Security Directory

S

SAFU

safu.hr

0

SAFU is the Central Agency for Financing and Contracting in Croatia, primarily responsible for managing EU and national funds related to various operational programs and projects. The website reflects its role as a government entity, providing information on funding programs, project implementation, and technical assistance. The site targets government bodies, project beneficiaries, and the general public interested in funding opportunities and project updates. Technically, the website is built on WordPress with Elementor, enhanced by SEO and accessibility plugins, and integrates Google Analytics and Tag Manager for performance and user tracking. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response information are not visible. Overall, the site is professional, well-structured, and trustworthy, with no signs of malicious activity or content safety concerns.

H

Hrvatska banka za obnovu i razvitak

hbor.hr

0

Hrvatska banka za obnovu i razvitak (HBOR) is a Croatian government development and export bank established in 1997. It provides financial products such as loans, guarantees, export credit insurance, leasing, and venture capital funds to support business growth, export activities, and sustainable development in Croatia. The website positions HBOR as a leading financial institution with a strong market presence and comprehensive service offerings targeting entrepreneurs, SMEs, and public sector entities. The digital infrastructure uses modern web technologies including jQuery and Bootstrap, with good mobile optimization and accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The WHOIS data confirms the domain's legitimacy and long-term registration consistent with a government-affiliated entity. Overall, the website is professional, trustworthy, and compliant with privacy regulations.

The Europski Potrošački Centar Hrvatska (ECC Croatia) operates as a national consumer protection center affiliated with the European Consumer Centres Network (ECC-Net). It provides advisory services and assistance for cross-border consumer complaints within the EU, Norway, Iceland, and the UK. The website targets Croatian consumers and EU cross-border shoppers, offering information on consumer rights, complaint resolution, and referrals to competent authorities. The organization functions as a government or non-profit entity, emphasizing consumer protection and education. Technically, the website employs a moderately modern technology stack including Bootstrap 3.3.6, jQuery 1.11.3, Font Awesome, and Owl Carousel. It is mobile responsive with good SEO practices and clear navigation. However, some JavaScript libraries are outdated, and no CMS or hosting provider details are evident. Performance is moderate, and accessibility is basic. From a security perspective, the site uses HTTPS but lacks visible security headers such as Content Security Policy or HSTS. Forms use POST methods securely, and no sensitive data is exposed in the HTML. The absence of a cookie consent mechanism and security policy pages indicates partial GDPR compliance. WHOIS data is unavailable due to GDPR privacy restrictions, but the site’s affiliation with official EU and Croatian government entities supports its legitimacy. Overall, the website is professional, trustworthy, and serves an essential public service role. Security and privacy practices could be improved by implementing security headers, cookie consent, and publishing incident response information. The domain’s privacy protection is justified given GDPR regulations. The site poses low risk and is a reliable resource for consumer protection in Croatia.

C

Centar unutarnjeg tržišta EU

cut.hr

0

The website www.cut.hr represents the Centar unutarnjeg tržišta EU, a Croatian government-related portal focused on providing centralized information and coordination for the EU internal market within Croatia. It serves citizens, entrepreneurs, and competent authorities by offering contact points, guidance on EU rights and regulations, and access to EU-related programs and funds. The site is well-structured, professionally designed, and includes relevant content such as news, publications, and contact forms. It leverages modern web technologies including jQuery, WOW.js, and Google Analytics, ensuring a responsive and accessible user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although some security headers and explicit policies are missing. Privacy compliance is partial, with a cookie policy present but no explicit privacy policy or consent mechanism. Overall, the site is trustworthy and authoritative, consistent with its government affiliation.

The website www.javnanabava.hr serves as the official Croatian government portal dedicated to public procurement. It provides authoritative information, legal frameworks, news updates, statistical data, and educational resources aimed at public sector entities, suppliers, and other stakeholders involved in public procurement processes. The portal is managed by the Ministry of Economy's Directorate for Public Procurement Policy, reflecting a strong government presence and trustworthiness. Technically, the site leverages modern web technologies including Blazor, Bootstrap, and Oqtane CMS, ensuring a responsive and accessible user experience. Accessibility tools and cookie consent mechanisms are implemented, demonstrating compliance with privacy regulations such as GDPR. Security posture is solid with HTTPS enforced and CSRF protections in place, though some security headers could be improved. No critical vulnerabilities or suspicious activities were detected. Overall, the site is professional, well-maintained, and serves its governmental informational purpose effectively.

H

Hrvatski sabor

sabor.hr

0

Hrvatski sabor is the official legislative body of the Republic of Croatia, providing comprehensive information about parliamentary activities, legislative processes, and public services. The website serves citizens, government officials, media, and researchers by offering access to session schedules, legislative documents, press releases, and educational resources. It holds a strong market position as the authoritative source for Croatian parliamentary information. Technically, the website is built on Drupal 10, leveraging modern web technologies and ensuring good mobile optimization and accessibility, including an integrated accessibility widget. The hosting is managed by CARNET, a reputable Croatian academic and research network, ensuring reliable infrastructure. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR. While explicit security headers are not fully visible in the HTML, the overall posture is strong with no exposed sensitive data or vulnerable libraries detected. However, the site lacks a published security policy, incident response information, and vulnerability disclosure mechanisms, which are recommended for enhanced security maturity. Overall, Hrvatski sabor's website is professional, trustworthy, and compliant with privacy regulations, making it a reliable platform for public legislative information. Strategic improvements in security transparency and incident response readiness would further strengthen its security posture.

H

HŽ Putnički prijevoz

hzpp.hr

0

HŽ Putnički prijevoz is the Croatian national passenger rail transport company providing domestic and international train services. The website serves as an information and ticketing portal for passengers, offering travel schedules, ticket purchase options, and travel advisories. The company targets general public users traveling within Croatia and to European destinations by rail. The business model is that of a public transportation service provider with a large market presence as the national rail operator. Technically, the website employs modern web standards including HTTPS, Google Tag Manager, and reCAPTCHA for security and analytics. Accessibility features such as font size adjustment and dyslexia mode enhance user experience. However, the site lacks visible privacy and terms of service pages, and no direct contact information is found in the provided content. Security posture is good with HTTPS and bot protection but could be improved by adding security headers and explicit security policies. Overall, the domain and website appear legitimate and professionally maintained, consistent with a national transportation entity.

N

N/A

strukturnifondovi.hr

0

The website 'EU fondovi Hrvatska' serves as the central internet portal for EU funds and programs in the Republic of Croatia. It provides comprehensive information and resources related to EU funding opportunities, targeting Croatian citizens, government entities, businesses, and organizations interested in accessing EU funds. The site is positioned as an official government portal, offering authoritative content and guidance on EU programs. Technically, the website is built on WordPress using the Astra theme and several plugins including accessibility and GDPR compliance tools. It integrates Google Analytics for visitor tracking and maintains a moderate performance level with good mobile optimization and accessibility features. Security-wise, the site enforces HTTPS and employs basic security best practices, though it lacks explicit security headers and detailed security policies. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a solid security posture and trustworthy business credibility, but it would benefit from publishing explicit privacy and terms of service policies to enhance compliance and user trust.

Z

Zagrebački holding d.o.o.

zgh.hr

0

Zagrebački holding d.o.o. is a large municipal holding company based in Zagreb, Croatia, managing a broad portfolio of public services including transportation, energy, waste management, and public markets. The company operates multiple subsidiaries that provide essential city infrastructure and services, positioning it as a key player in the local government sector. The website reflects this role with comprehensive information, clear navigation, and a professional design tailored to citizens, investors, and partners. Technically, the site uses modern JavaScript libraries, integrates Google Analytics and AddThis for tracking and sharing, and employs Mapbox for mapping services. The site is mobile-optimized and shows good SEO practices, though accessibility could be improved. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, but lacks some advanced security headers and a published security.txt file. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data confirms the domain's legitimacy and long-standing presence since 2007, consistent with the organization's profile. Overall, the website is trustworthy, well-maintained, and compliant with GDPR, serving its public service mission effectively.

R

Response trening akademija d.o.o.

krav-maga.hr

0

Krav-maga.hr is the official website of Response trening akademija d.o.o., a Croatian company specializing in Krav Maga self-defense training and related educational services. The company operates a network of over 30 training locations across Croatia, targeting a broad audience including adults, women, children, and teenagers. Their business model combines in-person training, online courses, and an e-commerce platform selling related apparel, equipment, and educational materials. The website reflects a well-established market position with a professional online presence and active social media engagement. Technically, the website employs modern web standards including HTTPS, Google reCAPTCHA for form security, and integrates with marketing and analytics tools such as Google Analytics, Facebook Pixel, and Mailchimp. Hosting is supported by Cloudflare DNS services, and the site uses custom CMS technology. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site demonstrates good practices including encrypted connections, GDPR-compliant consent mechanisms, and secure form handling. However, some security headers are not explicitly detected and could be improved. No critical vulnerabilities or exposed sensitive data were found. The WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, krav-maga.hr is a trustworthy, professionally managed website with a solid security posture and compliance with privacy regulations. Strategic improvements in security headers and incident response transparency could further enhance its security maturity.

K

Konfa media d.o.o.

zastita.info

0

Zastita.info is a Croatian media platform specializing in security industry news, events, and company catalogs. Operated by Konfa media d.o.o., it serves security professionals and companies in Croatia and the surrounding region. The website offers news updates, conference information, and advertising opportunities, positioning itself as a key regional security media outlet. Technically, the site uses a combination of legacy and modern web technologies including jQuery 1.8.1, UIkit, and Google Analytics, with moderate performance and good mobile optimization. Security posture is moderate but could be improved by updating outdated libraries and implementing security headers. Privacy compliance is basic with a cookie consent banner but no explicit privacy or terms of service pages. Overall, the domain is legitimate though WHOIS data is privacy protected, which is common for media businesses. The site is safe for general audiences and maintains a professional appearance.

B

Borealis

borealis.agency

0

Borealis is a Croatia-based digital agency specializing in the creation of custom digital products including complex web applications, e-commerce platforms, multimedia applications, and promotional games. The company emphasizes long-term client relationships and serves a global clientele with a comprehensive service offering from concept through post-launch support. Their website reflects a professional and modern digital presence built on WordPress, with integration of Google Tag Manager and reCAPTCHA for analytics and security. While the site is well-designed and content-rich, it lacks explicit privacy and cookie policies, which is a notable compliance gap. Security posture is generally good with HTTPS and form protection, but could be improved by adding security headers and formal incident response disclosures. Overall, Borealis presents as a credible and established digital agency with a solid market position and trustworthy online presence.

The website at kzuo.hr is currently a minimal directory index page with no substantive content or business information. The domain is registered in Croatia with a national registrar (CARNET) since 2017, indicating legitimacy in registration but the website itself lacks any meaningful presence or branding. There are no privacy policies, cookie notices, terms of service, or contact information available, which severely limits its credibility and compliance posture. Technically, the site exposes directory listings and lacks security headers or HTTPS information, indicating poor security hygiene. Overall, the site appears inactive or a placeholder with very limited digital maturity and no evident business operations. Security posture is weak with multiple recommendations needed to improve compliance, security, and trust.

Klemm Učilište is a Croatian adult education institution specializing in security-related training programs, including courses, seminars, and workshops. The website presents a professional image with clear program offerings and a focus on personal and professional development in the security sector. The business operates primarily in Croatia and targets adults seeking specialized education in protection and security services. Technically, the site is built on WordPress using popular plugins such as LearnPress for LMS functionality and GDPR compliance tools, indicating a moderate level of digital maturity. The site is mobile-optimized and performs moderately well, though some accessibility and SEO improvements are possible. Security posture is adequate with HTTPS enforced and GDPR cookie compliance, but lacks advanced security headers and explicit security policies. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. However, the absence of privacy and terms of service pages represents a compliance gap that should be addressed.

V

Vodoopskrba i odvodnja d.o.o.

vio.hr

0

Vodoopskrba i odvodnja d.o.o. is a Croatian water utility company primarily serving the city of Zagreb and surrounding municipalities. The company provides essential services including water supply, wastewater drainage, and treatment, supported by a strong infrastructure and over 130 years of operational history. It operates under the parent company Zagrebački Holding, reflecting a stable market position in the regional energy and utilities sector. The website offers comprehensive customer service features, including emergency contact, online meter reading submission, and detailed informational resources. Technically, the site employs a modern tech stack with Bootstrap, jQuery, and integrates Google Analytics and Tag Manager for user insights. Accessibility and mobile responsiveness are well addressed, enhancing user experience. Security posture is solid with HTTPS and ISO certifications, though there is room for improvement in HTTP security headers and incident response transparency. Privacy compliance is robust, featuring a detailed cookie consent mechanism and GDPR-aligned privacy policies. Overall, the website reflects a professional and trustworthy digital presence aligned with its business objectives.

N

Nastavni zavod za javno zdravstvo „Dr. Andrija Štampar“

stampar.hr

0

Nastavni zavod za javno zdravstvo „Dr. Andrija Štampar“ is a well-established Croatian public health institution founded in 1949, employing over 400 professionals. The website serves as an informational portal primarily targeting the citizens of Zagreb and the broader Croatian public, focusing on health education and community health services. The institution holds a significant position in the local healthcare sector as a trusted public health authority. Technically, the website is built on Drupal 9 CMS, utilizing modern frontend libraries such as AOS for animations and Swiper for sliders, and Google Fonts for typography. The site demonstrates good mobile optimization and a moderate performance profile. However, there is room for improvement in accessibility and SEO optimization. From a security perspective, the site lacks visible security headers and explicit security policies. There is no evidence of privacy or cookie policies, GDPR compliance indicators, or incident response contact information. No vulnerability disclosure or security.txt files were found. The SSL/TLS configuration and hosting provider details were not available in the provided data, limiting a full security assessment. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, security best practices, and transparency measures to improve user trust and regulatory adherence.

Podružnica Tržnice Zagreb, a subsidiary of Zagrebački holding, operates a network of 28 market locations in Zagreb, Croatia, serving approximately 2500 tenants. The organization focuses on providing fresh domestic products including fruits, vegetables, dairy, fish, and meat products, positioning itself as a key retail market operator in the city. The website reflects a professional presence with clear navigation, relevant content, and integration of essential services such as equipment rental and online market information. The target audience includes local residents, business tenants, and visitors seeking fresh produce. Technically, the website employs a mix of legacy and modern JavaScript libraries, Google Analytics, and cookie consent mechanisms, indicating moderate digital maturity. Security posture is adequate but could be improved by updating legacy libraries and implementing security headers. Privacy compliance is well addressed with GDPR-aligned cookie consent and privacy policy. Overall, the website is trustworthy and professionally maintained, supporting the organization's public service role.

Z

Zagrebački električni tramvaj

zet.hr

0

Zagrebački električni tramvaj (ZET) operates as the primary public transportation provider in Zagreb, Croatia, offering tram, bus, funicular, and cable car services. The website serves residents and visitors with comprehensive information on ticketing, routes, service updates, and EU-funded infrastructure projects. The company is positioned as a large, essential transportation entity under Zagrebački Holding, with a strong local presence and public sector backing. Technically, the website employs a modern technology stack including Google Tag Manager, Google Analytics, Facebook Pixel, and Hotjar for analytics and user behavior tracking. The site is mobile-optimized with good navigation and SEO practices, though it lacks some accessibility features and a cookie consent mechanism. The CMS appears custom-built, and performance is moderate. From a security perspective, the site uses HTTPS with good SSL configuration and no exposed sensitive data. However, it lacks important security headers and visible security or incident response policies. The absence of a cookie consent banner indicates partial GDPR compliance. No vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and well-aligned with the business's public transportation mission. Strategic improvements in privacy compliance and security policy transparency would enhance trust and regulatory adherence.

M

Ministarstvo gospodarstva

mingo.hr

0

The website represents the official online presence of the Ministry of Economy of the Republic of Croatia, serving as a central hub for disseminating information related to economic policies, energy approvals, public procurement, and consumer protection. It targets citizens, businesses, and government officials, providing access to news, documents, e-services, and public calls. The site is well-branded with consistent government identity and links to related official portals, reinforcing its authoritative position within the Croatian government ecosystem. From a technical perspective, the website employs a traditional tech stack including jQuery, Modernizr, and various UI libraries, alongside Google Analytics for visitor tracking. The site is mobile-optimized and accessible, with a cookie consent mechanism that aligns with GDPR requirements. However, some JavaScript libraries are outdated, which could pose security risks if not regularly updated. Security-wise, the site enforces HTTPS and implements cookie consent, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data confirms the domain's legitimacy as a government entity with consistent registration details. Overall, the website is a trustworthy and professional government portal with good content quality and privacy compliance. Strategic improvements include enhancing security headers, updating legacy scripts, and publishing explicit security and incident response policies to strengthen the security posture and user trust.

P

Plavi ured

plaviured.hr

0

Plavi ured is a government-supported entrepreneurial center based in Zagreb, Croatia, established in 2015 as part of the Zagrebački inovacijski centar d.o.o. It provides education, support programs, and consulting services to entrepreneurs, including small and medium enterprises, micro entrepreneurs, craftsmen, and beginners. The website is professionally designed using WordPress with modern plugins such as Yoast SEO and Slider Revolution, and it integrates Google reCAPTCHA for form security and Complianz for GDPR-compliant cookie management. The site demonstrates good digital maturity with clear navigation, mobile optimization, and SEO best practices. Security posture is solid with HTTPS enforced and no exposed sensitive data, though the use of an outdated jQuery version and lack of explicit security headers are noted as areas for improvement. Privacy compliance is strong, with comprehensive privacy and cookie policies and consent mechanisms in place. Overall, the website is trustworthy and serves as a credible digital presence for the entrepreneurial center.

B

BerlinerLuft. Tehnika d.o.o.

berlinerluft.hr

0

BerlinerLuft. Tehnika d.o.o. is a Croatian manufacturing company specializing in ventilation equipment and systems. As part of the BerlinerLuft corporate group, it offers a broad portfolio of products including smoke extraction ducts, fans, air distribution components, and fire protection systems. The company targets professional and industrial clients in the HVAC sector, positioning itself as a reliable regional player with a solid product range and certifications such as CE marking. The website reflects this business focus with professional content and clear navigation. Technically, the website is built on OctoberCMS with jQuery and jQuery UI libraries, and uses Google Analytics for tracking. The site is mobile-optimized and performs moderately well, though some technical debt is evident from the use of older JavaScript libraries. SEO and accessibility are basic but adequate. Security posture is good with HTTPS enforced and no visible sensitive data exposure, but lacks security headers and a vulnerability disclosure mechanism. From a security and compliance perspective, the site has a privacy policy and terms of service, but lacks a cookie consent mechanism and incident response contact details. WHOIS data is consistent with the business claims, showing a domain registered in Croatia since 2015, supporting legitimacy. No WAF or blocking mechanisms were detected, and no adult or questionable content is present. Overall, the website is professional and trustworthy with room for improvement in security headers, privacy compliance, and modernization of technical components. Strategic enhancements in these areas would strengthen the company’s digital maturity and compliance posture.

Dineout.hr is an online platform focused on restaurant discovery and reservation services in Croatia. It offers users the ability to find excellent restaurants, book tables, and purchase tickets for culinary events and tasting menus. The platform targets a general audience interested in dining experiences and culinary events, positioning itself as a regional player in the hospitality sector. The website is built using modern web technologies such as React and Next.js and is hosted on DigitalOcean, indicating a contemporary and scalable technical infrastructure. The site includes standard marketing and analytics tools like Facebook Pixel and Google Tag Manager, supporting data-driven business decisions. Security-wise, the site enforces HTTPS and includes a cookie consent mechanism, but lacks visible security headers and explicit privacy or terms of service pages, which are recommended for compliance and trust. Overall, the website is professional and functional with moderate security posture and privacy compliance, suitable for a small-sized hospitality business.

F

Fianona

fianona.hr

0

Fianona.hr is the website of a Croatian restaurant specializing in Italian cuisine, primarily pizza, operating under the hospitality industry. The business appears to be a small, local restaurant established in 2007, with a consistent brand presence and a website built on WordPress using the Elementor page builder. The site offers online booking capabilities and includes a cookie consent mechanism, indicating some awareness of GDPR compliance. However, explicit privacy policies and terms of service are not found, which could be improved for better compliance and user trust. Technically, the website uses modern web technologies including WordPress, Elementor, jQuery, and YouTube iframe API for embedded videos. The site is served over HTTPS with a valid SSL certificate, but lacks advanced security headers which are recommended to enhance security posture. Performance is moderate with good mobile optimization and basic accessibility features. SEO optimization is basic but present. From a security perspective, the site benefits from HTTPS and cookie consent but lacks visible security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is consistent with the business location and domain age, supporting legitimacy. Overall, the site is moderately secure but could benefit from enhanced security headers and clearer privacy documentation. The overall risk is low to moderate, with recommendations to implement comprehensive privacy and security policies, add security headers, and provide clear contact information for incident response. These steps will improve compliance, user trust, and security resilience.

C

Catering Kvatrić

catering-kvatric.hr

0

Catering Kvatrić is a well-established Croatian catering company with over 20 years of experience, offering comprehensive catering and event organization services including weddings, venue management, and equipment rental. The company positions itself as a leading catering provider in Croatia, supported by multiple certifications and positive customer testimonials. The website reflects a professional and consistent brand image with clear service offerings and contact information. Technically, the site is built on WordPress with WooCommerce and uses modern plugins and analytics tools, ensuring a good user experience and SEO optimization. Security posture is solid with HTTPS enforced, cookie consent mechanisms in place, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, with a comprehensive privacy policy and cookie management. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

U

Uprent

uprent.hr

0

Uprent is a Croatian company specializing in the rental, sale, servicing, and transport of machinery and work platforms, primarily targeting the construction and industrial sectors. The company has established partnerships with multiple well-known machinery brands and offers additional services such as training and a Click2Rent platform. Their website is professionally designed, mobile-optimized, and provides clear contact information, including a prominently displayed phone number and social media links. The presence of a downloadable catalog and a mobile app enhances their customer engagement and service accessibility. Technically, the website is built on a modern Nuxt.js framework with Tailwind CSS, hosted on Hetzner servers, ensuring a reliable and performant infrastructure. Security-wise, the site uses HTTPS and shows no signs of vulnerabilities or exposed sensitive data, but lacks explicit security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service. Overall, the website reflects a medium-sized, legitimate business with a good market position in Croatia, but could improve in compliance and security transparency.

G

glagolITico d.o.o.

glagolitico.hr

0

glagolITico d.o.o. is a Croatian IT consulting company specializing in CRM and contact center solutions, with a strong focus on SAP Sales and Service Cloud implementations and Sinch Contact Pro products. The company targets large and complex organizations across multiple industries including telecommunications, energy, manufacturing, and finance. Their market position is reinforced by their SAP PartnerEdge membership and multiple certifications from recognized vendors such as Oracle and TMforum. The website presents a professional image with clear business information and a detailed project portfolio. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and jQuery, with some integration of Google APIs. Hosting is managed through CARNET, a Croatian academic and research network, which aligns with the company's location. The site shows basic mobile optimization and moderate performance but lacks advanced SEO and accessibility features. From a security perspective, the site does not display visible security headers or privacy and cookie policies, indicating gaps in GDPR compliance and security best practices. No forms or data collection mechanisms are present, reducing immediate risk exposure. WHOIS data is consistent with the business claims, supporting legitimacy. Overall, the security posture is moderate but could be improved by implementing HTTPS, security headers, and privacy documentation. The overall risk is moderate with no critical vulnerabilities detected. Strategic improvements in privacy compliance and security hardening would enhance trust and regulatory adherence.

P

Premium Distribucija

premium-distribucija.hr

0

Premium Distribucija is a Croatian-based company specializing in the wholesale distribution of beverages for the hospitality industry, particularly targeting the HoReCa sector. The company positions itself as a premium distributor leveraging expert knowledge and experience to support successful hospitality operations. The website is professionally built on WordPress using Elementor and optimized with NitroPack and Google Site Kit, indicating a moderate level of digital maturity and performance optimization. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and professional but could improve transparency and security documentation to enhance trust and compliance.

Kufner Grupa d.d. is a Croatian holding company specializing in the exploitation of mineral raw materials and production of stone materials. Established in 2008, it manages five subsidiary companies with strategically located quarries and a workforce of approximately 170 employees. The company positions itself as a leading regional producer with a focus on sustainable growth and modern technologies. The website is professionally designed, primarily in Croatian, targeting regional industrial and construction sectors. Technically, the site uses modern web fonts and JavaScript libraries but lacks advanced frameworks or CMS indications. Security posture is moderate with HTTPS implied but missing explicit security headers and incident response information. Privacy and cookie policies exist but lack active consent mechanisms. WHOIS data is unavailable, which reduces domain trustworthiness, though the website content and contact details appear legitimate. Overall, the site is safe, business-focused, and well-structured, with room for security and compliance improvements.

P

Poljoprivredno gospodarstvo Šember

sember.hr

0

Poljoprivredno gospodarstvo Šember is a small, family-owned winery located in Jastrebarsko, Croatia, specializing in producing award-winning wines such as rajnski rizling, chardonnay, and crni pinot. The business leverages its regional heritage and vineyard location on the Plešivica hills to attract wine enthusiasts and visitors for tasting and tours. The website reflects a well-established presence with consistent branding and clear communication of its offerings. Technically, the site uses common web technologies including Bootstrap, jQuery, Google Analytics, and Google Maps API, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA integration, but lacks advanced security headers and explicit security policies. Privacy compliance is basic with cookie consent and terms of service present but no dedicated comprehensive privacy policy. Overall, the site is trustworthy and professional, suitable for its target mature audience interested in wine products and experiences.

G

GAZ Nutrition

gaz-nutrition.com

0

GAZ Nutrition operates a professional e-commerce website specializing in premium dietary supplements targeted at athletes, sports enthusiasts, and recreational users primarily in Croatia. The website offers a broad range of products, including proteins, amino acids, vitamins, and other sports nutrition items, supported by detailed sports guides and brand information. The business is positioned as a premium provider with a clear focus on quality and customer engagement through features like wishlists and customer accounts. Technically, the website is built on a modern WordPress and WooCommerce stack, utilizing popular plugins for enhanced user experience and marketing. The site is well-structured with good SEO practices and mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is partial, with cookie consent implemented but lacking explicit privacy and terms of service pages. Overall, the website is trustworthy and professional, with room for enhanced compliance and security policies.

C

Copy Electronic

copy-electronic.hr

0

Copy Electronic is a well-established Croatian company specializing in the sale, rental, and servicing of IT equipment, including printers, scanners, projectors, and related office technology. With a domain registered since 1997 and a clear focus on business customers, the company positions itself as a reliable provider of comprehensive office IT solutions. Their online presence includes a webshop with a broad product catalog and customer service features such as live chat and clear contact details. Technically, the website employs modern analytics tools like Google Analytics and Microsoft Clarity, and uses Google Tag Manager for marketing and tracking purposes. The site is hosted under a Croatian registrar (CARNET), uses HTTPS, and shows good compliance with GDPR and cookie regulations. However, explicit security policies and incident response contacts are not found, which could be improved to enhance trust and security posture. Overall, the website is professional, user-friendly, and trustworthy, serving a medium-sized business audience in Croatia.

P

Poliklinika i dnevna bolnica IMED

imed.hr

0

Poliklinika i dnevna bolnica IMED is a specialized healthcare provider based in Croatia, focusing on complex dental cases and combining dental medicine, implantology, orthodontics, aesthetic surgery, and ENT services. The website reflects a professional and modern digital presence, leveraging Nuxt.js and Tailwind CSS frameworks, with integrated analytics and cookie consent mechanisms. The site is well-structured, mobile-optimized, and provides essential contact information, although explicit privacy and terms of service policies are missing. Security posture is good with HTTPS and security headers in place, but lacks published incident response or vulnerability disclosure policies. Overall, the business appears legitimate and trustworthy with a solid technical foundation but could improve compliance documentation and transparency.

H

Početna - HEDONE

hedone.hr

0

The website 'hedone.hr' appears to be a Croatian business site titled 'Početna - HEDONE'. It is built on a WordPress platform using WooCommerce for e-commerce capabilities and Elementor for page building. The site uses Google Fonts and Font Awesome for styling and icons, and Google Tag Manager for analytics tracking. However, the site lacks visible privacy, cookie, and terms of service policies, which are critical for compliance and user trust. No contact information or security policies are evident, which may impact user confidence and regulatory compliance. The technical infrastructure is modern but lacks visible security headers and explicit security best practices. Overall, the site is functional and moderately optimized for SEO and mobile use but requires improvements in privacy, security, and transparency to enhance trust and compliance.

T

Telensa Tech

telensatech.com

0

Telensa Tech is a small technology company specializing in Telco ICT and cybersecurity services, offering tailored solutions such as cloud services, system integration, telco, colocation, and comprehensive IT support. The website is professionally designed on the Squarespace platform, with clear navigation and a focus on business clients seeking digital infrastructure and security solutions. Technically, the site uses modern web technologies, has good SSL configuration with HTTPS and HSTS, and integrates Google Tag Manager for analytics. However, the absence of privacy and cookie policies and lack of WHOIS registration data present compliance and legitimacy concerns. Security posture is strong in SSL but could be improved with additional security headers and incident response information. Overall, the site is functional and professional but requires enhancements in privacy compliance and domain registration transparency.

I

Iskon

iskon.hr

0

Iskon.hr is the official website of Iskon, a Croatian telecommunications provider offering fixed internet, television (Iskon.Play TV), and other telecom services for residential and business customers. The website presents a professional and modern design built with React and Next.js frameworks, utilizing Ant Design components. The content is relevant and targeted primarily at Croatian consumers and businesses seeking telecom solutions. However, the site lacks explicit privacy and cookie policies, which are critical for GDPR compliance and user trust. Security posture is moderate with HTTPS likely enabled but missing key security headers and no visible incident response or vulnerability disclosure information. Overall, the website is functional and credible but would benefit from enhanced privacy compliance and security transparency.

A

Agrokor

agrokor.hr

0

Agrokor Nagodba website serves as an official communication platform for the Agrokor group’s extraordinary administration and financial restructuring process. It provides detailed information about settlement plans, legal proceedings, and updates for creditors and investors. The site targets stakeholders involved in or affected by Agrokor's complex debt restructuring. Technically, the website is built on WordPress with modern JavaScript libraries and plugins, ensuring a responsive and user-friendly experience. Security measures include HTTPS enforcement and Google reCAPTCHA integration, although some security headers could be enhanced. Privacy compliance is strong, with GDPR-aligned cookie consent mechanisms and clear privacy and terms of service pages. Overall, the site is professional, trustworthy, and well-maintained, reflecting the serious nature of the business restructuring.

G

Grad Zagreb

zagreb.hr

0

Grad Zagreb is the official governmental entity representing the City of Zagreb, Croatia. The website serves as a comprehensive portal for residents, businesses, and visitors, providing access to city news, administrative information, public services, and digital resources across multiple sectors including education, culture, transportation, social welfare, and urban planning. The site is positioned as the authoritative source for municipal governance and citizen engagement in Zagreb. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and various JavaScript libraries to deliver a responsive and accessible user experience. It integrates Google Analytics for traffic analysis and Kraken Optimize for performance enhancements. The site is mobile-optimized and features clear navigation structures, multi-level menus, and accessibility considerations. From a security perspective, the site enforces HTTPS with a strong SSL configuration and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security policies and incident response information are not publicly available, and no vulnerability disclosure policy was found. The WHOIS data confirms the domain's legitimacy and consistency with the official city government entity. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable digital platform for the City of Zagreb. Strategic improvements could focus on enhancing transparency around security policies and incident response to further strengthen user trust and security posture.

D

Dekra

dekra-arbeit.hr

0

Dekra is a Croatian-based company specializing in human resources outsourcing, event logistics, and market research services. With over 18 years of experience and multiple offices across Croatia, Dekra positions itself as a reliable partner for businesses and job seekers. Their service portfolio includes agency work, HR consulting, recruitment mediation, and innovative solutions like Try & Hire and Mystery Shopping. The website reflects a professional and consistent brand image, targeting Croatian businesses and employees. Technically, the site is built on WordPress with modern libraries and plugins, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, GDPR compliance, and anti-spam measures, though some security headers could be improved. Overall, the site is trustworthy and well-maintained, though WHOIS data is unavailable due to privacy regulations.

S

Sport 360

sport360.hr

0

Sport 360 is a Croatian sports marketing agency providing specialized marketing services within the sports sector. The company targets sports organizations and businesses in Croatia, positioning itself as a local expert in sports marketing. The website is professionally designed using the Wix platform, featuring good content quality and consistent branding. Technical infrastructure relies on Wix's Thunderbolt framework and standard polyfills, ensuring moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled but lacks advanced security headers and privacy compliance mechanisms. Overall, the site is functional and credible but would benefit from enhanced privacy and security features.

The website printstudio.hr is currently inaccessible to the public, returning a 403 Forbidden error page. This indicates that access is restricted or blocked, preventing any meaningful content or business information from being displayed. The domain is registered in Croatia with a long history dating back to 1996, suggesting an established presence. However, the lack of accessible content, contact details, or policies severely limits the ability to assess the business or its digital maturity. Technically, no scripts, analytics, or security headers are present, and no HTTPS status could be confirmed from the provided data. The security posture is weak due to the absence of visible security best practices and policies. Overall, the site is currently non-functional for end users, resulting in a low AI score and high risk for trust and usability.

V

Vulkal d.o.o.

vulkal.hr

0

Vulkal d.o.o. is a Croatian retail company specializing in the sale of automotive tires, offering a large inventory of over 100,000 tires including summer, winter, and all-season options for various vehicle types. The company targets individual consumers and businesses across Croatia, providing delivery services nationwide. The website is professionally designed with good content quality and consistent branding, reflecting a strong market position as a leading tire retailer in the region. Technically, the site is built on the nopCommerce platform and integrates modern marketing and analytics tools such as Google Tag Manager and Facebook Pixel, alongside a robust cookie consent management system to ensure GDPR compliance. Security posture is adequate with HTTPS enabled and anti-forgery mechanisms in place, though there is room for improvement in security headers and incident response transparency. Overall, the website presents a trustworthy and professional digital presence with extensive user tracking and advertising vendor integrations, balanced by comprehensive privacy controls.

D

DataBox

databox.hr

0

DataBox is a Croatian technology company specializing in secure data center colocation, cloud computing services, and telecommunication solutions. Established in 2014, the company positions itself as a key provider of secure business infrastructure in Croatia, offering Tier 3 and Tier 4 standard data center facilities, cloud backup, disaster recovery, and advanced IP telephony services. Their market position is supported by over 10 years of experience and a focus on reliability and security for business customers. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery and integrates Google Analytics and Tag Manager for tracking. The site is well-optimized for SEO and mobile devices, with a professional design and clear navigation. Security-wise, the site uses HTTPS and avoids exposing sensitive data, but lacks visible security headers and explicit security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website reflects a credible and professional business with room for improvement in privacy and security transparency.

R

ROX doo

rox.hr

0

ROX doo is a well-established regional leader in consumer goods distribution, operating since 1992 with a strong presence in Croatia, Bosnia and Herzegovina, Serbia, and Slovenia. The company offers comprehensive distribution and logistics services, including transport, warehousing, and a B2B web shop, serving over 13,000 points of sale. Their market position is solidified by decades of experience and a broad supplier network. Technically, the website is built on a modern WordPress platform with up-to-date technologies such as jQuery, Bootstrap grid, and SEO optimization via Yoast. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Analytics and advertising tools like Google Analytics and Google Tag Manager are used with a cookie consent mechanism ensuring privacy compliance. From a security perspective, the site enforces HTTPS and uses cookie consent banners, but lacks visible security headers in the HTML content. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms domain legitimacy and consistency with the business claims, supporting trustworthiness. Overall, ROX doo's digital presence reflects a mature, professional business with good technical and privacy practices. Strategic improvements in security headers and incident response transparency could further enhance their security posture and trust.

F

Franck d.d.

franck.eu

0

Franck d.d. is a well-established Croatian company with over 130 years of history specializing in premium quality coffee, tea, cereal beverages, and food preparation products. The company targets both general consumers and professional hospitality sectors, offering a broad product portfolio and emphasizing corporate social responsibility. The website reflects a mature digital presence with multilingual support and a strong brand identity. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and a comprehensive cookie consent mechanism, indicating a good level of digital maturity. Security-wise, the site enforces HTTPS and cookie consent but lacks explicit security headers and published security policies, which are recommended for improvement. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, though WHOIS data is privacy-protected, limiting domain age verification. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure information, and improving accessibility features.

K

Klemm Security

klemmsecurity.hr

0

Klemm Security is a well-established Croatian company specializing in professional security solutions including physical protection, technical security systems, detective services, and risk assessment. Founded in 2003, it operates multiple subsidiaries and maintains a strong market position with premium quality services and numerous business collaborations. The website reflects a professional business model targeting companies requiring comprehensive security services. Technically, the site is built on WordPress with modern plugins and frameworks, including Avada theme and Slider Revolution, and implements essential security features such as HTTPS, Google reCAPTCHA, and cookie consent mechanisms. However, it lacks publicly accessible privacy policy and terms of service pages, which are critical for compliance and trust. Security posture is good with no visible vulnerabilities, but the absence of a security policy and incident response information is a gap. Overall, the website is trustworthy, well-branded, and provides clear contact information and social media presence.

J

Jamnica plus d.o.o.

jamnica.hr

0

Jamnica plus d.o.o. operates a professional website focused on promoting its natural mineral water and beverage products primarily targeting Croatian consumers. The company maintains a consistent brand presence with product information, recipes, and news updates. The website leverages common web technologies such as jQuery, Slick Carousel, and SVG icons, providing a good user experience with mobile optimization and clear navigation. Privacy and cookie policies are implemented with GDPR compliance, reflecting a mature approach to user data protection. However, the site lacks explicit security policies and uses an outdated jQuery version, which may pose security risks. No blocking or WAF mechanisms interfere with content accessibility, and social media integration is active, enhancing brand engagement.

G

Groupama osiguranje d.d.

groupama.hr

0

Groupama osiguranje d.d. is a Croatian insurance company operating as part of the larger French Groupama Group. The company offers a broad range of insurance products including life, motor vehicle, health, and property insurance, targeting both individual and corporate clients in Croatia. The website reflects a professional and consistent brand image aligned with its parent company. Technically, the site uses a combination of established front-end frameworks and libraries such as Bootstrap, jQuery, and Google Analytics for tracking, with a moderate performance profile and good mobile optimization. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible advanced security headers and explicit security policies. Overall, the domain registration and WHOIS data support the legitimacy of the business. The site is safe for general audiences and does not contain any adult or questionable content.

B

Ban Tours

bantours.hr

0

Ban Tours is a Croatian travel agency specializing in organizing various types of travel including group, individual, private, and corporate trips, seminars, congresses, incentive travels, and team building events. The company holds a strong market position as a leader in sports travel with over 15 years of experience and owns a fleet of 44 Dufour sailing yachts for Adriatic charters. Their target audience includes sports enthusiasts, corporate clients, and individual travelers. The website is professionally designed using Webflow, with good mobile optimization and clear navigation. Technical infrastructure includes modern web technologies and CDN hosting, providing moderate performance. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and dedicated security policies. Privacy and cookie policies are present, supporting basic GDPR compliance. Contact information is clearly provided, enhancing business credibility. WHOIS data confirms domain legitimacy and consistency with business claims, supporting a high trust score. Overall, the website is a reliable and professional digital presence for Ban Tours.

R

RALU Logistika d.d.

ralulogistics.com

0

RALU Logistika d.d. is a well-established third-party logistics provider specializing in integrated cold chain services, including international and national transport, warehousing, and distribution across Croatia, Serbia, and Europe. The company has a strong market position supported by over 30 years of experience and a large fleet and infrastructure. Their website reflects a professional digital presence built on WordPress with Elementor, incorporating modern analytics and cookie consent mechanisms. Security posture is solid with HTTPS, domain transfer lock, and no detected vulnerabilities, though some security policies and disclosures could be improved. Overall, the company demonstrates transparency and compliance with GDPR, enhancing trustworthiness.

Z

Zaklada GNK Dinamo Nema Predaje

zakladanemapredaje.hr

0

Zaklada GNK Dinamo Nema Predaje is a Croatian non-profit foundation officially affiliated with the GNK Dinamo football club. The foundation focuses on promoting equality, social inclusion, and providing humanitarian aid, particularly targeting persons with disabilities, socially vulnerable groups, and young talented athletes. The website serves as a platform to communicate the foundation's mission, programs, and events, and facilitates donations and community engagement. It maintains a strong presence on social media and provides comprehensive contact and legal information.