Security Directory

Z

Zeleni Prsten

greenring.biz

0

The website www.greenring.biz serves as an information portal focused on the entrepreneurial zones of Zagreb County, Croatia, providing GIS-based spatial planning and real estate investment information. It targets investors and businesses interested in regional development opportunities. The platform is built on WordPress, leveraging popular plugins such as Yoast SEO for search engine optimization and structured data implementation, indicating a moderate level of digital maturity. The site demonstrates good content quality and user experience with a professional design and mobile optimization. However, the absence of WHOIS data and lack of explicit privacy and terms of service policies present gaps in transparency and compliance. Security posture is moderate with HTTPS implied but lacking visible security headers and incident response information. Overall, the site is functional and trustworthy for its intended audience but would benefit from enhanced security and compliance documentation.

P

Plus Hosting Grupa d.o.o.

eprijave.hr

0

The website eprijave.hr serves as an official government platform for electronic submission of applications to public tenders and calls in Zagreb County, Croatia. It is operated under the domain registered by Plus Hosting Grupa d.o.o., a Croatian hosting company, with domain registration consistent with the service's operational timeline since 2019. The platform targets citizens and organizations needing to apply for regional government tenders, providing a focused and essential public service. Technically, the website employs modern frontend technologies such as React and ApexCharts, indicating a contemporary single-page application design. Hosting is provided by DigitalOcean, a reputable cloud provider. The site demonstrates moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. No content management system is explicitly detected. From a security perspective, the site enforces HTTPS and uses secure input fields for login credentials. However, it lacks visible security headers and does not provide privacy, cookie, or terms of service policies, which are important for compliance and user trust. No incident response or vulnerability disclosure information is available, and no analytics or advertising scripts are detected, indicating minimal user tracking. Overall, the website is a functional government service portal with moderate trustworthiness and security posture but would benefit from enhanced privacy compliance, security headers, and contact information to improve user confidence and regulatory adherence.

H

HROTE - Hrvatski operator tržišta energije d.o.o.

hrote.hr

0

HROTE - Hrvatski operator tržišta energije d.o.o. is the Croatian national energy market operator responsible for organizing and regulating the electricity and gas markets, supporting renewable energy initiatives, and managing guarantees of origin. Established in 2005, it serves as a key entity in Croatia's energy sector, providing services to market participants, government bodies, and renewable energy producers. The website reflects a professional and consistent brand presence with comprehensive content tailored to its target audience. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with accessibility features and mobile optimization. It uses Google Analytics for user tracking and is hosted under a Croatian registrar, CARNET, indicating local hosting and compliance. Performance is moderate with good SEO and accessibility practices. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR. However, explicit security headers and incident response contacts are not clearly published, and no vulnerability disclosure or security.txt file is present. No critical vulnerabilities or suspicious content were detected. Overall, the website demonstrates a solid security posture and business credibility with minor areas for improvement in security transparency and header implementation. The domain registration data aligns well with the business identity, supporting high legitimacy and trustworthiness.

M

Medvednica

medvednica.com

0

The website medvednica.com presents itself as a tourism and city guide platform focused on Zagreb, Croatia, showcasing cultural heritage and green areas. The site uses modern web technologies such as React and integrates Google Maps API for enhanced user experience. However, the domain WHOIS data is missing or inaccessible, raising concerns about domain registration legitimacy. No privacy, cookie, or terms of service policies are present, and no direct contact information is provided, which impacts trust and compliance. Security posture is weak due to lack of security headers and unclear SSL configuration. Overall, the site is functional and content-rich but requires improvements in security, compliance, and transparency to enhance trustworthiness.

Z

Zagreb Tourist Board

meetinzagreb.hr

0

The website meetinzagreb.hr serves as the official digital platform for the Zagreb Tourist Board, focusing on promoting Zagreb as a premier congress and incentive destination. It provides comprehensive information about congress capacities, event planning services, and current news related to business tourism in Zagreb. The site targets event planners, business travelers, and tourists interested in the city, positioning itself as an authoritative source backed by the city’s tourism board. The content is professionally presented in Croatian and English, with clear navigation and social media integration.

N

Net media Sistemi d.o.o.

sistemi.hr

0

Net media Sistemi d.o.o. is a well-established Croatian technology company specializing in web shop creation, web and mobile application development, intranet and internet solutions, system integration, and hosting services. With over 25 years of experience and a strong client base, they provide comprehensive digital business solutions primarily targeting B2B customers in Croatia and the surrounding region. Their website reflects a mature digital presence with modern technologies and good user experience. The company holds multiple ISO certifications, enhancing their credibility and trustworthiness. Technically, the site uses a modern tech stack including .NET Core, Angular, and 2sxc CMS, and is hosted under a Croatian academic registrar, indicating local infrastructure.

P

Promet d.o.o.

promet-split.hr

0

Promet d.o.o. is a municipal public transportation company based in Split, Croatia, providing city and suburban passenger transport services. The company operates primarily within the Split agglomeration, serving local residents and visitors. The website reflects a medium-sized municipal entity with a focus on transportation services. The business model is centered on public transit organization and operation, positioning Promet d.o.o. as a key local transport provider. Technically, the website is built on the DNN (DotNetNuke) CMS platform, utilizing jQuery and related libraries for frontend functionality. Google Analytics is integrated for traffic monitoring. The site is served over HTTPS with a good SSL configuration, indicating a secure connection. Mobile optimization and SEO practices are adequately implemented, though accessibility features are basic. From a security perspective, the site employs HTTPS and modern JavaScript libraries but lacks explicit security headers and published security policies such as privacy, cookie, or incident response policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data confirms a consistent and legitimate domain registration aligned with the company's municipal nature. Overall, the website is professional and trustworthy but has compliance gaps regarding privacy and cookie policies and lacks transparency on security incident handling. Strategic improvements in these areas would enhance the site's security posture and regulatory compliance.

D

Digitalne uspomene

digitalneuspomene.eu

0

Digitalne uspomene is a Croatian small business specializing in the professional digitalization and preservation of old VHS, VHS-C, Mini DV, DVD, and audio cassette media. The company targets individuals and families seeking to preserve precious memories by converting analog media into modern digital formats such as MP4 and MP3. Their service model includes local pickup and delivery in Rijeka and nationwide shipping options. Technically, the website is built on WordPress with Elementor, featuring embedded YouTube videos and Google Fonts, delivering a modern and responsive user experience. Security posture is solid with HTTPS and secure video embeds, though lacking some advanced security headers and explicit privacy policies. The absence of public WHOIS data is due to EURid privacy policies, which is common and justified for this business type. Overall, the website presents a professional and trustworthy front for a niche local service provider.

P

Plus Hosting Grupa d.o.o.

crohost.net

0

Optima Hosting, operated by Plus Hosting Grupa d.o.o., is a well-established Croatian web hosting provider founded in 2011. The company offers a comprehensive range of hosting services including shared hosting, reseller hosting, VPS cloud hosting, domain registration, and mail hosting, targeting small to medium businesses and web professionals in Croatia and Bosnia and Herzegovina. The website is professionally designed, mobile-optimized, and provides clear navigation and extensive customer support resources. The presence of customer testimonials and transparent contact information enhances its market credibility. Technically, the website leverages modern web technologies such as SvelteKit, FontAwesome, and integrates analytics and tracking tools including Google Analytics, Microsoft Clarity, and Facebook Pixel. Cookie consent is managed via Cookiebot with an active consent mechanism, demonstrating compliance with GDPR requirements. The site uses HTTPS with strong SSL configuration, though it lacks explicit HTTP security headers and a public security policy or vulnerability disclosure page. From a security perspective, the site shows good practices with no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy and security.txt file suggests room for improvement in transparency and incident response readiness. WHOIS data is consistent with the business claims, showing a domain age appropriate for the company's history and no privacy protection, which supports legitimacy. Overall, Optima Hosting presents a secure, professional, and trustworthy online presence with strong compliance and business credibility. Strategic enhancements in security policy publication and HTTP security headers would further strengthen its security posture and customer trust.

T

TOTOHOST d.o.o.

totohost.com

0

TOTOHOST d.o.o. is a Croatian web hosting company operating since 2004, offering a range of hosting services including NVMe web hosting, business hosting, VPS cloud servers, domain registration, and reseller hosting. The company positions itself as a reliable local provider with over 5000 customers and more than 7500 registered domains. Their website is professionally designed, mobile-optimized, and provides comprehensive information about their services, pricing, and support options. Technically, the site runs on WordPress with modern technologies such as CloudLinux, LiteSpeed web servers, and Imunify360 security solutions, ensuring good performance and security. The presence of SSL, daily backups, and malware protection indicates a strong security posture, although HTTP security headers and public security policies could be enhanced. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Overall, the website and business demonstrate a mature digital presence with high trustworthiness and professionalism.

E

Erste banka

erstebank.hr

0

Erste banka is a well-established Croatian financial institution operating since 2004, offering a broad range of banking services including accounts, loans, credit cards, investments, and insurance. The website reflects a mature digital presence with a modern tech stack, responsive design, and good SEO and accessibility practices. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although public security policies and incident response contacts are not prominently disclosed. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, Erste banka demonstrates a high level of business credibility and digital maturity appropriate for a leading bank in Croatia.

H

Hrvatska poštanska banka d.d.

hpb.hr

0

Hrvatska poštanska banka d.d. (HPB) is the largest Croatian-owned bank, offering a comprehensive range of financial services including retail and business banking, credit products, investment services, and digital banking solutions. The website reflects a mature and professional banking institution with a strong market position in Croatia. The bank emphasizes customer convenience with over 1500 cash withdrawal points and advanced mobile and internet banking platforms. Technically, the website employs modern JavaScript libraries and frameworks such as jQuery, Bootstrap 5, Swiper.js, and Flatpickr, ensuring a responsive and user-friendly experience across devices. Privacy and cookie policies are clearly presented with consent mechanisms, demonstrating compliance with GDPR requirements. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is trustworthy, well-maintained, and aligned with the bank's business objectives.

F

Fina

fina.hr

0

Fina is a well-established Croatian financial agency providing a broad range of digital and financial services to businesses, citizens, and public institutions. The website reflects a mature digital presence with comprehensive service offerings such as e-invoicing, digital archiving, factoring platforms, and payment systems. The company positions itself as a reliable national partner with extensive physical presence and digital accessibility. Technically, the website uses modern web technologies including Ibexa CMS, Bootstrap, and Google Tag Manager, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and vulnerability disclosure mechanisms are not publicly available. Overall, the domain registration data aligns well with the website content, confirming legitimacy and trustworthiness.

H

Hrvatsko kreditno osiguranje d.d.

hkosig.hr

0

Hrvatsko kreditno osiguranje d.d. is a Croatian insurance company specializing in trade credit insurance and risk management, serving entrepreneurs and businesses seeking protection for their receivables. It holds a unique market position as the first and only Croatian company offering such services, supported by its subsidiary Business Info Service L.L.C. that provides credit information and analysis. The website is built on WordPress with standard plugins for SEO, forms, and cookie management, reflecting a moderate level of digital maturity. The site is accessible, mobile-optimized, and professionally designed, though it lacks explicit privacy and terms of service pages. Security posture is adequate with HTTPS and cookie consent implemented, but could be improved by adding security headers and incident response information. Overall, the domain registration is consistent with the business claims, indicating legitimacy.

H

Hrvatska udruga poslodavaca

hup.hr

0

The website www.hup.hr represents the Croatian Employers' Association, an established organization founded in 2001 that advocates for employers in Croatia. The site serves as a platform for providing information and support to its members, primarily targeting business entities and employers within the country. The domain registration data aligns well with the organization's identity, reinforcing its legitimacy and trustworthiness. Technically, the website employs standard technologies including Google Analytics with IP anonymization and an accessibility widget (OmoWidget), indicating a commitment to user accessibility and some privacy considerations. The site is hosted with Azure DNS and uses HTTPS, ensuring secure communications. However, the technical implementation lacks advanced security headers and comprehensive privacy disclosures, which are areas for improvement. From a security perspective, the site is accessible without WAF or blocking mechanisms and shows no signs of vulnerabilities or malicious content. The absence of explicit privacy and cookie policies, as well as terms of service, reduces the site's compliance posture, particularly regarding GDPR requirements. Contact information and incident response channels are not clearly presented, which may impact user trust and responsiveness to security incidents. Overall, the website is moderately professional and trustworthy but would benefit from enhanced privacy compliance, security best practices, and clearer business contact information to improve its security posture and user confidence.

C

CRANE

crane.hr

0

CRANE.hr is the official website of the Croatian Investors and Business Angels Association, the oldest such organization in Croatia, focused on connecting private investors with innovative early-stage companies. The website serves as a platform for sharing news, events, and resources related to investment and entrepreneurship in Croatia. It targets private investors and startups seeking early-stage funding, positioning itself as a key national player in the investment ecosystem. The business model revolves around networking, knowledge sharing, and facilitating investments. Technically, the website is built on WordPress, utilizing common plugins such as Yoast SEO, WPML for multilingual support, Contact Form 7 for contact forms, and WPBakery Page Builder for layout management. The site is hosted by a Croatian hosting provider, cyber_Folks d.o.o., and uses HTTPS with a valid SSL certificate. Performance and mobile optimization are good, though accessibility features are basic. SEO is adequately implemented with meta tags and structured data. From a security perspective, the site uses HTTPS and some security plugins (e.g., Wordfence), but lacks visible security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms, which is a notable gap given GDPR requirements. Overall, the website is professional and trustworthy with good business credibility and content quality. However, improvements in privacy compliance and security best practices are recommended to enhance trust and regulatory adherence.

W

Waves More

waves.tours

0

Waves More operates the website waves.tours, offering private and shared boat tours from Split, Croatia. The business targets tourists seeking customized maritime experiences along the Croatian coast. The website is professionally designed using WordPress and Elementor, with integrated booking and GDPR compliance features. The technical infrastructure includes modern plugins for SEO and analytics, such as Rank Math and Google Tag Manager, indicating a moderate level of digital maturity. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The WHOIS data is privacy protected, which is typical for small tourism businesses, and no suspicious indicators were found. Overall, the site presents a trustworthy and professional front for a small hospitality business.

M

MYD Sailing

myd-sailing.com

0

MYD Sailing is a small yacht charter business operating primarily in Croatia, offering a fleet of sailing yachts for vacationers and sailing enthusiasts. The website is professionally designed using WordPress and Elementor, providing clear navigation, multilingual support, and integrated booking functionality. The technical infrastructure is modern with standard plugins and Google Tag Manager for analytics. Security posture is good with HTTPS enforced and clientTransferProhibited domain status, though DNSSEC is not enabled and no explicit security.txt or incident response contacts are published. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. Overall, the website presents a trustworthy and professional image suitable for its niche market.

A

Adriatic Fantasy Cruises

waves-more.com

0

Waves More is a recently established Croatian sailing and tour company offering yacht and catamaran charters along with customizable Adriatic tours. The business targets tourists and sailing enthusiasts seeking vacation experiences in the Adriatic Sea. The website is built on WordPress using Elementor and demonstrates moderate technical maturity with HTTPS enabled and a clean design, but lacks comprehensive privacy and security policies. Security posture is basic with no DNSSEC or security headers implemented. Contact information is minimal, limited to a single email address. Overall, the site is functional but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

K

kuna zlatica

kunazlatica.hr

0

Kuna Zlatica is an independent design studio based in Croatia, founded in 2024. The studio specializes in various design disciplines including graphic design, visual identity, publishing, event design, spatial interventions, and packaging. Their website serves as a professional portfolio showcasing their projects and artistic approach, targeting cultural institutions, event organizers, and design professionals. The site is bilingual with Croatian as the primary language and English translation via Weglot. Technically, the website is built on Squarespace, hosted via Totohost, and uses modern web technologies including Google Fonts and Google Analytics with proper cookie consent mechanisms. Security posture is strong with HTTPS and HSTS enabled, though there is room for improvement in incident response and vulnerability disclosure transparency. Overall, the website is professional, trustworthy, and well-structured, reflecting the studio's niche market position and creative focus.

G

Gradska knjiznica Marka Marulića

gkmm.hr

0

Gradska knjiznica Marka Marulića is a well-established public library based in Split, Croatia, founded in 2002. It serves a broad audience including children, youth, and adults by providing diverse library services, cultural events, educational workshops, and an online catalog. The institution holds a strong local market position as a key cultural and educational resource. The website reflects this with rich content, event listings, and membership information, targeting general public and literary enthusiasts. Technically, the site is built on WordPress with modern plugins and frameworks such as Bootstrap and Swiper, hosted by Totohost, and integrates Google Analytics for visitor insights. The site is mobile-optimized and SEO-friendly, though accessibility features are basic.

G

Gradska knjižnica i čitaonica Vinkovci

gkvk.hr

0

Gradska knjižnica i čitaonica Vinkovci is a public library serving the Vinkovci community in Croatia, providing access to a catalog, membership services, and cultural events. The website is professionally designed using WordPress with Elementor and the Litho theme, offering a responsive and accessible user experience. The site includes a cookie consent mechanism and a privacy policy compliant with GDPR, reflecting a commitment to user privacy. Security posture is solid with HTTPS enforced and no exposed sensitive data, though some security headers could be improved. Overall, the domain registration and website content align well, indicating a trustworthy and legitimate institution.

D

DiVan

divan.hr

0

DiVan is a Croatian media platform focused on providing comprehensive information about events, places, and cultural activities in Zagreb. It serves a local audience interested in concerts, festivals, gastronomy, and social happenings, positioning itself as a niche event guide with a strong community presence. The platform offers additional services such as newsletters and mobile applications to enhance user engagement. Technically, the website is built on WordPress with a modern tech stack including WooCommerce, Google Analytics, and GDPR-compliant cookie management, reflecting a mature digital infrastructure. Security measures include HTTPS enforcement and CAPTCHA protections, although some security headers could be improved. The website demonstrates good privacy compliance and transparent user consent mechanisms. Overall, DiVan presents a professional and trustworthy online presence with moderate technical performance and solid business credibility.

M

Monoplay

monoplay.eu

0

Monoplay is a well-established international contemporary dance festival based in Zadar, Croatia, specializing in solo dance performances and educational workshops. The website reflects a mature digital presence built on WordPress with modern plugins and SEO optimization. The festival targets dance professionals, students, and the general public interested in contemporary dance. While the site is professionally designed and content-rich, it lacks critical privacy and cookie policies, which affects compliance. Security posture is moderate with HTTPS enabled but missing some security headers. Contact information is primarily via forms, with no explicit emails or phone numbers published. Overall, the site is trustworthy and credible but would benefit from enhanced privacy compliance and security hardening.

T

Teatar EXIT

teatarexit.hr

0

Teatar EXIT is a well-established Croatian theatre company founded in 2003, specializing in provocative and innovative theatrical performances. The website serves as a digital platform to showcase their program, ticket sales, and festival events, targeting a general audience interested in cultural arts. The company maintains a consistent brand presence with active social media channels and a mobile app offering, indicating a moderate level of digital maturity. Technically, the site is built on WordPress with modern libraries and frameworks such as Bootstrap and jQuery, and integrates Google Analytics and Facebook Pixel for marketing and analytics purposes. Security measures include HTTPS, GDPR-compliant consent mechanisms, and Google reCAPTCHA on forms, although there is room for improvement in implementing security headers and explicit incident response policies. Overall, the website is professional, secure, and compliant, with a high trustworthiness rating and no detected malicious content.

I

Institute for New Media and E-democracy

edemokracija.hr

0

The website www.edemokracija.hr represents the Institute for New Media and E-democracy (InMed), a Croatian academic and research institution focused on new media, e-democracy, and journalism. The site serves as a platform for disseminating information about conferences, calls for papers, and research activities. It targets academics, researchers, and media professionals interested in these fields. The business model is non-profit and research-oriented, with a niche market position in Croatia and international academic circles. Technically, the website is built on WordPress and utilizes a modern tech stack including jQuery, Bootstrap, and various JavaScript libraries for enhanced user experience. The site is hosted by CARNET, a Croatian academic network, which aligns with the institute's educational nature. The website is mobile optimized and demonstrates good SEO and accessibility practices, although some accessibility features could be improved. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers and does not provide a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the website's academic and Croatian identity, enhancing trustworthiness. Overall, the website is professional, trustworthy, and serves its academic audience well. To improve security posture and compliance, the institute should consider adding security headers, a vulnerability disclosure policy, and clearer contact information for security incidents. These steps would enhance user trust and align with best practices for academic institutions operating online.

T

Turistička Zajednica Grada Zagreba

infozagreb.hr

0

The website www.infozagreb.hr serves as the official tourism portal for the city of Zagreb, Croatia, managed by the Turistička Zajednica Grada Zagreba. It provides comprehensive information about the city's cultural heritage, attractions, events, accommodation, and lifestyle, targeting tourists and visitors. The site is well-positioned as a trusted source for Zagreb tourism, offering detailed guides and multimedia content to enhance visitor experience. Technically, the website employs modern web technologies including React and Cloudflare services for DNS and CDN, ensuring moderate performance and good mobile optimization. The site structure and navigation are clear, with SEO-friendly metadata and structured data enhancing search visibility. However, accessibility features could be improved. From a security perspective, the site uses HTTPS and benefits from Cloudflare's infrastructure, but lacks explicit security headers and formal security policies. There is no visible privacy or cookie policy, nor incident response or vulnerability disclosure information, which are areas for improvement to enhance compliance and trust. Overall, the website is professional and trustworthy with a strong business credibility score. The absence of privacy and cookie policies and limited security headers slightly reduce the security and privacy posture. Strategic enhancements in these areas would improve compliance and user trust.

L

Ljiljana Lončarić Peharda

ljiljanaloncaricpeharda.com

0

The website ljiljanaloncaricpeharda.com serves as a personal portfolio for the artist Ljiljana Lončarić Peharda, showcasing her paintings, illustrations, music, and blog content. It targets art enthusiasts and potential clients interested in her creative work. The business model is primarily personal branding and portfolio presentation, with a niche market position in the art domain. The website is small scale, founded around 2017, and primarily serves a Croatian audience with multilingual support via WPML.

D

DAR BLUE d.o.o.

darblue.hr

0

Darblue.hr is the online presence of DAR BLUE d.o.o., a Croatian company specializing in the cultivation and sale of fresh blueberries and other berries. The company operates a 12-hectare plantation with 80,000 plants, focusing on high-quality domestic blueberry production with extended harvest seasons through selected varieties. Their business model centers on retail and wholesale distribution of fresh and packaged berries, maintaining cold chain logistics to ensure product quality. The website reflects a professional and consistent brand image, with clear contact information and compliance with GDPR regulations. Technically, the site is built on WordPress with popular plugins like WPBakery and Slider Revolution, and uses Google Analytics for visitor tracking. While the site is generally well-implemented, some outdated JavaScript libraries and lack of explicit security headers present moderate security concerns. No blocking or WAF mechanisms interfere with content access. The domain registration data aligns well with the business claims, supporting legitimacy. Overall, the site demonstrates a solid digital presence for a small agricultural business with good trust indicators and compliance practices.

P

Pro Integris

prointegris.hr

0

Pro Integris is a specialized engineering company established in 2007, focusing on power plants, substation automation, and renewable energy sectors. The company positions itself as a contributor to sustainable electrical engineering solutions, offering a range of services including design, relay protection, ICT, power facilities, training, and cyber security tools. Their market presence is supported by ISO certifications and EU financing, indicating a credible and quality-driven business model. Technically, the website is built on WordPress with modern plugins and themes, supporting multilingual content and GDPR compliance. The infrastructure is moderate in performance with good mobile optimization and SEO practices. Security posture is strong with HTTPS enforced and cookie consent implemented, though some security headers and explicit security policies are absent. Overall, the security posture is solid with no visible vulnerabilities or exposed sensitive data. The business credibility is high, supported by clear contact information, certifications, and professional content. Recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms to further strengthen trust and compliance. The website content is safe for general audiences, with no adult or questionable content detected. The domain registration data aligns well with the business claims, reinforcing legitimacy and trustworthiness.

L

Livens

livens.co

0

Livens is a Croatia-based digital solutions provider specializing in web development, booking systems, CMS, and dashboards. The company targets businesses seeking to establish or enhance their digital presence with innovative and engaging digital experiences. Their portfolio includes projects in luxury sailing, vacation rentals, and financial services, positioning them as a niche player in the technology sector. The website demonstrates a modern technical infrastructure built on Next.js and React, hosted likely on Vercel, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS, security headers, and privacy compliance mechanisms in place, though explicit security policies and incident response contacts are absent. Overall, Livens presents a professional and trustworthy digital presence with room for enhanced security transparency.

T

Turistička zajednica Zagrebačke županije

visitzagrebcounty.hr

0

Visit Zagreb County is the official tourism board for Zagreb County, Croatia, promoting the region's cultural, natural, and gastronomic attractions. The website serves as a comprehensive portal for tourists, offering information on events, active holidays, health tourism, and sustainable tourism initiatives. The organization positions itself as a regional authority with a focus on enhancing visitor experience and promoting local heritage. Technically, the website is built on WordPress using the Elementor page builder, with multilingual support via TranslatePress. It employs modern web technologies and includes spam protection mechanisms. The site is hosted by Plus Hosting Grupa d.o.o., a Croatian hosting provider, and uses HTTPS to secure communications. Performance and mobile optimization are good, though there is room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and uses spam protection but lacks explicit security headers and a cookie consent mechanism, which are important for GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website's Croatian origin and business purpose, indicating legitimacy. Overall, the website is professional, trustworthy, and well-positioned to serve its audience. Strategic improvements in privacy compliance and security hardening would enhance its posture and user trust.

H

Hrvatska energetska regulatorna agencija (HERA)

hera.hr

0

HERA (Hrvatska energetska regulatorna agencija) is the Croatian Energy Regulatory Agency responsible for overseeing and regulating the energy sector in Croatia, including electricity, gas, and heat markets. The agency provides regulatory decisions, licensing, public consultations, and consumer information, positioning itself as a key national authority in the energy domain. The website serves as an official portal for regulatory documents, announcements, and tools for consumers and market participants. Technically, the website is built with standard HTML, CSS, and JavaScript, incorporating Google Tag Manager for analytics. It is hosted under a Croatian academic network registrar (CARNET) and uses HTTPS, ensuring secure communications. The site has basic mobile optimization and accessibility features but lacks advanced security headers and cookie consent mechanisms. Security posture is solid with no visible vulnerabilities or exposed sensitive data, but could be improved with enhanced security policies and incident response information. Overall, the site is trustworthy, professional, and compliant with GDPR, though it could benefit from improved privacy and security transparency.

H

HAKOM

hakom.hr

0

HAKOM is the Croatian national regulatory agency responsible for overseeing electronic communications, postal services, and railway transport sectors. Established in 2009, it operates as a government entity providing regulatory oversight, licensing, market analysis, and consumer protection services. The website serves as an information portal and digital service platform for users and operators within these sectors, offering multiple e-services applications to facilitate electronic submissions and data management. The agency maintains a strong national presence with consistent branding and official social media channels, reinforcing its credibility and trustworthiness. Technically, the website employs standard web technologies including HTML5, CSS, JavaScript, and SVG icons, with a responsive design optimized for mobile devices. The site uses HTTPS and includes cookie consent mechanisms, demonstrating compliance with privacy regulations. While no advanced frameworks or CMS are explicitly detected, the site performs moderately well with good accessibility and SEO practices. From a security perspective, the site benefits from HTTPS and cookie consent but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data confirms domain legitimacy with consistent registration details matching the agency's official profile. Overall, HAKOM's website is a professional, secure, and compliant platform that effectively supports its regulatory mission. Strategic improvements could include publishing detailed security policies and incident response information to enhance transparency and trust further.

M

Ministarstvo unutarnjih poslova Republike Hrvatske

mup.hr

0

The Ministry of the Interior of the Republic of Croatia operates the official government website mup.gov.hr, providing authoritative information and services related to internal affairs, police operations, and citizen support. The website serves a broad audience including Croatian citizens, residents, media, and international visitors seeking official updates and resources. It maintains a strong market position as the primary government entity responsible for internal security and public safety in Croatia. Technically, the website employs a modern technology stack including Google Analytics, Google Tag Manager, Facebook Pixel, and JavaScript libraries such as Galleria and Fancybox for enhanced user experience. The site is mobile-optimized and accessible, with a clear navigation structure and professional design. Privacy compliance is robust, featuring a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. From a security perspective, the site enforces HTTPS and uses tracking consent banners, but lacks visible security headers in the HTML source. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data is due to GDPR privacy protections, which is typical for government domains. Overall, the domain and website exhibit high legitimacy and trustworthiness. The overall risk assessment is low, with recommendations to enhance security headers, publish a formal security policy, and consider a vulnerability disclosure mechanism to further strengthen security posture and transparency.

Z

Zagrebačka županija

zagrebacka-zupanija.hr

0

Zagrebačka županija is the official regional government entity for the Zagreb County in Croatia, providing a comprehensive digital platform for public information, news, tenders, and administrative transparency. The website serves residents, businesses, students, and stakeholders with timely updates and access to official documents and services. The site maintains a consistent brand identity and includes social media integration to enhance public engagement. Technically, the website employs modern JavaScript libraries such as jQuery and PhotoSwipe, uses Google Fonts, and implements a cookie consent mechanism with anonymized Google Analytics tracking. Accessibility features are thoughtfully integrated, improving usability for diverse users. Security posture is moderate with HTTPS implied and cookie consent in place, but lacks explicit security headers and incident response information. The domain is well-established since 2001, registered with the Croatian academic network registrar CARNET, reinforcing legitimacy. Overall, the site is professional, trustworthy, and serves its government function effectively.

L

Lovezagreb

uhpa.hr

0

The website represents UHPA, a well-established Croatian tourism industry association founded in 2002, serving over 330 members including travel agencies and key tourism stakeholders. It focuses on promoting sustainable tourism, professional development, and industry advocacy. The site is professionally designed with good content quality, clear navigation, and bilingual support. Technically, it uses modern web technologies including React and Cloudflare services, with good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though it lacks a public vulnerability disclosure policy and incident response contacts. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site is trustworthy, professional, and serves as a credible resource for the Croatian tourism sector.

A

Apartmani, sobe i privatni smještaj | Apartmanija.hr

apartmanija.hr

0

Apartmanija.hr is a Croatian hospitality platform specializing in private accommodation rentals including apartments, rooms, and rural tourism options. Established in 2011, it targets tourists seeking private lodging in Croatia. The website employs modern frontend technologies such as Bootstrap and Font Awesome, and integrates Google Tag Manager for analytics. However, it lacks visible privacy, cookie, and terms of service policies, which are critical for GDPR compliance. Security posture is moderate with no detected security headers and unknown SSL configuration. Contact information is not explicitly found in the provided content, limiting direct communication channels. Overall, the website presents a basic but functional digital presence with room for improvement in privacy and security practices.

C

Croatia Rally

rally-croatia.com

0

Croatia Rally is a prominent sporting event organizer focused on the ERC Croatia Rally 2025, a major motorsport event that attracts global spectators and promotes Croatia as a tourist destination. The website effectively communicates the event's details, hospitality packages, merchandising, and calendar, targeting motorsport fans, tourists, media, and competitors. The business operates in the transportation and tourism sectors with a medium-sized footprint and a founding date consistent with the domain registration in 2015. Technically, the website employs modern web technologies including JavaScript libraries, analytics, and marketing tools, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and domain transfer protection, though improvements in security headers and DNSSEC are recommended. Privacy compliance is addressed with clear policies and consent mechanisms. Overall, the site presents a professional and trustworthy digital presence with strong business credibility.

AroundZagreb.hr is a tourism promotion website operated by the Turistička Zajednica Grada Zagreba, the official tourism board of Zagreb, Croatia. The site provides multilingual content aimed at tourists interested in exploring Zagreb and its surroundings, featuring local attractions, weather updates, and social media integration. The business model focuses on information dissemination and tourism promotion, positioning itself as a trusted official source for visitors. Technically, the website is built using React with modern asynchronous script loading and is hosted behind Cloudflare DNS services, ensuring good performance and availability. The site is mobile-optimized and includes SEO best practices such as meta tags and structured data.

T

Turistička zajednica Zagrebačke županije

odmornikadblize.hr

0

The website odmornikadblize.hr is a regional tourism promotion platform managed by the Zagreb County Tourist Board, Croatia. It offers detailed listings of vacation houses, hotels, wine roads, gastronomy, and cultural experiences in Zagreb County. The site targets tourists, families, and digital nomads seeking authentic local experiences. The business model focuses on promoting regional tourism and accommodation providers to increase visitor engagement and economic activity in the area. Technically, the site is built on modern frameworks such as Next.js and React, hosted likely on Vercel with Cloudflare DNS, ensuring good performance and mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks explicit security policies and headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional, trustworthy, and well-branded, but could improve compliance and security transparency.

Konfa media d.o.o. is a small Croatian company specializing in media services, publishing, and conference organization, with additional activities in tourism agency services. The company is headquartered in Zagreb and was founded in 2019. The website serves as a basic informational platform with limited content, indicating ongoing development. The business model focuses on service provision within the media and tourism sectors, targeting a general audience in Croatia. Technically, the website is built on WordPress using the Astra theme and Elementor page builder, with common plugins such as Contact Form 7. Hosting is provided by Totohost, a Croatian hosting provider. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. No analytics or tracking services are detected, indicating minimal user tracking. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers and visible security policies. There is no cookie consent mechanism, and privacy compliance is minimal. The WHOIS data is consistent with the business information, showing no suspicious patterns. Overall, the security posture is average with room for improvement. The overall risk is moderate due to incomplete content and limited privacy and security controls. Strategic recommendations include implementing security headers, adding privacy and cookie policies with consent mechanisms, enhancing content quality, and establishing incident response contacts to improve trust and compliance.

M

Marker d.o.o.

marker.hr

0

Marker d.o.o. is a Croatian company specializing in the development of professional web shops for both retail (B2C) and wholesale (B2B) clients. Established in 2011, the company has positioned itself as a leading domestic agency with multiple awards and certifications such as ISO 9001 and ISO 27001. Their services focus on enabling businesses to increase sales through effective e-commerce solutions. The website reflects a mature digital presence with a clear business focus, professional design, and comprehensive content including client references and an active blog.

Hrvatski izvoznici is a well-established Croatian association dedicated to supporting exporters through certifications, news, events, and educational resources. The website serves as a comprehensive platform for Croatian exporters, providing timely updates, a database of exporters, and organizing key industry events. The organization maintains strong partnerships with major Croatian financial and trade institutions, enhancing its credibility and market position. Technically, the website uses a custom CMS with legacy JavaScript libraries and integrates Google Analytics and Google Tag Manager for tracking. While the site is functional and professionally designed, some outdated technologies and missing security headers present moderate security risks. Privacy compliance is addressed through a cookie consent banner and a basic cookie policy, but no explicit privacy or security policies are found. Overall, the site is trustworthy and serves its target audience effectively, though improvements in security and technical modernization are recommended.

M

Ministarstvo gospodarstva

szp.hr

0

The website szp.hr is the official Croatian government consumer protection portal managed by the Ministry of Economy (Ministarstvo gospodarstva). It provides comprehensive information and guidance on consumer rights, dispute resolution, public service complaints, and relevant legislation. The portal targets Croatian consumers and serves as a central resource for consumer protection issues. Technically, the site is built on ASP.NET Web Forms, uses Bootstrap icons, and is hosted by CARNET, a reputable Croatian academic network. The site is mobile-optimized and accessible, with clear navigation and professional design. Security posture is good with HTTPS enforced and no exposed sensitive data, though security headers are not explicitly visible. Privacy and cookie policies are not found, indicating a compliance gap. Contact information is clearly provided with official emails and phone numbers. Overall, the domain registration and website content align well, indicating high legitimacy and trustworthiness.

I

Innovation Ads Croatia

iac.hr

0

Innovation Ads Croatia is a small, established digital agency based in Rijeka, Croatia, specializing in web design, graphic design, video production, and visual identity services. With over 25 years of experience, the company positions itself as a reliable partner offering professional and creative digital solutions to local businesses and individuals. The website is built on WordPress with Elementor, indicating a modern and maintainable technical infrastructure. The presence of Google Analytics and Cloudflare DNS shows a standard digital maturity level. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and published security policies. Privacy compliance is partial due to missing privacy and terms of service pages. Overall, the website is professional and trustworthy, with room for improvement in privacy and security transparency.

H

Hrvatski zavod za mirovinsko osiguranje

mirovinsko.hr

0

Hrvatski zavod za mirovinsko osiguranje (HZMO) is a Croatian government public institution responsible for managing the pension insurance system. Established by law in 2001, it serves employees, agricultural workers, craftsmen, and other insured persons by administering pension rights and benefits based on generational solidarity. The website provides comprehensive information about pensions, child allowances, insurance registrations, and electronic services, targeting Croatian residents and pensioners. It holds a strong market position as the official national pension authority with a large organizational size and a well-established digital presence. The site is professionally designed with consistent branding and clear navigation, supporting multiple languages and accessibility features.

T

Tourism Office Pula

pulainfo.hr

0

Tourism Office Pula operates as the official tourism promotion entity for the city of Pula, Croatia, providing comprehensive information on local attractions, events, accommodation, and visitor services. The website is well-structured, multilingual, and designed to serve tourists and visitors seeking travel-related information. The business model is government-oriented, focusing on tourism promotion and visitor engagement. The site demonstrates a good level of digital maturity with modern WordPress infrastructure, SEO optimization, and accessibility features. However, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance and user trust. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but could be improved by adding security headers and incident response information. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency.

H

Hrvatska turistička zajednica

htz.hr

0

The website www.htz.hr is the official portal of the Croatian National Tourist Board (Hrvatska turistička zajednica), a government entity dedicated to promoting tourism in Croatia. It provides comprehensive information on tourism projects, support programs, market insights, business events, and promotional materials. The site targets tourism professionals, businesses, and stakeholders within the Croatian tourism sector. The business model is government-driven, focusing on national tourism promotion and support. The website is well-branded, consistent, and professionally maintained with a large content base and multilingual support.

F

Fer Projekt d.o.o.

fer-projekt.com

0

Fer Projekt d.o.o. is a Croatian-based technology company specializing in professional custom web design, development, SEO optimization, and digital solutions using their proprietary Fer+ CMS system. The company targets businesses primarily in Croatia, offering comprehensive digital services including hosting and branding. Their market position is supported by over 600 completed projects and positive client testimonials, reflecting a strong regional presence. Technically, the website employs a modern technology stack including jQuery, Google Analytics (Universal and GA4), Google Tag Manager, Microsoft Clarity, and Cookiebot for privacy compliance. The use of a proprietary CMS indicates a tailored approach to client needs. The site is mobile optimized and uses structured data to enhance SEO and user experience. From a security perspective, the site enforces HTTPS, integrates Google reCAPTCHA for form protection, and uses cookie consent mechanisms. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no dedicated security or incident response policies are publicly available. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, the website is professional, trustworthy, and well-structured, though the absence of WHOIS data for the domain raises some concerns about domain registration transparency. Strategic recommendations include enhancing security headers, publishing security policies, and verifying domain registration details to improve trust and compliance.