Security Directory

H

Hrvatski Telekom d.d.

akz.hr

0

The website www.akz.hr serves as the official online platform for the Zagreb Bus Station, providing extensive bus ticketing services across Croatia and neighboring countries. It offers users the ability to search for bus schedules, purchase tickets online up to 15 minutes before departure, and access real-time status updates for arrivals and departures. The platform supports mobile app integration, enhancing accessibility for travelers. The business is positioned as a key transportation service provider in the region, backed by Hrvatski Telekom d.d., a reputable Croatian telecommunications company. Technically, the website employs standard web technologies including HTML5, CSS3, and JavaScript, with integrations of Google Tag Manager and Google Analytics for marketing and analytics purposes. Hosting is managed by Hrvatski Telekom with Cloudflare DNS services, ensuring reliable domain resolution. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers such as Content Security Policy and HSTS, which are recommended for enhanced protection. Privacy compliance is limited due to the absence of a visible privacy policy and terms of service, representing a compliance gap especially under GDPR. No incident response or vulnerability disclosure information is provided. Overall, the website is trustworthy and professionally maintained, with a strong business credibility score. Strategic improvements in privacy policy publication, security header implementation, and comprehensive compliance documentation would elevate its security posture and user trust.

C

Coolinarika

coolinarika.com

0

Coolinarika is a well-established Croatian culinary website offering a rich platform for recipes, cooking inspiration, and food-related content. It targets a general audience interested in cooking and culinary arts, positioning itself as a leading media site in this niche within Croatia. The website leverages modern web technologies including React and Next.js, hosted on Azure CDN, ensuring fast performance and excellent mobile optimization. The presence of structured data and social media integration further enhances its digital maturity. Security-wise, the site enforces HTTPS, employs security headers, and manages user consent for cookies, reflecting a good security posture. However, the absence of WHOIS registrant data and direct company contact emails slightly reduces transparency. Overall, the site is professional, trustworthy, and compliant with GDPR, making it a reliable resource for its users.

Z

Zagrebačka banka

zaba.hr

0

Zagrebačka banka is a leading Croatian financial institution offering a broad range of retail and corporate banking services. The website reflects a mature digital presence with comprehensive information on loans, savings, insurance, and digital banking platforms such as mobile and internet banking. The bank targets a wide audience including individuals, small and large businesses, and private banking clients. The site is professionally designed with consistent branding and clear navigation, supporting a strong market position within Croatia and under the UniCredit Group umbrella. Technically, the website employs modern JavaScript libraries and analytics tools such as Adobe Analytics and Tealium, hosted on Akamai infrastructure for performance and reliability. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response disclosures are absent. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations such as GDPR. No critical vulnerabilities or suspicious activities were detected. The domain's WHOIS data confirms legitimacy with a long registration history and consistent registrant information. Strategic recommendations include publishing a dedicated security policy, incident response plan, and vulnerability disclosure guidelines to enhance transparency and trust. Regular security audits and header enhancements would further strengthen the security posture.

H

Hrvatska narodna banka

hnb.hr

0

Hrvatska narodna banka (HNB) is the central bank of the Republic of Croatia, responsible for monetary policy, financial stability, banking supervision, and currency issuance. The website serves as an official portal providing comprehensive information about the bank's functions, regulatory framework, statistics, publications, and consumer protection. It targets a broad audience including the general public, financial institutions, and government entities. The site is well-structured and professionally maintained, reflecting the bank's authoritative position in the Croatian financial sector. Technically, the website is built on the Liferay CMS platform, utilizing modern JavaScript frameworks such as React and Alloy UI. It employs Google Tag Manager for analytics and tracking, and the site is optimized for both desktop and mobile devices with a moderate performance profile. Accessibility and SEO practices are basic but adequate for the target audience. From a security perspective, the site enforces HTTPS, includes standard security headers, and avoids exposing sensitive data. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly documented, representing areas for improvement. Privacy and cookie policies are present and indicate GDPR compliance, with consent mechanisms implemented. Overall, the website demonstrates a strong business credibility and security posture appropriate for a national central bank. Strategic recommendations include publishing detailed security and incident response policies, enhancing accessibility features, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

B

BLITZ - CINESTAR d.o.o.

blitz-cinestar.hr

0

CineStar Cinemas, operated by BLITZ - CINESTAR d.o.o., is the largest multiplex cinema chain in Croatia, established in 2003. The company operates 16 locations across 11 cities, offering a wide range of cinema experiences including premium formats such as IMAX, 4DX, ScreenX, and Gold Class. The website provides comprehensive information about movie screenings, ticket sales, loyalty programs, and concessions, targeting a general audience including families and cinema enthusiasts. The business model focuses on retail cinema operations with an integrated online ticketing platform and ancillary services such as snacks and event hosting. Technically, the website is built using modern web technologies including Bootstrap, FontAwesome, Swiper.js, and Google Tag Manager for analytics. It is hosted behind Cloudflare CDN and DNS services, ensuring good performance and security. The site is mobile-optimized and includes accessibility features, although some improvements could be made. SEO practices are well implemented with structured data and meta tags. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms compliant with GDPR. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not clearly present. No vulnerability disclosures or incident response contacts are published, which could be areas for improvement. No critical vulnerabilities or suspicious activities were detected. Overall, CineStar Cinemas presents a professional, trustworthy, and user-friendly online presence with strong business credibility and compliance posture. Strategic recommendations include enhancing security headers, publishing a security policy, and continuous monitoring of third-party scripts to maintain a robust security posture.

H

HOSTING CENTAR d.o.o.

moj-film.hr

0

Moj Film is a Croatian film portal established in 2011, providing comprehensive film-related content including news, reviews, trailers, cinema programs, and community forums. It targets a general audience interested in Croatian and international cinema, positioning itself as a regional media portal with consistent branding and regular content updates. The business model revolves around media content delivery and community engagement within the film industry niche. Technically, the website uses a mix of older and moderately modern web technologies such as jQuery 1.7.1, RoyalSlider, Owl Carousel, and Flowplayer 5, hosted by HOSTING CENTAR d.o.o. The site shows moderate performance and basic mobile optimization with good SEO practices.

J

Jadrolinija

jadrolinija.hr

0

Jadrolinija is Croatia's largest passenger shipping company, providing ferry and catamaran transport services connecting numerous local and international destinations. The company operates a comprehensive online platform offering schedule information, ticket purchasing, and prepaid travel card services, targeting both local residents and tourists. The website reflects a mature digital presence with consistent branding and a focus on user convenience. Technically, the website employs modern web technologies including jQuery, Plyr video player, and Swiper sliders, alongside Google Fonts and accessibility tools. It is hosted under a Croatian academic network registrar, indicating a stable and regionally appropriate hosting environment. The site is mobile-optimized and accessible, with good SEO practices and performance. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks explicit published security policies, incident response plans, and vulnerability disclosure information. The use of third-party tracking pixels from Google, Meta, and TikTok indicates moderate user tracking, balanced by privacy controls. Overall, Jadrolinija's website is professional, trustworthy, and well-aligned with its business objectives. Strategic improvements in security transparency and incident readiness would enhance its security posture and user trust further.

Linkovi.net is a Croatian web directory and link catalog website established around 2005, offering categorized links to various Croatian and international websites across multiple sectors including media, shopping, health, tourism, and adult content. The site targets a general Croatian-speaking audience seeking curated web resources. Technically, the site uses legacy HTML4 and JavaScript with no modern CMS or frameworks detected, and it lacks HTTPS encryption, which is a significant security concern. The presence of an outdated Google Analytics script indicates limited modernization. Security posture is weak due to missing HTTPS, lack of security headers, and no visible privacy or cookie policies. The WHOIS data is unavailable, raising questions about domain registration legitimacy. Overall, the site provides basic directory services but requires significant technical and security improvements to meet modern standards.

H

Hrvatski autoklub

revijahak.hr

0

Revija HAK is an online magazine operated by Hrvatski autoklub, focusing on automotive news, traffic safety, and vehicle maintenance primarily for the Croatian market. The website serves as a content hub for drivers and HAK members, offering news articles, educational tests, and links to official HAK services including membership and webshop. The site is well-branded and professionally designed, targeting Croatian drivers and automotive enthusiasts with relevant and timely content. Technically, the website is built on WordPress with common plugins such as Yoast SEO for search optimization, Advanced Ads for advertising management, and Eightshift GDPR for cookie consent compliance. It uses Cloudflare DNS and is hosted via the Croatian registrar cyber_Folks d.o.o. The site is mobile-optimized and features a clear navigation structure with categorized content sections. Performance is moderate with standard modern web technologies. From a security perspective, the site enforces HTTPS and implements GDPR cookie consent with a detailed modal allowing users to select cookie preferences. However, explicit security headers are not detected, and there is no published security policy or incident response information. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is consistent with the business entity and geographic location, supporting legitimacy. Overall, the website presents a low-risk profile with good business credibility and technical implementation. Recommendations include publishing privacy and security policies, adding security headers, and establishing a vulnerability disclosure process to enhance trust and compliance.

Q

Qmini

qmini.hr

0

Qmini is a boutique digital agency based in Čakovec, Croatia, specializing in web development, graphic design, and marketing solutions. Established in 2006, the company positions itself as an innovative provider helping brands enhance their online presence. The website is professionally designed using WordPress with the Divi theme and incorporates SEO best practices via the Yoast SEO plugin. It supports Croatian and English languages, targeting businesses seeking digital marketing and design services. The technical infrastructure includes modern web technologies and Cloudflare DNS services, ensuring reliable hosting and performance. Security posture is solid with HTTPS enforced and standard security headers present, although explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with comprehensive cookie and privacy policies and a consent mechanism. Overall, the website reflects a trustworthy and professional business with good digital maturity.

G

Grad Bjelovar

bjelovar.hr

0

Grad Bjelovar operates an official municipal government website serving the city of Bjelovar, Croatia. The site provides residents and visitors with information on local government administration, public calls, events, documents, and services. It maintains a consistent brand presence and leverages social media platforms to engage its audience. The website is built on WordPress with popular plugins for SEO, caching, and analytics, hosted on Totohost servers. The technical infrastructure supports good mobile optimization and accessibility, with moderate performance characteristics. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are lacking. Privacy compliance is weak due to absence of explicit privacy and cookie policies. Overall, the site is trustworthy and professional, suitable for its government function.

K

Kinomreža

kinomreza.hr

0

Kinomreža is a Croatian network of independent cinemas established in 2014, aiming to strengthen the position of independent cinemas and promote film culture across Croatia. The website serves as an informational and promotional platform for the network, providing news, member information, and activities related to film exhibition and education. Technically, the site is built on WordPress using the Astra theme and Elementor page builder, reflecting a modern and maintainable infrastructure. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security documentation.

H

Heroina | Samo još jedna WordPress web-stranica

heroina.hr

0

Heroina.hr is a small-scale WordPress website primarily using the Brooklyn theme by United Themes. The site appears to be a minimal or placeholder site with very limited business content, no privacy or cookie policies, and no contact information. The technical infrastructure is based on WordPress with multiple JavaScript libraries and plugins, indicating a moderate level of digital maturity but lacking in SEO and accessibility optimizations. Security posture is basic with HTTPS enabled but missing important security headers and privacy compliance measures. Overall, the site presents a low-risk profile but lacks professionalism and trust indicators, limiting its business credibility.

Vodovod hrvatsko primorje d.o.o. is a Croatian public utility company specializing in water supply and sewage services across multiple regional branches. The company serves residents and businesses in the Croatian coastal region, providing essential water infrastructure and public service notices. The website is built on WordPress with Elementor, indicating a modern CMS platform with moderate technical sophistication. The site is accessible, mobile-optimized, and contains relevant business content including public notices and procurement information. However, it lacks explicit privacy, cookie, and terms of service policies, which are important for compliance and user trust. Security posture is adequate with HTTPS enabled but lacks advanced security headers and incident response information. Overall, the domain registration is consistent with the business focus, though the future domain creation date is unusual and should be verified. The website presents a professional and trustworthy image but can improve in privacy compliance and security best practices.

M

Museum Mala barka - virtual museum of maritime heritage

muzejmalabarka.com

0

Museum Mala barka is a virtual museum dedicated to preserving and showcasing the maritime heritage of the northern Adriatic region, including Slovenian Littoral, Istria, and Kvarner in Croatia. Established as part of the EU interreg project Mala barka 2, the website offers virtual tours, detailed itineraries, and extensive multimedia content to educate visitors about the rich maritime culture and history of the area. The site targets general audiences interested in maritime heritage and regional culture. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Leaflet for interactive maps, ensuring a responsive and visually appealing user experience. However, some technical improvements are recommended, including enabling DNSSEC and adding security headers to enhance security posture. The site uses Google Analytics and Google Tag Manager for user tracking, but lacks visible privacy and cookie policies, which is a compliance gap. Security-wise, the site benefits from HTTPS and domain transfer protection but would benefit from additional security best practices. Overall, the website is functional, informative, and professionally designed but should improve privacy compliance and security measures to enhance trust and user confidence.

G

Glagoljica.hr

glagoljica.hr

0

Glagoljica.hr is a Croatian cultural and educational digital portal dedicated to the preservation and study of Glagolitic script and heritage. It offers extensive collections of manuscripts, books, musical sources, and visual inscriptions, along with a detailed historical timeline of Glagolitic documents. The portal targets researchers, historians, linguists, and enthusiasts interested in Croatian medieval manuscripts and Glagolitic tradition. The business model is non-commercial, focusing on cultural preservation and academic dissemination. Technically, the website employs a modern but standard tech stack including Bootstrap, jQuery, Popper.js, and Font Awesome, with integration of Google Analytics and Tag Manager for user tracking. The site is hosted by a Croatian provider, cyber_Folks d.o.o., and shows moderate performance with good mobile responsiveness. However, accessibility and SEO optimizations are basic. From a security perspective, the site uses HTTPS and avoids exposing sensitive data but lacks visible security headers and formal security policies. No privacy or cookie policies are present, and no contact information is provided, which impacts privacy compliance and user trust. The WHOIS data is consistent and supports the domain's legitimacy. Overall, the site is a valuable cultural resource with good content quality and technical foundation but requires improvements in privacy compliance, security headers, and contact transparency to enhance trust and security posture.

D

Dubrovačke knjižnice

dkd.hr

0

Dubrovačke knjižnice is a well-established public library institution based in Dubrovnik, Croatia, providing a range of library services including scientific and national libraries, digital collections, and cultural events. The website reflects a mature digital presence with a clear focus on serving the local community and researchers. The technical infrastructure is based on ASP.NET WebForms and the DotNetNuke CMS platform, integrating modern JavaScript libraries for enhanced user experience and mobile responsiveness. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though there is room for improvement in explicit security headers and published security policies. Overall, the site is trustworthy, professionally maintained, and compliant with basic privacy standards.

I

Institut za etnologiju i folkloristiku

dief.eu

0

The website represents the digital repository of the Institute of Ethnology and Folklore Research (DIEF), an academic institution based in Croatia. It provides access to various collections, projects, and virtual exhibitions related to ethnology and folklore, targeting researchers, academics, and cultural heritage professionals. The platform is built on the Indigo CMS and uses modern web technologies such as Bootstrap and jQuery, ensuring good mobile responsiveness and user experience. However, the site lacks explicit privacy and cookie policies, which is a compliance gap given the use of Google Analytics and Tag Manager for user tracking. Security posture is moderate with HTTPS enabled but missing security headers. The WHOIS data is unavailable due to privacy protection, which is common for academic domains, and does not raise immediate legitimacy concerns. Overall, the site is professional, trustworthy, and safe for general audiences.

M

Muzej za umjetnost i obrt

muo.hr

0

Muzej za umjetnost i obrt is a well-established Croatian museum institution dedicated to art and crafts, with a history dating back to 1880. The website serves as a digital platform to showcase exhibitions, educational programs, publications, and cultural projects targeting the general public, art enthusiasts, and educational institutions. The museum maintains a strong market position as a key cultural entity in Croatia. Technically, the website is built on WordPress with common plugins such as WooCommerce, Yoast SEO, and Jetpack, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent implemented, though it lacks explicit security policies and advanced security headers. Overall, the site is professional, trustworthy, and compliant with GDPR and accessibility standards, with active social media engagement and partner affiliations. Recommendations include enhancing security headers, publishing a security policy, and establishing a vulnerability disclosure process.

R

Rentlio d.o.o.

rentl.io

0

Rentlio d.o.o. operates a leading cloud-based property management system, channel manager, and booking engine tailored for the hospitality industry, including hotels, apartments, and property management companies. Founded in 2014 and headquartered in Zadar, Croatia, Rentlio positions itself as a comprehensive solution to streamline property management and drive business growth. The company targets hoteliers, vacation rental owners, and multi-property managers, offering a SaaS model accessible via web, iOS, and Android platforms. The website reflects a professional and modern digital presence with strong branding and positive user ratings.

The website www.netbet.org/online-casino-hrvatska is a Croatian language online casino informational platform targeting Croatian players interested in legal online gambling. It provides detailed reviews of online casinos, bonus offers, payment methods, and legal compliance information relevant to Croatia. The site operates as an affiliate marketing business model, linking users to various licensed online casinos with clear disclaimers and affiliate link markings. Technically, the site is built on WordPress with common plugins such as Yoast SEO and uses modern web technologies including jQuery and FontAwesome. It is served over HTTPS with good SEO and mobile optimization but lacks some advanced security headers and explicit privacy and terms of service pages. The WHOIS data for the domain is unavailable or malformed, which reduces domain trustworthiness despite the professional content. Overall, the site is a moderately credible resource for Croatian online casino players with room for improvement in transparency and security practices.

B

BOX NOW

boxnow.hr

0

BOX NOW is a Croatian company specializing in automated parcel locker services, providing a sustainable and convenient delivery network across Croatia. Their platform supports consumers, e-commerce businesses, physical stores, and courier partners with 24/7 access to parcel lockers powered by solar energy. The website reflects a modern digital infrastructure with integration of mapping, tracking, and mobile app promotion. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the business appears legitimate, well-positioned in the Croatian logistics market, and technically competent.

T

Turistička zajednica Međimurske županije

tzm.hr

0

Turistička zajednica Međimurske županije is a regional tourism organization focused on promoting the identity and reputation of the Međimurje County in Croatia. Established in 2002, it serves as a central body for planning and executing promotional strategies and activities that benefit all tourism stakeholders in the region. The website reflects a professional and consistent brand image, targeting general audiences interested in regional tourism information and services. Technically, the site is built on Drupal 11, uses modern web technologies including jQuery, and is hosted with Cloudflare DNS services, ensuring a moderate to good performance and mobile optimization. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published privacy or terms policies, which are recommended for compliance and trust. Overall, the domain registration data aligns well with the business purpose, indicating a legitimate and trustworthy entity.

K

Konplast

konplast.hr

0

Konplast is a Croatian IT company specializing in the development, implementation, and support of business software solutions tailored for small, medium, and large enterprises across various sectors. With over 33 years of experience, the company offers a range of services including remote support, AI-powered virtual assistance for fiscalization and software usage, fintech services, and web shop development. The website reflects a mature digital presence built on Joomla CMS with modern frameworks and libraries, providing a professional and user-friendly experience. Security posture is solid with HTTPS and CSRF protections, though some security headers and explicit policies could be improved. Privacy compliance is partially met with a privacy policy present but lacking cookie consent mechanisms. Overall, Konplast demonstrates strong business credibility and technical maturity, positioning itself as a trusted IT solutions provider in Croatia.

E

Enter Koprivnica d.o.o.

inkubator.info

0

Enter Koprivnica d.o.o. is a Croatian business incubator focused on fostering entrepreneurship and innovation through providing physical spaces, advisory services, and technology access to startups and SMEs. The company operates regional incubators and creative industry hubs, positioning itself as a key enabler of technology-driven business development in Koprivnica and surrounding areas. Their services include office and meeting room rentals, access to advanced equipment like 3D printers, and training programs, targeting entrepreneurs and innovators seeking support in early business stages. Technically, the website employs a modern technology stack including jQuery, Modernizr, Google Analytics, and Tawk.to live chat, ensuring a responsive and interactive user experience. The site is mobile optimized, accessible, and SEO friendly, with proper meta tags and cookie consent mechanisms in place. Hosting and domain registration are consistent with the business location and sector, using a reputable Croatian registrar (CARNET). From a security perspective, the site enforces HTTPS and uses cookie consent banners, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is well addressed with a clear privacy policy and cookie consent, indicating GDPR awareness. Overall, the website presents a professional, trustworthy, and business-focused digital presence with moderate to good technical and security maturity. Strategic improvements in formal security policies and headers could enhance their security posture further.

The website tp-vz.hr is currently inaccessible due to a Cloudflare error 1000, which indicates that the DNS records point to a prohibited IP address. This prevents access to any actual website content, resulting in a minimal error page served by Cloudflare. The domain is registered in Croatia with CARNET since 2007, indicating a legitimate and long-standing registration. However, no business information, contact details, or policies are available on the accessible page. The technical infrastructure relies on Cloudflare for DNS and security services, but the current DNS misconfiguration severely impacts availability and user trust. Security posture is weak due to lack of visible security headers and policies. Privacy compliance is absent, with no privacy or cookie policies detected. Overall, the site is non-functional and provides no business or security information to visitors.

G

Grad Prelog

prelog.hr

0

The website www.prelog.hr serves as the official digital presence of the City of Prelog, Croatia. It provides comprehensive information about city governance, local news, events, public tenders, EU projects, and community services. The site targets residents, local businesses, and visitors seeking municipal information. The business model is that of a government municipal portal, focusing on transparency and public service. The domain age and WHOIS data confirm a long-standing and legitimate presence consistent with a municipal entity. Technically, the website employs a modern tech stack including Bootstrap, jQuery, and accessibility tools from EqualWeb, ensuring good mobile optimization and accessibility compliance. Hosting is managed under Croatian academic network infrastructure (CARNET), which is appropriate for government entities. Performance is moderate with room for optimization. From a security perspective, the site uses HTTPS and includes CAPTCHA mechanisms in forms, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is addressed with cookie and privacy policies and consent mechanisms, though GDPR-specific details are minimal. Overall, the website is trustworthy, professional, and serves its purpose well. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to improve security posture and transparency.

The Science and Society Synergy Institute (S3I) is a Croatian-based multidisciplinary research institute established in 2010. It focuses on fostering innovative research ideas and supporting young scientists across various disciplines. The institute acts as a collaborative hub for researchers, entrepreneurs, policy makers, and education professionals to promote societal development. The website reflects a small but professional organization with a clear academic and societal mission. Technically, the site is built on WordPress using the Twenty Eleven theme, with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies, indicating room for compliance improvement. The WHOIS data is consistent and trustworthy, registered under CARNET, a Croatian academic network, aligning well with the institute's profile.

F

Fotoklub Čakovec

fotoklub-cakovec.hr

0

Fotoklub Čakovec is a small, local photography club based in Croatia, established in 2008. The organization focuses on photography education, community workshops, exhibitions, and publishing photography-related books. Their website is built on WordPress and uses a variety of plugins to support photo galleries, user interaction, and SEO. The club targets photography enthusiasts including children and adults, providing educational and cultural services. The website content is rich and professionally presented, with consistent branding and good navigation. Technically, the site uses modern web technologies including WordPress 6.4.7, Yoast SEO, and Google Fonts. It is hosted under a Croatian registrar (CARNET) with DNS managed by infoitdns.com. The site is served over HTTPS with good SSL configuration and includes CAPTCHA protection on forms to prevent abuse. However, some security best practices such as security headers are not explicitly detected, and there is no cookie consent mechanism despite GDPR privacy policy presence. From a security perspective, the site shows a moderate security posture with HTTPS, CAPTCHA, and no visible sensitive data exposure. The absence of explicit security headers and lack of published incident response or vulnerability disclosure policies are areas for improvement. The domain registration data is consistent with the website content and business type, indicating legitimacy and trustworthiness. Overall, the website is a well-maintained, content-rich platform for a non-profit photography club with good technical and security foundations but could enhance privacy compliance and security transparency to improve trust and compliance.

K

Krka, tovarna zdravil, d. d., Novo mesto

krka-farma.hr

0

Krka, tovarna zdravil, d. d., Novo mesto is a leading generic pharmaceutical company with a strong international presence and nearly 70 years of experience. The Croatian subsidiary KRKA-FARMA d.o.o. operates a professional website targeting healthcare professionals, patients, media, and job seekers. The company focuses on the development, production, marketing, and sales of prescription, over-the-counter, and veterinary pharmaceutical products. The website is well-branded, consistent, and provides comprehensive corporate and product information, including annual reports and sustainability ratings.

M

MyDataKnox hosting

mydataknox.com

0

MyDataKnox hosting is a Croatian-based technology company specializing in web hosting, virtual private servers, domain registration, cloud backup, and related IT infrastructure services. Established in 2010, it has grown to become one of the fastest growing hosting providers in Croatia, supported by multiple ISO certifications that demonstrate its commitment to quality, security, and environmental responsibility. The company targets businesses and individuals seeking reliable and scalable hosting solutions, offering 24/7 customer support and free migration services to enhance customer satisfaction. Technically, the website is built on WordPress with modern SEO and analytics tools such as Yoast SEO, Google Analytics, and Google Tag Manager. The site is well-optimized for mobile devices, accessible, and structured with clear navigation. Cookie consent mechanisms comply with GDPR requirements, providing users control over functional, analytics, and marketing cookies. From a security perspective, MyDataKnox demonstrates strong practices including HTTPS enforcement, domain status protections, and adherence to ISO 27001 standards. However, enabling DNSSEC and publishing an incident response contact or security.txt file could further enhance security posture. No vulnerabilities or exposed sensitive data were detected. Overall, the website and business present a high level of professionalism, trustworthiness, and compliance, making it a reliable service provider in the hosting industry.

I

investpgz.hr is under construction

investpgz.hr

0

The website investpgz.hr is currently under construction and displays only a placeholder page indicating ongoing work. The business behind the domain appears to be newly established in 2022, based in Croatia, but no detailed business description, services, or contact information is provided. The site uses WordPress with an under construction plugin and includes basic styling libraries such as Bootstrap and Font Awesome. The technical infrastructure is minimal, with no advanced frameworks or analytics detected. Security posture is weak due to the absence of HTTPS confirmation, security headers, and privacy policies. No vulnerabilities or malicious content were detected, but the lack of content and security best practices limits trustworthiness. Overall, the site is not yet operational and provides limited information for users or stakeholders.

R

Regionalna razvojna agencija Primorsko-goranske županije

prigoda.hr

0

Regionalna razvojna agencija Primorsko-goranske županije (PRIGODA) is a government-established regional development agency focused on coordinating sustainable and balanced regional growth in the Primorsko-goranska County of Croatia. Founded in 2017, it serves as a support center for local governments and legal entities, providing consultancy and project management services, especially related to EU funding and strategic regional development. The website reflects a professional government entity with detailed information on projects, funding opportunities, and regional strategies. Technically, the site is built on WordPress with modern plugins and SEO optimizations, though it lacks some advanced security headers and explicit privacy policies. The security posture is adequate with HTTPS and Google Analytics tracking, but could be improved with better security policies and headers. Overall, the site is trustworthy and well-positioned as a regional government resource, but should enhance privacy and security transparency to improve compliance and user trust.

E

Ericsson Nikola Tesla d.d.

ericsson.hr

0

Ericsson Nikola Tesla d.d. is a well-established regional provider of telecommunications products, innovative ICT solutions, and related services. The company targets telecommunication service providers, government agencies, and various industries requiring digital transformation and ICT innovation. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content highlighting their key services and business achievements. Technically, the site is built on WordPress with modern plugins and tracking tools, demonstrating a moderate to good performance and mobile optimization. Security posture is solid with HTTPS, reCAPTCHA, and error monitoring, though it lacks some advanced security headers and explicit security policies. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a visible privacy policy and terms of service. Overall, the domain registration is consistent and transparent, supporting the legitimacy of the business.

S

SMART Design | Gregic Advisory

sm-art-design.com

0

SMART Design | Gregic Advisory is a Croatian technology company specializing in advanced SMART web solutions, including custom web shops, web applications, and AI integrations. Positioned as a leader in the Zagreb region, the company targets businesses and professionals seeking high-performance, secure, and adaptive digital platforms. Their offerings emphasize nano-optimized code, dynamic content, and loyalty programs, reflecting a modern and innovative approach to web development. The website demonstrates a high level of digital maturity with professional design, responsive layouts, and comprehensive GDPR-compliant cookie management. Security posture is solid with HTTPS and secure forms, though explicit security policies and incident response details are absent. Overall, the company presents a trustworthy and professional image with strong client references including government and educational institutions.

W

WMD d.o.o.

wmd-webprostor.com

0

WMD d.o.o. is a Croatian technology company specializing in web hosting, domain registration, and related web services. The company positions itself as a provider of super fast support available 24/7/365, targeting web developers and businesses seeking reliable hosting and domain solutions. Their market presence includes over 10,000 users across 73 countries, emphasizing experience and customer service. The website content is professional and well-structured, reflecting a mature business model focused on service quality and customer satisfaction. Technically, the website leverages modern web technologies including jQuery, Bootstrap, FontAwesome Pro, and Craft CMS with Formie forms. It integrates Plausible Analytics for privacy-focused tracking and Crisp Live Chat for customer support. The site is mobile optimized and performs well, with HTTPS enforced and CSRF protections in place. However, DNSSEC is not enabled, and security headers are not explicitly detected, indicating room for security enhancements. Security posture is moderate with good practices like HTTPS and domain transfer protection, but lacks published security policies or incident response contacts. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanisms, which could pose regulatory risks especially under GDPR. The domain WHOIS data is consistent and supports the legitimacy of the business. Overall, WMD d.o.o. presents a credible and professional web presence with strong business credibility and technical implementation. Strategic improvements in privacy compliance and security hardening would enhance trust and regulatory adherence.

The website ravnagora.hr is currently inaccessible, presenting a 403 Forbidden error page that blocks access to any meaningful content. The domain is registered since 2003 under the Croatian registrar CARNET and uses SiteGround as its hosting provider. Due to the blocked content, no business description, contact information, or security policies are available for analysis. The website lacks privacy and cookie policies, terms of service, and any visible security headers or SSL configuration details. This severely limits the ability to assess the website's security posture, compliance, and business credibility. The domain registration data is consistent and indicates a legitimate long-standing domain, but the lack of accessible content and security best practices reduces trustworthiness.

M

Mar-Com Rijeka

mar-com.hr

0

Mar-Com Rijeka is a small Croatian IT service company specializing in website creation, IT support, and graphic design with over 20 years of experience. The company targets local businesses and private individuals in Rijeka and surrounding areas, offering modern and affordable IT solutions. Their market position is supported by a portfolio of over 200 successful projects and positive client testimonials. Technically, the website employs modern web technologies such as jQuery, Slick Slider, and Google Fonts, with good mobile optimization and accessibility features including a UserWay widget. Security posture is solid with HTTPS enforced and a cookie consent mechanism in place, though there is room for improvement in security headers and incident response transparency. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, reflecting a mature digital presence for a small IT service provider.

The website ribarstvo.hr serves as the official information system for fisheries in Croatia, operated under the Ministry of Agriculture. It provides a suite of official applications, manuals, and resources aimed at government employees, fisheries professionals, and recreational fishers. The platform is co-financed by the European Maritime and Fisheries Fund, reinforcing its legitimacy and governmental backing. The domain is well-established since 2001 and registered with a reputable Croatian academic network registrar, aligning with the website's official nature. Technically, the site is built on ASP.NET Web Forms technology, featuring standard HTML and CSS with hidden form fields for state management. While the site is functional and content-rich, it shows basic mobile optimization and accessibility. No advanced SEO or modern frameworks are detected. Performance is moderate, and no analytics or tracking scripts are present, indicating minimal user tracking. From a security perspective, the site uses HTTPS (implied by domain and typical government standards), but no explicit security headers are detected in the provided content. There is no visible privacy or cookie policy, which is a compliance gap under GDPR. The absence of contact information and security policies reduces transparency. However, no vulnerabilities or suspicious elements are evident in the HTML content. The WHOIS data confirms domain legitimacy with consistent registration details. Overall, the site is a trustworthy government portal with good business credibility but requires improvements in privacy compliance, security headers, and user contact transparency to enhance its security posture and regulatory adherence.

C

CSL Computer Service Langenbach GmbH d/b/a joker.com

visitnovalja.net

0

visitnovalja.net is an established Croatian hospitality platform specializing in private accommodation listings on the island of Pag. The website offers a comprehensive catalog of apartments, rooms, villas, and family hotels with direct contact options for travelers. It targets tourists seeking affordable and diverse lodging options in popular destinations such as Novalja, Stara Novalja, and surrounding areas. The business model focuses on connecting travelers directly with property owners, avoiding intermediaries. Technically, the site uses a custom CMS with common web technologies including jQuery, Bootstrap, and Google services for analytics and bot protection. The site is mobile optimized and provides a user-friendly search experience. Security posture is moderate with HTTPS enabled and reCAPTCHA integration, but lacks advanced security headers and has minor form input issues. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or GDPR explicit statements. Overall, the domain registration is consistent and supports the legitimacy of the business. Strategic improvements in security and privacy compliance would enhance trust and user safety.

C

CSL Computer Service Langenbach GmbH d/b/a joker.com

visitpag.net

0

Visitpag.net is an established Croatian online accommodation platform specializing in private rentals on the island of Pag, particularly in Novalja and surrounding areas. The website offers a comprehensive catalog of apartments, rooms, villas, and family hotels with direct booking contact forms, targeting tourists seeking affordable and direct accommodation options. The business operates with a mature domain registered since 2014 and maintains a consistent brand presence with a focus on local hospitality services. Technically, the site uses a custom CMS with common web technologies such as jQuery, Bootstrap, and Google Analytics, providing a moderately optimized user experience including mobile responsiveness. Security posture is basic with HTTPS implied but lacking advanced security headers and best practices, and privacy compliance is minimal with no cookie consent mechanisms despite GDPR applicability. Overall, the site is functional and credible but would benefit from enhanced security and privacy features to improve trust and compliance.

W

WMD HOSTING

wmd.hr

0

WMD HOSTING is a Croatian-based web hosting and domain registration provider offering a range of services including web development, SEO marketing, SSL certificates, and internet marketing. The company targets businesses and individuals seeking comprehensive web solutions, positioning itself as a regional player with promotional offers such as 'Hosting AKCIJA 1+1'. The website demonstrates a good level of digital maturity with modern technologies like Craft CMS, Bootstrap, jQuery, and integration of analytics and chat services. Security posture is solid with HTTPS, CSRF protection, and cookie consent mechanisms, although some security headers and explicit privacy policies are missing. Overall, the site is professional and trustworthy but could improve compliance transparency and contact accessibility.

P

PagFerry.com

pagferry.com

0

PagFerry.com is a small Croatian website providing up-to-date ferry schedules, real-time ferry status, weather forecasts, and webcam feeds for the Prizna - Žigljen ferry route. It serves a niche audience of travelers and locals seeking reliable maritime transport information. The website is well-branded and consistent, with a clear focus on transportation services in the Croatian region. Technically, the site leverages modern web technologies including AMP for mobile optimization, jQuery, Bootstrap, and integrates third-party services such as Google Analytics and Facebook SDK for analytics and social media engagement. The site is mobile-friendly and offers a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and registers a service worker, but lacks visible security headers and explicit privacy or terms of service pages, which are areas for improvement. The WHOIS data for the domain is missing or indicates the domain may not be registered, which raises concerns about domain legitimacy despite the professional appearance of the site. Overall, the site is functional and useful but would benefit from enhanced security practices and verified domain registration to improve trustworthiness.

The website pag-apartments.info serves as a regional accommodation portal focused on the Island Pag area in Croatia, offering listings of private apartments, rooms, and houses for vacationers. It facilitates direct booking with accommodation owners and targets tourists seeking lodging options on the island. The business model is a niche hospitality listing platform with a small market presence. Technically, the site is built with legacy HTML and CSS, lacking modern frameworks or CMS, and shows poor mobile optimization and accessibility. Security posture is weak, with no HTTPS detected and absence of security headers or privacy policies. No contact information or incident response details are provided, limiting trust and compliance. Overall, the site is functional for its purpose but requires significant improvements in security, privacy, and technical modernization to enhance user trust and compliance.

BitByte, obrt za IT usluge, is a Croatian small IT service provider specializing in computer servicing, network solutions, website development, and fiscal software hosting. The company targets both private and business customers, emphasizing professional diagnostics, OEM parts, and secure fiscal solutions via Remaris Master hosted in their data center. The website reflects a professional and consistent brand image with clear service offerings and distributor partnerships. Technically, the site is built on WordPress using Elementor and Yoast SEO, with HTTPS and Google reCAPTCHA implemented for security. However, the absence of privacy and cookie policies and limited WHOIS transparency due to GDPR reduce the overall privacy compliance and trust slightly. Security headers are not evident, suggesting room for improvement in security posture. Overall, the site is functional, well-structured, and suitable for its business purpose.

C

CARNET

evisitor.hr

0

The www.evisitor.hr website is an official Croatian government platform managed by CARNET, designed to facilitate the registration and deregistration of tourists in Croatia. It serves commercial and non-commercial accommodation providers, integrating with the national authentication system NIAS for secure user login. The platform is well-positioned as a critical digital service in the Croatian tourism sector, providing essential compliance and informational services to stakeholders. Technically, the site employs modern web technologies including JavaScript, CSS, and Kendo UI components, with a focus on accessibility and multilingual support. Security measures include HTTPS enforcement and anti-CSRF tokens, although some advanced security headers and policies are not visibly implemented. Privacy compliance is basic, with terms of service available but no explicit cookie or privacy policies on the login page. Overall, the site demonstrates a strong business credibility and trustworthy government affiliation, with a moderate to good technical and security posture.

Pag Outdoor is a small Croatian tourism and outdoor activity provider specializing in kayaking and related experiences on the island of Pag. The website is professionally designed using WordPress with Elementor and Astra theme, supporting multiple languages and optimized for SEO with structured data. The technical infrastructure is modern but lacks some security best practices such as security headers and explicit privacy policies. The security posture is moderate with HTTPS enabled but could be improved with additional headers and vulnerability disclosures. The domain WHOIS data is missing, which raises concerns about registration transparency and trustworthiness. Overall, the website serves its business purpose well but should enhance privacy compliance and security transparency to improve trust and compliance.

M

Ministarstvo gospodarstva i održivog razvoja Republike Hrvatske

mingor.hr

0

The website mingor.hr/login serves as a secure login portal for the Nextcloud platform used by the Ministry of Economy and Sustainable Development of the Republic of Croatia. It provides government employees and authorized users with a safe environment for data storage and collaboration. The site leverages modern web technologies including Vue.js and Nextcloud version 30, hosted by CARNET, the Croatian Academic and Research Network. The domain registration data aligns well with the government entity, confirming legitimacy and trustworthiness. Technically, the site demonstrates good security practices such as HTTPS enforcement, Content Security Policy with nonce, and session management. However, it lacks publicly accessible privacy, cookie, and terms of service policies, as well as contact or incident response information, which are important for compliance and user trust. The site is minimalistic as expected for a login page, with no advertising or tracking scripts detected, indicating a focus on privacy and security. Overall, the security posture is strong with no obvious vulnerabilities detected in the provided content. The site is well-optimized for mobile and has a professional design consistent with government branding. The main risks relate to the absence of visible privacy and compliance documentation, which should be addressed to improve transparency and regulatory adherence.

R

Regional Development Agency DUNEA LLC.

dubrovnik-neretva.eu

0

The website represents the official Representation Office of the Dubrovnik-Neretva Region in Brussels, serving as a liaison and promotional platform for the region within the European Union. It highlights the Regional Development Agency DUNEA, which coordinates sustainable development and project management for the region. The site targets regional stakeholders, investors, EU institutions, and the general public interested in regional development. Technically, the site is built on Joomla CMS with a modern but moderate tech stack including Bootstrap, jQuery, and Revolution Slider, offering good mobile optimization and user experience. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional, trustworthy, and content-rich but would benefit from enhanced privacy and security measures.

Europe Direct Dubrovačko-neretvanske županije operates as a regional EU information center in Croatia, providing citizens with access to EU-related information, events, and services. The website serves as a communication platform to engage the public in discussions about the European Union's future and policies. It is funded by the European Union and acts as a trusted source for regional EU news and resources. The organization targets local citizens and stakeholders interested in EU affairs, promoting transparency and participation.