Security Directory

S

Subjekt d.o.o.

subjekt.eu

0

Subjekt d.o.o. is a Croatian consulting company specializing in connecting culture, tourism, sport, and local communities with EU funding opportunities. Founded in 2018 and based in Rijeka, it has a niche market position focusing on EU fund projects such as Erasmus+, Interreg, Creative Europe, and the European Social Fund. The company is part of the Impuls savjetovanja d.o.o. group since 2023, enhancing its professional capacity. The website reflects a professional and consistent brand image with clear messaging targeted at organizations seeking EU funding support in relevant sectors. Technically, the website is built on WordPress with modern technologies including Bootstrap 5, jQuery, and SEO plugins, delivering good performance and mobile optimization. Security posture is solid with HTTPS and hCaptcha integration, though security headers and formal security policies could be improved. Privacy compliance is partial with a cookie consent mechanism but lacking a visible privacy policy. Contact is primarily via a contact form, with no explicit emails or phone numbers publicly listed. Overall, the website is trustworthy and professionally maintained, suitable for its business purpose.

W

WEB Marketing d.o.o.

wem.hr

0

WEB Marketing d.o.o. is a Croatian technology company specializing in custom web solutions, ecommerce platforms, and software development with over 25 years of experience and a strong market presence evidenced by 27 awards and 500+ projects. Their business model focuses on agile development using Scrum methodology, targeting businesses seeking tailored digital solutions. The website reflects a mature digital infrastructure with integration of Google Tag Manager for analytics and marketing, hosted on Premium Hosting and managed via EasyEdit CMS. Security posture is solid with HTTPS enforced and secure form handling, though lacking explicit security headers and published security policies. Privacy compliance is partial with a cookie policy and consent mechanism but no dedicated privacy policy page. Contact information is clearly presented, enhancing business credibility. Overall, the site is professional, well-structured, and trustworthy.

Impuls savjetovanje is a professional consulting firm specializing in securing and managing EU funds, international cooperation projects, education, and sustainability advisory services. The company has a strong market presence in Croatia and the surrounding region, demonstrated by its extensive portfolio of over 400 successful projects and partnerships with recognized organizations. Their website reflects a mature digital infrastructure built on WordPress with modern frameworks and plugins, ensuring a responsive and user-friendly experience. Security measures such as HTTPS, hCaptcha, and GDPR-compliant cookie consent are implemented effectively, indicating a solid security posture. However, the absence of publicly available WHOIS data due to privacy protection is noted but justified given the business nature. Overall, the website is professional, trustworthy, and well-optimized for its target audience.

A

Agencija za lijekove i medicinske proizvode

halmed.hr

0

HALMED is the Croatian Agency for Medicines and Medical Products, serving as the national regulatory authority responsible for the oversight, approval, and monitoring of medicines, medical devices, and homeopathic products. The website provides comprehensive information, publications, news, and resources targeted at patients, healthcare professionals, and industry representatives. It maintains a clear market position as a government healthcare regulator with a medium-sized operational scale and a founding date consistent with its domain registration in 2010. Technically, the website employs a legacy jQuery version alongside modern tracking tools such as Google Analytics, Google Tag Manager, and Google reCAPTCHA v3 for form security. The hosting is provided by a Croatian hosting company, and the site uses HTTPS with a good SSL configuration. However, some modernization opportunities exist, including updating JavaScript libraries and implementing security headers and cookie consent mechanisms. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and form protection via reCAPTCHA. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit privacy and cookie policies, lack of security headers, and use of outdated libraries present moderate risks. The domain WHOIS data aligns well with the website's claims, indicating legitimacy and trustworthiness. Overall, HALMED's website is professional, trustworthy, and serves its regulatory function effectively. Strategic improvements in privacy compliance and technical security would enhance its posture and user trust.

R

Renault Hrvatska

renault.hr

0

Renault Hrvatska operates as the official Croatian website for the Renault automotive brand, providing comprehensive information on new and used vehicles, financing options, after-sales services, and vehicle configurators. The website targets Croatian consumers interested in purchasing Renault vehicles, offering a broad portfolio including electric and hybrid models. The site reflects a mature digital presence consistent with a large automotive brand, supported by structured navigation and official branding. Technically, the site employs modern JavaScript libraries, Google Tag Manager, and Plausible Analytics, alongside a cookie consent mechanism compliant with GDPR signals. Security posture is strong with HTTPS enforced and privacy-respecting analytics loading conditioned on user privacy signals. However, explicit privacy policies, terms of service, and security incident response information are not directly visible in the provided content. WHOIS data confirms domain legitimacy and consistency with Renault's global presence. Overall, the site is professional, trustworthy, and well-optimized for its audience.

E

Elproms Team j.d.o.o.

elproms.com

0

Elproms Team j.d.o.o. is a Croatian IT company specializing in Internet of Things (IoT) technology and smart business solutions. Founded in 2018 and headquartered in Zagreb, the company offers enterprise software products such as Improve Card for business monitoring and Qualy for ISO 9001 conformity. Their market positioning targets manufacturing companies and businesses seeking smart home, smart city, and Industry 4.0 solutions. The website reflects a professional and consistent brand image with clear contact details and partner affiliations. Technically, the site uses modern web technologies including Bootstrap and jQuery, is mobile optimized, and implements cookie consent mechanisms. Security posture is solid with HTTPS enforced and CSRF protection on forms, though some security headers and DNSSEC are missing. Privacy compliance is well addressed with accessible policies and GDPR consent. Overall, the company presents a credible and trustworthy digital presence.

M

MONERE DIGITAL

themonere.net

0

MONERE DIGITAL is a Croatia-based small technology company specializing in innovative digital experiences, including 3D holographic displays and sound masking solutions. Their website showcases a professional portfolio with client testimonials and emphasizes creativity and problem-solving in marketing and communication technologies. The technical infrastructure is based on standard web technologies with moderate performance and good mobile optimization. However, the site lacks advanced security headers and explicit HTTPS enforcement details, and no privacy or cookie policies are present, indicating gaps in privacy compliance. The WHOIS data is consistent with the business claims, showing a domain registered since 2017 without privacy protection, supporting legitimacy. Overall, the website is professional but could improve security and privacy posture.

M

MICRO-LINK d.o.o.

microlink.hr

0

MICRO-LINK d.o.o. is a well-established Croatian telecommunications company founded in 1996, specializing in a broad range of communication technology solutions including private and public mobile networks, microwave radio systems, professional Wi-Fi, IoT, network, security, and defense systems. The company targets business and government sectors requiring reliable and advanced communication infrastructure. Their market position is solid within Croatia and the surrounding region, supported by partnerships with recognized technology providers and EU funding acknowledgments. Technically, the website employs a moderate technology stack with jQuery 1.8.3, Flexslider, and Slick Carousel, indicating a somewhat dated but functional infrastructure. The site is mobile optimized and provides a good user experience, though accessibility and SEO could be improved. Hosting and domain registration are consistent with the company's Croatian base. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks advanced security headers and published security policies. The use of an outdated jQuery version presents a potential vulnerability. No exposed sensitive data or obvious vulnerabilities were detected. Privacy compliance is limited due to the absence of a privacy policy and terms of service. Overall, the website is professional and trustworthy with a strong business credibility score. However, improvements in privacy compliance, security best practices, and technical modernization are recommended to enhance security posture and regulatory adherence.

Horfam d.o.o. is a Croatian company specializing in lighting solutions, offering a broad range of lighting products and services including design and project planning. Established in 2000, the company positions itself as a provider of modern, ecological, and energy-efficient lighting technologies tested in demanding applications. The website is built on WordPress, leveraging popular plugins such as Yoast SEO and Google Analytics, and includes a cookie consent mechanism compliant with GDPR requirements. Security measures include HTTPS and Google reCAPTCHA, but lack explicit security policies or vulnerability disclosures. The domain registration data aligns well with the company's claims, indicating legitimacy and trustworthiness.

L

Lipapromet d.o.o.

lipapromet.hr

0

Lipapromet d.o.o. is a Croatian company specializing in wholesale distribution of lighting and electrical materials, as well as providing professional services in lighting design and building management systems. Established in 2001, the company has a solid market presence with multiple project references across Croatia, serving professional and commercial clients. Their website reflects a medium-sized enterprise with a focus on B2B services in the energy and retail sectors. Technically, the website is built on ASP.NET WebForms with DotNetNuke CMS, using jQuery and hosted likely via Croatian Academic and Research Network (CARNET) or Azure DNS. The site is secured with HTTPS and includes privacy and cookie policies with consent mechanisms, though some modern security headers like CSP are missing. The security posture is good but could be enhanced by updating libraries and adding incident response information. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

E

ENERGY PLUS d.o.o.

energyplus.hr

0

ENERGY PLUS d.o.o. is a Croatian company established in 2005 specializing in professional LED lighting, industrial machinery production, and renewable energy solutions such as photovoltaic systems. The company targets industrial and business clients seeking modern lighting and machinery solutions. Their website reflects a stable, small-sized manufacturing business with consistent branding and clear service offerings. Technically, the website is built on WordPress using the Divi theme, with standard libraries like jQuery and MediaElement.js, hosted likely under Croatian infrastructure. The site is moderately performant, mobile-optimized, and accessible at a basic level. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and documented security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is professional and trustworthy but could improve in compliance and security transparency.

L

Living Lab Koprivnica

living-lab.hr

0

Living Lab Koprivnica is a collaborative innovation platform focused on testing and developing smart outdoor lighting and smart city solutions in Koprivnica, Croatia. The project connects technology providers, research institutions, public bodies, and citizens to foster sustainable energy development and smart urban infrastructure. The website presents detailed information about partners, technologies, and test fields, reflecting a mature and professional digital presence. Technically, the website uses modern web technologies including Google Maps API for interactive maps, Google Analytics for tracking, and jQuery for scripting. The site is hosted by Hrvatski Telekom d.d., a reputable Croatian provider, and employs HTTPS for secure communication. While the site is well-structured and mobile-optimized, it lacks some security headers and cookie consent mechanisms, which are recommended for enhanced security and privacy compliance. From a security perspective, the site demonstrates good practices such as encrypted connections and no visible sensitive data exposure. However, the absence of explicit security policies and incident response contacts indicates room for improvement in security governance. The WHOIS data aligns well with the website's claims, supporting the legitimacy of the domain and business. Overall, Living Lab Koprivnica's website is a trustworthy and informative resource for stakeholders interested in smart city innovations, with recommendations to strengthen privacy compliance and security posture for future resilience.

D

Digital Innovation Hub North

dih-north.eu

0

Digital Innovation Hub North is a regional innovation hub focused on supporting creative industries and businesses in Northern Croatia to grow and internationalize through digital transformation. The website presents a professional image with clear descriptions of services such as ecosystem building, strategy development, prototyping, and networking. Partnerships with regional innovation centers like Enter Koprivnica, TechPark Varaždin, and TICM reinforce its market position. Technically, the site uses modern web technologies including Google Analytics and Tag Manager, with a responsive design and moderate performance. Security posture is adequate with HTTPS enabled but lacks some security headers and formal privacy and cookie policies, which are important for compliance. Overall, the site is trustworthy and business credible but could improve privacy compliance and security best practices.

U

Udruga konzultantskih društava u graditeljstvu

ukdg.hr

0

UKDG is a Croatian non-profit association representing consulting companies in the construction sector. Founded in 2011, it aims to protect and enhance the business interests and reputation of its members by promoting professional standards and ethics. The website reflects a mature organization with clear business objectives, member services, and international affiliation through FIDIC membership. Technically, the site uses a modern stack including Bootstrap, jQuery, and various UI libraries, hosted under Croatian registrar CARNET with consistent domain registration data. Security posture is solid with HTTPS and cookie consent implemented, though it lacks explicit security policies and some security headers. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

W

Web studio Sto2

sto2.hr

0

Web studio Sto2 is a Croatian-based small technology company specializing in web design, online and mobile application development, graphic and print design, and software solutions. Established in 2012, the company serves primarily regional clients in Croatia and neighboring countries, with a portfolio including automotive, shipbuilding, healthcare, and other sectors. The website showcases a professional portfolio of client projects and emphasizes responsive design and custom CMS solutions. Technically, the site uses modern web technologies including Vue.js and jQuery, and integrates Google Analytics for user tracking. However, there are gaps in privacy compliance, notably the absence of privacy and cookie policies, which is critical for GDPR adherence given the regional focus. Security posture is moderate with no visible security headers or incident response information, but no critical vulnerabilities were detected in the content. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security practices.

Z

Zagreb Film Office

filmzagreb.hr

0

Zagreb Film Office is a municipal entity representing the city of Zagreb, Croatia, as a filming destination. The website serves as an informational and facilitation platform for film industry professionals, providing services such as location scouting and permitting. The site is built on a modern WordPress platform with WooCommerce integration, SEO optimization via Yoast, and Google Analytics tracking, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, though some security headers could be improved. Privacy compliance is basic with a cookie consent mechanism but no explicit privacy or terms of service pages found. Overall, the website is professional and trustworthy, suitable for its governmental role.

V

Filmski ured Varaždin | Otkrijte Varaždin kao idealnu filmsku destinaciju

varazdinfilmcommission.eu

0

The website www.varazdinfilmcommission.eu represents the Filmski ured Varaždin, a regional film commission promoting Varaždin, Croatia as an ideal destination for film production. The site provides information about film location services and production support, targeting filmmakers and production companies. Technically, the site is built on WordPress using the Divi theme, with plugins for accessibility and email encoding, and includes a cookie consent mechanism. However, the site lacks visible privacy and terms of service policies, and no explicit contact information is provided, which limits user trust and compliance transparency. Security posture is moderate with HTTPS likely enabled but no detected security headers or advanced protections. Overall, the site is functional and professional but could improve in privacy, security, and contact transparency to enhance trust and compliance.

I

Istarski filmski ured

istriafilmcommission.com

0

Istarski filmski ured is a regional film commission established in 2015 under the Istarska kulturna agencija (IKA) to promote and facilitate audiovisual production in the Istria region of Croatia. The website serves as an informational and promotional platform targeting filmmakers and producers, offering services such as location scouting, permit facilitation, and liaison with public and private entities. Technically, the site is built on WordPress using the Divi theme and several plugins for multilingual support, SEO, accessibility, and cookie compliance. The security posture is adequate with HTTPS enabled and some security best practices observed, though there is room for improvement in security headers and incident response visibility. Privacy compliance is partial, with a cookie consent mechanism present but no clear privacy policy or terms of service. The absence of WHOIS data for the domain is a notable concern, impacting trust and legitimacy assessment. Overall, the site is professional, content-rich, and serves its business purpose well, but could enhance transparency and security practices.

H

Hrvatsko društvo sudskih vještaka i procjenitelja

sudski-vjestaci.hr

0

Hrvatsko društvo sudskih vještaka i procjenitelja (HDSVIP) is a Croatian non-profit professional association dedicated to the advancement of court experts and appraisers. Established in 2004, it serves as a voluntary, non-governmental, and non-partisan organization focused on improving the role and institution of court experts within the judiciary and related institutions. The association is a recognized member of international bodies such as EuroExpert, HUM, and TEGoVA, enhancing its credibility and network. The website provides information about the association's initiatives, news, events, and resources for members and the public. Technically, the website is built using standard HTML5, CSS, and JavaScript with jQuery 1.8.3. It is hosted behind Cloudflare DNS services, suggesting HTTPS usage, although explicit security headers are not visible in the provided data. The site has a moderate performance profile with basic mobile optimization and accessibility features. Navigation is clear and content is professionally presented, targeting professionals in the judiciary and appraisal sectors primarily in Croatia. From a security perspective, the site shows some good practices such as using Cloudflare and secure form submission for member login. However, the use of an outdated jQuery version and absence of visible security headers indicate potential vulnerabilities. There is no visible privacy or cookie policy, which is a compliance gap under GDPR. No incident response or vulnerability disclosure information is provided, limiting transparency in security management. Overall, the website is trustworthy and professional but would benefit from updates to its security posture and privacy compliance. Strategic improvements in these areas would enhance user trust and regulatory adherence.

Z

ZB Invest

zbi.hr

0

ZB Invest is a Croatian financial investment company specializing in investment funds and related services. The website provides fund pricing, yield data, calculators, and contact options primarily targeting Croatian investors. The domain is well-established since 2000 and hosted with professional infrastructure including Akamai CDN services. The website uses standard JavaScript libraries for UI and data visualization but lacks modern CMS or frameworks. Security posture is basic with no visible security headers or privacy policies, and no contact information is explicitly provided in the analyzed content. Overall, the site is functional but could improve in privacy compliance and security best practices.

Z

Zagreb nekretnine d.o.o.

zane.hr

0

Zane nekretnine is a well-established Croatian real estate company operating since 1998, offering a comprehensive range of services including property brokerage, valuation, consulting, and market analysis. The company targets a general audience seeking real estate services in Croatia and maintains a professional online presence with a clear and consistent brand. The website is hosted on Akamai infrastructure, uses modern JavaScript libraries for UI components, and implements a cookie consent mechanism compliant with GDPR requirements. Security posture is solid with HTTPS enforced and CSRF protection in forms, though there is room for improvement in security headers and explicit security policies. Overall, the website is accessible, professional, and trustworthy, reflecting the company's long-standing market position.

G

Games Croatia

gamescroatia.com

0

Games Croatia is an official project website dedicated to promoting the gaming industry and innovation within Croatia. The site serves as a hub for information about the project, its partners, public funding opportunities, and activities related to the Croatian games sector. The website targets game developers, industry stakeholders, and governmental bodies interested in fostering growth and collaboration in the gaming ecosystem. The business model appears to be informational and collaborative, supported by public or governmental funding, positioning itself as a niche regional initiative with a focus on technology and innovation. Technically, the website is built on the Squarespace platform, leveraging modern web technologies such as HTTPS with HSTS, Google reCAPTCHA for form security, and Google Fonts for typography. The site demonstrates good mobile optimization and a professional design, although some accessibility features could be enhanced. SEO practices are adequately implemented with proper meta tags and structured data. From a security perspective, the website enforces HTTPS and HSTS, uses reCAPTCHA to protect forms, and does not expose sensitive data or vulnerable libraries. However, privacy compliance could be improved by implementing a cookie consent mechanism and publishing explicit security and incident response policies. The absence of WHOIS data for the domain raises concerns about domain registration transparency, although the website content and partner affiliations suggest legitimacy. Overall, the site presents a professional and trustworthy front for the Games Croatia project but would benefit from enhanced privacy compliance and clearer domain registration information to strengthen trust and regulatory adherence.

H

HAVC

filmingincroatia.hr

0

Filming in Croatia is an official film commission program managed by HAVC, promoting Croatia as a prime filming destination with attractive incentive programs and a network of regional film offices. The website serves as a comprehensive resource for film producers and industry professionals, offering detailed information on incentives, locations, crews, and services. The site is well-positioned in the media sector, supported by government affiliation and international memberships, enhancing its credibility and market presence. Technically, the website is built on WordPress with modern SEO and tracking tools, hosted via a reputable registrar and DNS infrastructure. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements in security headers and incident response documentation are recommended. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism. Overall, the site demonstrates a professional, trustworthy, and user-friendly digital presence suitable for its target audience.

D

Desk Kreativne Europe – Ured MEDIA Hrvatske

mediadesk.hr

0

Desk Kreativne Europe – Ured MEDIA Hrvatske is the official Croatian office supporting the Creative Europe MEDIA sub-programme. It serves Croatian audiovisual creators, film and TV professionals, and video game authors by providing information, organizing workshops, and facilitating access to EU funding opportunities. The website reflects a well-established entity with over 15 years of operation, consistent with its domain age and WHOIS data. The business model is non-profit and government-supported, focusing on cultural and media sector development within Croatia and the EU framework. The target audience includes professionals and organizations in the audiovisual and cultural sectors seeking EU MEDIA programme support. Technically, the website is built on the Webflow CMS platform, utilizing modern web technologies such as jQuery, Google reCAPTCHA, Google Tag Manager, and Plausible Analytics. Hosting and DNS are managed via Cloudflare, ensuring reliable performance and security. The site is mobile-optimized, accessible, and SEO-friendly, with bilingual content in Croatian and English. The presence of accessibility features and cookie consent mechanisms indicates a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms from abuse. However, explicit security headers are not detected in the HTML content, suggesting room for improvement. No vulnerabilities or exposed sensitive data were found. Privacy compliance is supported by visible privacy and cookie policies, with GDPR considerations addressed. Contact information is clearly provided, enhancing trust and transparency. Overall, the website presents a low-risk profile with a strong business credibility and good technical implementation. It effectively serves its niche audience with relevant content and services. Strategic recommendations include enhancing security headers, formalizing incident response policies, and maintaining up-to-date third-party components to sustain security and compliance standards.

P

PRIMALAB d.o.o.

primalab.hr

0

PRIMALAB d.o.o. is a Croatian company specializing in providing comprehensive laboratory and process analytical equipment solutions, including sales, service, calibration, validation, and expert consulting. Established in 2010, the company serves primarily B2B clients in laboratory and industrial process sectors, offering a broad portfolio of reputable brands. The website reflects a mature digital presence built on the DotNetNuke CMS platform, with modern JavaScript libraries and integration of analytics and marketing tools such as Google Analytics and Mailchimp. The site is well-structured, mobile-optimized, and compliant with GDPR and cookie regulations, providing clear contact information and social media links. Security posture is good with HTTPS and Cloudflare DNS, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and the WHOIS data aligns well with the business claims, indicating a trustworthy domain.

V

Vox Communications

vox-communications.com

0

Vox Communications is a Croatian media and entertainment company specializing in cinema, TV, and digital advertising services, including event hosting and special projects. The company targets advertisers seeking to leverage CineStar cinema networks and related digital platforms. The website is professionally designed, multilingual, and optimized for SEO, reflecting a medium-sized enterprise with a consistent brand presence. Technically, the site runs on WordPress with modern libraries and Google Tag Manager integration, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enabled but lacks some security headers and cookie consent mechanisms, representing areas for improvement. The absence of WHOIS data is a concern but does not detract significantly from the overall legitimacy given the professional web presence and business information. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing a vulnerability disclosure policy to strengthen trust and compliance.

A

Arena Park

arenapark.hr

0

Arena Park is a medium-sized retail shopping center located in Croatia, owned by the parent company NEPI Rockcastle. The website serves as a digital portal for customers to explore stores, promotions, and services offered at the mall. It targets a general audience interested in shopping and leisure activities. The site is built on WordPress with a modern tech stack including Bootstrap and jQuery, optimized for mobile and SEO. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though some advanced security headers and policies could be added. Privacy compliance is strong, with clear GDPR cookie management and privacy policies. Overall, the website is professional, trustworthy, and well-maintained, supporting the business's market position as a regional retail hub.

I

Institut za vode Josip Juraj Strossmayer

institutjjs.hr

0

Institut za vode Josip Juraj Strossmayer is a Croatian government-established institute specializing in water quality testing, environmental monitoring, and scientific research. Founded in 2021 by the Croatian government, it serves as a national authority in water science and innovation, providing key services including water and air quality monitoring, public reporting, and educational programs. The website reflects a professional government entity with consistent branding and a clear focus on environmental stewardship. Technically, the site is built on WordPress with modern plugins for SEO, multilingual support, and user management, hosted under a reputable Croatian registrar with Azure DNS services. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit privacy and security policies are not found, indicating room for compliance improvement. Overall, the site is trustworthy, well-structured, and serves its public sector mission effectively.

I

International Sava River Basin Commission

savacommission.org

0

The International Sava River Basin Commission operates as an intergovernmental organization dedicated to the sustainable management and development of the Sava River Basin. It provides a platform for cooperation among basin countries focusing on water management, navigation, flood protection, sediment management, and environmental preservation. The website reflects a professional and authoritative presence with comprehensive content and official documentation supporting its mandate. Technically, the website employs a modern technology stack including jQuery, Bootstrap, and Slick Carousel, with integration of Google Analytics and Tag Manager for user tracking. The site is mobile optimized and exhibits good performance and SEO practices. However, there is room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS and secure login forms but lacks important security headers and published security policies such as privacy, cookie, and incident response information. The absence of WHOIS data reduces domain trust verification, though the website content and contact details support legitimacy. Overall, the security posture is moderate with recommendations to enhance compliance and transparency. The overall risk assessment is low to moderate, with strategic recommendations focusing on publishing privacy and cookie policies, implementing security headers, adding vulnerability disclosure mechanisms, and improving WHOIS transparency to strengthen trust and compliance.

H

Hrvatski audiovizualni centar

havc.hr

0

The Hrvatski audiovizualni centar (HAVC) is a Croatian public institution dedicated to supporting and promoting the audiovisual sector, including film production and cultural initiatives. The website serves as an authoritative portal providing news, event calendars, film catalogs, and official publications relevant to the Croatian and international film community. It targets industry professionals, cultural stakeholders, and the general public interested in audiovisual culture. The business model is primarily public funding and cultural promotion, positioning HAVC as a key national player in the media sector. Technically, the website employs a modern JavaScript-based frontend with libraries such as jQuery, Nivo Slider, and Google Fonts, alongside integrations with Google Maps API, Facebook Pixel, and Google Analytics for tracking and user engagement. The site is mobile-optimized and accessible, with features to adjust contrast and font size, enhancing usability. Hosting and domain registration are consistent with a Croatian academic network registrar, indicating a stable and legitimate infrastructure. From a security perspective, the site uses HTTPS and includes tracking scripts responsibly. However, it lacks visible security headers and does not publish a security policy or incident response contacts, which are areas for improvement. Privacy compliance is partial; while a cookie banner is present, it lacks explicit consent mechanisms, and no privacy policy or terms of service are directly linked or found on the homepage. The absence of vulnerability disclosure mechanisms also suggests room for maturity in security practices. Overall, HAVC's website is professional, content-rich, and trustworthy, with a strong business credibility score. The main risks relate to privacy compliance and security best practices, which if addressed, would enhance user trust and regulatory adherence. Strategic recommendations include publishing comprehensive privacy and security policies, implementing security headers, and improving cookie consent mechanisms.

H

Hrvatske vode

voda.hr

0

Hrvatske vode is the official Croatian government agency responsible for managing water resources, flood protection, and related environmental projects. The website serves as a comprehensive portal providing information, public notices, project details, and access to e-services primarily targeting Croatian citizens, government bodies, and professionals in water management. The agency is well-established with a domain registered since 2011 and operates transparently with clear contact information and public tenders. Technically, the site is built on Drupal 10, uses modern web technologies, and integrates Google Analytics with privacy-conscious configurations. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

Vodovod Povljana d.o.o. is a small Croatian utility company specializing in public water supply, sewage management, and water infrastructure operations primarily serving the Povljana region. The company operates under the parent entity VODOVOD HRVATSKO PRIMORJE d.o.o. and maintains a local market presence with key partnerships including local government and national water authorities. The website reflects a focused business model targeting local residents and businesses requiring essential water services. Technically, the website is built on an older WordPress platform (version 3.5.2) with legacy jQuery libraries, hosted by InMotion Hosting. While the site is mobile responsive and has a clear navigation structure, it lacks modern security headers and uses outdated software components, which may expose it to vulnerabilities. The site uses HTTPS but does not implement advanced security or privacy compliance features such as cookie consent or privacy policies. From a security perspective, the site shows basic HTTPS usage but lacks critical security headers and uses outdated software versions, increasing risk exposure. No privacy or cookie policies are present, and no incident response or vulnerability disclosure information is provided. Contact information is available but limited to phone and physical address, with no email or social media presence detected. Overall, the website is functional and professionally presented but requires urgent updates to its CMS and security posture to mitigate risks. The absence of privacy and cookie policies also indicates compliance gaps with GDPR and related regulations. Strategic improvements in security, privacy compliance, and technical modernization are recommended to enhance trust and operational resilience.

VRELO d.o.o. is a public utility company providing water supply and sewage services on the island of Rab, Croatia. The company operates under the ownership of the City of Rab and has a long-standing history dating back to 1961. Their website serves as an informational portal for residents and businesses, offering updates on water supply interruptions, infrastructure projects, and service information. The business model is focused on municipal service provision with a clear local market position and essential public service role. Technically, the website uses legacy JavaScript libraries such as jQuery 1.10.1 and plugins like Fancybox and bxSlider. The site is moderately optimized for performance and mobile use but lacks modern frameworks or CMS identification. SEO and accessibility are basic but functional. Hosting details are not explicit but the domain is registered with CARNET, a Croatian academic network registrar, consistent with the local business. From a security perspective, the site lacks visible security headers and uses outdated JavaScript libraries that may expose it to vulnerabilities. However, it implements a cookie consent mechanism compliant with GDPR and does not expose sensitive data in the HTML. No incident response or security policy information is provided. The WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, the website is trustworthy and professional but would benefit from technical modernization and enhanced security practices. The risk level is moderate due to outdated libraries and missing security headers, but no critical vulnerabilities or malicious indicators were found.

S

swissporTON

swissporton.hr

0

swissporTON is a newly launched premium brand specializing in ceramic roof tiles, combining Swiss quality with durable design. The company targets investors, roofers, architects, and distributors primarily in Croatia and surrounding regions. Their product portfolio includes over 200 variations of ceramic tiles, thermal insulation, and roof drainage systems, supported by expert services and visualization tools. The website reflects a strong market position with a focus on quality and customer support. Technically, the website is modern, fast, and mobile-optimized, leveraging Cloudflare for hosting and CDN, and integrating advanced tracking and analytics tools such as Google Tag Manager, Facebook Pixel, and Hotjar. Security posture is robust with HTTPS enforced and appropriate security headers, though explicit security and incident response policies are not publicly available. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, swissporTON presents a professional and trustworthy digital presence aligned with its business goals.

D

Državna škola za javnu upravu

dsju.hr

0

Državna škola za javnu upravu is a Croatian government educational institution specializing in public administration training and development. The website serves as an official portal offering information about their programs, services, international cooperation, and contact details. It targets public sector professionals and government employees seeking training and capacity building. The institution holds a stable market position as the national public administration school, founded in 2011, with a medium organizational size. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. It integrates Google Tag Manager and OneSignal for analytics and notifications, and complies with GDPR through cookie consent mechanisms. The site is mobile-optimized and provides a good user experience with clear navigation and search functionalities. From a security perspective, the site uses HTTPS with good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policy pages and incident response contacts, which are recommended for enhanced transparency and readiness. The WHOIS data confirms domain legitimacy and consistent government affiliation, reinforcing trust. Overall, the website presents a professional, secure, and compliant digital presence suitable for its government educational role. Strategic improvements in security policy disclosure and accessibility could further strengthen its posture.

H

HD Televizija – HDTV eZine – Osnove, vijesti, upute i testovi televizora

hdtelevizija.com

0

HD Televizija is a Croatian niche media website specializing in HDTV technology, television reviews, buying guides, and calibration tutorials. Established in 2007, it serves a dedicated audience of consumers and enthusiasts interested in high-definition television technology and related equipment. The site operates primarily in Croatian with an English section, monetizing through advertising and affiliate marketing. Technically, the website is built on WordPress using the Jannah theme, leveraging common web technologies such as jQuery and Google Fonts. It employs Google Analytics and Adsense for tracking and monetization. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks published privacy and cookie policies, security policies, and vulnerability disclosures, which are compliance and trust gaps. Overall, the site is professional and content-rich but would benefit from enhanced privacy compliance and security transparency.

H

HŽ Infrastruktura d.o.o.

hzinfra.hr

0

HŽ Infrastruktura d.o.o. is a Croatian state-owned enterprise responsible for organizing, regulating, maintaining, and constructing railway infrastructure, which is a public good. The website serves as an informational portal primarily targeting Croatian railway users and stakeholders. Technically, the site is built on WordPress using the Divi theme, incorporating standard web technologies such as jQuery and Google Fonts. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS presumably enabled but lacking visible security headers and explicit security policies. Privacy compliance is limited, with no privacy or terms of service pages detected, though a cookie consent mechanism is present. Overall, the domain registration data aligns well with the business entity, supporting legitimacy. Strategic improvements in privacy transparency, security headers, and contact information visibility are recommended to enhance trust and compliance.

C

City Mix&Match

citymixandmatch.hr

0

City Mix&Match is a Croatian fashion, beauty, and lifestyle content platform providing trend reports and lifestyle articles primarily targeting a general audience interested in contemporary fashion and lifestyle trends. The website operates under the parent company City Center One, a known retail entity, and maintains a consistent brand presence with a focus on regional content. Technically, the site is built on WordPress with modern JavaScript libraries and includes GDPR-compliant consent management. The site demonstrates good mobile optimization and SEO practices, though some security headers are missing. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks explicit security policies or incident response contacts. Overall, the site is legitimate, professionally maintained, and suitable for its audience.

C

Consent

consent.hr

0

Consent.hr is a Croatian-based consultancy specializing in GDPR and data privacy compliance services. The company offers a comprehensive suite of services including full GDPR adaptation, data protection impact assessments, external data protection officer roles, consent management, contract regulation with third parties, and privacy by design consulting. The website positions Consent as a niche player focused on fostering a culture of privacy among businesses and organizations in Croatia. The content is professionally presented with a clear focus on GDPR compliance and education, supported by a regularly updated blog authored by experts.

V

Vodovod i kanalizacija d.o.o. Ogulin

vodovod-ogulin.hr

0

Vodovod i kanalizacija d.o.o. Ogulin is a local public utility company providing potable water supply and sewage services to the Ogulin region in Croatia. The company emphasizes quality water provision, environmental protection, and customer satisfaction. The website serves as an information portal for consumers, offering news, service information, and contact options. The business operates in the energy sector with a small company size and targets local residents and water consumers. Technically, the website is built on WordPress using common plugins and libraries such as jQuery, Bootstrap, and Google reCAPTCHA. It features accessibility tools and is mobile optimized, providing a good user experience. However, the site lacks some advanced SEO and security configurations, such as security headers and detailed privacy policies. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. Google reCAPTCHA is used to protect forms from abuse. However, there is no published security or incident response policy, and the domain registration uses privacy protection, which reduces transparency. No critical vulnerabilities or malicious content were detected. Overall, the website is functional, professional, and trustworthy for its purpose but would benefit from enhanced privacy disclosures, security headers, and transparency in domain registration to improve trust and compliance.

J

Joker

joker.hr

0

Joker.hr is the official website of Joker, a retail shopping center located in the heart of Split, Croatia. The site offers comprehensive information about the shopping center's stores, restaurants, entertainment options, and services such as parking and fitness. The business targets local shoppers and visitors seeking a diverse retail and leisure experience. The website is well-structured, professionally designed, and optimized for mobile devices, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and tracking tools, including Google Tag Manager and Mailchimp integration. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit policies are missing. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Overall, the domain registration aligns with the business claims, supporting legitimacy and trustworthiness.

The website rosesdesigneroutlet.hr is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks direct access to content. This prevents extraction of business, contact, or policy information. The domain is registered in Croatia since 2015 with a reputable registrar, indicating a legitimate registration. However, the lack of accessible content limits the ability to assess the company's market position, services, or compliance posture. Technically, the site uses Cloudflare's security services, but no further technology or CMS details are available. Security posture cannot be fully evaluated due to blocked content, but the presence of Cloudflare WAF indicates some level of protection. Overall, the site scores low on AI evaluation due to inaccessibility, with recommendations to allow content access for full analysis.

A

Avenue Mall

avenuemall.hr

0

Avenue Mall is a well-established retail shopping center located in Zagreb, Croatia, offering a wide range of retail stores, food and beverage outlets, and entertainment options. The website reflects a medium-sized business with a strong local market presence and a focus on customer engagement through promotions, events, and a loyalty program. Technically, the site employs modern web technologies including jQuery UI, Slick Slider, and integrates marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Hotjar, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in security headers and incident response transparency. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the website is professional, user-friendly, and trustworthy, supporting the business's retail and hospitality operations effectively.

K

KING CROSS

king-cross.hr

0

KING CROSS is a retail shopping center website based in Croatia, offering a variety of products related to sports, home, family, and leisure. The website targets a general audience looking for convenient and affordable shopping options. The site is built on WordPress CMS with SEO optimizations via Yoast and uses modern UI components such as Swiper.js. The technical infrastructure appears moderate in performance and mobile optimization, with HTTPS enabled ensuring basic transport security. However, the absence of visible security headers and explicit privacy and cookie policies indicates room for improvement in security and compliance. No contact information or incident response details are publicly available, which may affect user trust and compliance with GDPR transparency requirements. Overall, the website is functional and professional but would benefit from enhanced security and privacy practices.

A

Arena Center Zagreb d.o.o.

arenacentar.hr

0

Arena Centar is a well-established large retail shopping center located in Croatia, operated by Arena Center Zagreb d.o.o. and owned by the parent company NEPI Rockcastle. The website provides comprehensive information about the shopping center's services, including retail stores, dining, entertainment, parking, and customer engagement via a mobile app and gift cards. The site targets a broad audience including local residents, families, and visitors seeking shopping and leisure experiences. Technically, the website is built on modern frameworks such as Next.js and React, with integrations for analytics and marketing tools like Google Tag Manager, Facebook Pixel, and TikTok Pixel. Hosting and DNS are managed by reputable providers, ensuring stable performance and security. Security posture is good with HTTPS enforced and consent mechanisms for cookies, though explicit security policies and incident response details are not publicly available. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, providing a positive user experience and strong business credibility.

C

City Center One

citycenterone.hr

0

City Center One operates as a major retail shopping center brand in Croatia, with locations in Zagreb and Split. The website presents a professional and well-structured digital presence, highlighting over 450 international and domestic stores. The business model focuses on retail space leasing, advertising, and shopping center management, targeting general consumers in Croatia. The domain age and WHOIS data align well with the business claims, supporting legitimacy. Technically, the site uses WordPress with common JavaScript libraries and a consent management platform to ensure GDPR compliance. Security posture is solid with HTTPS and no visible vulnerabilities, though additional security headers and explicit security policies could enhance trust. Privacy and cookie policies are present and comprehensive, supporting regulatory compliance. Overall, the website is a trustworthy and professional representation of a large retail business in Croatia.

G

Gransy d.o.o.

jeftinije.hr

0

Jeftinije.hr is a Croatian price comparison website operated by Gransy d.o.o., established in 2016. The platform offers comprehensive online price comparisons, shopping guides, and product reviews targeted at Croatian consumers seeking the best deals. It holds a strong market position as a leading price comparison portal in Croatia, leveraging partnerships with regional sites across Central and Eastern Europe. Technically, the website employs modern JavaScript libraries, Cloudflare DNS, and integrates Google Tag Manager and DoubleClick for advertising and analytics. The site is mobile-optimized with good SEO practices but lacks explicit privacy and terms of service documentation in the accessible content. Security posture is adequate with HTTPS and cookie consent mechanisms, though security headers and incident response information are missing. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency.

K

Katalozi.net / Svi katalozi na jednom mjestu

katalozi.net

0

Katalozi.net is a Croatian retail catalog aggregation website established in 2012, providing users with access to various promotional catalogs and offers from multiple retailers. The site leverages WordPress CMS with Yoast SEO for content management and optimization, and monetizes through Google Adsense advertising. The technical infrastructure includes Cloudflare DNS and hosting via GoDaddy.com, LLC. The website is well-structured with good navigation and content relevance, targeting general retail consumers in Croatia and neighboring regions. Security posture is moderate with HTTPS enabled and domain registration locks, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. No direct contact or incident response information is provided, limiting transparency. Overall, the site is functional and trustworthy for its business purpose but requires improvements in privacy and security disclosures.

Gorivo.com operates as a regional ride-sharing platform primarily serving Croatia and neighboring countries. It facilitates peer-to-peer transportation by allowing users to offer and request rides, focusing on routes within Croatia and nearby European nations. The platform has been active since 2003, indicating a mature presence in its niche market. The website's business model centers on connecting drivers and passengers, providing a cost-effective and community-driven transportation alternative. Its market position is niche but stable, targeting individuals seeking carpooling options in the region. Technically, the website is built on ASP.NET WebForms with supporting libraries such as jQuery and Bootstrap, reflecting a legacy but functional technology stack. The site includes standard web fonts, UI components, and Google Adsense for monetization. Performance and mobile optimization are basic, with room for modernization. The site employs cookie consent mechanisms and basic privacy compliance features, though lacks advanced SEO and accessibility optimizations. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but lacks advanced security headers and DNSSEC. No explicit security or incident response policies are published, which could be a gap in compliance and trust. Advertising practices involve multiple ad networks and tracking vendors, indicating moderate user tracking. The overall security posture is average, with recommendations to enhance headers, enable DNSSEC, and publish security policies. Overall, Gorivo.com presents a functional but basic digital presence with moderate trustworthiness and compliance. Strategic improvements in security, privacy transparency, and technical modernization would enhance its risk profile and user confidence.

H

Vozni red vlakova | Udaljenosti.com

hznet.hr

0

Udaljenosti.com is a Croatian travel information website specializing in train schedules and travel planning for Croatian Railways. It targets travelers and commuters in Croatia, providing distance calculations and schedule lookups. The site operates primarily on an advertising revenue model and has been active since at least 2012. Technically, it uses a mix of legacy and modern web technologies including Google Fonts, Leaflet maps, Google Maps API, and Google Analytics. The site implements a cookie consent mechanism and integrates multiple advertising and tracking services. Security posture is moderate but could be improved by updating outdated libraries and adding security headers. WHOIS data is unavailable, which raises some concerns about domain legitimacy despite the active and functional website. Overall, the site is functional and provides relevant content but should address security and legitimacy concerns for improved trust.