WordPress CMS, utilizing common technologies such as jQuery, Yoast SEO for search engine optimization, and Swiper.js for interactive sliders. Hosting is provided by Plus Hosting Grupa d.o.o., a Croatian hosting provider. The site is mobile-optimized with good navigation and moderate performance. Google Analytics is used for visitor tracking, with a cookie consent mechanism in place to comply with GDPR. From a security perspective, the site enforces HTTPS and employs cookie consent banners, but lacks explicit security headers and public security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the hosting provider and the domain age aligns with the project timeline, supporting legitimacy. Overall, the website is professional, trustworthy, and compliant with privacy regulations. It effectively serves its purpose as an informational portal for a public utility project. Strategic improvements could include enhanced security headers, public incident response information, and accessibility enhancements to further strengthen security posture and user experience.

I

Institut za Neuromarketing

neuromarketinginstitut.com

0

Institut za Neuromarketing is a specialized Croatian institute providing neuromarketing services including neuroadvertising, neurobranding, scientific and expert research, and advanced technologies such as EEG, eye tracking, biometric methods, and facial coding. The website positions the institute as a market leader in Croatia with a focus on business and scientific clients. The digital infrastructure is built on WordPress with modern plugins and tools, ensuring good performance and mobile optimization. Privacy and cookie policies are well implemented, reflecting GDPR compliance. Security posture is adequate with HTTPS and reCAPTCHA usage, though improvements in DNSSEC and security headers are recommended. Overall, the website is professional, trustworthy, and well-maintained, supporting the institute's credibility and market presence.

ECOLINE CROATIA offers a specialized IT solution named EKO PRIJAVA designed for efficient reporting and monitoring of field problems such as communal, construction, and road issues. Their solution includes a mobile application for quick problem reporting and a web-based administrative portal for managing reports, analytics, and work orders. The business targets municipalities, communal companies, construction firms, and other organizations requiring precise field issue tracking. The website is built on WordPress using the Enfold theme, employing standard web technologies and cloud hosting for accessibility. Security posture is moderate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content is professional and business-focused. Overall, the site provides a functional and informative platform but would benefit from enhanced security and compliance measures.

D

Dizajn Studio Novalja

ds-novalja.com

0

Dizajn Studio Novalja is a small, locally focused business established in 2003, specializing in web design, digital printing, advertising, and photography services primarily targeting the tourism sector and local companies on the island of Pag, Croatia. The company offers a range of services including website creation for tourist accommodations, graphic design, digital printing, signage, key and stamp making, and photography. Their market position is that of a regional service provider with a solid reputation, supported by positive aggregate ratings and social media presence. Technically, the website employs older JavaScript libraries such as jQuery 1.6.0 and uses Google Tag Manager for analytics. The site lacks HTTPS, which is a significant security concern, and no advanced security headers or policies are detected. The website design and content quality are good, with clear navigation and relevant business information, but mobile optimization and accessibility are basic. SEO is supported by structured data but could be improved. From a security perspective, the absence of HTTPS and security headers, along with outdated libraries, exposes the site to potential vulnerabilities. No privacy, cookie, or terms of service policies are present, indicating poor privacy compliance. Incident response and security policy information are also missing, which could impact trust and regulatory compliance. Overall, the website is functional and professional but requires urgent improvements in security and privacy compliance to reduce risk and enhance trustworthiness. Strategic recommendations include implementing HTTPS, updating libraries, adding privacy and cookie policies, and improving security headers and incident response readiness.

C

CSL Computer Service Langenbach GmbH d/b/a joker.com

novalja-pag.net

0

Novalja-pag.net is a well-established Croatian hospitality website specializing in private accommodation listings on the island of Pag. Founded in 2002, it offers a comprehensive catalog of apartments, rooms, villas, and hotels with direct booking contact options. The platform targets tourists seeking affordable and diverse lodging options near popular destinations such as Novalja and Zrće beach. Technically, the site uses a custom CMS with common web technologies including jQuery, Bootstrap, and Google services for analytics and reCAPTCHA. While the site is mobile-optimized and provides a good user experience, it lacks HTTPS enforcement and advanced security headers, which are critical for protecting user data and enhancing trust. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is credible and functional but would benefit from security and privacy improvements.

D

Dizajn Studio Novalja

novalja.info

0

Novalja.info is a regional tourism portal dedicated to providing comprehensive information and direct booking options for private accommodation on the island of Pag, Croatia, focusing on the city of Novalja and surrounding destinations. The website offers a variety of services including accommodation listings, live web cameras, weather forecasts, ferry schedules, and local news, targeting tourists and visitors planning their holidays. The business operates as a small-sized entity with a long-standing presence since 2005, managed by Dizajn Studio Novalja. Technically, the website relies on legacy technologies such as an outdated jQuery version and lacks HTTPS, which impacts its security posture and user trust. The site uses Google Analytics and Tag Manager for visitor tracking but does not provide visible privacy or cookie policies, indicating limited privacy compliance. Security-wise, the absence of HTTPS and modern security headers, combined with outdated libraries, exposes the site to potential vulnerabilities. Overall, the website is functional and content-rich but requires significant improvements in security and privacy to meet modern standards.