Security Directory

U

Unite Caribbean

unite-caribbean.com

0

Unite Caribbean is a Caribbean-based consulting firm specializing in sustainable development and regional cooperation, with offices in Guadeloupe and Saint Lucia. The company offers consulting services and initiates cooperative projects in partnership with public, private, and philanthropic sectors in the Caribbean. The website is professionally designed using WordPress and Elementor, with multilingual support and SEO optimization. The technical infrastructure includes modern analytics and tracking tools such as Google Analytics and Tag Manager. Security posture is good with HTTPS enabled and domain transfer protection, though improvements can be made by enabling DNSSEC and adding security headers. Privacy compliance is basic, with a cookie consent mechanism but no explicit privacy or terms of service pages found. Overall, the website presents a trustworthy and professional image suitable for its target audience.

M

Montpellier Méditerranée Métropole et ville de Montpellier

montpellier.fr

0

Montpellier Méditerranée Métropole and the city of Montpellier operate an official government website serving residents, visitors, and stakeholders with comprehensive information on local governance, public services, urban projects, and citizen participation. The website is well-structured, professionally designed, and targets a broad audience including citizens and businesses within the metropolitan area. Technically, the site is built on Drupal 10, employs modern JavaScript libraries, and integrates Matomo analytics with privacy considerations such as Do Not Track. Security posture is good with HTTPS enforced and no exposed sensitive data, though explicit security headers and privacy policies are not clearly present in the analyzed content. The absence of WHOIS data limits domain registration trust analysis, but the official .fr domain and consistent branding support legitimacy. Overall, the site demonstrates a mature digital presence appropriate for a large government entity.

N

Nantes Saint-Nazaire Développement

nantes-saintnazaire.fr

0

Nantes Saint-Nazaire Développement is a French economic development agency focused on supporting businesses in implantation and growth within the Nantes Saint-Nazaire region. It emphasizes environmental and societal transitions and positions itself as the first economic development agency with a mission in France. The website is professionally designed, mobile-optimized, and uses modern WordPress technologies including Yoast SEO and WP Rocket for performance and SEO enhancements. Security measures include HTTPS and reCAPTCHA, with a cookie consent mechanism implemented, though explicit security headers and detailed privacy policies are not evident. The absence of WHOIS data is likely due to privacy protections common in French domain registrations. Overall, the site reflects a mature digital presence aligned with its governmental and economic development role.

V

Ville de Tours

tours.fr

0

The website www.tours.fr is the official digital presence of the city of Tours, France, serving as a comprehensive portal for municipal information, citizen services, news, and events. It targets residents, visitors, businesses, and community organizations, providing access to administrative procedures, cultural activities, and participatory governance platforms. The site is well-branded with official logos and consistent design, reflecting its government entity status. Technically, the site is built on WordPress 6.7.2, leveraging modern web technologies such as jQuery, Matomo analytics, and a cookie consent framework (Tarteaucitron). The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Security is robust with HTTPS enforced and privacy compliance evident through GDPR-aligned cookie consent and a detailed privacy policy. Security posture is strong, though the absence of explicit security headers and incident response contacts suggests areas for improvement. No vulnerabilities or suspicious content were detected. The lack of WHOIS data limits domain registration trust assessment, but the official nature and content quality strongly support legitimacy. Overall, the site presents a trustworthy, professional, and user-friendly government portal with minor technical and security enhancements recommended to further strengthen its posture.

Tours Métropole Val de Loire is the official metropolitan government entity serving the Tours metropolitan area in France. The website provides comprehensive information about local government services, urban projects, ecological initiatives, and citizen services. It targets residents and stakeholders within the metropolitan region, offering online access to administrative procedures and event information. The site is well-positioned as a regional authority with a clear public service mission. Technically, the website is built on Drupal 7 CMS with a modern JavaScript stack including jQuery, Slick carousel, and Matomo analytics. It demonstrates good mobile optimization, accessibility, and SEO practices. The presence of a cookie consent banner and privacy policy indicates compliance with EU data protection regulations. However, the site lacks some advanced security headers and explicit security or incident response policies. Security posture is generally good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The use of Matomo analytics with DoNotTrack enabled shows privacy-conscious tracking. The absence of WHOIS data is a concern but likely due to AFNIC or privacy settings rather than malicious intent. Overall, the site appears trustworthy and professionally maintained. Recommendations include adding security headers, publishing a security policy and incident response contact, and ensuring regular CMS and module updates to maintain security. Enhancing transparency with a vulnerability disclosure policy would further improve trust. The domain WHOIS gap should be investigated to confirm registration legitimacy.

V

Ville de Vandœuvre

vandoeuvre.fr

0

The website www.vandoeuvre.fr serves as the official digital presence for the city of Vandœuvre-les-Nancy in France, providing residents and visitors with access to municipal news, event agendas, and a variety of online administrative services. The site targets a broad audience including families, seniors, students, and local businesses, positioning itself as a comprehensive resource for community engagement and public service delivery. The business model is typical of government websites, focusing on information dissemination and facilitating citizen interactions with municipal services. Technically, the site is built on WordPress CMS, leveraging popular plugins such as Yoast SEO for search optimization and Matomo for privacy-conscious analytics. The inclusion of libraries like jQuery, PhotoSwipe, and Leaflet indicates a moderately modern tech stack aimed at enhancing user experience with interactive elements such as maps and image galleries. The site demonstrates good mobile optimization and accessibility features, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR principles, allowing users granular control over tracking. However, the absence of explicit security headers and lack of visible privacy policy or terms of service pages represent areas for improvement. The WHOIS data is notably missing, which is unusual for an official municipal domain and slightly detracts from the domain's trustworthiness. Overall, the site is a well-structured, professional municipal portal with solid technical foundations and a focus on user privacy. Strategic enhancements in security policy transparency and domain registration clarity would further strengthen its credibility and compliance posture.

V

Ville de Nancy

nancy.fr

0

The website www.nancy.fr is the official digital portal for the Ville de Nancy, France, providing comprehensive information and services related to municipal administration, cultural events, public services, and citizen engagement. It serves a broad audience including residents, visitors, families, students, and local businesses. The site is well-positioned as the authoritative source for city-related information and services, leveraging a public service business model focused on transparency and accessibility. Technically, the site is built on TYPO3 CMS with modern front-end technologies such as Bootstrap, jQuery, Vue.js, and Swiper for interactive components. It employs Matomo for analytics and uses a robust cookie consent management system (tarteaucitron) to comply with GDPR. The site is mobile-optimized, accessible, and demonstrates good SEO practices. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but could improve by adding additional security headers and publishing explicit security policies or incident response contacts. No vulnerabilities or WAF blocking were detected, indicating a mature security posture suitable for a government website. Overall, the site is professional, trustworthy, and compliant with privacy regulations, making it a reliable resource for its users. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining regular audits of third-party scripts to sustain security and compliance.

M

Métropole du Grand Nancy

grandnancy.eu

0

The Métropole du Grand Nancy website serves as the official digital presence for the metropolitan government of the Grand Nancy region in France. It provides comprehensive information about metropolitan governance, urban planning, public transportation, cultural events, and citizen services. The site targets residents, visitors, and local businesses, offering a broad range of public sector services and information. The website is well-positioned as a trusted government resource with a consistent brand and professional content. Technically, the site is built on TYPO3 CMS with modern front-end frameworks including Bootstrap and Vue.js, ensuring a responsive and user-friendly experience. It integrates analytics via Matomo and manages cookie consent effectively with the Tarteaucitron tool. The site demonstrates good mobile optimization and SEO practices, although some accessibility improvements could be made. From a security perspective, the website enforces HTTPS and employs cookie consent mechanisms, but lacks some advanced security headers and a published security policy or vulnerability disclosure program. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy-protected, which is typical for government-related domains, and no suspicious patterns were found. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility compliance to further strengthen trust and security posture.

R

Regionalna razvojna agencija Primorsko-goranske županije

prigoda.hr

0

Regionalna razvojna agencija Primorsko-goranske županije (PRIGODA) is a government-established regional development agency focused on coordinating sustainable and balanced regional growth in the Primorsko-goranska County of Croatia. Founded in 2017, it serves as a support center for local governments and legal entities, providing consultancy and project management services, especially related to EU funding and strategic regional development. The website reflects a professional government entity with detailed information on projects, funding opportunities, and regional strategies. Technically, the site is built on WordPress with modern plugins and SEO optimizations, though it lacks some advanced security headers and explicit privacy policies. The security posture is adequate with HTTPS and Google Analytics tracking, but could be improved with better security policies and headers. Overall, the site is trustworthy and well-positioned as a regional government resource, but should enhance privacy and security transparency to improve compliance and user trust.

C

Commissariat aux Assurances

caa.lu

0

The Commissariat aux Assurances website serves as the official regulatory authority for the insurance sector in Luxembourg. It provides comprehensive information and resources for insurance operators, consumers, and stakeholders, including regulatory documents, circulars, and consumer alerts. The site is professionally designed with clear navigation and bilingual support (French and English), targeting industry participants and the general public interested in insurance regulation. Technically, the website employs a modern but straightforward technology stack including jQuery and tarteaucitron.js for cookie consent management. The site is accessible, mobile-optimized, and includes SEO best practices. However, no explicit CMS or hosting provider details are evident. Performance is moderate with room for improvement in accessibility features. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible advanced security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust assessment, but the official .lu domain and professional content support legitimacy. Google Analytics is used with user consent, indicating privacy awareness. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic recommendations include enhancing security headers, publishing incident response contacts, and improving accessibility to further strengthen trust and compliance.

C

Comité du Risque Systémique

cdrs.lu

0

The website cdrs.lu represents the Comité du Risque Systémique, an institutional entity likely focused on systemic risk in Luxembourg. The site is primarily informational, presented in French, and built on WordPress using the Divi theme. The technical infrastructure is standard for a small institutional website, with moderate performance and basic mobile optimization. However, the site lacks critical privacy and security policies, contact information, and advanced security headers, which limits its compliance and trustworthiness. No WAF or blocking mechanisms were detected, indicating full accessibility. The WHOIS data shows Luxembourg-based name servers consistent with the domain's country code but lacks detailed registrant information, limiting full legitimacy assessment. Overall, the site is safe and suitable for general audiences but requires improvements in privacy, security, and contact transparency to enhance trust and compliance.

The website sam.lrv.lt is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page employing Turnstile human verification. This security mechanism blocks direct access to the site's content, resulting in no visible business or organizational information. The domain appears to be associated with the Lithuanian government (lrv.lt), but no WHOIS data could be retrieved to confirm registration details or legitimacy. The lack of accessible content prevents a thorough assessment of the business model, services, or audience. Technically, the site leverages Cloudflare's security and performance services, but no further technology stack or CMS information is available. Security posture is limited to the presence of Cloudflare's WAF, with no additional security headers or policies visible. Privacy and compliance documentation such as privacy policies, cookie consent, or terms of service are absent from the accessible content. Overall, the site’s current state limits any meaningful analysis beyond recognizing the protective security layer in place.

H

Hagstofa Íslands

hagstofa.is

0

Hagstofa Íslands is the official national statistical institute of Iceland, providing comprehensive statistical data and services related to population, society, economy, environment, and more. The website serves a broad audience including researchers, government entities, and the general public, offering open data access and custom statistical services. The domain is well-established since 1998, reflecting a stable government entity with a strong market position as Iceland's authoritative statistics provider. Technically, the website employs modern web technologies including jQuery, Matomo analytics for privacy-conscious tracking, and embedded interactive charts via Datawrapper. Hosting is managed by a local Icelandic provider, 1984 Hosting, with a moderate performance profile and good mobile optimization. Security posture is generally good with HTTPS enforced and no exposed sensitive data, though improvements are recommended such as enabling DNSSEC and implementing security headers. Privacy compliance is partially met with a clear privacy policy and GDPR adherence, but lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and serves its public mission effectively.

The website ribarstvo.hr serves as the official information system for fisheries in Croatia, operated under the Ministry of Agriculture. It provides a suite of official applications, manuals, and resources aimed at government employees, fisheries professionals, and recreational fishers. The platform is co-financed by the European Maritime and Fisheries Fund, reinforcing its legitimacy and governmental backing. The domain is well-established since 2001 and registered with a reputable Croatian academic network registrar, aligning with the website's official nature. Technically, the site is built on ASP.NET Web Forms technology, featuring standard HTML and CSS with hidden form fields for state management. While the site is functional and content-rich, it shows basic mobile optimization and accessibility. No advanced SEO or modern frameworks are detected. Performance is moderate, and no analytics or tracking scripts are present, indicating minimal user tracking. From a security perspective, the site uses HTTPS (implied by domain and typical government standards), but no explicit security headers are detected in the provided content. There is no visible privacy or cookie policy, which is a compliance gap under GDPR. The absence of contact information and security policies reduces transparency. However, no vulnerabilities or suspicious elements are evident in the HTML content. The WHOIS data confirms domain legitimacy with consistent registration details. Overall, the site is a trustworthy government portal with good business credibility but requires improvements in privacy compliance, security headers, and user contact transparency to enhance its security posture and regulatory adherence.

C

CARNET

evisitor.hr

0

The www.evisitor.hr website is an official Croatian government platform managed by CARNET, designed to facilitate the registration and deregistration of tourists in Croatia. It serves commercial and non-commercial accommodation providers, integrating with the national authentication system NIAS for secure user login. The platform is well-positioned as a critical digital service in the Croatian tourism sector, providing essential compliance and informational services to stakeholders. Technically, the site employs modern web technologies including JavaScript, CSS, and Kendo UI components, with a focus on accessibility and multilingual support. Security measures include HTTPS enforcement and anti-CSRF tokens, although some advanced security headers and policies are not visibly implemented. Privacy compliance is basic, with terms of service available but no explicit cookie or privacy policies on the login page. Overall, the site demonstrates a strong business credibility and trustworthy government affiliation, with a moderate to good technical and security posture.

The website tallinn.ee is currently inaccessible due to a Cloudflare Turnstile human verification challenge page, which blocks access to the actual content. The domain is registered to Spin TEK AS, an Estonian company, consistent with the .ee country code top-level domain. The domain was created in 2010, indicating an established presence likely related to government or municipal services. Due to the access block, no business descriptions, contact information, or policies are visible on the site. The technical infrastructure includes Cloudflare security and analytics services, but no CMS or frameworks are detectable from the challenge page. Security posture cannot be fully assessed, but the presence of Cloudflare indicates some level of protection. Privacy and cookie policies are not found, and no contact or incident response information is visible. Overall, the site appears legitimate but inaccessible for detailed analysis.

M

Ministarstvo gospodarstva i održivog razvoja Republike Hrvatske

mingor.hr

0

The website mingor.hr/login serves as a secure login portal for the Nextcloud platform used by the Ministry of Economy and Sustainable Development of the Republic of Croatia. It provides government employees and authorized users with a safe environment for data storage and collaboration. The site leverages modern web technologies including Vue.js and Nextcloud version 30, hosted by CARNET, the Croatian Academic and Research Network. The domain registration data aligns well with the government entity, confirming legitimacy and trustworthiness. Technically, the site demonstrates good security practices such as HTTPS enforcement, Content Security Policy with nonce, and session management. However, it lacks publicly accessible privacy, cookie, and terms of service policies, as well as contact or incident response information, which are important for compliance and user trust. The site is minimalistic as expected for a login page, with no advertising or tracking scripts detected, indicating a focus on privacy and security. Overall, the security posture is strong with no obvious vulnerabilities detected in the provided content. The site is well-optimized for mobile and has a professional design consistent with government branding. The main risks relate to the absence of visible privacy and compliance documentation, which should be addressed to improve transparency and regulatory adherence.

R

Regional Development Agency DUNEA LLC.

dubrovnik-neretva.eu

0

The website represents the official Representation Office of the Dubrovnik-Neretva Region in Brussels, serving as a liaison and promotional platform for the region within the European Union. It highlights the Regional Development Agency DUNEA, which coordinates sustainable development and project management for the region. The site targets regional stakeholders, investors, EU institutions, and the general public interested in regional development. Technically, the site is built on Joomla CMS with a modern but moderate tech stack including Bootstrap, jQuery, and Revolution Slider, offering good mobile optimization and user experience. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional, trustworthy, and content-rich but would benefit from enhanced privacy and security measures.

Europe Direct Dubrovačko-neretvanske županije operates as a regional EU information center in Croatia, providing citizens with access to EU-related information, events, and services. The website serves as a communication platform to engage the public in discussions about the European Union's future and policies. It is funded by the European Union and acts as a trusted source for regional EU news and resources. The organization targets local citizens and stakeholders interested in EU affairs, promoting transparency and participation.

F

Fond za zaštitu okoliša i energetsku učinkovitost

fzoeu.hr

0

Fond za zaštitu okoliša i energetsku učinkovitost is a Croatian governmental fund dedicated to environmental protection and energy efficiency. Established in 2004, it serves as a national authority providing funding, regulatory oversight, and public information related to waste management, renewable energy, and environmental sustainability. The website offers comprehensive resources including public tenders, announcements, and educational content targeting Croatian citizens, businesses, and public institutions. The organization maintains a consistent and professional online presence aligned with its governmental role. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, with Google Analytics integrated for user tracking under a compliant cookie consent mechanism. Hosting and DNS services are supported by Cloudflare, ensuring reliable performance and security. The site is mobile optimized and includes accessibility features enhancing usability for diverse users. From a security perspective, the website enforces HTTPS and implements cookie consent, but lacks visible security policy documentation and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the organization's Croatian governmental identity, enhancing trustworthiness. Overall, the website presents a secure, professional, and informative platform supporting the fund's mission. Strategic improvements include publishing explicit security policies, incident response information, and enhancing security headers to further strengthen the security posture.

Zakon.hr is a well-established Croatian legal information portal operated by cyber_Folks d.o.o., providing comprehensive access to laws, regulations, and legal documents. The website targets legal professionals, businesses, and the general public seeking reliable legal information. It maintains a strong market position as a leading legal resource in Croatia, supported by updated content and a related AI legal assistant service, Zakon.ai. The business model appears to be a combination of subscription and advertising revenue streams.

S

Sveučilšni računski centar - Srce

croris.hr

0

CroRIS is an official Croatian government-supported information system dedicated to the science sector, providing comprehensive data on researchers, projects, publications, and scientific infrastructure. It is operated by the University Computing Centre Srce in partnership with the Ministry of Science and Education and other academic institutions. The platform serves as a central hub for scientific data in Croatia, targeting researchers, academic institutions, and government stakeholders. Technically, the website employs modern web technologies including jQuery, Bootstrap, and Font Awesome, with a custom-built CMS and good mobile and accessibility support. Security measures include HTTPS, CSRF protection, and SAML2 authentication for user login, though some security headers and explicit cookie consent mechanisms are missing. The domain registration is consistent with the official nature of the site, registered under CARNET with Croatian country code and appropriate age. Overall, the site is professional, trustworthy, and well-positioned as a national science information resource.

Općina Krapinske Toplice operates an official municipal website providing comprehensive information and services to residents and stakeholders of the Krapinske Toplice municipality in Croatia. The site offers detailed administrative content including organizational structure, public notices, procurement, and community engagement resources. The website is positioned as a local government authority portal, serving a small-sized municipality with a focus on transparency and public service. Technically, the site is built on WordPress CMS using Elementor page builder, leveraging modern web technologies such as jQuery and Font Awesome for UI elements. Hosting and domain registration are consistent with a Croatian academic network provider, ensuring local presence and legitimacy. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though improvements in security headers and incident response documentation are recommended. Privacy compliance is supported by clear privacy and cookie policies, though a cookie consent mechanism is absent. Overall, the website is professional, trustworthy, and safe for general audiences, with a good balance of content quality and technical implementation.

N

Narodne novine d.d.

nn.hr

0

Narodne novine d.d. is a well-established Croatian company with a 190-year tradition specializing in official government publications, legal books, educational programs, and commercial office supplies. The company serves government entities, legal professionals, and the general public, maintaining a strong market position as the official publisher of Croatia. The website reflects this professional stature with comprehensive content and a consistent brand image. Technically, the site uses legacy technologies such as jQuery 1.8.2 and bxSlider, with Google Analytics and Tag Manager for user tracking. While the site is functional and moderately optimized for mobile, there is room for modernization and improved accessibility. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and updated libraries. Privacy compliance is adequate with a clear privacy policy but lacks a cookie consent mechanism. Overall, the site is trustworthy and professional, with a solid digital presence aligned with the company's business model and sector.

P

Povjerenik za informiranje

pristupinfo.hr

0

The website pristupinfo.hr serves as the official online presence of the Croatian Commissioner for Information, providing comprehensive resources related to the right of access to information. It targets both users seeking information and public authorities, offering legal frameworks, educational webinars, open data initiatives, and event calendars. The site is well-positioned as a government transparency and information access portal with a medium organizational size and a founding date consistent with its domain registration in 2013. Technically, the site is built on WordPress with a modern tech stack including Yoast SEO, Google Analytics, and Fusion Builder. It is hosted by CARNET, a reputable Croatian academic network, ensuring reliable infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for form protection. However, it lacks some advanced security headers and does not publish explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is trustworthy, professional, and aligned with its governmental role. Strategic improvements in privacy compliance, security policy transparency, and enhanced security headers would further strengthen its posture.

The website www.rogatec.si serves as the official digital presence for the Zavod za kulturo, turizem in razvoj Rogatec, a local government entity focused on cultural heritage, tourism, and community development in Rogatec, Slovenia. It provides comprehensive information about local attractions, events, visitor programs, and public procurement, positioning itself as a key resource for tourists and residents alike. The site demonstrates a strong commitment to cultural promotion and community engagement through detailed event calendars, virtual tours, and craft center offerings. Technically, the website is built on a modern WordPress platform with a robust tech stack including Yoast SEO, event calendar plugins, and GDPR compliance tools. It integrates well-known marketing and analytics services such as Google Analytics, Google Tag Manager, and Facebook Pixel, indicating a mature digital marketing approach. The site is mobile-optimized, accessible, and SEO-friendly, ensuring a positive user experience across devices. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not fully confirmed, the presence of security plugins and absence of exposed sensitive data suggest a reasonable security posture. No critical vulnerabilities or suspicious activities were detected. The WHOIS data aligns well with the website's claims, showing a consistent and legitimate registration history. Overall, www.rogatec.si is a professionally managed, secure, and compliant website that effectively supports its mission of cultural and tourism promotion. Strategic recommendations include enhancing security headers, maintaining up-to-date software, and improving incident response visibility to further strengthen its security and trustworthiness.

R

Razvojna agencija Sotla

ra-sotla.si

0

Razvojna agencija Sotla is a Slovenian regional development agency established in 2003, focusing on regional development programs, entrepreneurship support, and project management primarily in the Obsotelje and Kozjansko regions. The agency operates as a non-profit entity serving local governments, entrepreneurs, and community stakeholders. Their website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to their target audience. Technically, the site is built on WordPress using modern plugins such as Elementor and Events Manager, ensuring good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and standard security headers present, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is trustworthy, compliant with GDPR cookie requirements, and free from suspicious indicators.

M

Ministerie van Algemene Zaken

government.nl

0

The website government.nl serves as the official online portal for the Government of the Netherlands, managed by the Ministerie van Algemene Zaken. It provides comprehensive information on government services, policies, immigration, housing benefits, citizenship, and current news. The site targets a broad audience including residents, expatriates, and businesses interacting with Dutch government entities. It holds a strong market position as the authoritative source of government information in the Netherlands. Technically, the website employs modern JavaScript libraries such as jQuery UI and integrates Piwik PRO analytics and Pastease survey tools, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and performs well with fast loading times. The CMS is not explicitly identified but appears to be a custom or government-specific platform. From a security perspective, the site enforces HTTPS and employs secure forms without visible vulnerabilities. However, explicit security headers and a dedicated security policy page are absent, and no incident response contacts are provided. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. No vulnerabilities or suspicious domains were detected. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance suitable for a government entity. Strategic recommendations include enhancing security headers, publishing a security policy, and providing incident response contacts to further strengthen the security posture.

Ž

Žinau, ką renku

zinaukarenku.lt

0

Žinau, ką renku is a Lithuanian non-profit political monitoring platform focused on engaging young citizens across Lithuania in election processes and political awareness. The website provides election information, candidate monitoring, volunteer opportunities, and a blog to inform and empower voters. The platform positions itself as a neutral and civic-minded entity, leveraging modern web technologies to deliver content effectively. Technically, the site uses Laravel Livewire, Alpine.js, and Cloudflare DNS services, ensuring a modern and responsive user experience with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and CSRF protections in place, although some security headers could be improved. Privacy compliance is evident through a clear privacy policy and cookie consent mechanism, aligning with GDPR requirements. Overall, the site is trustworthy, professional, and well-maintained, with no detected blocking or WAF interference.

Valga Sport is a local Estonian sports organization focused on promoting youth and community sports activities, managing sports facilities, and organizing events. The website serves as an information portal for sports opportunities, events, and news relevant to the Valga region. The organization appears to be a small-sized entity with a public or non-profit orientation, supported by local government affiliations. Technically, the website is built on the Greativ CMS platform and uses common web technologies including Google Analytics and Facebook Pixel for tracking. The site is mobile-optimized with a moderate performance profile and basic SEO and accessibility features. Hosting and domain registration are consistent with a local Estonian provider, Telia Eesti AS. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks advanced security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The WHOIS data is transparent and consistent with the business claims, supporting legitimacy. Overall, the website is professional and trustworthy for its intended audience but could improve in privacy compliance and security posture to better align with modern standards.

Z

Zagorska razvojna agencija

cro-si-safe.eu

0

The CRO-SI-SAFE website represents a regional cooperation project aimed at enhancing cross-border partnerships among emergency rescue services in the Krapinsko-zagorska and Savinjska regions. The project focuses on improving civil protection systems and increasing resilience to disasters. The website is professionally designed using WordPress and Elementor, with clear navigation and multilingual support in Croatian, Slovenian, and English. Key services include training, publications, and collaborative activities supported by EU funding. The site demonstrates a solid market position as a government/non-profit regional initiative with trusted partners.

The website 'Crveni popis Hrvatske' is an official Croatian government portal managed by the Ministry of Environment and Green Transition, specifically the Institute for Environmental Protection and Nature. It serves as a comprehensive resource for data on endangered wild species in Croatia, providing risk assessments, conservation information, and public education. The portal targets a broad audience including researchers, policymakers, and the general public interested in biodiversity and environmental protection. Technically, the site employs modern web technologies such as HTML5, CSS3, JavaScript, Chart.js for data visualization, and Leaflet.js for mapping. The presence of a CSRF token and HTTPS indicates a secure infrastructure, although some security headers are missing. Accessibility is addressed but with room for improvement, particularly in image alt attributes and text scaling. The site is moderately performant and mobile-optimized. From a security perspective, the portal demonstrates good practices including GDPR compliance, cookie consent mechanisms, and secure form handling. However, it lacks explicit incident response contact details and a published vulnerability disclosure policy. No critical vulnerabilities or suspicious activities were detected. WHOIS data confirms the domain's legitimacy and alignment with the governmental nature of the site. Overall, the website is trustworthy, professionally maintained, and fulfills its mission effectively. Strategic improvements in security headers, accessibility, and incident response transparency would further enhance its posture.

E

Europe Direct Informacijski ured Split

europedirect-split.hr

0

Europe Direct Informacijski ured Split operates as an official European Union information center serving the Split region in Croatia. The website provides comprehensive information and advisory services about the EU, targeting local citizens and residents. It is part of the Europe Direct network, offering free services and acting as a trusted source for EU-related news, publications, and guidance. The business model is non-profit and government-affiliated, focusing on public information dissemination. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Revolution Slider, ensuring good SEO and user experience. The site is mobile-optimized and includes accessibility features, enhancing usability for diverse audiences. External integrations include Google Tag Manager and Facebook SDK for analytics and social media engagement. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's claims, showing consistent registration details and domain age appropriate for the organization's history. Overall, the website demonstrates a solid security posture, good privacy compliance, and professional business credibility. Recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and expanding contact channels for security matters.

A

Azelija Eko d.o.o.

azelija-eko.hr

0

Azelija Eko d.o.o. is a Croatian municipal service company specializing in waste management, recycling, cemetery services, public lighting maintenance, and chimney sweeping within the Ozalj region and surrounding municipalities. The company operates fixed and mobile recycling yards and provides essential environmental services to local residents and businesses. The website reflects a local government service provider with clear contact information and service descriptions, targeting the regional community. Technically, the website is built on Joomla CMS with a Bootstrap framework and uses common JavaScript libraries such as jQuery and Font Awesome for UI elements. The site includes image sliders and responsive design elements, indicating moderate digital maturity. Hosting is provided by CARNET, a reputable Croatian academic network, which aligns with the local focus. From a security perspective, the site lacks visible security headers and explicit HTTPS enforcement in the provided data, which lowers its security posture. No privacy or cookie policies were found, indicating potential GDPR compliance gaps. The site does not use tracking or advertising technologies, which reduces privacy risks but also limits marketing insights. Overall, the website is functional and professional for its purpose but would benefit from enhanced security measures, privacy compliance improvements, and clearer policies to strengthen trust and regulatory adherence.

K

Komunalno Ozalj d.o.o.

komunalno-ozalj.com

0

Komunalno Ozalj d.o.o. is a municipal utility company based in Ozalj, Croatia, providing essential services such as water supply, sewage, and wastewater treatment to local residents and businesses. The website serves as an informational portal offering updates on infrastructure projects, regulatory documents, and contact information. The company appears to be a small-sized government sector entity with a domain registered since 2007, consistent with its operational history. Technically, the website is built on Joomla CMS and uses older JavaScript libraries like jQuery and MooTools. The site demonstrates basic mobile responsiveness and SEO optimization but lacks advanced technical features or modern frameworks. Hosting is inferred to be with zonet.com.hr based on DNS data. Performance is moderate with room for improvement in accessibility and mobile optimization. From a security perspective, the site uses HTTPS but lacks DNSSEC and security headers, which lowers its security posture. There is no evidence of privacy or cookie policies, which indicates compliance gaps with GDPR and related regulations. No incident response or vulnerability disclosure information is present. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional and trustworthy for its purpose but would benefit from enhanced security measures, privacy compliance, and modernization to improve user trust and regulatory adherence.

A

Agencija za gospodarenje otpadom d.o.o.

ago-dnz.hr

0

Agencija za gospodarenje otpadom d.o.o. operates as a regional governmental agency responsible for waste management in the Dubrovačko-neretvanska županija region of Croatia. The website serves as an informational and project communication platform, highlighting EU-funded initiatives under the Operational Programme Competitiveness and Cohesion 2014-2020. The agency provides key services including waste management infrastructure development, public education, and regulatory compliance support. Their market position is that of a specialized public sector entity with strong governmental and EU partnerships.

C

Centar za poduzetništvo d.o.o.

czp.hr

0

Centar za poduzetništvo d.o.o. is a regional entrepreneurial support center serving the Dubrovnik-Neretva County in Croatia. The organization focuses on providing a range of services including education, business consulting, credit programs, and assistance with EU funding projects. Their website reflects a government-affiliated entity aimed at fostering entrepreneurship and small business growth in the region. The target audience primarily consists of local entrepreneurs and small business owners seeking support and resources. Technically, the website employs a modern technology stack featuring jQuery, Bootstrap, FontAwesome, and various plugins for enhanced user experience and accessibility. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates Google Analytics and UserWay accessibility tools, indicating a mature digital infrastructure. The website content is well-structured, professionally designed, and includes clear navigation and relevant business information. From a security perspective, the site enforces HTTPS and obfuscates email addresses to reduce spam. However, it lacks explicit security policies and incident response contact details. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with GDPR-aligned privacy and cookie policies and a consent mechanism in place. The website demonstrates a good security posture but could improve by adding formal security documentation and security headers. Overall, the website is trustworthy, professional, and serves its business purpose effectively. The domain registration data aligns with the website's claims, reinforcing legitimacy. Strategic recommendations include enhancing security transparency, publishing incident response information, and maintaining regular security audits to sustain trust and compliance.

J

Javna ustanova za upravljanje zaštićenim dijelovima prirode Dubrovačko-neretvanske županije

zastita-prirode-dnz.hr

0

The website represents the official public institution responsible for managing protected natural areas in the Dubrovnik-Neretva County of Croatia. It provides information about environmental protection projects, permits, public procurement, and general organizational details. The site targets the general public, environmental stakeholders, and government entities, positioning itself as a regional governmental authority with a focus on nature conservation. Technically, the website is built on WordPress using the Enfold theme and several plugins including Yoast SEO and Event Organiser. It employs Google Analytics and Tag Manager for traffic analysis and has implemented cookie consent mechanisms, indicating GDPR awareness. The security posture is solid with HTTPS enabled and no obvious vulnerabilities detected, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-maintained, with clear branding and consistent content quality.

R

Regionalna razvojna agencija Dubrovačko-neretvanske županije - DUNEA

dunea.hr

0

Regionalna razvojna agencija Dubrovačko-neretvanske županije (DUNEA) is a government-established regional development agency founded in 2006 in Dubrovnik, Croatia. The agency focuses on promoting sustainable and balanced regional development, coordinating existing development activities, and aligning with national and EU requirements. Their key services include strategic planning, EU project management, and regional economic development initiatives. The website reflects a professional and consistent brand presence targeting regional stakeholders, local government, and businesses involved in development projects. Technically, the site is built on Joomla CMS with modern frontend frameworks and libraries, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent but lacks advanced security headers and explicit incident response policies. Overall, the site is trustworthy and compliant with GDPR, providing clear contact information and partner links.

D

Dubrovačko-neretvanska županija

edubrovnik.org

0

Dubrovačko-neretvanska županija operates as the official regional government website for the Dubrovnik-Neretva County in Croatia. The site provides comprehensive information about county administration, public notices, events, documents, and contact details, targeting residents and stakeholders within the region. It serves as a key communication channel for government services and public information dissemination. Technically, the website is built on WordPress 6.6.1 with multilingual support via WPML, uses modern web technologies including jQuery and Google Fonts, and implements a cookie consent mechanism to comply with privacy regulations. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Security-wise, the website enforces HTTPS and uses updated software versions, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or malicious indicators were detected. Overall, the website is trustworthy and professional, though improvements in privacy policy visibility and security disclosures are recommended.

M

Ministarstvo zaštite okoliša i zelene tranzicije

bioportal.hr

0

Bioportal.hr is the official web portal for the Information System for Nature Protection in Croatia, operated by the Ministry of Environment and Green Transition. It serves as a comprehensive platform providing biodiversity data, observation reporting tools, red list assessments, and other resources aimed at supporting nature conservation efforts. The website targets researchers, environmental professionals, government agencies, and the general public interested in Croatian natural heritage. It holds a strong market position as the authoritative national resource for environmental data and reporting. Technically, the website is built on WordPress with multilingual support via WPML, leveraging modern JavaScript libraries such as jQuery and Swiper.js for interactive features. The site includes a GDPR-compliant cookie consent mechanism and integrates Google Analytics for visitor insights. Performance and mobile optimization are good, with accessibility features implemented to support diverse users. From a security perspective, the site enforces HTTPS and uses cookie consent best practices. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. No vulnerabilities or exposed sensitive data were found. The WHOIS data confirms the domain's legitimacy and alignment with the governmental entity operating the site. Overall, bioportal.hr demonstrates a solid security posture, good privacy compliance, and professional digital presence. It is a trustworthy platform for environmental data dissemination with room for minor security enhancements.

APIS IT d.o.o. operates as an IT service provider specializing in identity federation and authentication services primarily for Croatian government entities such as Grad Zagreb and the Ministry of Culture. The website analyzed is a Home Realm Discovery page facilitating user authentication selection among trusted identity providers. The business targets organizational users within government and affiliated institutions, leveraging Microsoft Active Directory Federation Services (ADFS) technology to provide secure access management. The company holds a moderate market position as a government IT service provider with a medium-sized organizational footprint in Croatia. Technically, the site employs standard web technologies including HTML5, JavaScript, and CSS, integrated with Microsoft ADFS frameworks. The site is functional with basic mobile optimization and accessibility features but lacks advanced SEO and performance optimizations. The infrastructure appears stable but could benefit from enhanced security headers and improved user experience elements. From a security perspective, the site uses HTTPS and implements basic input validation on forms. However, it lacks explicit security headers such as Content-Security-Policy and Strict-Transport-Security, which are recommended for modern secure web applications. No privacy or cookie policies are present, indicating gaps in compliance and user transparency. No contact or incident response information is provided, limiting user support and security communication channels. Overall, the website is safe and professional for its intended government audience but requires improvements in privacy compliance, security hardening, and user support to enhance trust and regulatory adherence.

G

Gradski muzej Novalja

gradskimuzejnovalja.hr

0

Gradski muzej Novalja is a small government/non-profit cultural institution based in Croatia, focused on preserving and presenting the cultural heritage of Novalja and its surroundings. The website serves as an informational and educational platform offering museum exhibitions, lectures, and workshops to the local community and visitors. The digital presence is built on a modern WordPress CMS with Elementor and Astra theme, providing a good user experience with mobile optimization and SEO enhancements. Security posture is adequate with HTTPS enabled and no visible exposed sensitive data, but lacks advanced security headers and incident response information. Privacy compliance is limited, with no explicit cookie consent or detailed GDPR policy. Overall, the website is trustworthy and professionally maintained, suitable for its cultural mission.

C

Centar za kulturu Grada Novalje

czknovalja.hr

0

Centar za kulturu Grada Novalje is a Croatian cultural center focused on promoting and organizing cultural and sports events in Novalja and surrounding areas. The website serves as an information hub for upcoming and past events, official documents, and community engagement. It targets local residents and visitors interested in cultural activities. The site is built on WordPress with a modern theme and multilingual support, reflecting a moderate level of digital maturity. Security posture is solid with HTTPS and GDPR-compliant cookie consent, though some security headers are missing and no explicit security policies are published. Overall, the site is trustworthy and professionally maintained, suitable for its public cultural institution role.

DVD Novalja is a small, local volunteer firefighting organization based in Novalja, Croatia, serving the community on the island of Pag. The website provides information about their firefighting activities, technical interventions, and community safety efforts. The organization appears to be well-established with a domain age dating back to 2005, consistent with their operational history. The site targets local residents and visitors needing emergency and safety information. Technically, the website uses older web technologies such as jQuery 1.4.2 and lacks modern security features like HTTPS and security headers. The site is basic in design and functionality, with limited mobile optimization and no visible analytics or tracking tools. Contact information is clearly presented, but there are no privacy or cookie policies, which is a compliance gap. From a security perspective, the absence of HTTPS and use of outdated libraries pose risks. No advanced security policies or incident response contacts are provided. The site does not appear to collect user data via forms, reducing exposure but also limiting engagement. Overall, the security posture is weak and requires improvements to protect users and enhance trust. The overall risk is moderate due to the lack of encryption and outdated technology, but the site content is safe and non-malicious. Strategic recommendations include implementing HTTPS, updating libraries, adding privacy and cookie policies, and enhancing security headers to improve compliance and user trust.

J

Javna ustanova za Zaštitu i očuvanje prirode Ličko senjske Županije

zop-lsz.hr

0

The website represents a Croatian public institution dedicated to the protection and preservation of nature in the Ličko-senjska County. It provides comprehensive information about protected areas, educational programs, projects, and public announcements. The institution targets local citizens, environmental professionals, and visitors interested in nature conservation. The business model is that of a government entity focused on environmental stewardship and public service. Technically, the website is built on WordPress using popular plugins such as Elementor, WPBakery, LayerSlider, and Slider Revolution. It employs modern web technologies including HTTPS, jQuery, and Google Fonts. The site is mobile-optimized and includes accessibility features, enhancing user experience for diverse audiences. From a security perspective, the site uses HTTPS with good SSL configuration and security headers. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit security policies or incident response information. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, aligned with GDPR requirements. Overall, the website is trustworthy, professionally maintained, and serves its public institution role effectively. Strategic recommendations include publishing a dedicated security policy, incident response contacts, and vulnerability disclosure information to further enhance trust and compliance.

J

Javna ustanova Razvojna agencija Ličko-senjske županije - LIRA

lsz-lira.hr

0

Javna ustanova Razvojna agencija Ličko-senjske županije - LIRA is a Croatian regional government agency established in 2008, focused on promoting and coordinating regional development activities in Ličko-senjska županija. The agency facilitates investment climate improvement, entrepreneurship, and socio-economic growth through project management, funding administration, and strategic planning. Their website reflects a professional and consistent brand presence, targeting regional stakeholders, investors, and public entities. Technically, the site uses modern frameworks like Bootstrap and jQuery, includes accessibility features, and is mobile optimized, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and secure forms, though some security headers are missing and no explicit incident response or vulnerability disclosure policies are found. Overall, the site is trustworthy, compliant with GDPR, and provides comprehensive contact and policy information.

Z

Zavod za prostorno uređenje Ličko-senjske županije

zzpulsz.hr

0

Zavod za prostorno uređenje Ličko-senjske županije is a Croatian government agency established in 2008, responsible for coordinating, monitoring, and implementing spatial planning within the Ličko-senjska county. The website serves as an official portal providing information about spatial plans, reports, and institutional activities targeting local residents, government officials, and urban planning professionals. The business model is focused on public sector service delivery with a clear mandate and regional authority. Technically, the website employs a modern but straightforward technology stack including jQuery, Modernizr, and Owl Carousel, hosted on a CMS platform developed by VIT. The site is mobile-optimized, accessible with multiple user-friendly features such as font resizing and contrast modes, and implements cookie consent mechanisms. SEO and metadata are well handled, though no structured JSON-LD data was found. From a security perspective, the site uses HTTPS with a good SSL configuration and basic security best practices like form validation and cookie consent. However, it lacks advanced security headers and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is trustworthy, professional, and serves its government function well. The main risks relate to missing privacy and security policy documentation and absence of explicit incident response information. Addressing these gaps would improve compliance and user trust.

A

Arburoža d.o.o.

arburoza.hr

0

Arburoža d.o.o. is a municipal service company serving the city of Novalja, Croatia, specializing in waste management, public procurement, financial planning, and cemetery services. The website is well-structured, providing clear information and easy navigation for residents and businesses. The company maintains a local government service profile with transparent contact details and public tenders. Technically, the site is built on WordPress with modern plugins and is optimized for mobile devices. Security posture is solid with HTTPS, security headers, and GDPR compliance, though it lacks explicit security and incident response policies. Overall, the site reflects a trustworthy and professional municipal service provider with room for enhanced security transparency.

G

Gradska uprava Novalja

novalja.hr

0

The website www.novalja.hr serves as the official digital portal for the city of Novalja, Croatia, providing residents, tourists, and businesses with comprehensive information about municipal services, news, public procurement, and community events. It holds a strong position as the primary communication channel for the local government, offering transparency and accessibility to public data and administrative resources. The site targets a broad audience including local citizens, government officials, and visitors interested in the city. Technically, the website employs a modern tech stack including Bootstrap, jQuery, and various JavaScript libraries to deliver a responsive and user-friendly experience. While the site is mobile-optimized and well-structured, there is room for improvement in accessibility and SEO practices. Security-wise, the site uses HTTPS and trusted external libraries but lacks several important security headers and does not provide visible incident response or vulnerability disclosure policies. Privacy compliance is partially met with a clear privacy policy but lacks cookie consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced security and privacy features to align with best practices and regulatory requirements.