Security Directory

H

HŽ Infrastruktura d.o.o.

hzinfra.hr

0

HŽ Infrastruktura d.o.o. is a Croatian state-owned enterprise responsible for organizing, regulating, maintaining, and constructing railway infrastructure, which is a public good. The website serves as an informational portal primarily targeting Croatian railway users and stakeholders. Technically, the site is built on WordPress using the Divi theme, incorporating standard web technologies such as jQuery and Google Fonts. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS presumably enabled but lacking visible security headers and explicit security policies. Privacy compliance is limited, with no privacy or terms of service pages detected, though a cookie consent mechanism is present. Overall, the domain registration data aligns well with the business entity, supporting legitimacy. Strategic improvements in privacy transparency, security headers, and contact information visibility are recommended to enhance trust and compliance.

C

CC Real

cc-real.com

0

CC Real is a small Austrian real estate investment and asset management company with a well-established online presence since 2007. The website presents a professional image with clear business descriptions and contact information, targeting investors and clients interested in real estate assets. The technical infrastructure is based on WordPress with modern plugins such as Yoast SEO and Real Cookie Banner Pro, indicating a mature digital setup. Analytics and marketing tools are implemented with GDPR compliance in mind, including cookie consent mechanisms and privacy policies. Security posture is good with HTTPS enabled and domain registration protections, though some security headers could be improved. Overall, the site is trustworthy and professionally maintained, with no critical vulnerabilities or suspicious indicators detected.

C

City Mix&Match

citymixandmatch.hr

0

City Mix&Match is a Croatian fashion, beauty, and lifestyle content platform providing trend reports and lifestyle articles primarily targeting a general audience interested in contemporary fashion and lifestyle trends. The website operates under the parent company City Center One, a known retail entity, and maintains a consistent brand presence with a focus on regional content. Technically, the site is built on WordPress with modern JavaScript libraries and includes GDPR-compliant consent management. The site demonstrates good mobile optimization and SEO practices, though some security headers are missing. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks explicit security policies or incident response contacts. Overall, the site is legitimate, professionally maintained, and suitable for its audience.

C

Consent

consent.hr

0

Consent.hr is a Croatian-based consultancy specializing in GDPR and data privacy compliance services. The company offers a comprehensive suite of services including full GDPR adaptation, data protection impact assessments, external data protection officer roles, consent management, contract regulation with third parties, and privacy by design consulting. The website positions Consent as a niche player focused on fostering a culture of privacy among businesses and organizations in Croatia. The content is professionally presented with a clear focus on GDPR compliance and education, supported by a regularly updated blog authored by experts.

V

Vodovod i kanalizacija d.o.o. Ogulin

vodovod-ogulin.hr

0

Vodovod i kanalizacija d.o.o. Ogulin is a local public utility company providing potable water supply and sewage services to the Ogulin region in Croatia. The company emphasizes quality water provision, environmental protection, and customer satisfaction. The website serves as an information portal for consumers, offering news, service information, and contact options. The business operates in the energy sector with a small company size and targets local residents and water consumers. Technically, the website is built on WordPress using common plugins and libraries such as jQuery, Bootstrap, and Google reCAPTCHA. It features accessibility tools and is mobile optimized, providing a good user experience. However, the site lacks some advanced SEO and security configurations, such as security headers and detailed privacy policies. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. Google reCAPTCHA is used to protect forms from abuse. However, there is no published security or incident response policy, and the domain registration uses privacy protection, which reduces transparency. No critical vulnerabilities or malicious content were detected. Overall, the website is functional, professional, and trustworthy for its purpose but would benefit from enhanced privacy disclosures, security headers, and transparency in domain registration to improve trust and compliance.

P

Privacy service provided by Withheld for Privacy ehf

zakon.ai

0

Zakon.ai is a technology company offering an AI-powered legal search platform focused on Croatian and European law. The platform provides instant access to laws, regulations, court decisions, and EU directives, targeting legal professionals, entrepreneurs, and citizens. The business model is subscription-based with free trials and multiple pricing tiers. The website is professionally designed using WordPress and Elementor, integrating modern tools such as Google Analytics and cookie consent management. The technical infrastructure is solid, with HTTPS enabled and a secure domain status, although DNSSEC is not enabled. Security posture is good but could be improved by adding security headers and publishing security policies. Privacy compliance is basic, with a cookie consent mechanism but no explicit privacy policy found. Overall, the site is trustworthy and safe for general audiences.

C

Comp-On AG, HR Solutions

comp-on.ch

0

Comp-On AG is a Swiss-based company specializing in HR compensation solutions, targeting businesses seeking practical and understandable approaches to remuneration questions. The company operates a professional website built on WordPress with the Divi theme, integrating modern SEO and analytics tools such as Yoast SEO and Google Analytics. The website content is well-structured and relevant to its niche market, reflecting a small-sized enterprise with a clear business focus. Technically, the site demonstrates moderate performance and good mobile optimization, though some accessibility features could be enhanced. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but lacks explicit security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism present but missing a formal privacy policy and terms of service. WHOIS data confirms the legitimacy and consistency of the domain registration with the business identity. Overall, the site is trustworthy and professional but would benefit from improved privacy and security documentation to enhance compliance and user trust.

H

heckersolar.com

heckert-solar.com

0

Heckert Solar Shop is a German-based specialized provider of photovoltaic (PV) modules, inverters, and storage solutions targeting both private consumers and business customers. The company offers a comprehensive product range including solar modules, balcony power plants, inverters from multiple brands, PV storage systems, commercial storage, mounting systems, e-mobility products, and accessories. The website is professionally designed, mobile-optimized, and built on the Shopware CMS platform, indicating a mature digital infrastructure. The presence of multiple advertising and tracking technologies such as Google Analytics 4, Facebook Pixel, and various ad networks reflects an active marketing strategy. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which should be verified. The website lacks explicit privacy policy and terms of service pages, though it implements a cookie consent mechanism. Security posture is generally good with HTTPS enforced but could be improved by adding security headers and publishing security policies. Overall, the site presents a trustworthy and professional front for a medium-sized energy sector business in Germany.

J

Jonatan Heyman

heynote.com

0

Heynote is a specialized software tool designed as a scratchpad for developers, enabling efficient note-taking with features such as block-based text buffers, syntax highlighting, and calculator functionality. The product is open source, with releases hosted on GitHub, targeting developers and power users seeking productivity enhancements. The website presents a professional and consistent brand image, with clear navigation and relevant content focused on its niche audience. Technically, the site uses modern web technologies including JavaScript and CSS, and is hosted with Cloudflare DNS and GitHub for releases, ensuring good performance and availability. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanisms, despite usage of Google Analytics. Business credibility is supported by open source transparency and domain longevity. Overall, the site is trustworthy and functional but would benefit from enhanced privacy and security disclosures.

C

CoolHotels.in

coolhotels.in

0

CoolHotels.in is a boutique online platform specializing in discovering and booking unique, luxurious, and curated hotels worldwide. Founded in 2021, the company targets travelers seeking distinctive hotel experiences through expert-curated guides and simple online booking links. The website presents a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern web technologies including Google Fonts, Leaflet for maps, and Google Analytics for tracking, with a custom CMS or framework. Security posture is solid with HTTPS and cookie consent mechanisms, though security headers and formal security policies are absent. Privacy compliance is well addressed with a clear privacy and cookie policy. Overall, the business appears legitimate and trustworthy with consistent WHOIS data and no suspicious indicators.

W

Where to Stay

wheretostay.in

0

Wheretostay.in is a niche travel guide website offering detailed neighborhood and area guides for travelers worldwide. The site integrates high-quality maps and hotel listings to assist users in selecting accommodation based on neighborhood characteristics. The business targets travelers seeking comprehensive and up-to-date local insights to enhance their travel experience. Technically, the website employs modern web technologies including JavaScript, CSS, and integrates Google Analytics and Google Ads for tracking and advertising. The site is mobile optimized and presents a professional design with clear navigation. Security-wise, the site uses HTTPS but lacks security headers and published security policies, which are areas for improvement. Privacy compliance is minimal, with no visible privacy or cookie policies or consent mechanisms. Overall, the website is functional and trustworthy but would benefit from enhanced privacy and security practices to improve compliance and user trust.

Jessica Stuart-Beck's website serves as a personal portfolio for an artist specializing in watercolor paintings, with a focus on showcasing artwork and providing exhibition information. The site targets art enthusiasts and potential visitors primarily in Sweden. The business model is centered on art promotion and sales through exhibitions and books authored by the artist. The website is hosted on Netlify and uses modern web technologies including Google Analytics and Tag Manager for visitor tracking. The technical infrastructure is moderate in performance and mobile optimized, though accessibility and SEO are basic. Security posture is limited due to lack of visible security headers and missing privacy and cookie policies. The WHOIS data is unavailable, raising concerns about domain registration legitimacy, although the website content appears genuine and professional. Overall, the site is functional but lacks critical compliance and security features.

O

OÜ Eesti Elektroonikaromu

elektroonikaromu.ee

0

OÜ Eesti Elektroonikaromu operates as a producer responsibility organization in Estonia, focusing on the collection and recycling of electronic waste, batteries, and accumulators. It is the largest network for electronic device collection in Estonia, providing free disposal services and compliance support for producers, importers, retailers, and online shops. The organization is well-established with a domain age since 2010 and recognized market presence, including partnerships such as the pilot electronic waste collection station in Ülemiste shopping center. Technically, the website is built on WordPress with modern themes and SEO tools, employing Google Analytics and Leadfeeder for visitor tracking. Security posture is adequate with HTTPS enforced but lacks some advanced security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional, trustworthy, and serves a clear environmental and regulatory function in Estonia.

C

Coop Eesti Keskühistu

coopkokad.ee

0

Coop Eesti Keskühistu operates the Coop Kokad website, a retail cooperative focused on selling food products in Estonia. The company is well-established with a domain age consistent with its founding year 2017. The website is built on a modern Drupal 10 CMS with Commerce 3, integrating advanced cookie consent management via Cookiebot and analytics tools such as Google Analytics and Hotjar. Advertising is managed through major networks including Adform and Meta Platforms, ensuring targeted marketing and retargeting capabilities. The website demonstrates good technical maturity with HTTPS, responsive design, and clear business information. Security posture is solid with encrypted connections and consent mechanisms, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

C

Coop Pank

cooppank.ee

0

Coop Pank is a well-established Estonian bank offering a comprehensive range of retail and business banking services including loans, savings, insurance, and payment solutions. The bank positions itself as a local partner for customers both in urban and rural areas, emphasizing innovative and customer-centric financial products. The website reflects a mature digital presence with modern technologies such as React and Next.js, and integrates multimedia content and social media channels effectively. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit cookie consent mechanisms and published security policies could be improved. Overall, the site is professional, trustworthy, and well-aligned with the company's business objectives and regulatory requirements.

W

wimagguc

wimagguc.com

0

The website www.wimagguc.com is a personal newsletter hosted on the Substack platform, focusing on publishing articles and essays under the brand 'wimagguc'. The publication was launched approximately 9 months ago and targets a general audience interested in thoughtful media content. The business model revolves around subscription-based content delivery via Substack, with no direct company contact information or extensive business infrastructure visible on the site. Technically, the site leverages Substack's hosting and CDN services, uses HTTPS with good SSL configuration, and integrates third-party services like Sentry for error tracking and Calendly for scheduling. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though additional security headers and incident response information could enhance trust. Privacy compliance is good, with clear links to Substack's privacy and terms pages and a cookie consent mechanism. Overall, the site is trustworthy and safe for general audiences, but the lack of WHOIS data and direct contact information limits full business credibility assessment.

KADOS s.r.o. is a small Czech company specializing in retail sales of construction materials and CNC machining services. The company operates a physical store in Hladké Životice near Nový Jičín and offers a broad range of building products including bagged mixtures, masonry materials, waterproofing, roofing, concrete products, drywall, insulation, and more. Their business model combines retail sales with CNC machining services such as drilling, milling, and turning. The website is professionally designed using WordPress with WooCommerce and the Avada theme, providing a good user experience and clear navigation. Technical infrastructure is modern and includes integration with Google Maps for location display. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy or cookie policies, indicating room for compliance improvement. WHOIS data is unavailable, which slightly reduces trustworthiness but the website content and contact information support legitimacy. Overall, the site is safe, professional, and targeted at construction professionals and customers in the Czech Republic.

Z

Zemspol Studénka a. s.

zemspol-studenka.cz

0

Zemspol Studénka a.s. is a medium-sized Czech company specializing in agricultural production and energy generation through biogas plants. The company operates biogas stations, produces animal feed, cultivates oilseeds, cereals, and medicinal plants, and is a leading milk supplier in its region. The website reflects a professional presence with clear business descriptions and contact information, targeting stakeholders in agriculture and energy sectors. Technically, the website is built on WordPress using the Avada theme and Yoast SEO Premium plugin, indicating a modern CMS infrastructure with SEO considerations. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Hosting and domain registration are consistent and long-standing, supporting business credibility. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. No incident response or vulnerability disclosure information is provided. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

TJ Niva Hladké Životice is an amateur football club based in Severní Morava, Czech Republic, with a long-standing tradition dating back to 1950. The website serves as a community hub providing match results, team rosters, photo galleries, and news updates. It targets local football enthusiasts and community members. The business model is non-profit and community-focused, emphasizing local sports engagement. Technically, the site is built on WordPress using the Avada theme, enhanced with Yoast SEO for search optimization and Google Tag Manager for analytics. The site is moderately performant and mobile-optimized, though accessibility features are basic. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal incident response policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy for its purpose but could improve compliance and security practices.

PostNord International is a leading logistics and postal service provider focused on delivering borderless e-commerce solutions globally. The company offers customizable logistics services that enable clients to expand their markets worldwide, targeting e-commerce businesses and retailers. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support, indicating a global audience. The technical infrastructure leverages modern technologies including Episerver CMS, Azure hosting, and advanced analytics tools such as Google Analytics and Microsoft Application Insights, demonstrating a commitment to performance monitoring and user experience optimization. Security posture is strong with HTTPS enforcement, comprehensive security headers, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly detailed. Overall, the website and business presence indicate a reputable and established enterprise with a focus on compliance and user privacy.

A

Abicart.se

abicart.se

0

Abicart.se is a Swedish e-commerce platform operated by Textalk AB, offering a comprehensive SaaS solution for businesses to start and manage online shops. The platform provides modern payment integrations, logistics support, multilingual capabilities, and AI-powered features such as automatic product description generation and translations. Positioned as one of Sweden's leading e-commerce platforms, Abicart targets entrepreneurs and businesses seeking affordable and scalable online store solutions. Technically, the website employs modern web technologies including React and Bootstrap, with good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms, though explicit security headers and a public security policy are absent. WHOIS data for the www subdomain is unavailable, but the main domain and business legitimacy are supported by consistent branding and contact information. Overall, the site demonstrates a professional, trustworthy, and user-friendly e-commerce service with strong market positioning in Sweden and the Nordic region.

T

textalk.se

textalk.se

0

The website www.textalk.com appears to represent a business focused on e-commerce and digital publishing solutions, referencing services such as E-paper with Prenly, PDF and EPUB accessibility remediation, and the Abicart e-commerce platform. However, the actual website content is minimal and mostly placeholder, indicating either a blocked site or incomplete deployment. The WHOIS data for the domain www.textalk.com is missing, showing no registration record, which raises concerns about the domain's legitimacy or active status. The technical infrastructure includes modern JavaScript modules and a cookie consent mechanism via Cookiebot, but lacks visible security headers or detailed SSL information. Privacy compliance is minimal with no visible privacy or terms of service pages, though cookie consent is implemented. Overall, the security posture is weak due to missing WHOIS data and minimal content, resulting in a low trust score and recommendations to improve domain registration transparency, security headers, and privacy policies.

A

Advisible

advisible.com

0

Advisible operates as a modern online advertising platform providing cloud-based digital advertising and marketing technology tailored for publishers, advertisers, and agencies. Their key offerings include a Development Kit for ad integration, native advertising solutions, content display services, and source hosting for ad code. The business model is pay-as-you-go with monthly billing and no upfront fees, positioning them as a developer-friendly and scalable solution in the advertising technology sector. The website is professionally designed with good content quality and clear navigation, targeting a specialized audience in the digital advertising space. Technically, the website employs modern web technologies such as Javascript and Google Fonts, with SVG graphics for branding. The site is mobile optimized and SEO friendly, though no CMS or specific hosting provider information is evident. Performance is moderate with room for improvement in accessibility and security headers. The cookie consent mechanism is implemented, indicating attention to privacy compliance, and privacy and cookie policies are present and accessible. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data for the domain is a notable concern, as it reduces transparency and trustworthiness despite the professional appearance of the website. No direct company contact emails or phone numbers were found, with contact primarily via web form. Overall, the website presents a credible and professional front for a niche advertising technology business but would benefit from enhanced security practices, clearer business contact information, and resolution of WHOIS data transparency to improve trust and compliance posture.

The analyzed content corresponds to an internal Chrome browser error page (chrome-error://chromewebdata/) indicating that no actual website content is accessible or loaded. This page primarily contains scripts and styles related to the Chrome offline dinosaur game and does not represent a real external website. Consequently, there is no business information, contact details, privacy or cookie policies, or security policies available for analysis. The technical infrastructure is limited to browser internal resources with no hosting or CMS details. Security posture cannot be properly assessed due to lack of real content and headers. Overall, this is not a legitimate website but a browser error page, and no meaningful business or security insights can be derived.

Nachbarschaftshilfe NRW is a regional initiative under the Kuratorium Deutsche Altershilfe, focused on promoting neighborhood help for people with care needs in North Rhine-Westphalia, Germany. The website serves as an information hub offering educational courses, materials, and guidance to volunteers and care recipients. It is positioned as a trusted non-profit supported by government entities and regional offices. Technically, the site is built on WordPress with modern plugins and themes, ensuring good accessibility, mobile optimization, and SEO. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. Security posture is solid with HTTPS and no evident vulnerabilities, though DNSSEC is not enabled and some security headers are missing. Overall, the site is professional, trustworthy, and well-aligned with its mission.

T

Taquiri GmbH & Co. KG

taquiri.de

0

Taquiri GmbH & Co. KG is a well-established German internet agency specializing in WordPress website development, online shops, SEO, advertising, and web hosting services. With over 25 years of experience, the company targets businesses seeking professional digital presence and marketing solutions. The website reflects a mature digital infrastructure built on WordPress with modern frameworks like Bootstrap and privacy-respecting analytics via Matomo. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The company demonstrates strong business credibility through consistent branding, comprehensive contact information, and excellent customer reviews. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

KTM Journal, operated by medhochzwei Verlag GmbH, is a leading German-language specialist publication focused on healthcare technology and management. It targets healthcare professionals and decision-makers in hospitals across the DACH region, providing credible, practical information on trends, innovations, and technologies in healthcare. The publication offers print and online editions, newsletters, events, and advertising services, positioning itself as a trusted media source in the healthcare sector. Technically, the website is built on the Contao Open Source CMS platform, utilizing jQuery and Google Tag Manager with privacy-conscious configurations. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security best practices such as HTTPS enforcement and cookie consent mechanisms are implemented, though explicit security headers and incident response policies are not publicly documented. From a security perspective, the site demonstrates a solid posture with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, featuring a comprehensive privacy policy and cookie consent banner with granular user controls. The WHOIS data aligns consistently with the website's business claims, reinforcing legitimacy. Overall, the site is professional, trustworthy, and well-maintained, with room for improvement in explicit security policy disclosures and terms of service availability. Strategic recommendations include enhancing security header implementation, publishing a dedicated security policy and incident response contacts, and considering a vulnerability disclosure framework to further strengthen trust and compliance.

S

SOGO

pluginsmarket.com

0

Sogo WordPress Plugins Market is a small technology business specializing in the development and sale of WordPress plugins. The website offers a range of plugins including calendar widgets, author recent posts, accessibility tools, and premium support services. The target audience primarily consists of WordPress site owners and developers seeking specialized plugin solutions. The business operates an e-commerce model leveraging the Easy Digital Downloads platform for sales and distribution. The domain age and registration details align well with the business history, supporting legitimacy and trustworthiness. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and several third-party integrations such as Google Analytics, Google reCAPTCHA, and Tawk.to live chat. The site demonstrates good mobile optimization and accessibility features, including a dedicated accessibility plugin and UI controls. Performance is moderate with room for improvement in SEO and technical optimization. From a security perspective, the site uses HTTPS and implements reCAPTCHA for form protection, but lacks explicit security headers and DNSSEC. There is no published security policy or incident response information, and no vulnerability disclosure mechanism is present. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Contact information is limited to contact forms without direct emails or phone numbers. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, improved security headers, and clearer contact and policy disclosures to strengthen trust and security posture.

The website www.ilo.org represents the International Labour Organization, a United Nations specialized agency focused on labour standards and employment issues globally. The organization operates at an enterprise scale with a long history dating back to 1919 and serves governments, employers, workers, and researchers worldwide. However, the current website content is inaccessible due to a Cloudflare Turnstile CAPTCHA challenge, preventing direct analysis of the site's content, metadata, and policies. The technical infrastructure includes Cloudflare protection but no further technology stack details are visible. Security posture is limited to the presence of Cloudflare WAF, with no additional security headers or SSL configuration details available. WHOIS data is unavailable due to a malformed response, but the domain is consistent with a legitimate UN agency. Overall, the site is safe with no adult or explicit content, but the WAF challenge limits comprehensive evaluation.

G

Gütegemeinschaft Anwerbung und Vermittlung von Pflegekräften aus dem Ausland e.V.

fair-recruitment-nurse.com

0

The website represents a small healthcare-focused organization dedicated to promoting ethical recruitment of international nursing professionals to Germany. It operates by certifying recruitment agencies with a recognized quality seal, ensuring fair, transparent, and responsible hiring practices. The target audience is internationally educated nurses seeking employment in Germany. The website is built on a modern WordPress infrastructure using Oxygen Builder and Alpine.js, providing a good user experience with mobile optimization and SEO best practices. Security posture is adequate with HTTPS and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy but could improve in security and privacy transparency.

J

Joker

joker.hr

0

Joker.hr is the official website of Joker, a retail shopping center located in the heart of Split, Croatia. The site offers comprehensive information about the shopping center's stores, restaurants, entertainment options, and services such as parking and fitness. The business targets local shoppers and visitors seeking a diverse retail and leisure experience. The website is well-structured, professionally designed, and optimized for mobile devices, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and tracking tools, including Google Tag Manager and Mailchimp integration. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit policies are missing. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Overall, the domain registration aligns with the business claims, supporting legitimacy and trustworthiness.

The website rosesdesigneroutlet.hr is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks direct access to content. This prevents extraction of business, contact, or policy information. The domain is registered in Croatia since 2015 with a reputable registrar, indicating a legitimate registration. However, the lack of accessible content limits the ability to assess the company's market position, services, or compliance posture. Technically, the site uses Cloudflare's security services, but no further technology or CMS details are available. Security posture cannot be fully evaluated due to blocked content, but the presence of Cloudflare WAF indicates some level of protection. Overall, the site scores low on AI evaluation due to inaccessibility, with recommendations to allow content access for full analysis.

A

Avenue Mall

avenuemall.hr

0

Avenue Mall is a well-established retail shopping center located in Zagreb, Croatia, offering a wide range of retail stores, food and beverage outlets, and entertainment options. The website reflects a medium-sized business with a strong local market presence and a focus on customer engagement through promotions, events, and a loyalty program. Technically, the site employs modern web technologies including jQuery UI, Slick Slider, and integrates marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Hotjar, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in security headers and incident response transparency. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the website is professional, user-friendly, and trustworthy, supporting the business's retail and hospitality operations effectively.

K

KING CROSS

king-cross.hr

0

KING CROSS is a retail shopping center website based in Croatia, offering a variety of products related to sports, home, family, and leisure. The website targets a general audience looking for convenient and affordable shopping options. The site is built on WordPress CMS with SEO optimizations via Yoast and uses modern UI components such as Swiper.js. The technical infrastructure appears moderate in performance and mobile optimization, with HTTPS enabled ensuring basic transport security. However, the absence of visible security headers and explicit privacy and cookie policies indicates room for improvement in security and compliance. No contact information or incident response details are publicly available, which may affect user trust and compliance with GDPR transparency requirements. Overall, the website is functional and professional but would benefit from enhanced security and privacy practices.

A

Arena Center Zagreb d.o.o.

arenacentar.hr

0

Arena Centar is a well-established large retail shopping center located in Croatia, operated by Arena Center Zagreb d.o.o. and owned by the parent company NEPI Rockcastle. The website provides comprehensive information about the shopping center's services, including retail stores, dining, entertainment, parking, and customer engagement via a mobile app and gift cards. The site targets a broad audience including local residents, families, and visitors seeking shopping and leisure experiences. Technically, the website is built on modern frameworks such as Next.js and React, with integrations for analytics and marketing tools like Google Tag Manager, Facebook Pixel, and TikTok Pixel. Hosting and DNS are managed by reputable providers, ensuring stable performance and security. Security posture is good with HTTPS enforced and consent mechanisms for cookies, though explicit security policies and incident response details are not publicly available. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, providing a positive user experience and strong business credibility.

C

City Center One

citycenterone.hr

0

City Center One operates as a major retail shopping center brand in Croatia, with locations in Zagreb and Split. The website presents a professional and well-structured digital presence, highlighting over 450 international and domestic stores. The business model focuses on retail space leasing, advertising, and shopping center management, targeting general consumers in Croatia. The domain age and WHOIS data align well with the business claims, supporting legitimacy. Technically, the site uses WordPress with common JavaScript libraries and a consent management platform to ensure GDPR compliance. Security posture is solid with HTTPS and no visible vulnerabilities, though additional security headers and explicit security policies could enhance trust. Privacy and cookie policies are present and comprehensive, supporting regulatory compliance. Overall, the website is a trustworthy and professional representation of a large retail business in Croatia.

The website ww16.westgate-shopping.com is a parked domain page primarily serving as a placeholder to advertise the domain westgate-shopping.com for sale via the Sedo domain parking service. The site contains minimal content focused on domain resale, with no active business operations, contact information, or company details presented. The technical infrastructure relies on basic HTML, CSS, and JavaScript with embedded Google Ads and Sedo parking scripts. There is no evidence of HTTPS or advanced security configurations, and the privacy policy is a generic Sedo parking policy in German. The domain WHOIS data is unavailable, indicating the domain may be unregistered or privacy protected, which reduces trustworthiness. Overall, the site functions solely as a domain marketplace listing with limited digital maturity and minimal security posture.

G

Gransy d.o.o.

jeftinije.hr

0

Jeftinije.hr is a Croatian price comparison website operated by Gransy d.o.o., established in 2016. The platform offers comprehensive online price comparisons, shopping guides, and product reviews targeted at Croatian consumers seeking the best deals. It holds a strong market position as a leading price comparison portal in Croatia, leveraging partnerships with regional sites across Central and Eastern Europe. Technically, the website employs modern JavaScript libraries, Cloudflare DNS, and integrates Google Tag Manager and DoubleClick for advertising and analytics. The site is mobile-optimized with good SEO practices but lacks explicit privacy and terms of service documentation in the accessible content. Security posture is adequate with HTTPS and cookie consent mechanisms, though security headers and incident response information are missing. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency.

The website nabava.net is currently inaccessible due to a Cloudflare Turnstile security challenge page that requires human verification before access. This prevents any direct analysis of the website's content, business information, or security posture beyond the presence of the WAF. The domain is registered since 2001 with COREhub, S.R.L., indicating a long-standing registration, but no further registrant details or business information are available. The website uses Cloudflare for security and hosting, with HTTPS enabled and no DNSSEC configured. No privacy, cookie, or terms of service policies are visible, nor any contact information or forms. Overall, the site appears to be protected by Cloudflare but lacks publicly accessible content for detailed analysis.

K

Katalozi.net / Svi katalozi na jednom mjestu

katalozi.net

0

Katalozi.net is a Croatian retail catalog aggregation website established in 2012, providing users with access to various promotional catalogs and offers from multiple retailers. The site leverages WordPress CMS with Yoast SEO for content management and optimization, and monetizes through Google Adsense advertising. The technical infrastructure includes Cloudflare DNS and hosting via GoDaddy.com, LLC. The website is well-structured with good navigation and content relevance, targeting general retail consumers in Croatia and neighboring regions. Security posture is moderate with HTTPS enabled and domain registration locks, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. No direct contact or incident response information is provided, limiting transparency. Overall, the site is functional and trustworthy for its business purpose but requires improvements in privacy and security disclosures.

Gorivo.com operates as a regional ride-sharing platform primarily serving Croatia and neighboring countries. It facilitates peer-to-peer transportation by allowing users to offer and request rides, focusing on routes within Croatia and nearby European nations. The platform has been active since 2003, indicating a mature presence in its niche market. The website's business model centers on connecting drivers and passengers, providing a cost-effective and community-driven transportation alternative. Its market position is niche but stable, targeting individuals seeking carpooling options in the region. Technically, the website is built on ASP.NET WebForms with supporting libraries such as jQuery and Bootstrap, reflecting a legacy but functional technology stack. The site includes standard web fonts, UI components, and Google Adsense for monetization. Performance and mobile optimization are basic, with room for modernization. The site employs cookie consent mechanisms and basic privacy compliance features, though lacks advanced SEO and accessibility optimizations. From a security perspective, the site uses HTTPS and has domain transfer protections in place, but lacks advanced security headers and DNSSEC. No explicit security or incident response policies are published, which could be a gap in compliance and trust. Advertising practices involve multiple ad networks and tracking vendors, indicating moderate user tracking. The overall security posture is average, with recommendations to enhance headers, enable DNSSEC, and publish security policies. Overall, Gorivo.com presents a functional but basic digital presence with moderate trustworthiness and compliance. Strategic improvements in security, privacy transparency, and technical modernization would enhance its risk profile and user confidence.

H

Vozni red vlakova | Udaljenosti.com

hznet.hr

0

Udaljenosti.com is a Croatian travel information website specializing in train schedules and travel planning for Croatian Railways. It targets travelers and commuters in Croatia, providing distance calculations and schedule lookups. The site operates primarily on an advertising revenue model and has been active since at least 2012. Technically, it uses a mix of legacy and modern web technologies including Google Fonts, Leaflet maps, Google Maps API, and Google Analytics. The site implements a cookie consent mechanism and integrates multiple advertising and tracking services. Security posture is moderate but could be improved by updating outdated libraries and adding security headers. WHOIS data is unavailable, which raises some concerns about domain legitimacy despite the active and functional website. Overall, the site is functional and provides relevant content but should address security and legitimacy concerns for improved trust.

H

Hrvatski Telekom d.d.

akz.hr

0

The website www.akz.hr serves as the official online platform for the Zagreb Bus Station, providing extensive bus ticketing services across Croatia and neighboring countries. It offers users the ability to search for bus schedules, purchase tickets online up to 15 minutes before departure, and access real-time status updates for arrivals and departures. The platform supports mobile app integration, enhancing accessibility for travelers. The business is positioned as a key transportation service provider in the region, backed by Hrvatski Telekom d.d., a reputable Croatian telecommunications company. Technically, the website employs standard web technologies including HTML5, CSS3, and JavaScript, with integrations of Google Tag Manager and Google Analytics for marketing and analytics purposes. Hosting is managed by Hrvatski Telekom with Cloudflare DNS services, ensuring reliable domain resolution. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers such as Content Security Policy and HSTS, which are recommended for enhanced protection. Privacy compliance is limited due to the absence of a visible privacy policy and terms of service, representing a compliance gap especially under GDPR. No incident response or vulnerability disclosure information is provided. Overall, the website is trustworthy and professionally maintained, with a strong business credibility score. Strategic improvements in privacy policy publication, security header implementation, and comprehensive compliance documentation would elevate its security posture and user trust.

C

Coolinarika

coolinarika.com

0

Coolinarika is a well-established Croatian culinary website offering a rich platform for recipes, cooking inspiration, and food-related content. It targets a general audience interested in cooking and culinary arts, positioning itself as a leading media site in this niche within Croatia. The website leverages modern web technologies including React and Next.js, hosted on Azure CDN, ensuring fast performance and excellent mobile optimization. The presence of structured data and social media integration further enhances its digital maturity. Security-wise, the site enforces HTTPS, employs security headers, and manages user consent for cookies, reflecting a good security posture. However, the absence of WHOIS registrant data and direct company contact emails slightly reduces transparency. Overall, the site is professional, trustworthy, and compliant with GDPR, making it a reliable resource for its users.

Z

Zagrebačka banka

zaba.hr

0

Zagrebačka banka is a leading Croatian financial institution offering a broad range of retail and corporate banking services. The website reflects a mature digital presence with comprehensive information on loans, savings, insurance, and digital banking platforms such as mobile and internet banking. The bank targets a wide audience including individuals, small and large businesses, and private banking clients. The site is professionally designed with consistent branding and clear navigation, supporting a strong market position within Croatia and under the UniCredit Group umbrella. Technically, the website employs modern JavaScript libraries and analytics tools such as Adobe Analytics and Tealium, hosted on Akamai infrastructure for performance and reliability. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response disclosures are absent. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations such as GDPR. No critical vulnerabilities or suspicious activities were detected. The domain's WHOIS data confirms legitimacy with a long registration history and consistent registrant information. Strategic recommendations include publishing a dedicated security policy, incident response plan, and vulnerability disclosure guidelines to enhance transparency and trust. Regular security audits and header enhancements would further strengthen the security posture.

H

Hrvatska narodna banka

hnb.hr

0

Hrvatska narodna banka (HNB) is the central bank of the Republic of Croatia, responsible for monetary policy, financial stability, banking supervision, and currency issuance. The website serves as an official portal providing comprehensive information about the bank's functions, regulatory framework, statistics, publications, and consumer protection. It targets a broad audience including the general public, financial institutions, and government entities. The site is well-structured and professionally maintained, reflecting the bank's authoritative position in the Croatian financial sector. Technically, the website is built on the Liferay CMS platform, utilizing modern JavaScript frameworks such as React and Alloy UI. It employs Google Tag Manager for analytics and tracking, and the site is optimized for both desktop and mobile devices with a moderate performance profile. Accessibility and SEO practices are basic but adequate for the target audience. From a security perspective, the site enforces HTTPS, includes standard security headers, and avoids exposing sensitive data. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly documented, representing areas for improvement. Privacy and cookie policies are present and indicate GDPR compliance, with consent mechanisms implemented. Overall, the website demonstrates a strong business credibility and security posture appropriate for a national central bank. Strategic recommendations include publishing detailed security and incident response policies, enhancing accessibility features, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

B

BLITZ - CINESTAR d.o.o.

blitz-cinestar.hr

0

CineStar Cinemas, operated by BLITZ - CINESTAR d.o.o., is the largest multiplex cinema chain in Croatia, established in 2003. The company operates 16 locations across 11 cities, offering a wide range of cinema experiences including premium formats such as IMAX, 4DX, ScreenX, and Gold Class. The website provides comprehensive information about movie screenings, ticket sales, loyalty programs, and concessions, targeting a general audience including families and cinema enthusiasts. The business model focuses on retail cinema operations with an integrated online ticketing platform and ancillary services such as snacks and event hosting. Technically, the website is built using modern web technologies including Bootstrap, FontAwesome, Swiper.js, and Google Tag Manager for analytics. It is hosted behind Cloudflare CDN and DNS services, ensuring good performance and security. The site is mobile-optimized and includes accessibility features, although some improvements could be made. SEO practices are well implemented with structured data and meta tags. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms compliant with GDPR. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not clearly present. No vulnerability disclosures or incident response contacts are published, which could be areas for improvement. No critical vulnerabilities or suspicious activities were detected. Overall, CineStar Cinemas presents a professional, trustworthy, and user-friendly online presence with strong business credibility and compliance posture. Strategic recommendations include enhancing security headers, publishing a security policy, and continuous monitoring of third-party scripts to maintain a robust security posture.

C

Cineplexx

cineplexx.hr

0

Cineplexx is a well-established cinema chain operating primarily in Austria and surrounding regions, offering movie screenings and related entertainment services. The website reflects a professional digital presence with a focus on user experience and compliance with privacy regulations such as GDPR. The company leverages modern web technologies including React and Google Tag Manager to deliver content and track user interactions effectively. The presence of Cookiebot ensures transparent cookie consent management, enhancing user trust and regulatory compliance. Security posture is solid with HTTPS enforced and standard security headers present, although there is room for improvement in implementing a full Content-Security-Policy and publishing explicit security policies. Overall, the website is trustworthy, well-maintained, and suitable for its target audience of general moviegoers.