Security Directory

I

IAB

iab-croatia.com

0

IAB Croatia is a professional industry association focused on leading and scaling the digital economy in Croatia. As part of the global Interactive Advertising Bureau network, it provides a platform for digital innovation, standard setting, and growth opportunities in the Croatian digital market. The website reflects a medium-sized organization with a clear focus on digital media, marketing, and technology sectors, targeting digital professionals and businesses in Croatia. The content is well-structured, regularly updated with news, events, and member information, demonstrating active engagement with its audience. Technically, the site is built on WordPress with modern libraries such as GSAP for animations and uses Cloudflare DNS services, indicating a mature digital infrastructure. Security posture is good with HTTPS and anti-spam measures, though improvements are recommended in DNSSEC and security headers. Privacy compliance is lacking as no privacy or cookie policies are found, which is a notable gap. Overall, the site is professional and trustworthy but should enhance privacy and security transparency to meet best practices.

S

Studenac d.o.o.

studenac.hr

0

Studenac d.o.o. is a leading Croatian retail chain specializing in food and household products, operating over 1000 stores nationwide. Founded in 1991 and headquartered in Omiš, Croatia, it is owned by the Polish Enterprise Fund VIII since 2018. The company offers a broad range of services including weekly promotions, mobile app-based coupons, and additional services such as package pickup and delivery via third-party platforms. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site employs modern JavaScript libraries and asynchronous loading techniques, ensuring good performance and mobile responsiveness. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response information are absent. Overall, the site is trustworthy, professionally maintained, and compliant with GDPR regulations.

S

Sport Vision

sportvision.hr

0

Sport Vision is a leading Croatian retail chain specializing in sports equipment and apparel, featuring over 500 stores across 13 countries. The website serves as a comprehensive e-commerce platform offering products from major brands such as Nike, adidas, Champion, and Reebok. The business model combines online sales with physical retail presence, targeting sports enthusiasts and general consumers in Croatia and the surrounding region. The company demonstrates a strong market position with a loyalty program and multiple customer service channels. Technically, the website is built on the NBSHOP 7 CMS platform, utilizing modern web technologies including Bootstrap 4, Google Tag Manager, and Usercentrics for cookie consent. The site is mobile-optimized and SEO-friendly, with moderate performance and basic accessibility features. Security posture is good with HTTPS enforced and some security best practices observed, though additional security headers and published security policies would enhance trust. No critical vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and compliant with basic privacy and cookie regulations.

I

INA, d.d.

ina.hr

0

INA, d.d. is a leading Croatian integrated energy company specializing in oil and gas exploration, production, refining, marketing, and retail. The company maintains a strong market position in Croatia and the region, offering a broad range of petroleum products and customer services. The website reflects a mature digital presence with comprehensive corporate information, targeting customers, investors, and partners. Technically, the site is built on WordPress with modern SEO and analytics tools, providing good performance and mobile optimization. Security posture is strong with HTTPS enforcement, ISO 27001 certification, and cookie consent mechanisms, although public vulnerability disclosure and incident response contacts are not explicitly provided. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR.

Z

Zagrebačka pivovara d.o.o.

ozujsko.com

0

Ožujsko.com is the official website for the Ožujsko beer brand, a leading Croatian beer produced by Zagrebačka pivovara, a subsidiary of Molson Coors. The site provides detailed information about the beer, its production process, packaging, social events, and promotes responsible drinking. It targets adult consumers in Croatia and surrounding regions, emphasizing legal compliance and age verification. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience.

S

Star

starchannel-hr.com

0

The website www.starchannel-hr.com serves as the official online presence for the STAR Channel TV channel in Croatia, providing visitors with TV schedules, video content, episode guides, and operator availability information. The site targets Croatian TV viewers interested in STAR Channel programming and operates primarily as a media broadcasting and content distribution platform. Technically, the site employs modern web technologies including HTML5, CSS3, JavaScript, Google Tag Manager, and OneTrust for cookie consent, indicating a moderate level of digital maturity. Mobile optimization and SEO practices are adequately implemented, contributing to a good user experience. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Security posture is moderate with HTTPS implied but lacking explicit security headers and detailed privacy or terms of service documentation. No contact or incident response information is provided, limiting transparency and trust. Overall, the site is functional and content-rich but would benefit from enhanced security practices, clearer compliance documentation, and verified domain registration to improve trustworthiness and compliance.

Costa Coffee's Croatian website serves as a localized digital presence for the internationally recognized coffeehouse brand. The site primarily focuses on showcasing coffee products and brand information tailored to the Croatian market. The business operates within the retail sector, targeting general consumers and coffee enthusiasts. The website reflects a consistent brand identity aligned with Costa Coffee's global image and is supported by The Coca-Cola Company as its parent entity. Technically, the website leverages modern web technologies including React and Gatsby, supported by Akamai CDN for optimized performance. The site is mobile-optimized and employs standard security best practices such as HTTPS enforcement and security headers. Cookie consent is managed through OneTrust, indicating a basic level of privacy compliance. From a security perspective, the site demonstrates a solid posture with no detected vulnerabilities or exposed sensitive data. However, the absence of explicit privacy policy, terms of service, and incident response contact details suggests areas for improvement in compliance and transparency. The WHOIS data confirms the domain's legitimacy and consistency with the brand's regional presence. Overall, the website is professional, secure, and trustworthy, but would benefit from enhanced privacy and security disclosures to meet higher compliance standards.

S

Smart Water d.o.o.

smartwater.hr

0

Smart Water d.o.o. is a Croatian company specializing in products and services for water supply companies, construction firms, and design houses. The company represents renowned manufacturers of water supply equipment, positioning itself as a niche B2B provider in the energy sector focused on water management. The website is professionally designed using WordPress with the Divi theme and optimized for SEO with Yoast. It offers content primarily in Croatian with an English alternative, targeting regional business clients. The technical infrastructure is modern and mobile-optimized, though performance is moderate. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is minimal, with no visible privacy or cookie policies or consent mechanisms. Contact information is not explicitly found in the provided content, which may impact user trust and compliance. Overall, the website reflects a legitimate small business with room for improvement in security and privacy transparency.

K

Kaufland

kaufland.hr

0

Kaufland.hr is the Croatian online presence of Kaufland, a large retail supermarket chain operating in Croatia since at least 2000. The website offers weekly promotions, recipes, and product information targeting general consumers in Croatia. The site is professionally designed with consistent branding and good user experience, optimized for mobile devices. Technically, the site uses modern marketing and analytics tools such as Google Tag Manager and Adobe Launch, and is likely built on Adobe Experience Manager. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks explicit security policies and vulnerability disclosure information. WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, the site is trustworthy and professional but could improve privacy compliance and security transparency.

A

A1 Hrvatska

a1.hr

0

A1 Hrvatska is a leading telecommunications provider in Croatia offering a comprehensive range of services including mobile phones, mobile tariffs, internet, and television. The website reflects a mature digital presence with consistent branding and a focus on consumer telecommunications services. The technical infrastructure is built on the Liferay CMS platform and integrates multiple modern analytics and marketing tools such as Google Analytics, Microsoft Clarity, Visual Website Optimizer, and Exponea, indicating a sophisticated approach to user engagement and data-driven marketing. Security posture is strong with HTTPS enforced and use of security tokens and reCAPTCHA, although explicit security policies and vulnerability disclosures are not published on the homepage. Privacy compliance is moderate due to the absence of clearly accessible privacy and cookie policies, though a cookie consent mechanism is implemented. Overall, the website is professional, trustworthy, and safe for general audiences.

M

Maistra d.d.

maistra.com

0

Maistra d.d. is a leading Croatian hospitality company operating a portfolio of hotels, resorts, and campsites primarily in Rovinj, Vrsar, Dubrovnik, and Zagreb. The company is part of the Adris Group and targets tourists seeking premium accommodation and unique experiences in Croatia. The website offers comprehensive booking services, loyalty programs, and curated travel experiences, positioning Maistra as a prominent player in the Croatian tourism market. Technically, the website is built using modern frameworks such as Hugo and Vue.js, with integrations for analytics and error monitoring, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and security headers, although public security policies and incident response contacts are not disclosed. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS data is a notable anomaly but does not significantly detract from the overall legitimacy given the professional presentation and external trust signals. Overall, Maistra's website demonstrates a high level of professionalism, technical sophistication, and user experience suitable for a large hospitality enterprise.

R

Republic of Croatia Government

gov.hr

0

The website gov.hr serves as the official portal for the Government of the Republic of Croatia, providing citizens with access to information and a variety of e-government services. It is positioned as the primary digital gateway for Croatian residents to interact with government services, including profile management and official communications. The portal targets Croatian citizens and residents, offering a centralized platform for public service delivery. Technically, the site employs a modern technology stack including jQuery, Google Analytics, Google Tag Manager, and Google reCAPTCHA Enterprise, indicating a mature digital infrastructure. Accessibility is a strong focus, with features tailored for vision impaired and dyslexic users, and the site is mobile optimized with good SEO practices. From a security perspective, the site enforces HTTPS and integrates security measures such as reCAPTCHA. However, there is room for improvement in implementing security headers and publishing explicit security policies or vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious content were detected. Overall, the site demonstrates a high level of trustworthiness and professionalism consistent with a government entity. Strategic recommendations include enhancing security header implementation, publishing privacy and security policies, and maintaining regular security audits to uphold compliance and user trust.

4

404 d.o.o.

somoborac.com

0

SoMo Borac is a well-established digital media event and conference organized by 404 d.o.o., focusing on digital awards and industry trends in the Croatian and regional market. The website presents a professional and consistent brand image, targeting digital professionals and stakeholders. The technical infrastructure is based on WordPress with modern front-end libraries and analytics tools, supporting multilingual content and good mobile responsiveness. Security posture is adequate with HTTPS and domain transfer protections, though improvements in DNSSEC and security headers are recommended. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy, but terms of service and security policies are absent. Overall, the site is trustworthy and professionally maintained, with strong industry partnerships and media presence.

A

Alma Career Croatia d.o.o.

moj-posao.net

0

MojPosao.hr is a leading Croatian job portal operated by Alma Career Croatia d.o.o., offering a comprehensive platform for job seekers and employers. The website provides extensive job listings, employer profiles, salary calculators, and career advice, positioning itself as a key player in the Croatian employment market. The site is part of the larger Alma Career group, which operates multiple regional job portals, enhancing its market reach and credibility. Technically, the website leverages modern frameworks such as Vue.js and Nuxt.js, ensuring a responsive and user-friendly experience across devices. Integration with Google Tag Manager and Facebook SDK supports marketing and analytics efforts, while a cookie consent manager ensures compliance with privacy regulations. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response contacts are not publicly detailed. Overall, MojPosao.hr demonstrates a mature digital presence with good privacy compliance and business transparency, making it a trustworthy platform for employment services in Croatia.

D

Dani Komunikacija

danikomunikacija.com

0

Dani Komunikacija is a well-established marketing and communication festival based in Croatia, recognized internationally for its innovative approach and high-quality organization. The website reflects a mature business with a strong partnership and sponsorship ecosystem including government bodies and major corporations. The event targets marketing professionals and industry leaders, offering a platform for networking, awards, and knowledge sharing. Technically, the website is built on modern frameworks such as Next.js and React, with optimized media delivery via Cloudinary and a responsive design ensuring excellent user experience across devices. Security posture is good with HTTPS enforced and domain transfer protections in place, though some security headers and cookie consent mechanisms are missing, representing areas for improvement. Overall, the site demonstrates high professionalism and trustworthiness, with clear contact information and a comprehensive privacy policy, though terms of service and vulnerability disclosure policies are absent.

N

Netgen d.o.o.

netgen.io

0

Netgen d.o.o. is a Croatia-based digital agency specializing in UX design, web development, and eCommerce solutions built on Symfony, Ibexa DXP, and Sylius platforms. Established in 2015, the company serves business clients seeking comprehensive digital transformation and elevated customer experiences. Their market position is reinforced by multiple certifications, awards, and a portfolio of notable clients. Technically, the website demonstrates a mature infrastructure leveraging modern JavaScript libraries, HubSpot integration, and Cloudflare hosting, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, reflecting a credible and established business.

G

Guliver Image d.o.o.

stockfood.hr

0

StockFood, operated by Guliver Image d.o.o., is a specialized media agency focusing on food photography, videos, features, and recipes. It serves a global audience with multiple country-specific domains and offers a comprehensive portfolio of licensed food media content. The company is positioned as a market leader in its niche with a medium-sized operation based in Croatia. The website is professionally designed with rich content and clear navigation, targeting creative professionals and agencies in the food and media sectors. Technically, the site uses a combination of jQuery and React 15.4.0, with good mobile optimization and SEO practices, though some modernization opportunities exist. Security posture is solid with HTTPS and secure forms, but lacks visible security headers and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and business credible with room for security and privacy improvements.

E

Ermada - WPservice.pro

wpservice.pro

0

WPservice.pro is a small technology service provider specializing in WordPress website speed optimization, SEO, maintenance, and development. The company positions itself as an affordable provider of high-quality WordPress services, targeting website owners and businesses seeking to improve their WordPress sites. The business is registered in Croatia and uses Hostinger as its hosting provider. The website demonstrates a good level of digital maturity, leveraging modern WordPress plugins, SEO tools, and performance optimizations such as lazy loading and caching. Cookie consent is implemented, and Google Tag Manager is used for analytics, indicating awareness of privacy and tracking requirements. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and explicit security policies or incident response contacts. Overall, the website is professional, trustworthy, and safe for general audiences, though it would benefit from publishing privacy and terms of service policies and enhancing security disclosures.

M

mömax

moemax.hr

0

mömax.hr is a professional e-commerce website specializing in furniture and home decoration products targeting the Croatian market. The site offers a wide range of products with options for online and in-store purchases, including installment payment plans. The brand has a strong regional presence with sister sites in multiple European countries, indicating a well-established retail operation. Technically, the website uses modern web technologies including React, Cloudflare CDN, and tracking tools like Jentis and Neocom, providing a responsive and moderately performant user experience. Security posture is strong with HTTPS enforced and secure login forms, although explicit privacy and cookie policies are not found in the provided content, which is a compliance gap. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

T

TimKabel

tim-kabel.hr

0

TimKabel is a Croatian telecommunications company with a domain registered since 2001, indicating a stable and established presence in the local market. The website is built on WordPress and uses modern tools such as Google reCAPTCHA for bot protection and Cookiebot for cookie consent management, reflecting a reasonable level of digital maturity. SEO is enhanced by the Yoast SEO plugin, and the site is served over HTTPS, ensuring secure communications. However, explicit privacy policies and terms of service are not found in the provided content, which may impact compliance and user trust. The absence of direct contact information on the visible content limits immediate customer engagement opportunities. Overall, the website presents a professional and consistent brand image with moderate security and privacy compliance.

P

Protemio

protemio.hr

0

Protemio.hr is a newly established e-commerce retailer specializing in accessories for mobile phones, smartwatches, and tablets. The website targets consumers in Croatia and neighboring countries, offering a multi-language shopping experience. The business model is focused on online retail with a clear emphasis on mobile device accessories. The company appears to be in the early stages of operation, with a domain registered in early 2024 and a medium-sized market presence supported by regional partner sites. Technically, the website is built on the Magento platform, leveraging modern web technologies such as jQuery, RequireJS, and Google Tag Manager for analytics and marketing. The site is hosted behind Cloudflare DNS and CDN services, with performance monitoring via New Relic. The technical infrastructure supports good mobile optimization and SEO practices, although accessibility features are basic. From a security perspective, the site enforces HTTPS and includes standard security headers, indicating a good baseline security posture. Cookie consent mechanisms are implemented with granular control, supporting GDPR compliance to some extent. However, explicit privacy policy and terms of service pages are not detected, representing a compliance gap. No critical vulnerabilities or suspicious activities were identified. Overall, Protemio.hr presents a professional and trustworthy online retail platform with room for improvement in privacy compliance and security transparency. Strategic recommendations include publishing comprehensive privacy and terms documents, enhancing accessibility, and maintaining vigilant third-party script management.

A

Apartmán Ivona

apartman-ivona.cz

0

Apartmán Ivona is a small family-run hospitality business offering holiday apartment rentals in Trpanj, Pelješac peninsula, Croatia. The website provides detailed information about accommodation options, amenities such as a heated freshwater pool, free Wi-Fi, and private parking, and highlights local attractions and travel tips. The business targets tourists seeking a peaceful seaside vacation with easy access to notable Croatian destinations like Dubrovnik and Korčula. Technically, the website uses PHP, jQuery, and some legacy JavaScript libraries, with a moderate performance and basic mobile optimization. Security posture is moderate with HTTPS implied but lacking advanced security headers and policies. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is comprehensive and transparent, enhancing business credibility. WHOIS data is unavailable, which reduces domain trustworthiness but does not negate the legitimacy of the business based on website content. Overall, the site is functional, informative, and trustworthy for its niche.

C

Cemix

cemix.hr

0

Cemix is a medium-sized manufacturing company specializing in construction materials such as mortars, plasters, insulation, and related products. The company operates primarily in Croatia with a strong regional presence across Central and Eastern Europe, supported by multiple country-specific websites. Their business model focuses on product manufacturing, technical support, and distribution services targeting construction professionals and contractors. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website employs modern JavaScript libraries including jQuery and Moment.js, integrates a consent management platform (Usercentrics), and uses Google Tag Manager for analytics and marketing. The hosting provider is a Croatian registrar and hosting company, cyber_Folks d.o.o., which aligns with the regional focus. The site is mobile optimized and performs moderately well, with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and uses consent-based script loading, including Google reCaptcha v3. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and should be implemented for enhanced protection. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with a comprehensive cookie policy and GDPR-aligned consent mechanisms. Overall, Cemix presents a trustworthy and professional online presence with a solid security posture and compliance framework. Strategic improvements in security headers, incident response transparency, and accessibility would further strengthen their digital maturity and risk management.

A

Astratex

astratex.hr

0

Astratex.hr is an established e-commerce retailer specializing in lingerie, swimwear, and related apparel, targeting B2C customers primarily in Croatia and surrounding regions. The company has a stable market presence with over 15 years of brand history, offering a broad range of products from functional to fashionable undergarments and swimwear. The website is professionally designed with good content quality and consistent branding, supporting a positive user experience. Technically, the site uses modern web technologies including jQuery, Google Tag Manager, and Cookiebot for cookie consent management, ensuring compliance with privacy regulations. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is solid with HTTPS enforced and basic security headers present, but could be improved with additional headers and published security policies. No critical vulnerabilities or blocking mechanisms were detected, and WHOIS data confirms domain legitimacy and consistency with business claims. Overall, the site demonstrates a mature digital presence with room for enhancements in privacy transparency and security best practices.

Filix d.o.o. is a Croatian-based manufacturer specializing in innovative LED lighting solutions for architectural, underwater, and urban applications. With over 35 years of industry experience and a presence in 50 countries, the company offers durable, energy-efficient products supported by comprehensive customer services including warranty and technical tools. The website reflects a professional business with clear branding, detailed product showcases, and customer testimonials, positioning Filix as a reputable player in the energy-efficient lighting sector. Technically, the site employs modern web technologies such as PHP, Bootstrap, and integrates Google Analytics and Tag Manager for data insights. The site is mobile-optimized and accessible, with a cookie consent mechanism aligned with GDPR requirements. Security posture is solid with HTTPS, session management, and CSRF protection, though improvements could be made by enabling DNSSEC and adding security headers. Overall, the domain registration is consistent with the business profile, enhancing trustworthiness.

C

CARWIZ rent a car

carwiz.rent

0

CARWIZ rent a car is an international car rental company operating in over 450 locations worldwide, primarily targeting travelers seeking affordable and flexible car rental options. The company offers a modern fleet with benefits such as unlimited mileage and free cancellation, positioning itself as a competitive player in the transportation sector. The website is professionally designed with good content quality, clear navigation, and mobile optimization, supporting a positive user experience. Technically, the site employs modern web technologies including JavaScript libraries, Google Tag Manager, and Cookiebot for consent management, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, comprehensive security headers, and no visible vulnerabilities, although a dedicated security policy and incident response information are absent. Privacy compliance is well addressed with GDPR-aligned cookie consent and privacy policies. Overall, the domain registration data aligns with the business claims, supporting legitimacy and trustworthiness. Strategic recommendations include publishing explicit security and incident response policies and enhancing accessibility features to further improve compliance and user trust.

A

ADRIATIC TOURIST RESORTS d.o.o.

zelenapunta.hr

0

The website www.zelenapunta.hr represents ADRIATIC TOURIST RESORTS d.o.o., a small hospitality business offering seaside apartment rentals in Kukljica, Ugljan, Croatia. The site targets tourists seeking direct online booking options for holiday apartments and related services. It maintains a consistent brand presence with multilingual support and integrates social media and customer testimonials to build trust. Technically, the site is built on WordPress with modern plugins and frameworks, including GDPR-compliant cookie management and marketing analytics tools. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is well addressed with clear policies and a data protection officer contact. Overall, the site is professional, trustworthy, and well-optimized for its niche market.

H

Hotel Trakošćan

hotel-trakoscan.hr

0

Hotel Trakošćan is a well-established hospitality business located in Croatia, offering premium accommodation, wellness, gastronomy, and event services. The website reflects a mature digital presence with a professional design, clear navigation, and integration of modern technologies such as Bootstrap, jQuery, and various analytics and marketing tools. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is addressed with clear privacy and cookie policies and consent mechanisms. The domain registration data aligns well with the business claims, supporting legitimacy. Overall, the website is trustworthy and serves its target audience effectively.

P

PAR University of Applied Sciences

par.hr

0

PAR University of Applied Sciences is a Croatian higher education institution established in 2007, offering applied sciences degree programs and lifelong learning courses. The institution emphasizes practical experience, mentoring, and international cooperation, notably through Erasmus+. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. Security posture is adequate with HTTPS and cookie consent, but lacks some security headers and explicit privacy and security policies. Social media presence is strong, enhancing trust and engagement. Overall, the site reflects a credible educational institution with room for improvement in compliance and security transparency.

Hilti Croatia operates as a leading provider of construction tools, software, and services tailored for construction professionals, engineers, and contractors. The website reflects a mature business with a strong market position supported by comprehensive product offerings and innovative solutions such as fleet management and engineering software. The company is part of the global Hilti Group, with a localized presence in Croatia since 2016. The website is professionally designed, mobile-optimized, and rich in relevant content targeting B2B customers in the construction sector. Technically, the site leverages modern frameworks like Angular and Adobe Experience Manager, supported by robust analytics and consent management tools, ensuring GDPR compliance and good user experience. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response details are not publicly disclosed. Overall, the site presents a trustworthy and professional digital presence aligned with the company's business objectives.

N

Notino, s.r.o.

notino.hr

0

Notino, s.r.o. operates a professional e-commerce platform specializing in perfumes, cosmetics, and beauty products targeted primarily at the Croatian market. The website is well-branded, consistent, and offers a wide range of products with clear navigation and user-friendly design. The company holds a strong market position as one of the largest beauty product retailers in Europe, with a focus on online sales and customer engagement through social media and marketing platforms. Technically, the website leverages modern technologies including React, Google Tag Manager, and Cloudflare services, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and monitoring tools like New Relic. Privacy compliance is evident with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a mature digital presence with high trustworthiness and professional standards.

Soldered Electronics is a specialized e-commerce business focused on providing electronics components, kits, and educational resources primarily targeting makers, hobbyists, and STEM educators. With over a decade of industry presence and a customer base exceeding 20,000, the company positions itself as a trusted provider of user-friendly electronics products supported by comprehensive technical assistance. The website is professionally designed, mobile-optimized, and enriched with SEO best practices and structured data to enhance visibility and user engagement. Technically, the site is built on WordPress with WooCommerce, leveraging modern JavaScript libraries and third-party integrations such as Google Tag Manager, Microsoft Clarity, and Trustpilot for analytics and customer feedback. Hosting and DNS are managed via NameCheap and Cloudflare, respectively, providing a solid infrastructure foundation. Privacy and cookie policies are implemented with GDPR compliance, supported by consent mechanisms and a cookie management plugin. From a security perspective, the website enforces HTTPS, employs standard security headers, and maintains a clientTransferProhibited domain status to prevent unauthorized transfers. However, DNSSEC is not enabled, and no explicit security policy or incident response information is published, representing areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with strong business credibility and good technical maturity. Strategic enhancements in DNS security and transparency around security policies would further strengthen its posture.

T

Toyota Hrvatska

toyota.hr

0

Toyota Hrvatska operates as the official Toyota brand presence in Croatia, offering a wide range of vehicles including city cars, SUVs, hybrids, and commercial vehicles. The website serves as a comprehensive portal for customers to explore Toyota models, locate dealers, and access customer support. The company is a subsidiary of Toyota Motor Corporation and has been established since 2001, reflecting a mature market presence. Technically, the website leverages Adobe Experience Manager CMS, integrates advanced analytics via Datadog and Google Tag Manager, and uses Adobe Scene7 for media content delivery. The site is well-optimized for mobile and SEO, with a professional design and clear navigation. Security posture is strong with HTTPS enforced and privacy-conscious tracking, though explicit security headers and policies could be improved. Overall, the website is trustworthy, professional, and safe for general audiences.

W

Webtasy, d.o.o.

enigmarium.hr

0

Enigmarium.hr is a professionally operated escape room entertainment business based in Zagreb, Croatia, offering immersive and uniquely themed escape room experiences including murder mystery and outdoor adventure games. The company targets general audiences interested in team-building and recreational activities, with a strong market position supported by positive TripAdvisor reviews and active social media engagement. The website is built on a modern WordPress infrastructure using popular plugins and themes, ensuring a good user experience and SEO optimization. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms in place, though the absence of privacy and terms policies represents a compliance gap. Overall, the business demonstrates a trustworthy and credible online presence with room for improvement in privacy and security disclosures.

M

Moje karte d.o.o.

mojekarte.hr

0

Moje karte d.o.o. operates a leading Croatian online ticket sales platform, mojekarte.hr, offering a wide range of tickets for cultural, sports, and entertainment events. Established in 2010, the company has a strong market position as the digital platform with the most sold-out shows in Croatia. The website supports multiple languages and provides services such as event packages and gift cards, targeting a broad audience interested in live events and experiences. Technically, the site employs modern web technologies including jQuery, Foundation framework, and RoyalSlider, hosted behind Cloudflare for DNS and CDN services. The site is mobile-optimized and features good SEO and accessibility practices. Security-wise, the platform enforces HTTPS, uses cookie consent mechanisms, and avoids exposing sensitive data, though it could improve by adding more security headers and publishing a formal security policy. Overall, the site demonstrates a mature digital presence with strong privacy compliance and trustworthy business information.

E

Einhell Croatia d.o.o.

einhell.hr

0

Einhell Croatia d.o.o. operates a professional and consumer-focused website offering high-quality power tools, garden equipment, and accessories primarily targeting hobbyists, gardeners, and professionals in Croatia. The company maintains a consistent brand presence with a well-structured website powered by TYPO3 CMS, integrating modern technologies and third-party services for analytics, consent management, and bot protection. The website demonstrates good GDPR compliance with a comprehensive privacy policy and cookie consent mechanism. Security posture is strong with HTTPS enforcement, security headers, and CAPTCHA integration, although explicit security policies and incident response contacts are not published. Overall, the website reflects a mature digital infrastructure suitable for a medium-sized manufacturing and retail business with a strong regional market position.

I

igus

igus.hr

0

igus is a well-established manufacturer and direct seller specializing in motion plastics, including energy chains, plain bearings, and linear technology. The company targets industrial and manufacturing sectors, providing specialized products for motion and energy supply systems. Their website reflects a professional and consistent brand presence with a global reach, supported by multiple international domains. The technical infrastructure is modern, leveraging Next.js and React frameworks, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though improvements are needed in security headers and explicit privacy compliance. Overall, the website is trustworthy and business credible but lacks some compliance documentation and explicit contact information in the provided content.

U

Udruga za razvoj civilnog društva

smart.hr

0

The website www.smart.hr represents a Croatian non-profit association dedicated to the development of civil society. Established in 2001, it serves as a platform for community support and educational programs targeting NGOs and civil society organizations. The site is built on WordPress using the Divi theme, incorporating standard web technologies and Google Analytics for visitor tracking. While the website demonstrates good design quality and mobile optimization, it lacks explicit privacy, cookie, and terms of service policies, which are critical for GDPR compliance and user trust. Security measures include HTTPS and Google reCAPTCHA, but the absence of security headers and vulnerability disclosure policies suggests room for improvement. Overall, the domain registration data aligns well with the website's purpose and location, indicating a legitimate and established entity.

S

Solidarna

solidarna.hr

0

Solidarna is a Croatian non-profit foundation dedicated to fostering solidarity and community support through various funds and programs. The website presents a professional and well-structured digital presence, leveraging WordPress with Elementor and WooCommerce for content management and e-commerce capabilities. The foundation actively engages with its audience via social media channels and provides transparent information about its programs and donors. Technically, the site employs modern web technologies and maintains good security practices, including HTTPS and security headers. Privacy compliance is evident through a comprehensive privacy policy and cookie consent mechanism. However, the site lacks explicit terms of service, security policy, and vulnerability disclosure information, which could enhance trust and compliance. Overall, the website is trustworthy, well-maintained, and serves its non-profit mission effectively.

S

Slagalica - Zaklada za razvoj lokalne zajednice

zaklada-slagalica.hr

0

Zaklada Slagalica is a Croatian non-profit foundation dedicated to the development of local communities through philanthropy, grants, and community projects. Established in 2008, it maintains a strong local presence with transparent donation practices and active engagement with civil society organizations. The website reflects a professional and consistent brand image, targeting NGOs, donors, and local stakeholders. Technically, the site is built on WordPress with modern plugins and frameworks, hosted on SiteGround, and optimized for mobile and SEO. Security posture is good with HTTPS and reCAPTCHA integration, though improvements in security headers and incident response transparency are recommended. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site is trustworthy, well-maintained, and serves its community-focused mission effectively.

P

Program fonda za aktivno građanstvo u Hrvatskoj - ACF Hrvatska

acfcroatia.hr

0

The Program fonda za aktivno građanstvo u Hrvatskoj - ACF Hrvatska is a Croatian non-profit initiative focused on promoting active citizenship and inclusive communities through grant funding and support for civil society organizations. The website serves as an information hub for open calls, project results, and partnership development, positioning itself as a key national program fund manager. The site is well-branded, consistent, and targets Croatian citizens and NGOs engaged in civic activities. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and accessibility and GDPR compliance plugins. It demonstrates good mobile optimization, accessibility features, and SEO practices. Hosting and domain registration are consistent with the Croatian market and the organization's profile. From a security perspective, the site uses HTTPS with excellent SSL configuration and implements GDPR cookie consent mechanisms. However, it lacks explicit security policies, incident response contacts, and advanced security headers. No vulnerabilities or exposed sensitive data were detected in the content. Analytics usage is moderate with Google Analytics and Tag Manager scripts. Overall, the website presents a low-risk profile with good business credibility and compliance posture. Strategic improvements could include publishing security and incident response policies and enhancing security headers to further strengthen trust and resilience.

Festival tata is a Croatian non-profit organization and festival dedicated to celebrating and promoting caring fatherhood and active paternal involvement in child upbringing. Founded in 2018, it is supported by the Swedish Embassy in Zagreb and local organizations such as Status M and Roditelji u akciji – Roda. The festival organizes digital campaigns, photo exhibitions, workshops, and advocacy efforts focused on paternity leave and family well-being. The website is professionally designed using WordPress and hosted on DreamHost, featuring a modern tech stack including jQuery, Bootstrap, and Jetpack plugins. Social media integration and analytics are implemented via Facebook SDK and Jetpack Stats respectively. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and formal policies are lacking. Privacy compliance is partial with a cookie consent mechanism but no privacy policy or terms of service pages. Contact information is minimal, limited to an email address. Overall, the website is trustworthy, content-rich, and serves its target audience effectively, but could improve compliance and security transparency.

S

Status M

status-m.hr

0

Status M is a Croatian non-profit organization dedicated to promoting non-violence, inclusion, and gender equality, with a focus on challenging traditional gender roles and stereotypes about masculinity. The organization operates primarily through educational projects, advocacy, and community engagement, targeting a broad audience interested in social justice and human rights. Their website reflects a professional and consistent brand image, supported by institutional partnerships and awards, indicating a credible presence in their sector. Technically, the website is built on WordPress using the Avada theme, with modern web technologies and good mobile optimization, though some accessibility features could be improved. Security posture is solid with HTTPS and no visible vulnerabilities, but lacks some advanced security headers and explicit security policies. Privacy compliance is partially addressed with a cookie consent banner, but no explicit privacy or terms of service pages were found in the provided content. Overall, the website is trustworthy and well-positioned within its niche, though it could enhance transparency and security documentation.

The website croatia.hr is an official Croatian government tourism portal providing comprehensive health and safety information for visitors to Croatia. It offers emergency contact numbers, procedures for lost or stolen property, and passport-related guidance, targeting tourists and travelers. The site is well-branded and consistent with government standards, reflecting a medium-sized government entity established in 2001. Technically, the site employs modern JavaScript frameworks (likely Vue.js), uses Microsoft Azure DNS hosting, and integrates Dynatrace for performance monitoring. SEO and mobile optimization are good, though accessibility is basic. Security posture is solid with HTTPS and monitoring but lacks visible security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanisms. Contact information and incident response details are not present on the analyzed page, limiting user support options. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

A

Aurora Club

auroraclub.hr

0

Aurora Club is a well-established hospitality and entertainment venue located in Primošten, Croatia, known for its large-scale nightclub facilities, multiple bars, dining options, and event hosting capabilities. The business targets tourists and locals seeking nightlife and party experiences, positioning itself as one of the premier clubs on the Croatian coast. The website reflects a mature digital presence built on WordPress with a modern theme and common plugins, offering good content quality and user experience. Privacy and cookie policies are implemented with consent mechanisms, supporting GDPR compliance. Security posture is adequate with HTTPS and cookie consent but lacks explicit security headers and incident response information. Overall, the site is trustworthy and professionally maintained, with clear contact channels and social media integration.

Kordić Holding is a Croatian company specializing in event management, advertising, ticket distribution, rent-a-car services, and international road transport of passengers and goods. Established in 2015, it holds a strong regional presence, particularly in Southern Croatia, with a diversified service portfolio targeting both business and individual clients. The website reflects a professional business with clear service offerings and client engagement channels including social media and contact forms. Technically, the website uses modern frontend technologies such as Bootstrap, jQuery, Owl Carousel, and FontAwesome, ensuring a responsive and visually appealing user experience. However, there is room for improvement in SEO, accessibility, and performance optimization. The site lacks a CMS indication and advanced analytics tools, suggesting a simpler infrastructure. From a security perspective, the site uses HTTPS and Google reCAPTCHA for form protection but lacks critical security headers and DNSSEC. No privacy or cookie policies are published, indicating compliance gaps with GDPR and related regulations. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain and business. Overall, the website is functional and professional but would benefit from enhanced security measures, privacy compliance, and technical optimizations to improve trust and user experience.

P

Phobs

phobs.net

0

Phobs is a technology company specializing in revenue-generating IT solutions for the hospitality industry, including hotels and campsites. Their offerings include booking engines, channel management, yield management, and reservation applications, supported by a dedicated consulting and support team. The website presents a professional and modern digital presence, leveraging advanced web technologies such as Next.js and React, and integrates marketing and analytics tools like HubSpot, Google Tag Manager, and Facebook Pixel. Security posture is solid with HTTPS enforced, though some security headers and policies are missing. Privacy compliance is limited due to the absence of visible privacy and cookie policies. The lack of WHOIS data and domain registration information is a significant concern, impacting trust and legitimacy assessments.

M

Mlinar

mlinar.hr

0

Mlinar is a well-established Croatian bakery and retail food company with a domain registered since 1999, indicating a mature market presence. The website presents a professional design with consistent branding and clear focus on bakery products and retail services. The technical infrastructure includes modern CSS frameworks and JavaScript libraries, with integration of popular analytics and marketing tools such as Google Analytics and Meta Pixel. Cookie consent is managed via Cookiebot, demonstrating attention to privacy compliance. Security posture is solid with HTTPS and CSRF protections, though some security headers and policies could be improved. Overall, the website is trustworthy and professionally maintained, serving a general audience with safe content.

A

Adriaticket

adriaticket.com

0

Adriaticket is an established online ticketing and event promotion platform primarily serving Croatian and regional markets. Founded in 2012, it offers ticket sales for concerts, festivals, and cultural events, leveraging a custom-built website with AngularJS and Bootstrap frameworks. The platform integrates multiple third-party services including Google Maps, Facebook SDK, and YouTube APIs to enhance user experience. While the website is professionally designed with good navigation and mobile optimization, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is moderate with HTTPS enforced and use of reCAPTCHA, but absence of DNSSEC and security headers present areas for improvement. Overall, Adriaticket demonstrates a solid business presence with moderate risk, suitable for general audiences and event attendees.

G

Gong

codeforcroatia.org

0

Code for Croatia is a Croatian non-profit civic technology community platform focused on open data, open government, and open source projects. It serves as a discussion forum and collaboration space for designers, programmers, and activists aiming to foster positive social change. The website is powered by the Discourse forum software and hosted with Cloudflare DNS services, reflecting a modern and community-oriented technical infrastructure. The platform demonstrates good digital maturity with a well-structured forum, active categories, and integration of various plugins to enhance user engagement. Security posture is solid with HTTPS enforced and domain transfer protections, though improvements such as enabling DNSSEC and publishing explicit security policies are recommended. Overall, the website is trustworthy, professionally maintained, and serves a clear community purpose with moderate tracking via Google Analytics. Strategic recommendations include enhancing privacy compliance with cookie consent mechanisms and formalizing security incident response documentation.