Security Directory

P

Popravi.to

popravi.to

0

Popravi.to is a Croatian civic technology platform enabling local residents to report, view, and discuss street-related problems such as graffiti, illegal waste dumping, and damaged infrastructure. The platform is powered by the open source FixMyStreet software and targets community members interested in improving their local environment. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript with jQuery, and OpenLayers for mapping, supported by multiple analytics tools and Cloudflare hosting. The site is mobile optimized and uses HTTPS with some security best practices like CSRF tokens and service workers. However, it lacks explicit privacy and cookie policies, and no direct contact information is provided on the homepage. Security posture is good but could be improved with additional headers and vulnerability disclosure mechanisms. Overall, the domain registration is consistent with the website's Croatian civic focus, indicating legitimacy and trustworthiness.

G

Gong

imamopravoznati.org

0

Imamo pravo znati is a Croatian non-profit online platform operated by the organization Gong, established in 2015. The website facilitates public access to government-held information by enabling citizens to submit Freedom of Information requests to over 6,800 public authorities in Croatia. It also archives and publicly publishes these requests and responses, promoting transparency and civic engagement. The platform is supported by Code for Croatia and Gong, maintained by volunteers, and targets Croatian citizens, journalists, and transparency advocates. Technically, the website is built on the Alaveteli framework, leveraging Ruby on Rails and jQuery, hosted behind Cloudflare for DNS and CDN services. It uses Google Analytics and Cloudflare Insights for traffic and performance monitoring. The site is mobile-optimized, accessible, and SEO-friendly, with a fast performance profile. Security is adequate with HTTPS enforced and clientTransferProhibited domain status, though DNSSEC is not enabled and some security headers are missing. From a security perspective, the site follows good practices such as CSRF protection and does not request sensitive personal data via forms. However, it lacks explicit security and incident response policies publicly available, and no vulnerability disclosure or security.txt files are present. Privacy compliance is supported by a comprehensive privacy policy and cookie policy, though no explicit cookie consent mechanism is implemented. Overall, the website is trustworthy, professionally maintained, and serves an important civic function. Recommendations include enabling DNSSEC, adding security headers, publishing security policies, and implementing cookie consent to enhance compliance and security posture.

P

Plus Hosting Grupa d.o.o.

parlametar.hr

0

Parlametar is a Croatian government-focused digital platform that provides detailed analysis and tracking of parliamentary activities, including voting records and speech transcripts of Croatian Parliament members. The platform targets citizens, journalists, and political analysts interested in transparent and accessible parliamentary data. It operates as an informational service with a specialized niche in political data visualization and analysis. Technically, the website employs a modern yet somewhat dated technology stack including Bootstrap 3 and jQuery 1.11.3, with performance and mobile optimization rated as good. Security posture is adequate with HTTPS enforced and no visible sensitive data exposure, but lacks some security headers and cookie consent mechanisms. The domain is registered with a reputable Slovenian hosting provider, consistent with the website's operational profile. Overall, the site is professional, trustworthy, and serves a clear public interest function.

G

Gong

gong.hr

0

Gong is a well-established Croatian non-profit organization founded in 1997, dedicated to promoting active citizen participation in political processes. The organization offers educational programs, research, and digital tools aimed at enhancing democracy, transparency, and civic engagement. Their market position is strong within the Croatian civil society sector, supported by partnerships with governmental and EU bodies. The website reflects a professional and consistent brand image with clear communication channels and comprehensive content relevant to their mission. Technically, the site is built on WordPress with modern plugins and frameworks, offering good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some improvements in security headers and incident response disclosures are recommended. Overall, the site is safe, trustworthy, and compliant with GDPR requirements.

P

photoapps.expert

photoapps.expert

0

The website photoapps.expert is currently a parked domain primarily monetized through advertising networks such as Google Adsense and Bodis. It lacks any substantive business content, contact information, or services, indicating it is not actively used for commercial or operational purposes. The domain is newly registered in 2025 with a Croatian registrar, and no registrant organization is disclosed, which aligns with the minimal website content. Technically, the site uses standard Google tracking and advertising scripts but lacks advanced security headers and privacy compliance mechanisms. The security posture is basic with HTTPS enabled but no additional protections. Overall, the site presents low business credibility and limited user engagement potential.

P

Presscut

presscut.hr

0

Presscut is a leading Croatian media monitoring and press clipping agency with approximately 30 years of experience. The company offers a comprehensive suite of services including media monitoring, social media tracking, media analysis, and access to a digital media archive. It serves a diverse clientele including government institutions, companies of various sizes, and individuals. The website is professionally designed, well-structured, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, it is built on WordPress with modern plugins and technologies such as Google reCAPTCHA v3 and GDPR cookie compliance, ensuring a secure and privacy-conscious user experience. Security posture is good with HTTPS enforced and anti-bot measures in place, though explicit security headers and policies could be improved. Overall, the website and business demonstrate high trustworthiness and professionalism, with no signs of malicious activity or content blocking.

N

NEWTON Media

newtonmediasee.eu

0

NEWTON Media SEE is a regional media intelligence and research company operating primarily in South East Europe, with a focus on media monitoring, data mining, market research, translation services, and voice-to-text technologies. The company maintains a network of regional subsidiaries and partners in Slovenia and Croatia, providing tailored media intelligence and consulting services. The website is professionally designed using WordPress and Elementor, reflecting a mature digital presence with moderate technical sophistication. Security posture is adequate with HTTPS enabled, but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. The absence of public WHOIS data is consistent with EURid privacy policies for .eu domains and does not detract significantly from the company's legitimacy. Overall, the website and business present a credible and professional image suitable for their target market.

VELUXshop.hr is the official Croatian e-commerce platform for VELUX branded roof window blinds and shading solutions. The website offers a comprehensive catalog of products including roller blinds, pleated blinds, insect nets, and external shading devices, targeting Croatian consumers seeking quality window accessories. The site is built on modern web technologies such as Nuxt.js and Vue.js, providing a responsive and user-friendly shopping experience. Security posture is strong with HTTPS enforced and standard security headers present, though explicit cookie consent and security policies could be improved. Overall, the site demonstrates a mature digital presence aligned with the VELUX brand, supporting a medium-sized retail operation with clear contact information and legal compliance.

INA Loyalty is a loyalty program website associated with INA, a Croatian energy company. The site serves customers in Croatia, providing loyalty rewards and promotions. The business operates in the energy sector and was established around 2020, consistent with the domain registration date. The website is built on the Salesforce Experience Cloud platform, leveraging modern technologies and trusted third-party payment and analytics services. The technical infrastructure is solid, with good mobile optimization and performance, though accessibility and SEO could be improved. Security posture is strong with HTTPS, Content Security Policy, and bot protection via reCAPTCHA, but lacks explicit privacy and security policies visible on the site. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and contact transparency.

H

Hobbytec

hobbytec.hr

0

Hobbytec is a specialized manufacturer focused on producing winter gardens, carports, pergolas, and modular houses primarily serving the Croatian and Czech markets. The company emphasizes custom production tailored to customer needs, supported by physical showrooms and a broad product range. Their market position is strong within their niche, with multiple regional sister sites indicating a well-established presence in Central Europe. Technically, the website employs modern web technologies including Google Tag Manager, reCAPTCHA, and responsive design, ensuring a good user experience and moderate performance. Security posture is solid with HTTPS enforced and anti-bot protections on forms, though some security headers and policies could be improved. Privacy compliance is addressed with cookie consent and a privacy policy, but lacks explicit terms of service and incident response information. Overall, the website is professional, trustworthy, and well-aligned with the business's operational footprint.

J

Juicy

juicy.hr

0

Juicy is a Croatian-based beverage company specializing in premium fruit juices and nectars, with a market leadership position in Croatia and Bosnia and Herzegovina. The company offers a wide range of products including 100% juices, nectars, vitamin waters, ice teas, and cocktails, targeting general consumers seeking healthy and natural fruit beverages. The website reflects a medium-sized retail business with consistent branding and a professional online presence. Technically, the site uses a combination of legacy and modern JavaScript libraries, Google Tag Manager for analytics, and a cookie consent mechanism, hosted by a reputable Croatian telecom provider. Security posture is adequate with HTTPS enabled and cookie consent implemented, though additional security headers and explicit incident response policies are absent. Overall, the website is safe, well-structured, and compliant with GDPR requirements, supporting the company's credibility and trustworthiness in its market segment.

I

INA-INDUSTRIJA NAFTE, d.d.

inaloyaltynagradna.com

0

The website inaloyaltynagradna.com serves as a promotional platform for the INA Loyalty program's Coca-Cola related contest running from June 6 to July 31, 2025. It targets Croatian consumers who purchase Coca-Cola products at INA gas stations, encouraging them to participate in a loyalty program to win prizes such as PlayStation 5 Pro, iPhone 16, and fuel cards. The site is well-branded with consistent INA and Coca-Cola imagery and provides clear instructions and contact information. The business behind the site is INA-INDUSTRIJA NAFTE, a large energy sector company in Croatia, leveraging digital engagement to enhance customer loyalty.

Tifon.hr is the official website of Tifon, a Croatian fuel retail company and member of the MOL Group, a leading integrated gas and oil group in Central Europe. The company offers high-quality fuels, business and prepaid fuel cards, convenience store services under the Fresh Corner brand, and other related services. The website targets both business customers and individual consumers in Croatia, providing detailed information about products, services, and corporate information. The site is professionally designed, mobile-optimized, and includes modern web technologies such as jQuery, Bootstrap, and Google Analytics for tracking and performance. From a technical perspective, the website uses Joomla CMS and integrates multiple JavaScript libraries and Google services for analytics and tag management. The site is served over HTTPS with a valid SSL configuration, ensuring secure communication. Accessibility features and cookie consent mechanisms are implemented, reflecting compliance with GDPR and user privacy standards. However, explicit security headers and a dedicated security policy page are not found, which could be improved to enhance security posture. Security-wise, the site demonstrates good practices such as HTTPS enforcement and cookie consent with detailed categories including necessary, functional, and targeting cookies. Google reCAPTCHA is used to protect forms from abuse. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain is longstanding and consistent with the business claims, registered under a Croatian registrar appropriate for the domain. Overall, Tifon.hr presents a trustworthy and professional online presence for a regional energy company. The site is secure, privacy-conscious, and well-structured, though it could benefit from enhanced security documentation and incident response transparency. The business is well-positioned in the Croatian energy market as part of the MOL Group, with clear branding and service offerings.

G

Globaldizajn d.o.o.

globaldizajn.eu

0

Globaldizajn d.o.o. is a well-established Croatian technology company specializing in web design, CMS solutions, SEO, mobile applications, and online payment systems. Founded in 2003, it serves a diverse clientele including banks, public sector entities, and large enterprises, positioning itself as a reliable B2B service provider in the Croatian market. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to business customers seeking digital transformation services. Technically, the website employs modern web technologies including Bootstrap, jQuery, Google Analytics, and a proprietary CMS named Globaladmin. The site is mobile-optimized and demonstrates good SEO practices. Hosting and domain registration are consistent with the company's Croatian base, and the site uses HTTPS with a strong SSL configuration. However, some security headers are not explicitly detected, and there is no published security policy or incident response contact, which could be improved. From a security perspective, the site shows good practices such as HTTPS enforcement, CAPTCHA on forms, and a comprehensive cookie consent mechanism compliant with GDPR. Certifications like ISO 20000-1 and ISO 14001:2015, along with trust seals, enhance credibility. No vulnerabilities or suspicious activities were detected in the content. Privacy compliance is well addressed, with clear policies and consent mechanisms. Overall, Globaldizajn's website is a trustworthy, professional platform that effectively communicates its business offerings and maintains a solid security and privacy posture. Strategic improvements in security policy transparency and HTTP security headers would further strengthen its security maturity.

H

Hrvatski Telekom d.d.

freshcorner.hr

0

Fresh Corner is a Croatian retail food and beverage brand specializing in quick-service offerings such as coffee, hot dogs, sandwiches, and bakery products, primarily located at INA fuel stations. The website reflects a medium-sized enterprise with consistent branding and a clear market position within the Croatian retail and hospitality sectors. The digital infrastructure employs modern web technologies including Google Analytics, Google Tag Manager, and Google Maps API, supporting a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS enforcement and CSRF protections, though some security headers and incident response details are absent. Privacy compliance is strong, featuring comprehensive cookie and privacy policies with user consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with the business's operational scope.

A

AutoScout24

autoscout24.hr

0

AutoScout24.hr is a leading European online marketplace specializing in the sale and purchase of new and used vehicles, localized for the Croatian market. The platform offers a comprehensive range of automotive listings, including cars, commercial vehicles, and specialized vehicle types, supported by dealer login capabilities and automotive news content. The website is well-positioned as a major player in the European automotive classifieds sector, targeting both individual consumers and professional dealers.

B

BioTechUSA HR

biotechusa.hr

0

BioTechUSA HR operates an e-commerce platform specializing in nutritional supplements and health-related products targeted at the Croatian market. The website is a localized branch of the BioTechUSA brand, leveraging Shopify's e-commerce infrastructure to provide a professional and user-friendly shopping experience. The site integrates multiple marketing and analytics tools to optimize customer engagement and sales performance. Technically, the website is built on a modern stack with Shopify CMS, uses HTTPS with good SSL configuration, and implements cookie consent mechanisms to comply with privacy regulations. However, the absence of a visible privacy policy and explicit contact information slightly detracts from its compliance posture. Security-wise, the site follows best practices typical for Shopify-hosted stores but lacks dedicated security policy or vulnerability disclosure pages. Overall, the website presents a trustworthy and professional front for BioTechUSA's Croatian operations, with room for improvement in privacy transparency and security disclosures.

J

Javna ustanova NATURA VIVA

naturaviva.hr

0

Javna ustanova NATURA VIVA is a Croatian public institution dedicated to managing protected natural areas within Karlovačka županija. The organization focuses on environmental conservation, educational workshops, monitoring of wildlife, and public engagement. Their website reflects a regional governmental entity with a clear mission to preserve natural heritage and promote ecological awareness. The content is well-structured, informative, and targeted primarily at local citizens, schools, volunteers, and environmental stakeholders. The business model is non-commercial, operating under public funding and regional governance.

P

PETERKA & PARTNERS

peterkapartners.hr

0

PETERKA & PARTNERS is a law firm specializing in providing comprehensive legal and tax services to businesses operating in Central and Eastern Europe, including countries such as the Czech Republic, Slovakia, Poland, Hungary, Bulgaria, Romania, Ukraine, Belarus, and Russia. The firm positions itself as a leading full-service legal partner in this regional market. The website reflects a professional and consistent brand image with a clear focus on its target audience of business clients in the region. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Google Fonts, Font Awesome, and Google Tag Manager, indicating a moderate level of digital maturity. The site is mobile optimized and has good SEO fundamentals, although accessibility features are basic. Hosting appears to be provided by Active24, a known regional hosting provider. From a security perspective, the site uses HTTPS and includes form validation scripts, but lacks visible security headers and published privacy or cookie policies, which are important for GDPR compliance. Contact information is limited to an email address related to sanctions inquiries, with no phone numbers or physical addresses provided. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is professional and trustworthy but could improve its privacy compliance and security posture by publishing relevant policies, enhancing security headers, and providing more comprehensive contact details. These improvements would strengthen user trust and regulatory compliance.

L

Lentiamo s.r.o.

lentiamo.hr

0

Lentiamo.hr is a well-established e-commerce retailer specializing in contact lenses, prescription glasses, sunglasses, and related accessories primarily serving the Croatian market with a strong regional presence across multiple European countries. The company offers a broad product range with fast delivery and loyalty programs, positioning itself as a trusted online optical retailer. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics 4, and Cloudflare for DNS and CDN services, ensuring a performant and SEO-optimized platform with good mobile responsiveness and accessibility. Security posture is solid with HTTPS enforced, secure login options including OAuth via Google and Facebook, and cookie consent mechanisms compliant with GDPR. However, explicit security policies and incident response contacts are not publicly disclosed, representing an area for improvement. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. The website content is safe for general audiences with no adult or NSFW material detected.

Hrvatski inženjerski savez (HIS) is a Croatian engineering association established in 2008, serving as a professional body for engineers in Croatia and abroad. The organization offers membership services, professional certifications such as EurIng 2.0, lifelong education, and organizes events like the annual 'Dan inženjera Republike Hrvatske'. The website reflects a well-established non-profit entity with strong ties to international engineering federations and Croatian academic institutions. Technically, the site runs on WordPress 4.7.29 with jQuery 1.12.4, uses Google Analytics and Tag Manager for tracking, and is hosted likely on Croatian infrastructure. While the site is content-rich and professionally presented, it lacks modern security headers and cookie consent mechanisms, which are important for GDPR compliance and security posture. No incident response or security policies are published, and some core software components are outdated, posing potential security risks. Overall, the domain registration data aligns well with the organization's identity, indicating high legitimacy and trustworthiness.

E

European Appliances Croatia d.o.o.

whirlpool.hr

0

European Appliances Croatia d.o.o. operates the Whirlpool.hr website as the official regional distributor and retailer of Whirlpool home appliances in Croatia. The website offers a comprehensive catalog of Whirlpool products including washing machines, dryers, ovens, and kitchen appliances, targeting Croatian consumers seeking quality household appliances. The business is positioned as a medium-sized entity with a focus on retail and customer support, leveraging the global Whirlpool brand. Technically, the website employs modern JavaScript libraries, Google Analytics, Google Tag Manager, and OneTrust for cookie compliance, indicating a mature digital infrastructure. Performance and mobile optimization are adequate, with good SEO practices and accessibility features. Security posture is solid with HTTPS enforcement, security headers, and no visible vulnerabilities, though dedicated security and incident response policies are not publicly detailed. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

H

Henkel

ceresit.hr

0

Ceresit.hr is the Croatian localized website for Ceresit, a leading brand under the multinational company Henkel, specializing in manufacturing and supplying high-quality construction materials such as tile adhesives, waterproofing, and thermal insulation products. The website targets construction professionals and consumers in Croatia, offering detailed product categories and support services. The domain is well-established since 2016 and aligns with the business's European presence. Technically, the site is built on Adobe Experience Manager with modern JavaScript frameworks and includes performance and accessibility optimizations. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit privacy and security policies are not publicly visible. Overall, the site demonstrates a professional and trustworthy digital presence consistent with a large manufacturing brand.

K

KOPOS KOLIN A/S

kopos.hr

0

KOPOS KOLIN A/S is a manufacturing company specializing in electrical installation materials made from plastic and metal, with a product range exceeding 5000 items. The company operates internationally with 10 subsidiaries across Europe, Asia, and Central America, ensuring global distribution. Their Croatian subsidiary, KOPOS ELEKTRO d.o.o., maintains a professional web presence providing product catalogs, technical support, and corporate information. The website is built on Drupal 7, indicating a mature but aging technical infrastructure. While the site is well-structured, mobile-optimized, and GDPR compliant with clear privacy and cookie policies, the use of an outdated CMS and lack of advanced security headers present potential security risks. Contact information and social media links are clearly provided, enhancing trust and accessibility.

Nikon.hr is the Croatian localized website for Nikon, a globally recognized brand specializing in digital cameras, lenses, and photographic equipment. The website serves as a product showcase and informational portal targeting photography enthusiasts and professionals in Croatia. It features product highlights, firmware updates, and promotional content consistent with Nikon's global branding. The technical infrastructure leverages modern web technologies including React, Google Tag Manager, Microsoft Application Insights, and OneTrust for cookie consent, indicating a mature digital presence. The site is hosted under a reputable Croatian registrar and uses HTTPS with good security practices. However, explicit privacy and terms of service pages are not evident in the provided content, which could be improved for compliance and user trust. Overall, the website demonstrates a solid security posture with no visible vulnerabilities or blocking mechanisms, supporting a trustworthy user experience.

P

Paul Bauder GmbH & Co. KG

bauder.hr

0

Bauder d.o.o. is a Croatian regional branch of Paul Bauder GmbH & Co. KG, a leading European manufacturer of roofing systems including flat, green, and pitched roofs. The company has a long tradition of over 160 years and holds a strong market position in Europe. Their website provides comprehensive product information, technical documentation, and corporate news targeting construction professionals and building owners in Croatia. The digital infrastructure is built on TYPO3 CMS with modern JavaScript libraries and includes a robust cookie consent mechanism via Usercentrics, ensuring GDPR compliance. Social media integration and multilingual support enhance their digital presence. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. WHOIS data confirms domain legitimacy and consistency with business claims. Overall, the website reflects a mature, professional business with good technical and security standards.

E

EVENTIM Croatia

eventim.hr

0

EVENTIM Croatia operates a professional e-commerce platform specializing in ticket sales for concerts, festivals, theatre performances, and sports events primarily targeting the Croatian market. The website is well-structured with comprehensive navigation options by event categories and cities, supporting a broad audience interested in entertainment and cultural events. The business is well-established, with domain registration dating back to 2003, and is part of the larger Eventim group, indicating a solid market position and operational maturity. Technically, the website employs modern web technologies including jQuery, Google Tag Manager, and a consent management platform to ensure GDPR compliance and user privacy. The site is hosted with Cloudflare DNS services, enhancing availability and security. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be more explicitly confirmed. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable platform for ticket sales in Croatia.

O

Općina Bilje

bilje.hr

0

Općina Bilje is a local government municipality website serving the Osječko-baranjska županija region in Croatia. The site provides public information about the municipality, including news, organizational structure, EU projects, and public tenders. The website is built on WordPress using the Twenty Seventeen theme and incorporates the Nicepage plugin for design elements. The technical infrastructure is moderate with basic mobile optimization and no detected advanced analytics or tracking. Security posture is adequate with HTTPS enabled but lacks important security headers and visible privacy or cookie policies, which are critical for compliance and user trust. The WHOIS data is protected due to GDPR regulations, which is typical for European domains, and no suspicious patterns were detected. Overall, the website serves its purpose as a government information portal but would benefit from enhanced privacy compliance and security hardening.

O

Općina Darda

darda.hr

0

Općina Darda is the official municipal government website for the Darda municipality in Croatia, providing local governance information and public services to residents and visitors. The website is built on WordPress using the Avada theme and several common plugins such as Yoast SEO and Contact Form 7, indicating a moderate level of digital maturity. The site is well-branded and consistent with its government identity, targeting local citizens and stakeholders. Technically, the site shows good SEO optimization and mobile responsiveness but lacks advanced security headers and privacy compliance features. Security posture is basic with no visible incident response or vulnerability disclosure mechanisms. Overall, the website is legitimate and trustworthy but would benefit from enhanced security and privacy practices to meet modern compliance standards.

O

Osječko-baranjska županija

obz.hr

0

Osječko-baranjska županija operates as the official regional government authority for the Osječko-baranjska County in Croatia. The website serves as a comprehensive portal for local government information, public notices, investment projects, social services, and EU fund programs. It targets residents, businesses, and stakeholders within the county, providing transparent access to administrative and developmental resources. The site is well-structured, professionally designed, and consistent with government branding standards. Technically, the website is built on Joomla CMS, leveraging modern JavaScript libraries such as jQuery, Bootstrap, and various sliders for dynamic content presentation. It incorporates accessibility features including the UserWay widget and is optimized for mobile devices. The site uses HTTPS and Google Analytics for visitor tracking, with a cookie consent mechanism ensuring GDPR compliance. From a security perspective, the site demonstrates good practices including ISO 27001 certification, HTTPS enforcement, and cookie consent management. However, WHOIS data is unavailable due to GDPR and rate limiting, which is typical for EU government domains. No critical vulnerabilities or exposed sensitive data were detected. The absence of explicit incident response contact information and security.txt is noted as an area for improvement. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. Strategic recommendations include publishing incident response contacts, enhancing security headers, and maintaining regular audits of third-party scripts to sustain security and trust.

O

Općina Viljevo

viljevo.hr

0

Općina Viljevo operates as the official local government portal for the municipality of Viljevo in Croatia. The website serves as a primary information hub for residents and visitors, providing official announcements, community news, and local government services. The site is positioned as a trusted source of municipal information, targeting local citizens and stakeholders. Technically, the website is built on WordPress CMS with Elementor page builder and enhanced by Yoast SEO for search optimization. It employs modern web technologies and includes a cookie consent mechanism compliant with GDPR regulations. Google Analytics is integrated for visitor insights, with opt-out options to respect user privacy. Security posture is adequate with HTTPS enforced and basic privacy compliance, though there is room for improvement in security headers and explicit policy disclosures. Overall, the website demonstrates a good balance of usability, compliance, and professionalism appropriate for a government entity.

O

Općina Podravska Moslavina

podravskamoslavina.hr

0

Općina Podravska Moslavina is the official local government entity serving the Podravska Moslavina municipality in Croatia. The website functions as a public information portal providing residents and stakeholders with access to local government news, official documents, public calls, and contact information. The site is positioned as a trusted source for municipal information and transparency, targeting local citizens and interested parties. The business model is typical for government entities, focusing on service delivery and information dissemination rather than commercial activities. Technically, the website is built on WordPress CMS using Elementor page builder and Yoast SEO for optimization. It employs modern web technologies including jQuery, Bootstrap, and Font Awesome. The site is hosted under a Croatian registrar (CARNET), indicating local hosting and compliance with regional standards. Performance is moderate with good mobile optimization and basic accessibility features. SEO practices are implemented adequately. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data. However, it lacks several security headers and does not provide a dedicated security policy or incident response contact. There is no cookie consent mechanism, which may impact GDPR compliance. No vulnerabilities or malicious content were detected. Overall, the security posture is acceptable but could be improved with additional headers and compliance features. The overall risk assessment is low given the nature of the site and its content. Strategic recommendations include implementing cookie consent for GDPR, adding security headers, publishing a security policy, and maintaining regular updates to WordPress and plugins. These steps will enhance trust, compliance, and security resilience.

Općina Marijanci is the official municipal government entity for the Marijanci area in Croatia, providing residents and stakeholders with comprehensive information about local governance, community projects, public procurement, and cultural events. The website serves as a central hub for official announcements, administrative contacts, and community engagement. The site is well-positioned as a trusted source for local government information, targeting residents and local organizations. Technically, the website is built on WordPress 5.7.12, utilizing common web technologies such as jQuery and MediaElement.js for multimedia content. Hosting is provided by CARNET, a reputable Croatian academic network, ensuring stable and regionally appropriate infrastructure. The site demonstrates good mobile optimization and accessibility features, including an accessibility toolbar, but lacks advanced SEO and analytics implementations. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and formal security policies, which are recommended for enhancing protection and compliance. The absence of privacy and cookie policies indicates a compliance gap with GDPR and related regulations. Overall, the website is a reliable and professional municipal portal with strong business credibility but would benefit from improved privacy compliance and security hardening to align with best practices and regulatory requirements.

O

Općina Magadenovac

magadenovac.hr

0

Općina Magadenovac is a Croatian municipal government entity providing local administration and public services to residents of Magadenovac. The website serves as an official communication channel offering news, public notices, open data, and transparency documents. It targets local citizens and stakeholders, supporting community engagement and information dissemination. The business model is governmental, focusing on public service rather than commercial activities. The domain is well-established since 2008, reflecting a stable local government presence. Technically, the website is built on Joomla CMS with Bootstrap and jQuery frameworks, hosted by CARNET, a reputable Croatian academic network. The site is mobile-optimized, accessible, and includes modern web technologies. Google Analytics is integrated with a cookie consent mechanism, indicating moderate user tracking with privacy considerations. The site demonstrates good SEO and usability practices. Security posture is solid with HTTPS enforced and cookie consent implemented. However, explicit security headers like CSP and X-Frame-Options are not evident and could be improved. No vulnerabilities or exposed sensitive data were detected. Incident response and security policy information are not publicly available, suggesting an area for enhancement. Overall, the website is trustworthy, professional, and compliant with GDPR requirements. It effectively serves its purpose as a municipal information portal with good technical and security standards. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining up-to-date software to ensure ongoing protection and compliance.

G

Grad Donji Miholjac

donjimiholjac.hr

0

Grad Donji Miholjac operates an official municipal website serving as the primary digital portal for city administration, public services, cultural events, and community engagement. The site targets residents, local businesses, and visitors, providing transparent access to official documents, news, and contact information. The business model is government/public service with a focus on local governance and community support. The website is well-positioned as the authoritative source for municipal information in Donji Miholjac, Croatia. Technically, the website is built on Drupal 7 CMS with jQuery and several JavaScript libraries for UI enhancements. Hosting is provided by CARNET, a reputable Croatian academic network, ensuring stable and secure infrastructure. The site employs HTTPS with good SSL configuration and includes accessibility tools to support inclusive access. However, some technical aspects such as outdated jQuery and missing security headers indicate areas for modernization and security hardening. From a security perspective, the website enforces HTTPS and anonymizes IPs in Google Analytics, reflecting basic privacy considerations. There are no visible security policies or incident response contacts, and no security.txt file was found. The absence of security headers and use of an older CMS version suggest potential vulnerabilities that should be addressed. Overall, the security posture is moderate but could be improved with updated software and enhanced security controls. The website is safe for general audiences, containing no adult or questionable content. Contact information is clear and professional, supporting trustworthiness. The domain WHOIS data is consistent with the website's official government status, registered with a Croatian academic registrar since 2009, reinforcing legitimacy. Strategic recommendations include updating technical components, implementing comprehensive security policies, and enhancing privacy compliance mechanisms to strengthen trust and resilience.

E

Exdizajn

exdizajn.com

0

Exdizajn is a Croatian small business specializing in web design, hosting, and digital marketing services primarily targeting companies, crafts, and associations. The company claims to have been operating since 2011, providing tailored digital solutions to help clients grow their online presence. The website is built on WordPress using Elementor and Yoast SEO, reflecting a modern and professional digital infrastructure. Tracking tools such as Google Analytics and Facebook Pixel are implemented, indicating a moderate level of user behavior analysis. Security posture is generally good with HTTPS enforced, but lacks advanced security headers and explicit privacy or cookie policies. The absence of WHOIS registration data for the domain raises concerns about domain legitimacy and registration consistency, which impacts overall trust. Strategic improvements in privacy compliance, contact transparency, and security best practices are recommended to enhance credibility and compliance.

I

Infenso d.o.o.

infenso.hr

0

Infenso d.o.o. is a Croatian technology company specializing in system integration, network equipment design and implementation, IoT solutions, application development, and advanced 3D visualization. Established in 2013, the company targets businesses and organizations seeking digital transformation and integration services. Their market position is that of a niche technology integrator within Croatia, leveraging modern digital tools and platforms to deliver tailored solutions. The website reflects a professional and consistent brand image with good content quality and relevant business information. Technically, the site is built on WordPress with Elementor, utilizing a modern tech stack including jQuery, Google Analytics, and various JavaScript libraries for enhanced user experience. Performance and mobile optimization are good, though accessibility could be improved. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, but lacks explicit security policies and vulnerability disclosures. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

M

Medialab Varaždin

medialab.hr

0

Medialab Varaždin is a Croatian IT service provider specializing in modern web development, server and NAS maintenance, and IT infrastructure management. Founded in 2016, the company targets businesses seeking reliable technology solutions to support their operations. The website reflects a professional and consistent brand presence with clear messaging about their services and partnerships with local companies. Technically, the site is built on WordPress using popular plugins such as Yoast SEO and WPBakery Page Builder, hosted on Totohost servers. The site is mobile optimized and SEO friendly but lacks some advanced accessibility features. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though it lacks security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and stability.

O

Ofir d.o.o.

ofir.hr

0

Ofir d.o.o. is a well-established Croatian technology company founded in 2001, specializing in IT support, web development, digital marketing, and training services. The company serves a growing client base with a clear vision of facilitating digital transformation. Their market position is strengthened by over 200 satisfied clients and partnerships with reputable organizations. Technically, the website leverages modern frameworks such as Next.js and React, with WordPress as the backend CMS, indicating a mature and scalable digital infrastructure. The site is well-optimized for mobile and SEO, providing an excellent user experience. Security posture is solid with HTTPS and Cloudflare DNS usage, though improvements in security headers and cookie consent mechanisms are recommended. Overall, the website and business demonstrate high professionalism, trustworthiness, and compliance with GDPR, supported by ISO 9001 certification and transparent contact information.

G

Gradsko društvo Crvenog križa Valpovo

crvenikrizvalpovo.hr

0

Gradsko društvo Crvenog križa Valpovo is a local branch of the Croatian Red Cross focused on humanitarian aid, blood donation, social support, and community health initiatives. The organization serves the local community in Valpovo, Croatia, providing essential services to vulnerable populations and coordinating volunteer efforts. Their website reflects a well-established non-profit with consistent branding and clear communication of their mission and services. Technically, the website is built on WordPress using Elementor, with modern libraries such as jQuery and Swiper.js, hosted by CARNET, a reputable Croatian academic network. The site is mobile-optimized and accessible, with good SEO practices and a moderate performance profile. Security-wise, the site uses HTTPS and common security plugins but lacks explicit security headers and a cookie consent mechanism, which are recommended for improved compliance and protection. Overall, the domain registration data aligns well with the organization's profile, indicating legitimacy and trustworthiness.

G

Gradsko društvo Crvenog križa Osijek

crvenikrizosijek.hr

0

Gradsko društvo Crvenog križa Osijek is a local branch of the Croatian Red Cross, providing a wide range of humanitarian, social, health, and educational services to the community. Established in 1878, it holds a strong position as a trusted non-profit organization in Croatia, focusing on first aid training, blood donation, youth programs, disaster response, and social support. The website reflects this mission with well-structured content and clear navigation targeting volunteers, donors, and the general public. Technically, the website is built on WordPress with common frameworks like Bootstrap and jQuery, hosted under Croatian registrar CARNET and using Cloudflare DNS. The site is moderately optimized for performance and mobile devices, with good accessibility features and SEO practices. However, some technical debt is present, such as the use of an outdated jQuery version and lack of advanced security headers. From a security perspective, the site enforces HTTPS and uses Cloudflare DNS, which provides a solid baseline. The presence of Facebook Pixel and Google Analytics indicates moderate user tracking. No critical vulnerabilities or exposed sensitive data were detected, but improvements are recommended in updating libraries, implementing security headers, and adding a vulnerability disclosure mechanism. Overall, the website is professional, trustworthy, and safe for general audiences. It lacks explicit privacy and terms of service pages, which impacts privacy compliance scores. Strategic improvements in security and compliance documentation would enhance its posture and user trust.

G

Gradsko društvo Crvenog križa Đakovo

gdcrvenikrizdjakovo.hr

0

Gradsko društvo Crvenog križa Đakovo is a local branch of the Croatian Red Cross focused on providing humanitarian aid, social services, health-related activities, and volunteer coordination within the Đakovo region. The organization operates as a non-profit entity with a clear community-oriented mission, offering services such as first aid training, blood donation campaigns, and disaster response. Their website reflects this mission with relevant content and official documentation, targeting the general public and volunteers in the local area. Technically, the website is built on WordPress with common plugins such as MasterSlider and Bootstrap for responsive design. The site is hosted under Croatian academic network infrastructure (CARNET), ensuring local presence and reliability. The website demonstrates good mobile optimization and accessibility features, although SEO and advanced technical optimizations are basic. No advanced analytics or tracking tools are detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS properly but lacks several security headers and advanced protections such as anti-CSRF tokens on forms. There is no visible cookie consent mechanism, which is a GDPR compliance gap. The WHOIS data is consistent with the organization's location and purpose, enhancing trustworthiness. No critical vulnerabilities or suspicious indicators are found, but improvements in security policies and technical safeguards are recommended. Overall, the website is a trustworthy and functional digital presence for a small non-profit humanitarian organization. Strategic enhancements in security posture and privacy compliance would further strengthen their digital maturity and user trust.

Gradsko društvo Crvenog križa Donji Miholjac is a local branch of the Croatian Red Cross, established in 2012, providing humanitarian aid, blood donation campaigns, social services such as home assistance, and community support activities. The organization targets local community members, volunteers, and donors, operating as a non-profit entity with a strong local presence and partnerships with municipal and regional government bodies. The website reflects this mission with relevant content, news updates, and event information.

C

Crveni Križ Darda

hck-darda.hr

0

Općinsko društvo Crvenog križa Darda is a local branch of the Croatian Red Cross dedicated to humanitarian and community services such as blood donation, first aid training, youth engagement, and health awareness. The website serves as an informational platform targeting local community members and volunteers. Technically, the site is built on an older WordPress platform with common plugins like Yoast SEO and Contact Form 7, hosted under Croatian academic network infrastructure. While the site is functional and well-structured, it uses outdated software versions that may pose security risks. Security posture is moderate with HTTPS enabled but lacks modern security headers and explicit privacy or cookie policies. The domain registration data is consistent with the organization's identity and location, indicating legitimacy. Overall, the website is trustworthy but would benefit from technical and compliance improvements.

G

Gradsko društvo Crvenog križa Beli Manastir

gdck-belimanastir.hr

0

Gradsko društvo Crvenog križa Beli Manastir is a local branch of the Croatian Red Cross focused on humanitarian aid, first aid education, blood donation, and volunteer coordination within the Beli Manastir community. The organization operates as a small non-profit entity with a clear mission to support vulnerable populations and promote community health and safety. Their market position is that of a trusted regional humanitarian organization affiliated with the national Croatian Red Cross and supported by European solidarity programs. Technically, the website is built on WordPress with a modern but moderate tech stack including Google Analytics and accessibility tools. The site is mobile optimized and SEO friendly, providing a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS and anonymized analytics, though it lacks some advanced security headers and explicit incident response information. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the website is professional, trustworthy, and serves its community well, but could improve in security and privacy transparency.

D

DRUŠTVO CRVENOG KRIŽA ZAGREBAČKE ŽUPANIJE

dck-zagrebacka-zupanija.hr

0

The website represents the Croatian Red Cross Society of Zagreb County, a regional non-profit organization dedicated to humanitarian aid, blood donation, and volunteering. It serves the general public in Zagreb County and provides information and services aligned with the Red Cross mission. The site is built on a WordPress platform using modern themes and plugins, including Elementor and Modern Events Calendar Lite, indicating a moderate level of digital maturity. Accessibility features and GDPR-compliant cookie consent mechanisms are implemented, reflecting attention to user experience and privacy. Security posture is good with HTTPS enabled and no visible vulnerabilities, though some security headers could be improved. Overall, the site is trustworthy and professionally maintained, with clear branding and consistent content.

D

Društvo Crvenog križa Varaždinske županije

dck-vz.hr

0

Društvo Crvenog križa Varaždinske županije is a regional branch of the Croatian Red Cross, providing humanitarian aid, first aid training, blood donation campaigns, and volunteer coordination primarily for the Varaždin County community. The website is built on WordPress with common plugins such as Yoast SEO and Contact Form 7, featuring a modern design and good mobile responsiveness. Security posture is solid with HTTPS enforced and Google reCAPTCHA protecting forms, though additional HTTP security headers could improve defenses. Privacy compliance is evident with a cookie consent banner and a privacy policy page aligned with GDPR requirements. Contact information including emails, phone, and physical address is clearly presented, enhancing business credibility.

H

Hrvatski Crveni križ Društvo Crvenog križa Osječko-baranjske županije

dckobz.hr

0

Hrvatski Crveni križ Društvo Crvenog križa Osječko-baranjske županije is a regional humanitarian non-profit organization operating in Croatia's Osječko-baranjska županija. The organization focuses on community support, youth engagement, first aid training, disaster response, blood donation, and social welfare activities. Their website reflects a well-structured and content-rich platform that communicates their mission, projects, and news effectively to the general public and stakeholders. The organization maintains a consistent brand presence and provides multiple contact channels including email, phone, and a contact form, supported by active social media profiles.

H

Hrvatski Crveni križ - Gradsko društvo Crvenog križa Čakovec

crveni-kriz-cakovec.hr

0

The website www.crveni-kriz-cakovec.hr represents the Gradsko društvo Crvenog križa Čakovec, a local branch of the Croatian Red Cross. It provides humanitarian services including blood donation campaigns, volunteer coordination, social and health programs, and emergency response. The organization is well-established with a domain registered since 2009 and operates primarily in Croatia. The website targets the general public, volunteers, and vulnerable groups within the region. Technically, the site is built on WordPress with a modern plugin ecosystem, including accessibility and cookie consent tools, ensuring compliance with GDPR and accessibility standards. Security posture is good with HTTPS enforced and cookie consent mechanisms, though additional security headers could enhance protection. The site uses Google Analytics for user tracking with moderate privacy compliance. Overall, the website is professional, trustworthy, and serves as a reliable information and engagement platform for the Croatian Red Cross local branch.

D

Društvo Crvenog križa Krapinsko-zagorske županije

dckkzz-krapina.hr

0

Društvo Crvenog križa Krapinsko-zagorske županije is a regional non-profit humanitarian organization serving the Krapinsko-zagorska County in Croatia. The organization coordinates local Red Cross societies and provides key services such as blood donation campaigns, social welfare activities, emergency response, and addiction prevention programs. It also manages EU-funded projects to enhance its infrastructure and outreach. The website reflects a well-structured and content-rich platform that supports community engagement and transparency. Technically, the website is built on WordPress 6.8.1 with a modern tech stack including jQuery and several plugins for event management and content display. The site is mobile-optimized and uses HTTPS, ensuring secure communication. However, some security headers are not explicitly detected, and there is no cookie consent mechanism, which could be improved for better privacy compliance. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and nonce usage in AJAX calls. The absence of exposed sensitive data and vulnerabilities in the visible content is positive. The WHOIS data is privacy protected, which is common for non-profits, but limits transparency. No incident response or security policies are published, which could be a gap in organizational security posture. Overall, the website is professional, trustworthy, and serves its community well. Strategic improvements in privacy compliance and security headers would enhance its security posture and regulatory adherence.