Security Directory

C

Centar Velike Zvijeri

centar-velikezvijeri.eu

0

Centar Velike Zvijeri is a Croatian public institution visitor center dedicated to the education and conservation of large carnivores in the Gorski kotar region. The center operates under EU-funded projects and regional partnerships, providing educational services, research dissemination, and public engagement. The website is professionally designed using WordPress with modern plugins and offers bilingual content in Croatian and English. Technically, the site is well-structured, mobile-optimized, and integrates Google Tag Manager and reCAPTCHA for security and analytics. Security posture is solid with HTTPS and some best practices, though it lacks explicit security policies and vulnerability disclosures. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the site is trustworthy and serves its niche audience effectively.

B

Beli Visitor Centre

belivisitorcentre.eu

0

Beli Visitor Centre is a specialized non-profit organization focused on the conservation and rehabilitation of griffon vultures in Cres, Croatia. The center provides educational exhibits, workshops, volunteer programs, and operates a rehabilitation facility for these birds. It serves both local visitors and international nature enthusiasts, positioning itself as a key regional conservation hub. The website is professionally designed using WordPress, with good mobile optimization and accessibility features, reflecting a mature digital presence. Security measures include HTTPS and Google reCAPTCHA, though some improvements in security headers and privacy compliance are recommended. Overall, the site is trustworthy and well-aligned with its mission, with clear contact information and partner affiliations.

B

Bureau Veritas

bureauveritas.hr

0

Bureau Veritas Croatia is a local branch of the global Bureau Veritas group, a leader in testing, inspection, and certification services since 1828. The website presents a professional and comprehensive overview of their services across multiple industries including energy, transport, manufacturing, finance, and government sectors. The company targets businesses requiring compliance and certification services, offering a broad portfolio including management system certification, product certification, inspection, and training. Technically, the website is built on Drupal 10, uses modern consent management tools, and integrates Google Tag Manager for analytics. The site is well-structured, mobile-optimized, and includes GDPR-compliant cookie consent mechanisms. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policy and incident response information are not published. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

C

Coface

coface.hr

0

Coface is a globally recognized leader in credit risk management, offering services such as credit insurance, business information, and debt collection. With a history dating back to 1946 and operations in approximately 200 markets, Coface supports over 100,000 businesses worldwide. The Croatian branch operates under the legal name 'Coface for Trade' and provides localized services tailored to the Croatian market. The website reflects a mature digital presence with professional design, clear navigation, and compliance with GDPR regulations, including a robust cookie consent mechanism. Technically, the site leverages modern frameworks and technologies such as Symfony and Ibexa CMS, hosted by a reputable Croatian provider. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response contacts are not publicly disclosed. Overall, Coface.hr presents a trustworthy and professional business platform with good technical and security standards.

E

Erste & Steiermärkische Bank d.d.

ersteprivatebanking.hr

0

Erste Private Banking is a prominent private banking institution operating primarily in Central and Eastern Europe, with a strong market presence in Croatia and other core markets under the Erste Group umbrella. The website reflects a professional financial services provider focused on private banking, portfolio management, and related financial products. The technical infrastructure is modern, leveraging a proprietary CMS (Gem), CDN hosting, and standard web technologies, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response details are not publicly disclosed. Overall, the website demonstrates high business credibility and trustworthiness, supported by consistent WHOIS data and clear branding.

T

TOTOHOST d.o.o.

totohost.hr

0

TOTOHOST d.o.o. is a Croatian web hosting company established in 2004, offering a range of hosting services including NVMe SSD hosting, business-grade NVMe hosting, VPS cloud servers, domain registration, and reseller hosting. The company serves over 5000 customers and manages more than 7500 domains, positioning itself as a trusted local provider with a strong emphasis on performance and security technologies such as LiteSpeed web servers, CloudLinux, and Imunify360. Their website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive service information. Contact and support options are robust, including email, phone, live chat, and ticketing systems.

H

Hrvatska udruga IBCLC

husd.hr

0

Hrvatska udruga IBCLC is a Croatian non-profit association dedicated to breastfeeding counseling and support. The organization provides educational resources, organizes symposia, and publishes an annual newsletter to promote breastfeeding awareness and best practices. Their website serves as an information hub for parents, healthcare professionals, and breastfeeding counselors, positioning them as a niche healthcare entity within Croatia. Technically, the website is built on WordPress using Elementor and related plugins, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled, but lacks security headers and formal privacy/cookie policies, indicating room for compliance improvements. Overall, the site is trustworthy and professionally maintained, but could enhance its privacy and security frameworks to better align with GDPR and modern web standards.

Hrvatska udruga za promicanje primaljstva is a Croatian non-profit association dedicated to promoting midwifery. The organization provides educational resources, community engagement, and organizes events such as symposiums to support midwives and related healthcare professionals. The website serves as an information hub for members and the public, featuring news, educational content, and membership services. The association is well-established with a domain registered since 2013 and operates primarily within Croatia.

G

Grad Kastav

kastav.hr

0

Grad Kastav operates an official municipal government website serving the citizens and residents of Kastav, Croatia. The website provides news, official documents, contact information, and public service announcements, positioning itself as a trusted source of local government information. The site targets local residents and stakeholders interested in municipal governance and community updates. Technically, the website is built on WordPress with a modern plugin ecosystem including Yoast SEO, WPBakery Page Builder, and accessibility tools, indicating a mature digital infrastructure. The site is mobile-optimized and includes cookie consent mechanisms to comply with GDPR. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers could be improved. No privacy or security policies are explicitly found, which is a gap for compliance. Overall, the website is professional, trustworthy, and well-maintained, reflecting the official nature of the entity it represents.

The website www.lutrija.hr represents a Croatian government-related lottery entity, as indicated by the domain and WHOIS data. The domain is registered to S.H.O.P. CENTAR d.o.o. in Croatia since 2012, which aligns with the expected business age and legitimacy. However, the website content is currently inaccessible due to Incapsula Web Application Firewall (WAF) blocking, preventing any direct content or metadata analysis. This limits the ability to assess the website's privacy policies, contact information, or technical infrastructure in detail. From a technical perspective, the presence of Incapsula WAF suggests a focus on security and protection against attacks, but also restricts external analysis. No scripts, forms, or external links were extractable, and no security headers or SSL configuration details were available from the provided data. The domain's WHOIS data is consistent and transparent, supporting trustworthiness. Security posture cannot be fully evaluated due to the blocked content, but the use of a reputable WAF provider is a positive indicator. No vulnerabilities or compliance gaps could be identified. The website is presumed safe with no adult or questionable content based on the business sector and domain. Overall, the site appears legitimate and professionally managed but currently inaccessible for detailed analysis. Strategic recommendations include reviewing WAF settings to allow external security and compliance audits, publishing clear privacy and cookie policies, and providing accessible contact and incident response information to enhance transparency and trust.

L

Logista d.o.o.

logista.hr

0

Logista d.o.o. is a medium-sized Croatian company specializing in distribution and telecommunications services, including tobacco product distribution, mobile technology, and B2B telecommunications support. The company has a strong market position in Croatia, recognized among the top 400 companies and listed by the London Stock Exchange as an inspiring European business. Their key services include JTI tobacco distribution, A1 telecommunications support, and e-distribution services. The website is professionally designed, mobile-optimized, and uses modern tracking and analytics tools. Hosting is provided via Oracle Cloud, and the site employs HTTPS with reCAPTCHA for security. However, there is no publicly available security policy or incident response information, which could be improved. Overall, the website is trustworthy and well-maintained, with clear contact information and GDPR-compliant cookie consent.

T

Tower Center Rijeka

tower-center-rijeka.hr

0

Tower Center Rijeka is a well-established retail shopping center located in Rijeka, Croatia, founded in 2007. The website presents a comprehensive overview of the center's offerings, including over 135 stores, megastores, a multiplex cinema, restaurants, and extensive parking facilities. The business targets general consumers, families, and shoppers seeking retail and leisure experiences. The website is professionally designed with consistent branding and clear navigation, supporting multiple languages and providing up-to-date news and promotional content. Technically, the site employs modern web technologies such as Google reCAPTCHA v3, Google Tag Manager, Facebook Pixel, and is hosted on DigitalOcean, ensuring reliable performance and security. Security posture is solid with HTTPS enforced, cookie consent mechanisms, and no visible vulnerabilities, although some security headers could be improved. Privacy compliance is strong with clear privacy and cookie policies and GDPR-aligned consent management. Overall, the site reflects a credible and trustworthy business with a good digital presence.

Grad Rijeka operates as the official city government portal for the city of Rijeka, Croatia, providing comprehensive information and services to its citizens and stakeholders. The website serves as a central hub for city administration news, public service announcements, community engagement, and access to e-services. It maintains a strong market position as the authoritative source of municipal information, targeting residents, businesses, and visitors. The business model is focused on government transparency, citizen engagement, and service delivery.

B

BILLS

bills.hr

0

Bills.hr is a Croatian SaaS platform providing online invoicing and business management solutions tailored for small and medium enterprises. The platform supports fiscalization compliance, e-invoicing, reporting, and bookkeeping features, positioning itself as a niche player in the Croatian market. The website is built on a modern React framework, hosted with Cloudflare DNS and CDN services, and integrates secure payment processing via CorvusPay. The site is well-designed with good mobile optimization and user experience, though it lacks some advanced SEO and accessibility features. Security posture is solid with HTTPS and SSL certificates, but could be improved by adding security headers and formal privacy and cookie policies. Contact information is limited to email support, with no phone or physical address provided. Overall, the site is professional, trustworthy, and business-focused with no adult or questionable content.

F

Feel IQM d.o.o.

iqmpass.com

0

IQM Pass is a Croatian tourism-focused digital pass service operated by Feel IQM d.o.o., founded in 2020. The service offers tourists special discounts and benefits across multiple Croatian destinations by partnering with local businesses. The website is well-structured, professionally designed, and targets travelers seeking enhanced destination experiences. Technically, the site uses modern web technologies including React, Google Analytics, and Facebook Pixel, hosted on DigitalOcean. Security posture is adequate with HTTPS and cookie consent implemented, though some security headers and policies could be improved. The domain registration is consistent with the business timeline and shows no suspicious indicators. Overall, the website presents a trustworthy and professional digital tourism service.

Civilnodruštvo.hr is a Croatian non-profit portal operated by the Nacionalna zaklada za razvoj civilnog društva, focused on civil society, activism, and social initiatives. Established in 2004, it serves as an information hub connecting various actors in civil activism and promoting civil initiatives. The website offers news, event announcements, educational materials, and multimedia content relevant to its audience. Technically, the site is built on WordPress with a mature plugin ecosystem including Yoast SEO, Contact Form 7, and social sharing tools, ensuring good SEO and user engagement. The site is mobile optimized and performs moderately well. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, though some security headers are missing and no explicit security policies are published. Privacy and cookie policies are present and GDPR compliant. Overall, the site is trustworthy, professional, and well-positioned in its niche.

G

Garancija za mlade | MROSP

gzm.hr

0

The website 'Garancija za mlade' is an official Croatian government initiative aimed at supporting youth employment and education. It provides information and resources to young people, particularly those in NEET status, to facilitate their integration into the labor market or educational pathways. The site is well-positioned as a government-backed platform with consistent branding and clear navigation tailored to its target audience in Croatia. Technically, the site is built on WordPress using Elementor and Yoast SEO, with good mobile optimization and accessibility features. It employs GDPR cookie compliance and uses Facebook Pixel for marketing analytics. Security posture is adequate with HTTPS and some best practices, but lacks explicit security policies and vulnerability disclosure mechanisms. Overall, the domain registration and hosting align with Croatian government standards, reinforcing legitimacy. Recommendations include publishing privacy and security policies and enhancing security headers to improve trust and compliance.

M

Ministarstvo rada, mirovinskog sustava, obitelji i socijalne politike

mrms.hr

0

The website represents the official online presence of the Croatian Ministry of Labour, Pension System, Family and Social Policy. It serves as a comprehensive information portal for Croatian citizens and stakeholders regarding labor laws, social welfare programs, pension regulations, and family policies. The site is well-positioned as a government resource, providing authoritative content and official communications. The target audience includes citizens, social service users, and public sector employees. Technically, the website employs a traditional web stack with jQuery, Modernizr, and various UI libraries such as Fancybox and Owl Carousel. It uses HTTPS with Google Analytics for visitor tracking, and includes cookie consent mechanisms compliant with GDPR. The site demonstrates good mobile optimization and accessibility features, though some libraries like jQuery are outdated, which could pose security risks. From a security perspective, the site enforces HTTPS and has implemented cookie consent, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is unavailable due to GDPR privacy restrictions, but the domain is a government .gov.hr domain, indicating high legitimacy. Overall, the website is a trustworthy and professional government portal with good content quality and privacy compliance. Strategic improvements include updating technical libraries, enhancing security headers, and publishing security policies to strengthen trust and resilience.

L

La Vie

lavie.hr

0

La Vie is a Croatian lifestyle and culture media website founded in 2022, offering content across lifestyle, beauty, travel, culture, fashion, gastro, and podcast segments. The site targets a general audience seeking inspirational and cultural stories. Technically, the website is built on WordPress with Elementor and uses Cloudflare DNS services. It employs modern web technologies and has moderate performance with good mobile optimization. Security posture is solid with HTTPS enforced and standard security headers present, though it lacks explicit security policies and incident response contacts. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy or terms of service pages. Overall, the website is professional and trustworthy but could improve transparency and compliance documentation.

MagMe is a Croatian media and lifestyle website established in 2021, targeting Croatian-speaking audiences with lifestyle content and e-commerce capabilities via WooCommerce. The website demonstrates a moderate level of digital maturity, leveraging WordPress CMS, modern JavaScript libraries like Swiper.js, and third-party services such as Cookiebot for cookie consent and Gemius for analytics. The site is hosted with Cloudflare DNS and uses HTTPS, ensuring secure transport. However, explicit privacy and terms of service policies are not found in the provided content, which is a compliance gap. Security posture is adequate with HTTPS and consent mechanisms but lacks visible security headers and formal incident response contacts. Overall, the site is professionally designed with good user experience and moderate trustworthiness.

A

Agencija za komercijalnu djelatnost proizvodno, uslužno i trgovačko d.o.o.

e-red.hr

0

The website e-red.hr represents a Croatian service platform focused on appointment scheduling and online ordering for agencies such as AKD and HZMO. It targets Croatian users seeking to book appointments with these agencies. The business operates in a niche local market with a small company profile. Technically, the site is built using React and modern JavaScript technologies, delivering a moderate performance and good mobile optimization. The presence of Segment analytics indicates moderate user tracking. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit security policies. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the site is professional and trustworthy with room for improvement in security and transparency.

The website mojamirovina.hr serves as a digital platform providing individualized pension information to Croatian citizens. It is part of the MOJA MIROVINA project aimed at enhancing REGOS services in the labor market. The platform offers an anonymous pension calculator and detailed pension-related data, targeting the general public interested in retirement planning. The site is government-backed, with partnerships including the Croatian Pension Insurance Institute (HZMO) and co-financing from the European Social Fund, positioning it as a credible and authoritative source in the pension sector. Technically, the website is built using modern frontend technologies such as Nuxt.js and Vue.js, styled with Tailwind CSS and enhanced with PrimeVue components. It is hosted by a local Croatian ISP, A1 Hrvatska d.o.o., ensuring regional hosting consistency. The site is mobile-optimized and accessible, though SEO and metadata could be improved. No major performance issues were detected, indicating a moderate to good technical maturity. From a security perspective, the site enforces HTTPS and uses secure form inputs but lacks visible security headers and a cookie consent mechanism, which are recommended for enhanced security and GDPR compliance. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is transparent and consistent with the business, reinforcing trustworthiness. However, the absence of a published security policy and incident response contacts suggests room for improvement in security governance. Overall, mojamirovina.hr is a trustworthy, government-supported platform with solid technical foundations and good business credibility. Strategic enhancements in privacy compliance, security headers, and incident response transparency would further strengthen its security posture and user trust.

A

Altera

altera.hr

0

Altera is a Croatian company specializing in the rental and sale of tents and pagodas for weddings, corporate events, sports events, and fairs. With over 20 years of experience, the company positions itself as a reliable partner for outdoor event solutions, offering additional equipment and services to support event organization. The website is professionally designed using WordPress with the Avada theme and includes modern plugins such as Slider Revolution and Yoast SEO, indicating a mature digital infrastructure. Security measures include HTTPS enforcement, reCAPTCHA integration, and standard security headers, reflecting a good security posture. However, the absence of explicit privacy and terms of service policies suggests room for improvement in compliance and transparency. Overall, the website is trustworthy, content-rich, and well-optimized for SEO and mobile devices, supporting Altera's market presence in the hospitality and event services sector.

C

Catering Team Majetić

cateringteammajetic.hr

0

Catering Team Majetić is a well-established catering company based in Zagreb, Croatia, with a strong family tradition dating back to 1998. The company specializes in high-quality catering services for weddings, corporate events, and private celebrations, operating both locally and across Europe. Their business model includes owning exclusive venues and collaborating with prestigious locations, positioning them as a premium service provider in the hospitality sector. The website reflects a professional and consistent brand image, supported by customer testimonials and media coverage. Technically, the site is built on WordPress using Elementor and Yoast SEO, with modern tracking tools like Google Tag Manager and Facebook Pixel integrated. The site is mobile-optimized and SEO-friendly, though some accessibility features could be improved. Security-wise, the site uses HTTPS and avoids exposing sensitive data but lacks some recommended security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professional, with room for improvement in security and privacy transparency.

O

Obiteljsko Poljoprivredno Gospodarstvo Damjanić Ivan

damjanic.eu

0

Damjanić Wines is a small family-owned winery based in Fuškulin near Poreč, Croatia, with a long tradition dating back to the early 18th century. The company produces a variety of wines and olive oil, offers wine tastings by appointment, and operates a webshop for direct sales. Their market position is that of a leading regional winery in Istria, targeting wine consumers, tourists, and distributors. The website is multilingual and professionally designed to support their business model and customer engagement. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various frontend libraries. Hosting is provided by a Croatian hosting company, and the site uses HTTPS with a cookie consent mechanism to comply with GDPR. Performance and mobile optimization are good, though accessibility features are basic. SEO is well implemented with proper meta tags and structured data. From a security perspective, the site enforces HTTPS and uses cookie consent banners but lacks advanced security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the business information, indicating a legitimate and trustworthy domain. Overall, the website presents a professional and trustworthy online presence for a small winery business, with good privacy compliance and moderate security posture. There are opportunities to enhance security headers and incident response information to further improve trust and compliance.

E

Europski socijalni fond

esf.hr

0

The website www.esf.hr serves as the official Croatian government portal for the European Social Fund (ESF), focusing on the development of human potentials through various social, employment, education, and governance projects. It provides comprehensive information about funding calls, project examples, and relevant documentation, targeting civil society organizations, cultural institutions, and social service providers. The site is well-positioned as a trusted government resource with consistent branding and clear navigation. Technically, the site is built on WordPress 5.1.19 with a modern tech stack including jQuery, Google Analytics, and SEO plugins. It demonstrates good mobile optimization and accessibility features, although performance is moderate. The hosting appears to be managed by CARNET, a Croatian academic network, aligning with the official nature of the site. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks advanced security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partially addressed with a privacy policy and cookie notice, but lacks a full consent mechanism. Contact information is limited to a physical address without direct email or phone contacts. Overall, the website is a reliable and professional government platform with a strong business credibility score. Strategic improvements could focus on enhancing security headers, implementing cookie consent, and publishing security policies to strengthen trust and compliance.

V

Visit Karlovac

visitkarlovac.hr

0

Visit Karlovac is the official tourism website for the city of Karlovac, Croatia, providing comprehensive information about cultural, natural, gastronomic, and event experiences to visitors. The site targets tourists and visitors interested in exploring the city and offers resources such as event calendars, travel planning guides, and detailed descriptions of local attractions. The website is well-positioned as an authoritative source for tourism in Karlovac, supported by active social media channels and structured data that enhances search engine visibility. Technically, the website is built on WordPress using Elementor, enhanced with performance and SEO plugins such as WP Rocket and Rank Math. It leverages Cloudflare for DNS and likely CDN services, ensuring fast loading times and good mobile optimization. The site implements HTTPS with a strong SSL configuration and includes a cookie consent mechanism compliant with GDPR, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS and uses reputable plugins, but explicit security headers are not fully verified in the HTML content. There is no visible incident response or vulnerability disclosure policy, which could be improved to enhance trust and security posture. No vulnerabilities or exposed sensitive data were detected in the content. Overall, Visit Karlovac presents a professional, secure, and privacy-compliant tourism platform with excellent content quality and user experience. Strategic improvements in security header implementation and incident response transparency would further strengthen its security maturity.

B

Borming d.o.o

borming.hr

0

Borming d.o.o is a Croatian technology company specializing in custom web and mobile application development, with a strong focus on blockchain and Web3 technologies. Founded in 2001 and based in Zagreb, the company offers services including smart contract development on Ethereum and Polygon networks, custom CMS solutions, and traditional web development using modern stacks like React and Node.js. Their market position is that of an established local player with a growing emphasis on blockchain integration. Technically, the website is built with React and Node.js, hosted behind Cloudflare, and uses Google Analytics for tracking. The site is mobile optimized and performs moderately well, though accessibility features are basic. Security posture is good with HTTPS enforced, but lacks visible security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanism. Business credibility is strong with consistent WHOIS data and professional content. Overall, the website is professional and trustworthy but would benefit from improved privacy and security disclosures.

Z

Zavičajni muzej Ogulin

zavicajni-muzej-ogulin.hr

0

Zavičajni muzej Ogulin is a Croatian cultural heritage museum focused on preserving and presenting the history and culture of the Ogulin region. The museum offers diverse collections including archaeological, ethnographic, and artistic exhibits, alongside educational programs and virtual tours. It serves a broad audience including local residents, tourists, and students, positioning itself as a key regional cultural institution. The website reflects a small-sized non-profit organization with a clear mission and consistent branding. Technically, the website is built on WordPress using the Enfold theme, hosted by Hostinger. It employs modern web technologies such as jQuery and integrates Facebook SDK for social media features. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. The presence of cookie consent and privacy policy pages indicates good digital maturity and compliance with GDPR. From a security perspective, the site uses HTTPS with excellent SSL configuration but lacks visible security headers which could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. The absence of a security policy or incident response contact suggests room for improvement in security governance. The WHOIS data aligns well with the website's Croatian identity and business type, supporting legitimacy. Overall, the website is professional, trustworthy, and compliant with privacy regulations, suitable for its cultural and educational purpose. Strategic improvements in security headers and incident response readiness would further strengthen its security posture.

A

Aurora Colapis

aurora-experience.com

0

Aurora Colapis operates the Aurora River Experience, offering unique cultural and historic river boat tours on the traditional Žitna lađa Zora in Croatia. The business targets tourists and local groups seeking authentic river experiences, team building events, and private parties. The website is professionally designed using WordPress with WooCommerce and Elementor, integrating booking and e-commerce functionalities. The technical infrastructure is modern and includes Google Analytics and Ads for marketing and tracking. Security posture is adequate with HTTPS and reCAPTCHA, but lacks DNSSEC and some security headers. Privacy compliance is good with GDPR-aligned policies and cookie consent mechanisms. Overall, the business presents a trustworthy and niche tourism offering with solid digital presence.

N

Novena d.o.o.

novena.hr

0

Novena d.o.o. is a Croatian digital media studio specializing in multimedia solutions for cultural heritage, museums, interpretation centers, and tourist destinations. Established in 1997, the company offers a broad range of services including multimedia applications, web design and hosting, photo and video production, AR/VR, 3D modeling, and audio guides. Their market position is that of a specialized service provider with a focus on cultural and educational sectors. The website reflects a professional and consistent brand image targeting institutions and organizations in the cultural and tourism industries. Technically, the website uses a mix of legacy and modern JavaScript libraries such as jQuery, UIkit, Slick Carousel, and Splide.js, hosted behind Cloudflare. The site is HTTPS enabled with Google Analytics and reCAPTCHA integrated, indicating a moderate level of digital maturity. Performance and mobile optimization are adequate, though accessibility features are basic. SEO practices are implemented through meta tags and structured data. From a security perspective, the site benefits from HTTPS and anti-bot measures but lacks visible security headers and dedicated security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable gap given GDPR requirements. Overall, the website is safe, professional, and trustworthy with a solid business foundation. However, improvements in privacy compliance and security best practices are recommended to enhance trust and regulatory adherence.

E

Exevio Ltd.

exevio.hr

0

Exevio Ltd. is a Croatian-based small technology company specializing in corporate IT solutions including web development, loyalty platforms, app and game development, and quality assurance services. Founded in 2013, the company positions itself as a quality-focused partner for businesses seeking tailored IT solutions. Their website reflects a professional and consistent brand image, supported by ISO 9001 and ISO 27001 certifications and EU funding partnerships, enhancing their credibility in the market. Technically, the website employs modern web technologies such as jQuery and integrates Google Analytics and Tag Manager for data insights. The site is mobile optimized with good SEO practices, though some improvements in accessibility and security headers could be made. Hosting details are limited but the domain is registered with NameCheap and secured with HTTPS. From a security perspective, the site enforces HTTPS and has domain transfer protections but lacks DNSSEC and visible security headers. No incident response or vulnerability disclosure policies are published, which could be improved to enhance trust. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. Overall, the website and business present a low-risk profile with strong business credibility and moderate technical maturity. Strategic improvements in security policies and technical hardening are recommended to further strengthen their posture.

F

Fakat

fakat.eu

0

Fakat is a Croatian event agency specializing in comprehensive ideation, organization, and production services for a wide range of events including campaigns, festivals, concerts, exhibitions, corporate events, conferences, and sports events. The company positions itself as a full-service partner offering turnkey solutions and hardware rental with professional staffing. The website is well-structured, professionally designed, and targets businesses and individuals seeking event management services. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript, jQuery, and the Gumby framework, with Google Analytics integrated for visitor tracking. However, there is no evidence of a CMS or hosting provider details. Security posture is moderate with no visible security headers or HTTPS verification, and privacy compliance is low due to missing privacy and cookie policies. Contact information is clearly presented, including company email and phone, along with active social media profiles. WHOIS data is unavailable due to EURid privacy policies, but no suspicious indicators are present. Overall, the site is functional and professional but would benefit from improved security and privacy compliance.

W

Westgate

westgate.hr

0

Westgate.hr is the official website of Westgate, the largest shopping center in Croatia. The site provides comprehensive information about retail stores, restaurants, entertainment options, and services available at the mall. It targets a broad audience including families and shoppers seeking a variety of brands and leisure activities. The website is built on modern web technologies such as Vue.js and Nuxt.js, integrating analytics and marketing tools like Google Analytics and Facebook Pixel to monitor user engagement and optimize marketing efforts. The design is professional, mobile-optimized, and offers clear navigation, enhancing user experience. Security measures include HTTPS enforcement and standard security headers, though explicit privacy and terms of service policies are not published, which is a compliance gap. Overall, the site is trustworthy and well-maintained, with room for improvement in privacy transparency and direct contact information for security or incident response.

S

Suzuki

suzuki.hr

0

Suzuki.hr is the official Croatian website representing Suzuki automobiles and motorcycles. The site provides information about Suzuki vehicles with a focus on affordability and quality, targeting general consumers interested in transportation solutions. The website is built on WordPress with modern SEO practices, including structured data and social media integration, indicating a moderate level of digital maturity. Cookie consent is managed via Cookiebot, demonstrating awareness of privacy compliance requirements. However, the absence of a privacy policy and contact information limits full compliance and user trust. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit incident response contacts. Overall, the site is legitimate and professionally maintained but would benefit from enhanced privacy and security disclosures.

T

Tokić d.d.

tokic.hr

0

Tokić d.d. is a leading regional distributor and retailer of auto parts and related equipment with over 35 years of tradition. The company operates a large network of physical stores across Croatia and Slovenia, complemented by a comprehensive online webshop. They also provide educational services through their certified training center and operate an Auto Check Center for vehicle servicing. The website reflects a mature business with a strong market position and a broad target audience including mechanics, drivers, and automotive enthusiasts. Technically, the site is built on WordPress with modern libraries and frameworks, offering good mobile optimization and SEO practices. Security posture is strong with HTTPS, reCAPTCHA integration, and cookie consent mechanisms, although some security headers could be improved. Privacy compliance is well addressed with clear policies and user consent. Overall, the website is professional, trustworthy, and well-aligned with the company's business model and market presence.

J

Jadranski naftovod, dioničko društvo

janaf.hr

0

Jadranski naftovod d.d. (JANAF) is a well-established Croatian company operating since 1998, specializing in the international transport of crude oil via pipeline infrastructure from the Terminal Omišalj to domestic and foreign refineries in Southeast and Central Europe. The company holds a leading market position in the energy transport sector, providing critical infrastructure services including pipeline operation, storage terminals, and environmental protection initiatives. The website reflects a professional corporate presence targeting investors, business partners, and job seekers, with detailed business and sustainability information. Technically, the website employs modern web technologies such as JavaScript ES modules and custom fonts, with a moderate performance profile and good mobile optimization. SEO and accessibility are adequately addressed, though some improvements could be made in accessibility and security headers. The hosting provider is not explicitly identified but the domain registrar is CARNET, a reputable Croatian academic network. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers, incident response information, and vulnerability disclosure mechanisms. Privacy compliance is supported by a comprehensive privacy policy and cookie policy, though no active cookie consent mechanism is detected. Social media presence is limited to official YouTube and LinkedIn channels, with no visible tracking or advertising scripts. Overall, the website is trustworthy, professionally maintained, and aligned with the company's business profile. Strategic recommendations include enhancing security headers, adding incident response and vulnerability disclosure pages, implementing cookie consent mechanisms, and improving accessibility features to strengthen compliance and security posture.

H

Hrvatske autoceste d.o.o.

hac.hr

0

Hrvatske autoceste d.o.o. is a Croatian state-owned company responsible for the management, construction, and maintenance of highways in Croatia. The website serves as an information portal for motorway users, offering details on tolls, traffic conditions, and related services. It targets both individual drivers and commercial transport operators, positioning itself as the primary authority for highway infrastructure in Croatia. The company provides electronic toll collection services and real-time traffic updates through dedicated mobile applications. Technically, the website is built using modern web technologies including Vue.js, with a responsive design optimized for mobile devices. Security measures include HTTPS enforcement and CSRF token implementation, alongside a comprehensive cookie consent mechanism. However, some security headers are not evident, and no explicit security or incident response policies are published. Overall, the site demonstrates a good balance of usability, compliance, and professionalism, supporting the company's role as a trusted public infrastructure provider.

H

Hrvatski olimpijski odbor

hoo.hr

0

Hrvatski olimpijski odbor (HOO) is the national Olympic committee and umbrella sports organization in Croatia, established in 1991. It serves as the central body for promoting Olympic sports, supporting athletes, and organizing sports events in Croatia. The website reflects a well-maintained digital presence with a focus on news, events, and organizational information relevant to the Croatian sports community. Technically, the site uses modern frameworks such as Next.js and React, with good mobile optimization and accessibility features. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, although explicit privacy and terms of service pages are missing. Overall, the domain registration and WHOIS data align well with the organization's identity, supporting high legitimacy and trust. Strategic improvements include publishing comprehensive privacy and security policies and enhancing transparency on data protection roles.

P

Primorsko-goranska županija

pgz.hr

0

Primorsko-goranska županija is the official regional government authority for the Primorsko-goranska County in Croatia. The website serves as a comprehensive portal for residents and stakeholders, offering information on administrative structure, ongoing projects, public calls, news, and official documents. It targets local citizens, businesses, and public entities, providing transparent access to government services and communications. The site is well-positioned as a trusted government resource with clear contact channels and certifications from recognized bodies such as Bureau Veritas and SGS. Technically, the website is built on WordPress with modern JavaScript libraries like Swiper and Flickity for interactive elements. It employs Google Analytics for visitor insights and uses cookie consent mechanisms compliant with GDPR. The site demonstrates good mobile optimization, accessibility features, and SEO practices, reflecting a mature digital infrastructure suitable for public sector needs. From a security perspective, the site enforces HTTPS with strong SSL configurations and includes standard security headers. It uses cookie consent banners and privacy policies aligned with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a dedicated security policy or incident response contact information, which could enhance its security posture. Overall, the website is a reliable, professional, and secure government platform with strong compliance and trust indicators. Strategic improvements in security transparency and incident response readiness would further strengthen its position and user trust.

T

Turistička Zajednica Varaždinske Županije

turizam-vzz.hr

0

The website turizam-vzz.hr serves as the official tourism portal for Varaždin County in Croatia, managed by the regional tourism board Turistička Zajednica Varaždinske Županije. It provides comprehensive information about local destinations, cultural heritage, accommodation options, events, and tourism offers, targeting tourists and visitors interested in exploring the region. The site is positioned as a regional governmental/non-profit entity focused on tourism promotion. Technically, the website is built on Joomla CMS using Bootstrap, jQuery, and other common web technologies. It features responsive design and moderate performance, with good SEO and basic accessibility features. The site employs HTTPS and includes a cookie consent mechanism, demonstrating awareness of GDPR requirements, though it lacks a clearly published privacy policy and terms of service. From a security perspective, the site uses HTTPS but lacks important security headers and does not publish security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. The domain registration data aligns well with the website's claims, indicating legitimacy and trustworthiness. Overall, the site is professional and trustworthy but could improve its security posture and privacy compliance documentation.

V

Varaždinska županija

varazdinska-zupanija.hr

0

Varaždinska županija operates as the official regional government portal for the Varaždin County in Croatia, providing a broad range of public services and information to its citizens. The website offers comprehensive content including administrative details, public tenders, news, multimedia, and support programs. It targets residents and stakeholders within the region, positioning itself as a trusted government information source. The business model is centered on public service and transparency, with a medium-sized organizational footprint typical of regional government entities. Technically, the website is built on Joomla CMS with Bootstrap and jQuery frameworks, ensuring a responsive and accessible user experience. The site incorporates accessibility tools and maintains good SEO and mobile optimization standards. Performance is moderate, with no critical technical issues detected. The infrastructure supports secure HTTPS connections and employs modern web standards. From a security perspective, the site demonstrates a strong posture with HTTPS enforcement, security headers, and secure form handling. Privacy compliance is robust, featuring clear privacy and cookie policies with consent mechanisms aligned with GDPR requirements. However, the absence of a dedicated security policy page, incident response contacts, and vulnerability disclosure mechanisms suggests areas for improvement in security transparency and incident readiness. Overall, the website is a professional, trustworthy, and secure government portal with high content quality and user experience. Strategic enhancements in security policy publication and incident response communication would further strengthen its security maturity and public trust.

O

Orbis d.o.o.

visitkarlovaccounty.hr

0

The website visitkarlovaccounty.hr serves as the official regional tourism portal for Karlovačka županija (Karlovac County) in Croatia. It provides comprehensive information about destinations, activities, events, and travel logistics to attract and assist tourists. The site is managed by Orbis d.o.o., a Croatian company, and reflects a consistent and professional brand image aligned with regional tourism promotion. Technically, the site employs a mix of modern and legacy technologies including jQuery, UIkit, Google Maps API, and Google Tag Manager, delivering a good user experience with mobile optimization and accessibility features. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though it lacks some security headers and formal security policies. Privacy compliance is limited due to the absence of a privacy policy and terms of service, though a cookie consent mechanism is present. Overall, the site is trustworthy, safe, and well-positioned as a government/non-profit tourism information platform.

K

Karlovačka županija

kazup.hr

0

Karlovačka županija's official website serves as a comprehensive digital portal for the regional government of Karlovac County, Croatia. It provides citizens and stakeholders with access to administrative information, news updates, public tenders, open data, and contact details. The site is well-structured, professionally designed, and targets local residents and interested parties in the government sector. The business model is focused on public service and transparency, positioning the site as a trusted source of regional governmental information. Technically, the website is built on Joomla CMS with modern frameworks such as Helix Ultimate and SP Page Builder, incorporating Bootstrap and Font Awesome for responsive design and iconography. It integrates accessibility tools like UserWay and supports multilingual content via GTranslate. The site demonstrates good mobile optimization and SEO practices, with moderate performance characteristics. From a security perspective, the site enforces HTTPS, uses CSRF tokens in forms, and implements a cookie consent mechanism compliant with GDPR. While some security headers like Content-Security-Policy are not detected, the overall security posture is solid with no visible vulnerabilities or exposed sensitive data. The WHOIS data confirms the domain's legitimacy and long-term registration consistent with a government entity. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic recommendations include enhancing security headers and maintaining up-to-date CMS and extensions to mitigate potential risks.

H

https://visitzagorje.hr/

visitzagorje.hr

0

VisitZagorje.hr is a professionally maintained tourism portal dedicated to promoting the Zagorje region in Croatia. It offers comprehensive information on attractions, culture, events, accommodation, and lifestyle, targeting tourists and visitors interested in this region. The website is multilingual and integrates modern digital marketing and analytics tools, reflecting a mature digital presence. The business model focuses on regional tourism promotion, likely supported by local tourism authorities or partnerships. Technically, the site is built on WordPress with a robust tech stack including Google Tag Manager, Microsoft Clarity, and Facebook Pixel, ensuring effective user tracking and marketing capabilities. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with GDPR-aligned cookie consent and privacy policies. Overall, the site is trustworthy, well-branded, and professionally managed, serving as a reliable resource for visitors to Zagorje.

H

Hrvatski Telekom d.d.

putovanja.hr

0

Putovanja.hr is a well-established Croatian travel portal operated under the domain registered by Hrvatski Telekom d.d., a reputable Croatian telecommunications company. The website serves as an information hub for travelers, providing comprehensive travel advice, rights information, and a directory of UHPA members including travel agencies, hotels, and other tourism-related services. It targets tourists and travel professionals interested in Croatian and European travel. The site features a modern design with good navigation, mobile optimization, and integration of popular JavaScript libraries and Google Analytics for user tracking. Security-wise, the site uses HTTPS and implements a cookie consent banner, but lacks visible advanced security headers or explicit security policies. The WHOIS data confirms the domain's legitimacy and consistent registration details. Overall, the website demonstrates a solid business presence with moderate technical maturity and a good security posture.

Z

Zadar region tourist board

zadar.hr

0

The website www.zadar.hr serves as the official tourism portal for the Zadar region in Croatia, managed by the regional tourist board. It provides comprehensive information about destinations, experiences, events, and travel planning to attract and assist tourists. The site is well-positioned as an authoritative source for regional tourism, supported by a long-established domain and official Croatian registrars. Technically, the site uses modern web technologies including Vue.js and integrates popular analytics and tracking tools such as Google Analytics, Facebook Pixel, and TikTok Pixel. The site is mobile-optimized and offers a rich user experience with clear navigation and multilingual support. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit security policies are absent. Privacy and cookie policies are present with consent mechanisms, indicating GDPR compliance. Overall, the site is professional, trustworthy, and well-maintained, supporting the regional tourism business effectively.

P

Plus Hosting Grupa d.o.o.

opencity.hr

0

openCity Hrvatska is a Croatian public sector project aimed at promoting the opening of public sector data in line with EU standards. The website provides interactive visualizations to make public information easily understandable for citizens. The project targets Croatian government entities and the general public interested in transparent data access. The business model focuses on government data transparency and public engagement through digital tools. The website is relatively small in scale, founded in 2018, and hosted by Plus Hosting Grupa d.o.o. The content is primarily in Croatian and is professionally presented with good navigation and mobile optimization. Technically, the website uses modern web technologies including HTML5, CSS3, JavaScript, jQuery, CartoDB, and Leaflet for mapping. It integrates Google Analytics and Facebook SDK for analytics and social media engagement. Hosting is provided by a Croatian registrar consistent with the domain registration data. Performance is moderate with room for improvement in accessibility and SEO. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks important security headers and formal security policies such as incident response or vulnerability disclosure. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. The WHOIS data is consistent and indicates a legitimate registration aligned with the website's purpose. Overall, the website is functional and trustworthy for its niche but should improve privacy compliance and security best practices to enhance user trust and regulatory adherence.

H

Hrvatska zajednica županija

hrvzz.hr

0

Hrvatska zajednica županija is the official Croatian County Association, providing a centralized platform for news, projects, international cooperation, and information about member counties. The website serves local government officials, citizens, media, and international partners, positioning itself as an authoritative source for county-related information in Croatia. Founded in 2008, it maintains a consistent and professional online presence with clear branding and official contact details. Technically, the website employs modern frontend technologies including Swiper.js for interactive sliders, Font Awesome for icons, and Google Fonts for typography. It is hosted with Cloudflare DNS services and uses HTTPS to secure communications. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. However, accessibility features are basic and could be improved. From a security perspective, the site uses HTTPS and modern libraries but lacks explicit security headers and a vulnerability disclosure policy. No privacy or cookie policies are present, which is a compliance gap. Contact information is clearly provided, enhancing business credibility. No advertising or tracking services are detected, indicating a privacy-respecting approach. Overall, the website is trustworthy and professionally maintained, with a strong alignment between WHOIS data and website content, indicating legitimacy. Strategic improvements in privacy compliance, security headers, and accessibility would enhance its security posture and user trust.

P

Poduzetnički centar Zagrebačke županije

pczz.hr

0

Poduzetnički centar Zagrebačke županije is a regional entrepreneurial support institution focused on creating a quality and user-oriented business environment in the Zagrebačka županija region of Croatia. The organization provides key services such as project management, credit guarantees, investment zone support, and advisory services for agriculture and rural development. The website reflects a medium-sized government or non-profit entity with a clear regional focus and a professional online presence. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. Hosting is provided by TOTOHOST d.o.o., a Croatian hosting provider, which aligns with the regional focus. The site is mobile optimized, accessible, and SEO-friendly, with good performance and no detected blocking or WAF interference. From a security perspective, the site uses HTTPS with a good SSL configuration and implements cookie consent mechanisms compliant with GDPR. However, there is no explicit security policy or incident response information published, and security headers are not detected, suggesting room for improvement in formal security posture documentation and technical hardening. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. It serves its target audience effectively, providing relevant content and contact information. Strategic recommendations include publishing formal security policies, adding incident response contacts, and enhancing security headers to improve resilience and trust further.