Security Directory

M

Mews Partners

mews-partners.com

68

Mews Partners is a European management consulting firm specializing in industrial sectors, offering expertise in areas such as smart design, industrial performance, supply chain, sustainability, and innovation. The company targets industrial clients across multiple sectors including aeronautics, automotive, chemicals, and energy. The website reflects a professional and consistent brand with a clear focus on industry transformation and responsible growth. Technically, the site is built on WordPress with modern tools like Elementor and Yoast SEO, hosted likely on WP Serveur, and uses Matomo for privacy-conscious analytics. Security posture is solid with HTTPS and reCAPTCHA on forms, though some security headers and explicit policies could be improved. WHOIS data is unavailable, which is unusual but the website content and social presence support legitimacy. Overall, the site is well-designed, user-friendly, and compliant with privacy regulations, making it a credible digital presence for the consulting firm.

D

DBU Digital Business University of Applied Sciences GmbH

dbuas.de

51

DBU Digital Business University of Applied Sciences GmbH is a specialized private educational institution in Germany focusing on digital business and applied sciences. The website presents a professional and modern digital presence, leveraging WordPress CMS with advanced SEO and consent management tools. The institution targets students and professionals seeking education in the digital economy, positioning itself as a niche provider with a clear focus on future competencies. Technically, the site uses a robust stack including Google Tag Manager, Google Analytics, Meta Pixel, and Microsoft Advertising, all integrated with a comprehensive cookie consent mechanism to ensure GDPR compliance. Security posture is solid with HTTPS and consent management, though explicit security headers and incident response information are absent. Overall, the site is trustworthy, well-structured, and compliant with privacy regulations, supporting a positive user experience and business credibility.

V

Velsa

velsa.de

65

Velsa is a German legal technology company providing a specialized legal tool designed for startups and small to medium-sized enterprises (KMUs). Their platform offers legal checklists, contract templates, and a free initial legal consultation, positioning them as a niche player in the legal SaaS market focused on the German-speaking startup ecosystem. The website is professionally designed using modern web technologies such as Webflow, integrated with multiple marketing and analytics tools including Cookiebot for GDPR compliance, Facebook Pixel, and LinkedIn Insight Tag. Hosting is provided by Raidboxes, a reputable provider, ensuring reliable infrastructure. Security posture is solid with HTTPS enforced and CSRF protection cookies in place, although some security headers could be improved. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a linked privacy policy. However, explicit contact information and terms of service are not readily visible, which could be enhanced to improve business credibility and user trust. Overall, the website demonstrates a mature digital presence with good technical and security practices, suitable for its target audience.

M

Moongate

moongate.id

68

Moongate is a technology company focused on building an attention asset protocol that leverages blockchain technology to transform the value exchange between consumers and brands. Their platform offers no-code tools for brands to deploy token campaigns, token gating, and rewards, integrating real-world activations with digital assets. The company targets brands and consumers interested in blockchain-based engagement and tokenization, positioning itself as an emerging player with backing from multiple venture capital and angel investors. Technically, the website is built on Webflow CMS, using modern web technologies including Google Fonts, Google Tag Manager, and JavaScript. The site is mobile optimized with good design quality and clear navigation. Hosting is provided by Webflow, and performance is moderate. However, some accessibility features are basic, and SEO optimization is good. From a security perspective, the site uses HTTPS with excellent SSL configuration but lacks visible security headers such as Content-Security-Policy or X-Frame-Options. There is no explicit privacy or cookie policy, nor a vulnerability disclosure or incident response policy, which are compliance gaps. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a moderate risk profile with good business credibility but needs improvements in privacy compliance and security best practices. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, and establishing a vulnerability disclosure process.

F

FXStreet

fxstreet.com

67

FXStreet is a well-established online platform providing real-time forex market news, analysis, exchange rates, and educational resources. It serves a global audience of forex traders, investors, and financial analysts, positioning itself as a leading source of reliable forex information. The website offers a comprehensive suite of services including live charts, economic calendars, broker reviews, and technical analysis tools, supported by a strong social media presence and mobile-optimized design. Technically, FXStreet employs a modern technology stack with extensive use of JavaScript, third-party analytics (Google Analytics, Microsoft Clarity), push notification services (OneSignal), and performance monitoring (New Relic). The site is built on the Sitefinity CMS platform and demonstrates excellent performance, SEO, and accessibility standards. Security best practices are observed with HTTPS enforcement and security headers, although some areas like public security policies and incident response contacts could be improved. The security posture is robust with no evident vulnerabilities or exposed sensitive data. Privacy compliance is strong, featuring clear privacy and cookie policies with consent mechanisms aligned with GDPR requirements. However, the absence of WHOIS domain registration data and lack of explicit company contact details slightly reduce the overall business credibility and trustworthiness. Overall, FXStreet presents a professional, secure, and user-friendly platform with extensive market data and analysis offerings. Strategic improvements in transparency around domain registration and security incident handling would further enhance trust and compliance.

A

Latest News About Cryptocurrency, Bitcoin, Altcoin - AMBCrypto

ambcrypto.com

59

AMBCrypto is a cryptocurrency-focused media website providing news and updates on Bitcoin, altcoins, and the broader crypto market. Established in 2017, it serves a niche audience of crypto enthusiasts and investors. The website operates on WordPress CMS, leveraging Cloudflare for DNS and GoDaddy as the domain registrar. The technical infrastructure is modern with use of Google Fonts and FontAwesome, and the site appears to be mobile optimized with good SEO practices. Security posture is adequate with HTTPS enabled and domain protections in place, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of explicit privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

R

Raccoon Distillery

raccoongin.com

57

Raccoon Distillery is a niche brand focused on producing and marketing Raccoon Gin, a product that uniquely blends alcoholic beverage culture with the web3 and NFT communities. The website positions the brand as an iconic drink for web3 partying, targeting adult consumers engaged in blockchain and NFT ecosystems. The business model centers on e-commerce sales and community engagement through NFT and metaverse narratives. Technically, the website is built on the Webflow platform, leveraging modern web technologies and Google Tag Manager for analytics. The site is mobile optimized and presents a professional design with clear navigation. Security posture is moderate, with HTTPS enabled and cookie consent implemented, but lacks published security policies or incident response information. The absence of WHOIS data for the domain is a notable concern, impacting trust and legitimacy assessments. Overall, the site is functional and well-branded but would benefit from enhanced transparency and security disclosures.

B

Beer of Satoshi GmbH

beerofsatoshi.com

44

Beer of Satoshi GmbH is a German-based small business specializing in a unique niche product: a limited edition craft beer that integrates Bitcoin rewards via hidden QR codes under bottle caps. The company targets Bitcoin enthusiasts and craft beer lovers primarily within the European Union, leveraging a business model that combines e-commerce sales and event-based distribution. Their market position is niche but well-defined, with a strong community and partnership ecosystem supporting their brand. The website is professionally designed, mobile-optimized, and rich in content that clearly communicates the product's value proposition and legal compliance.

C

CoinTracking

cointracking.info

74

CoinTracking is a well-established crypto tax calculator and portfolio tracking platform serving over 2 million individual users and 25,000 corporate clients globally. The company offers a comprehensive suite of services including data import from 300+ exchanges and wallets, customizable reports, and full-service tax support. Their market position is strong as a leader in the crypto finance technology sector. Technically, the website is built on modern frameworks like Webflow, uses popular analytics and tracking tools, and is hosted on reliable infrastructure with good performance and mobile optimization. Security posture is solid with HTTPS and domain protections, though improvements can be made by enabling DNSSEC and publishing explicit security policies. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the site is professional, trustworthy, and user-friendly, with strong branding and extensive user support resources.

Baumesse Oberwart is a regional trade fair event website focused on the construction and building industry in Oberwart, Austria. It provides comprehensive information for visitors and exhibitors, including event details, registration, ticketing, and newsletters. The business operates under Burgenland Messe Betriebsges.m.b.H. & Co. KG, indicating a structured event organization entity with a regional market presence. The website targets attendees and exhibitors interested in the trade fair, positioning itself as a key regional event organizer in Burgenland. Technically, the website employs a modern front-end stack including Bootstrap, jQuery, and various plugins for sliders and carousels. It integrates analytics platforms such as Matomo and Open Web Analytics, and implements a cookie consent banner compliant with GDPR requirements. Hosting and domain registration are consistent with the business location in Austria, using a reputable registrar. The site shows moderate performance and good mobile optimization but lacks visible advanced security headers and explicit HTTPS enforcement in the provided data. From a security perspective, the site demonstrates basic compliance with privacy regulations through cookie consent and a privacy policy. However, it lacks visible security headers and explicit incident response or security policies. No critical vulnerabilities or exposed sensitive data were detected. The overall security posture is moderate but could be improved by implementing stronger SSL/TLS configurations, security headers, and publishing security policies. Overall, Baumesse Oberwart presents a professional and trustworthy online presence for a regional trade fair. The site is safe for general audiences, with no adult or questionable content. Strategic improvements in security and technical SEO could enhance its digital maturity and trustworthiness further.

The website genuss-burgenland.at represents a regional event organizer, Burgenland Messe Betriebsges.m.b.H. & Co. KG, promoting the Genuss Burgenland gourmet fair held in Oberwart, Austria. The site targets food enthusiasts, exhibitors, and visitors, providing event details, ticketing, exhibitor information, and newsletter subscriptions. The business operates in the hospitality sector with a focus on event management and promotion. The website content is well-structured and relevant, with good design and navigation, supporting a positive user experience.

Bibi Burgenland is a regional event website dedicated to the Bildungs- und Berufsinformationsmesse Burgenland, an education and career information fair held in Burgenland, Austria. The site provides comprehensive information for exhibitors, visitors, and offers online registration portals. The business operates under Burgenland Messe Betriebsges.m.b.H. & Co. KG and targets students, job seekers, and local businesses interested in education and career opportunities. The website is professionally designed with consistent branding and clear navigation, supporting a good user experience.

Inform Oberwart is a regional event website promoting the 54th Inform Oberwart trade fair and family festival held in Oberwart, Austria. The site provides comprehensive information for visitors, exhibitors, and ticket buyers, positioning itself as a key regional event organizer under the Burgenland Messe Betriebsges.m.b.H. & Co. KG brand. The business targets families and local communities with a focus on event participation and visitor engagement. Technically, the website employs a modern front-end stack including Bootstrap, jQuery, and various UI plugins, supported by Matomo and Open Web Analytics for user tracking with a compliant cookie consent mechanism. Security posture is moderate with no HTTPS status visible in the content but cookie consent and privacy policies are implemented. No advanced security policies or incident response contacts are found, indicating room for improvement in security governance. Overall, the website is professional, trustworthy, and well-structured, serving its purpose effectively with a good user experience and clear business credibility.

D

Divine Moving

divinemoving.com

60

Divine Moving is a small transportation service company specializing in moving and storage services in New York City. The company has a long-established domain since 2001, indicating a stable presence in the market. Their website is built on WordPress with common SEO and performance optimizations, targeting local residential and commercial customers. The technical infrastructure is standard for small businesses, leveraging Google services for fonts, maps, and analytics. Security posture is basic with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is functional and professional but could improve in privacy and security transparency.

O

Ordera - dostava - hrana za ponijeti - rucak u restoranu

ordera.app

44

The website 'ordera.app' is an online platform focused on food and drink ordering, offering services such as delivery, pick-up, restaurant lunch reservations, catering, and employee meals. The business model centers on e-commerce within the hospitality sector, targeting general consumers who want convenient food ordering from home or work. The site uses modern frontend technologies including Vue.js and Vuetify, and integrates Google Tag Manager for analytics, indicating a moderate level of digital maturity. However, the website lacks visible privacy and cookie policies, terms of service, and contact information, which are critical for compliance and user trust. Security posture appears weak due to absence of security headers and unclear SSL configuration. Overall, the site is functional but requires improvements in privacy compliance, security best practices, and transparency to enhance trust and regulatory adherence.

E

Energy Infrastructure Partners

energy-infrastructure-partners.com

55

Energy Infrastructure Partners is a specialized investment firm focused on energy infrastructure projects emphasizing electrification, decarbonization, and energy security. Founded in 2019, the company positions itself as a strategic partner for investments in the evolving energy sector. The website reflects a professional and consistent brand image, targeting investors and stakeholders interested in sustainable energy infrastructure. Technically, the site is built on WordPress, leveraging modern analytics and cookie consent tools, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent banner. Overall, the website is trustworthy and professionally maintained, though it lacks explicit contact information and published security or incident response policies.

S

SOLV3

conf3rence.com

59

CONF3RENCE is a major B2B event organized by SOLV3, focusing on bridging emerging technologies such as Web3, AI, Metaverse, and blockchain with traditional industries and Fortune 500 companies. The event is scheduled for September 3-4, 2025, at Signal Iduna Park in Dortmund, Germany, positioning itself as the largest Web3 and AI business event in the DACH region. The website presents a professional and comprehensive overview of the event, including speaker profiles, sponsors, and partnership opportunities. Technically, the site is built on Webflow with modern web technologies and animations, ensuring a good user experience and mobile optimization. Security posture is moderate with HTTPS and Cloudflare Turnstile captcha in place, but lacks visible security headers and formal privacy or cookie policies. The absence of WHOIS data raises concerns about domain registration legitimacy, warranting further verification. Overall, the site is credible and well-structured for its business purpose but should improve transparency on privacy and security policies.

H

Hostinger

hostinger.co.uk

78

Hostinger is a prominent web hosting provider offering a range of hosting solutions including shared, cloud, and VPS hosting, along with domain registration and website building tools. The company targets individuals and businesses in the UK and globally, positioning itself as an affordable and reliable hosting platform. The website reflects a mature digital presence with modern technologies such as Vue.js and Nuxt.js, supported by Cloudflare CDN and Google Tag Manager for performance and analytics. Security posture is strong with HTTPS enforcement and multiple security headers, although explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS data reduces domain registration transparency but does not detract from the professional and trustworthy appearance of the site. Overall, Hostinger demonstrates a solid business and technical foundation with room for improvement in transparency and security communication.

M

Mark Hamstra Web Development

modx.today

10

MODX.today is a niche online magazine dedicated to the MODX Content Management Platform, providing news, tutorials, reviews, and community event information primarily targeting MODX developers and users. The website is operated by Mark Hamstra Web Development, a small business based in the Netherlands, with a domain registration dating back to 2014, consistent with the site's content history. The platform leverages modern web technologies including Foundation CSS framework, jQuery, Google Fonts, and integrates Google Analytics and Disqus for user engagement and analytics. The site is mobile optimized and presents a professional, consistent brand image with clear navigation and relevant content for its audience. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and explicit security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and legitimate but would benefit from enhanced security and compliance measures.

T

Tempor Expo

tempor-expo.de

10

Tempor Expo is a specialized trade fair platform focusing on temporary infrastructure solutions for events, industry, logistics, and disaster relief sectors primarily in Germany and Europe. The website presents a professional and consistent brand image, supported by structured data and clear contact information. The business model centers on organizing trade fairs and providing a networking platform for industry stakeholders. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Smart Slider 3, hosted on Hetzner servers, and optimized for mobile devices. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in publishing explicit security policies and incident response details. Overall, the site is trustworthy, compliant with GDPR, and well-positioned within its niche market.

P

Svi odgovori na jednom mjestu - pressrs.ba

pressrs.ba

52

Pressrs.ba is a Bosnian content portal launched in 2021, providing educational and informational articles across various life topics. The website targets a general audience seeking knowledge and answers to everyday questions. Technically, the site is built on WordPress using the Divi theme, leveraging Google Fonts, Google Tag Manager, and Google Adsense for content delivery and monetization. The site demonstrates moderate digital maturity with good mobile optimization and SEO practices but lacks advanced security headers and explicit privacy or cookie policies. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and formal policies. Overall, the site is legitimate and functional but would benefit from enhanced privacy compliance and clearer contact information to improve trust and regulatory adherence.

N

NALAS

nalas.eu

43

NALAS is a well-established non-profit network representing local authorities across South-East Europe, coordinating regional initiatives and promoting decentralisation and European integration. The website is professionally designed using WordPress, with good mobile optimization and clear navigation. However, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is solid with HTTPS but could be improved by adding security headers and incident response information. Contact information is limited to a newsletter subscription form, which restricts direct communication channels. Overall, the site reflects a credible and trustworthy organization with room for compliance and security enhancements.

A

Aurora Club

auroraclub.hr

46

Aurora Club is a well-established hospitality and entertainment venue located in Primošten, Croatia, known for its large-scale nightclub facilities, multiple bars, dining options, and event hosting capabilities. The business targets tourists and locals seeking nightlife and party experiences, positioning itself as one of the premier clubs on the Croatian coast. The website reflects a mature digital presence built on WordPress with a modern theme and common plugins, offering good content quality and user experience. Privacy and cookie policies are implemented with consent mechanisms, supporting GDPR compliance. Security posture is adequate with HTTPS and cookie consent but lacks explicit security headers and incident response information. Overall, the site is trustworthy and professionally maintained, with clear contact channels and social media integration.

S

Sloan Servicing

sloanservicing.com

65

Sloan Servicing is a newly established financial services company specializing in loan servicing solutions. The website is built using modern web technologies, primarily Angular 19, and integrates several marketing and analytics tools such as Pendo, Tealium, Hotjar, and Google Analytics. The technical infrastructure indicates a moderate level of digital maturity with room for improvement in performance and SEO optimization. Security measures include a Content Security Policy and various security headers; however, some misconfigurations such as the improper use of Strict-Transport-Security and lack of DNSSEC reduce the overall security posture. Privacy compliance is basic with a privacy policy and cookie consent mechanism present, but no terms of service or incident response information is available. Overall, the website is functional but lacks comprehensive business and security transparency, which impacts trust and credibility.

E

EUROS Osiguranje

eurososiguranje.com

52

EUROS Osiguranje is a local insurance company operating in Bosnia and Herzegovina since 2016, offering a range of insurance products including property, auto, and health insurance. The website presents a professional and well-structured digital presence with clear service offerings targeted at residents and businesses within Bosnia and Herzegovina. The technical infrastructure includes modern web technologies such as Google Analytics and Swiper.js, hosted on DNS servers associated with crohost.net. Security posture is adequate with HTTPS enabled and domain registration protections in place, though DNSSEC is not enabled and security headers are not evident. Privacy compliance is weak due to the absence of explicit privacy and cookie policies. Overall, the website is functional and trustworthy but would benefit from enhanced compliance and security measures.

S

Satwork

satwork.net

57

Satwork is a well-established company founded in 2005 specializing in satellite vehicle tracking and fleet management services primarily in Bosnia and Herzegovina and the surrounding region. The company offers a comprehensive suite of GPS-based solutions including fuel consumption control, driver communication, route optimization, and digital tachograph data management. With subsidiaries in Serbia, Montenegro, and Austria, Satwork maintains a strong regional presence and is recognized as a market leader in its domain. The website reflects a professional and consistent brand image with detailed service descriptions and multiple contact points, supporting its credibility and customer engagement. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Font Awesome, and integrates analytics tools like Google Analytics and Google Tag Manager. The site is moderately optimized for performance and mobile devices, with good SEO practices evident. However, there is room for improvement in accessibility and security hardening, particularly by enabling DNSSEC, adding security headers, and publishing privacy and cookie policies. From a security perspective, Satwork demonstrates maturity by holding ISO 9001 and ISO/IEC 27001 certifications, indicating a commitment to quality management and information security. The website uses HTTPS for secure communications, especially on login forms, and implements user-friendly features like password visibility toggling. Nonetheless, the absence of explicit incident response contacts, vulnerability disclosure policies, and cookie consent mechanisms highlights areas for compliance enhancement. Overall, Satwork presents a trustworthy and professional online presence aligned with its business operations. The main risks relate to privacy compliance gaps and security header omissions, which should be addressed to strengthen user trust and regulatory adherence. Strategic improvements in these areas will enhance the company’s digital maturity and security posture, supporting sustained growth and customer confidence.

T

Tangiblee

tangiblee.com

10

Tangiblee is a technology company specializing in augmented reality and AI-powered e-commerce solutions that enable retailers to bring in-store shopping experiences online. Their platform offers virtual try-on capabilities, product visualization, and lifestyle content generation primarily targeting retail sectors such as jewelry, watches, handbags, luggage, and furniture. The company positions itself as an innovative provider of immersive shopping technologies, serving a medium-sized business model focused on B2B SaaS offerings. Technically, the website is built on the Webflow CMS platform and integrates multiple modern marketing and analytics tools including HubSpot, Apollo.io, and Intellimize. The site demonstrates good performance, mobile optimization, and accessibility features, with a professional design and clear navigation. Security practices include HTTPS enforcement and cookie consent mechanisms, although explicit security policies and incident response information are not publicly available. The security posture is solid with no visible vulnerabilities or exposed sensitive data, but the absence of WHOIS domain registration data introduces some uncertainty regarding domain legitimacy. Privacy compliance is well addressed with GDPR-aligned consent banners and preference management. Business credibility is supported by client logos, case studies, and professional content, though direct contact details are limited to forms. Overall, Tangiblee presents a trustworthy and professional online presence with advanced technical infrastructure and privacy compliance. The main risk lies in the lack of publicly available domain registration information, which should be monitored. Strategic recommendations include publishing explicit security and incident response policies, adding vulnerability disclosure mechanisms, and providing clearer company contact information to enhance trust and compliance.

J

John Brightman

john-brightman.com

10

John Brightman is a Paris-based creative agency specializing in web design, brand identity, graphic design, UI/UX, and digital strategy. Founded in 2009, the company emphasizes agile, personalized teams and long-term client relationships, serving a diverse range of businesses seeking professional branding and digital presence. The website reflects a mature digital infrastructure built on WordPress with Elementor, enhanced by SEO and performance optimizations. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are absent. The missing WHOIS data raises some concerns about domain registration legitimacy, but the professional presentation and compliance with GDPR indicate a trustworthy business. Strategic improvements in security headers, contact transparency, and WHOIS clarity would enhance trust and compliance.

L

Lighthouse Engineering

lighthouseeng.com

61

Lighthouse Engineering is a specialized service provider focusing on residential and commercial foundation inspections and planning. The company appears to be established since 2007, with a domain age consistent with its business history. The website is built on WordPress using the Divi theme and incorporates Yoast SEO for search optimization. The technical infrastructure includes Cloudflare DNS but lacks DNSSEC and security headers, indicating room for improvement in security hardening. The website content is professional and relevant to its target audience of property owners and developers, but lacks explicit privacy, cookie, and terms of service policies, which impacts compliance posture. Overall, the security posture is basic with HTTPS enabled but missing advanced protections and incident response information. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and publishing vulnerability disclosure and incident response contacts to enhance trust and compliance.

А

Аутопутеви Републике Српске

autoputevirs.com

46

Аутопутеви Републике Српске is a public enterprise responsible for the construction, maintenance, and management of highways and major roads in Republika Srpska, Bosnia and Herzegovina. The website serves as an information portal for infrastructure projects, public procurement, and traffic updates, targeting citizens, drivers, and governmental stakeholders. The company holds a significant position as a key state entity in transportation infrastructure within the region. Technically, the website is built on WordPress, utilizing common plugins such as RevSlider and Contact Form 7, with Google Analytics for traffic monitoring. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, some modern security headers and privacy compliance mechanisms are missing, indicating room for improvement in security and GDPR adherence. Security posture is moderate, with HTTPS enforced and domain transfer protection enabled, but lacking DNSSEC and advanced security headers. No vulnerability disclosure or incident response information is publicly available. Overall, the site is trustworthy and professionally maintained but could enhance its security and privacy compliance. The overall risk is low, but strategic improvements in security headers, cookie consent, and transparency policies are recommended to strengthen compliance and user trust.

The website represents the Savez opština i gradova Republike Srpske, a governmental and non-profit organization supporting municipalities and cities in Republika Srpska, Bosnia and Herzegovina. It provides information on organizational structure, program areas, projects, news, and events, targeting local governments and citizens. The site demonstrates a stable market position as a local government representative with strong international partnerships. Technically, the website uses a modern frontend stack including Bootstrap 4, jQuery, Owl Carousel, and integrates third-party services such as Google Analytics and Mailchimp. It enforces HTTPS and uses client-side redirection to ensure secure connections. However, no CMS or hosting provider is explicitly identified, and some security best practices like DNSSEC and security headers are missing. From a security perspective, the site has a moderate posture with HTTPS enforced and domain transfer protection enabled. However, it lacks DNSSEC, explicit security headers, privacy and cookie policies, and incident response contacts. No vulnerabilities or malware indicators were found in the content. The site is safe for general audiences with no adult or questionable content. Overall, the website is professional and credible but would benefit from enhanced privacy compliance, improved security headers, and formalized policies to strengthen trust and regulatory adherence.

I

Internacionalni teatarski festival MESS

mess.ba

59

The Internacionalni teatarski festival MESS website serves as the official online presence for a well-established cultural and theatrical festival in Bosnia and Herzegovina. It provides comprehensive information about upcoming events, exhibitions, and festival news, targeting theater enthusiasts and the cultural community. The website leverages a modern WordPress infrastructure with popular plugins such as Elementor and Slider Revolution, ensuring a visually appealing and moderately performant user experience. However, it lacks critical compliance elements such as privacy and cookie policies, which are essential for GDPR adherence and user trust. Security posture is adequate with HTTPS enforced but could be improved by adding security headers and incident response information. Overall, the site is credible and professional but would benefit from enhanced privacy and security practices.

P

Promotim d.o.o.

promotim.ba

44

Promotim d.o.o. is a Bosnian technology company specializing in innovative web development and online marketing solutions since 2003. The company offers a range of services including web development, e-commerce platforms, web applications, and social media marketing, supported by their proprietary CMS platform PromoCMS. Their market position is strong locally with a portfolio of notable clients including news agencies and government entities. Technically, the website uses modern web technologies such as Bootstrap, jQuery, and Owl Carousel, and integrates Google Analytics for tracking. However, the site lacks published privacy and cookie policies, which impacts compliance and user trust. Security posture is moderate with HTTPS implied but no visible security headers or incident response information. Overall, the website is professional and well-structured but could improve in privacy and security transparency.

А

Агенција за безбједност саобраћаја Републике Српске

absrs.org

48

The website absrs.org represents the Агенција за безбједност саобраћаја Републике Српске, a government agency dedicated to traffic safety in Republika Srpska, Bosnia and Herzegovina. The agency provides comprehensive information on traffic laws, safety campaigns, licensing procedures, and statistical data to support safer road usage. The site targets the general public, local communities, and government stakeholders, positioning itself as an authoritative source for traffic safety in the region. Technically, the website employs a moderate technology stack including Bootstrap for responsive design, jQuery, Slick Carousel, and Fancybox for UI elements, alongside Google Fonts and Google Analytics for tracking. Hosting is managed by BitLab, with domain registration dating back to 2012, indicating an established presence. The site is accessible, mobile-optimized, and features clear navigation, although some SEO and accessibility features are basic. From a security perspective, the site uses HTTPS URLs but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. Google Analytics is implemented via an older ga.js script, and no cookie consent mechanism is detected. The WHOIS data is transparent and consistent with the agency's government status, supporting legitimacy. Overall, the website is functional and trustworthy as a government information portal but would benefit from improved security practices and privacy compliance to enhance user trust and regulatory adherence.

A

Agencija za upravljanje oduzetom imovinom Republike Srpske

auoirs.net

56

The website represents the Agencija za upravljanje oduzetom imovinom Republike Srpske, a government agency under the Ministry of Justice of Republika Srpska, Bosnia and Herzegovina. The agency manages assets confiscated through criminal proceedings, as established by law. The website is built on WordPress using the Divi theme and Yoast SEO plugin, indicating a moderate level of digital maturity with good SEO practices but lacking advanced security configurations such as DNSSEC and security headers. The site is accessible via HTTPS, ensuring encrypted communication, but lacks visible privacy, cookie, or terms of service policies, which are important for compliance and user trust. No contact emails, phone numbers, or social media links were found, limiting direct communication channels. Overall, the site is professional and consistent with a government entity but could improve in privacy compliance and security posture.

R

Republički centar za istraživanje rata, ratnih zločina i traženje nestalih lica

rcirz.org

44

The Republika Srpska Center for Research of War, War Crimes, and Searching for Missing Persons is a government institution dedicated to the investigation, documentation, and analysis of war crimes and missing persons related to conflicts in Bosnia and Herzegovina and the former Yugoslavia. The organization provides expert services including data archiving, forensic support, and cooperation with judicial and international bodies. The website serves as an informational and research platform primarily targeting government entities, researchers, and families of missing persons. Technically, the website is built on WordPress using the Divi theme, incorporating standard SEO and analytics tools such as Yoast SEO and Google Analytics. The site demonstrates moderate performance and good mobile optimization but lacks advanced security headers and comprehensive privacy compliance features. The absence of visible contact information and policy documents limits user trust and regulatory adherence. From a security perspective, the site uses HTTPS but does not implement key security headers, and the WHOIS data is incomplete, which raises concerns about domain transparency. No forms or sensitive data collection mechanisms were detected, reducing immediate risk exposure. However, the lack of privacy and cookie policies indicates potential compliance gaps with GDPR and related regulations. Overall, the website reflects a legitimate government entity with a focused mission but requires improvements in transparency, security best practices, and privacy compliance to enhance trustworthiness and regulatory alignment.

Ц

Центар за бесплатну правну помоћ

mpr-centar.org

54

The website represents the 'Центар за бесплатну правну помоћ', a government-affiliated legal aid center in Republika Srpska, Bosnia and Herzegovina. It provides free legal assistance and representation before courts and other competent authorities, targeting socially vulnerable citizens. The organization is established by the Government of Republika Srpska and operates through offices in multiple cities. The website is built on WordPress using the Divi theme and employs Yoast SEO for optimization. The technical infrastructure is modern and moderately performant, with mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Business credibility is high given the official nature and consistent WHOIS data. Overall, the site is professional, trustworthy, and safe for general audiences.

L

Lanaco

nasljedje.org

50

The website represents the official online presence of the Republika Srpska Institute for the Protection of Cultural-Historical and Natural Heritage, a government agency under the Ministry of Education and Culture of Republika Srpska, Bosnia and Herzegovina. It provides information on cultural and natural heritage protection, public procurement, news, projects, and contact details. The site targets the general public, cultural professionals, and government stakeholders. The business model is a government service institution focused on heritage preservation and public information dissemination. Technically, the website is built on WordPress with common plugins such as Slider Revolution and Unyson Framework, using jQuery and Bootstrap for frontend functionality. The site is mobile-optimized with moderate performance and basic SEO and accessibility features. Hosting details are not explicitly stated but domain registration and DNS indicate a stable infrastructure. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and DNSSEC. No privacy or cookie policies are found, indicating compliance gaps. Contact information is clearly provided, enhancing trust. No signs of malicious content or adult material are present. Overall, the website is a credible government resource with good content and moderate technical maturity. Improvements in privacy compliance and security hardening are recommended to enhance trust and protect user data.

W

WINSLOT

koronavirususrpskoj.com

61

The website lighthouseeng.com/michael-gandy/ operates as an Indonesian gambling affiliate platform promoting slot games, specifically Slot88. It targets adult users interested in online gambling, offering links and promotions such as bonuses and cashback. The site uses Magento CMS and integrates various JavaScript libraries and tracking tools including Microsoft Clarity and Google Ads. The domain is well-established, registered since 2007, and uses Cloudflare DNS services. However, the website lacks critical compliance documents such as privacy policy and terms of service, and does not provide any contact information or security policies. Security posture is moderate with HTTPS enabled but missing important security headers and DNSSEC. Overall, the site is accessible without WAF blocking but exhibits basic content quality and limited privacy compliance.

I

Izrada web stranica

izradawebstranica.ba

47

Izrada web stranica is a small digital agency based in Bosnia and Herzegovina specializing in the creation of unique websites and e-commerce shops. The company positions itself as a full-service digital agency focused on brand growth and web development services. The website is built on WordPress using Elementor, enhanced with SEO tools like Rank Math, and includes modern web technologies such as Lottie animations and Google Analytics for tracking. The technical infrastructure is solid with HTTPS enabled and a professional design, although some security best practices like security headers and privacy policies are missing. The security posture is moderate with no visible vulnerabilities but lacks formal security and privacy documentation. Overall, the website is professional and trustworthy but would benefit from improved privacy compliance and security practices.

P

Pluro

wp-accessibility.org

64

Pluro is a technology company specializing in web accessibility solutions, offering an accessibility operating system, widget, and scanner-fixer tools to help developers and website owners make their sites accessible. The company positions itself as a niche provider in the accessibility technology market, offering a SaaS subscription model with a free trial. Technically, the website is built on WordPress with WooCommerce and integrates multiple modern analytics and marketing tools such as Google Tag Manager, Facebook Pixel, LinkedIn Insight Tag, and FullStory. The site includes accessibility features and an accessibility toolbar, reflecting its business focus. Security-wise, the site uses HTTPS and some security-related plugins but lacks explicit security headers in the HTML source, which could be improved. Privacy compliance is basic, with a cookie consent mechanism present but no clear privacy policy or terms of service detected. Overall, the domain WHOIS data is privacy protected, which is reasonable for this business type, and the website appears legitimate and professional.

I

insaight

insaight.io

65

insaight is a German technology company specializing in AI-powered customer service solutions, particularly a GDPR-compliant KI-VoiceBot that enables 24/7 customer support without wait times. The company targets businesses seeking to optimize customer service through automation and AI. The website is professionally designed, mobile-optimized, and provides clear information about the product benefits, including transparency, control, and data security. The technical infrastructure leverages modern web technologies such as Webflow CMS, Google Tag Manager, Smartlook, and Apollo.io for marketing and analytics, indicating a mature digital presence. Security posture is strong with HTTPS enforced and data hosted exclusively in Germany, ensuring GDPR compliance. However, explicit security policies and incident response details are not publicly available, which could be improved. Overall, insaight presents a trustworthy and professional online presence with a focus on privacy and customer satisfaction.

C

Centar za dijalog - Vesatijja

cdv.ba

47

Centar za dijalog - Vesatijja is a Bosnian non-profit organization dedicated to promoting dialogue culture among Muslims and between different religious and worldview communities. The organization focuses on scientific research, educational projects, and media publications including articles, videos, and PDF releases. Their target audience primarily consists of Bosnian-speaking Muslims and individuals interested in interreligious dialogue and Islamic cultural topics. The website reflects a niche position in the non-profit sector with a clear mission and consistent branding. Technically, the website is built on WordPress 6.8.2 with common plugins such as Contact Form 7 and uses modern web technologies including jQuery and Font Awesome. The site is mobile optimized with good SEO practices and moderate performance. However, it lacks some advanced security headers and privacy compliance features such as cookie consent and privacy policy pages. From a security perspective, the site enforces HTTPS and uses secure contact forms, but it does not implement security headers like Content-Security-Policy or X-Frame-Options. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security hardening. The WHOIS data is consistent with the website's claims, supporting legitimacy. Strategic improvements in privacy policy publication, cookie consent, and security headers would strengthen the site's security posture and user trust.

1

1&1 Internet Inc

preporod.info

47

Preporod.info is a Bosnian language online news and community portal focusing on regional news, Islamic community affairs, and cultural topics. The website serves a niche audience interested in Bosnian and Islamic community news, providing regularly updated articles, interviews, and event information. The business operates as a small media outlet with a clear focus on community engagement and information dissemination. Technically, the website uses modern frontend technologies including Bootstrap, jQuery, Owl Carousel, and integrates Google Analytics and Facebook SDK for user tracking. Hosting is provided by HostEurope with a dedicated server setup. The website is mobile optimized and has a good user experience with clear navigation and consistent branding. Security posture is moderate with HTTPS enabled and domain transfer protection active, but lacks DNSSEC and security headers. Privacy and cookie policies are missing, which impacts compliance and user trust. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. Overall, the domain registration is transparent and consistent with the business profile, registered with a reputable registrar in 2019. The website content is safe for general audiences with no adult or explicit content detected.

S

Brand Identity Design and Visual Communications Design

sparksof.io

59

Sparks of is a brand identity and visual communications design agency based in Helsinki, Finland. The website presents a professional image focused on delivering design services to businesses seeking to establish or enhance their brand presence. The company appears to be a small agency with a clear focus on creative design solutions. The technical infrastructure leverages modern web technologies including Webflow CMS, Google Analytics, Facebook Pixel, and Cookiebot for cookie consent management, indicating a moderate level of digital maturity and compliance with privacy regulations. Security posture is generally good with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and explicit security policies. The absence of public WHOIS data suggests privacy protection, which is typical for small agencies and does not raise immediate concerns. Overall, the website is well-designed, user-friendly, and trustworthy, but lacks visible contact information and formal privacy or terms of service pages.

O

Općina Ilidža

opcinailidza.ba

60

Općina Ilidža operates as the official municipal government portal for the Ilidža municipality in Bosnia and Herzegovina. The website provides residents and stakeholders with access to public announcements, e-forms, contact information, and details about local governance and services. It serves as a key communication channel between the local government and the community, emphasizing transparency and accessibility. Technically, the website is built on WordPress using the Elementor page builder, leveraging common web technologies such as jQuery and Google Fonts. The site is moderately optimized for performance and mobile responsiveness, with good SEO practices and basic accessibility features. Google Tag Manager is used for analytics and tracking, although privacy disclosures are lacking. From a security perspective, the site enforces HTTPS and includes several important security headers, indicating a good baseline security posture. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of visible privacy and cookie policies, as well as incident response contacts, suggests areas for compliance and security improvement. Overall, the website is a professional and trustworthy government resource with solid technical foundations. Strategic enhancements in privacy compliance and security transparency would further strengthen its risk profile and user trust.

K

Kozmo Shop

kozmoshop.ba

39

Kozmo Shop is a regional e-commerce retailer specializing in cosmetics, makeup, hair care, maternity, fitness, and wellness products primarily serving Bosnia and Herzegovina. The website is professionally designed using the OpenCart platform with the Journal2 theme, featuring a broad product catalog and multiple brand partnerships. The technical infrastructure includes modern JavaScript libraries and integrations with marketing and analytics tools such as Google Analytics, Facebook Pixel, and AdRoll, indicating a mature digital marketing approach. Security posture is solid with HTTPS enforced and cookie consent implemented; however, the absence of security headers and limited contact information represent areas for improvement. No privacy policy or terms of service pages were detected, which may impact compliance and user trust. Overall, the site is accessible without WAF or blocking mechanisms and presents safe content suitable for general audiences.

Entrio.si is an established online ticketing platform founded in 2012, primarily serving Slovenia and neighboring regions. It offers ticket sales and event promotion services for concerts, festivals, conferences, exhibitions, and theater performances. The platform targets a broad audience interested in cultural and entertainment events, providing a user-friendly interface with multi-language support and social login options. The business operates in the media sector with a medium-sized footprint and maintains consistent branding and good content quality.

P

Planika Flex d.o.o.

planika.ba

57

Planika Flex d.o.o. operates planika.ba, an established online retail platform specializing in footwear and fashion accessories for women, men, and children. The company leverages a strong brand legacy of over 70 years, positioning itself as a trusted footwear provider in Bosnia and Herzegovina. The website offers a comprehensive catalog of products, including shoes, sneakers, sandals, boots, and related accessories, targeting a broad general audience. The business model is focused on e-commerce retail with a clear emphasis on brand variety and seasonal collections. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Facebook Pixel, and responsive design frameworks likely based on Bootstrap. The site demonstrates good mobile optimization and SEO practices, with structured data enhancing search engine visibility. Performance is moderate, with room for improvement in accessibility and technical SEO. From a security perspective, the site enforces HTTPS and includes CSRF tokens in forms, indicating a baseline security posture. However, the absence of security headers and lack of publicly available security policies or vulnerability disclosure mechanisms highlight areas for enhancement. Privacy compliance is weak due to missing privacy and cookie policies, which could expose the company to regulatory risks. Overall, planika.ba is a professionally managed e-commerce site with solid business credibility and technical foundation. Strategic improvements in privacy compliance, security headers, and transparency around security policies would strengthen its security posture and regulatory adherence.

S

Sintofarm Adriatica d.o.o.

sintofarm-adriatica.com

52

Sintofarm Adriatica d.o.o. is a Bosnia and Herzegovina based company founded in 2011, specializing in the import and distribution of veterinary pharmaceuticals, biological products, and animal feed additives. The company holds exclusive regional representation for multinational Italian companies SINTOFARM SpA and FATRO SpA, positioning itself as a key player in the regional animal health market. Their website reflects a professional business presence with clear product offerings and certifications such as ISO 9001:2008 and FAMI-QS, enhancing their credibility. Technically, the website employs a traditional tech stack including jQuery 1.9.1 and Modernizr, hosted on Hetzner infrastructure. While the site is functional and moderately optimized for performance and SEO, it lacks modern security headers and uses outdated JavaScript libraries, which could expose it to vulnerabilities. The site uses HTTPS and integrates Google Analytics for user tracking but does not provide explicit privacy or cookie policies, indicating compliance gaps. From a security perspective, the absence of DNSSEC, security headers, and updated libraries suggests room for improvement. No incident response or vulnerability disclosure information is provided, which could impact the company's readiness to handle security events. The WHOIS data aligns well with the business claims, showing a consistent and legitimate domain registration. Overall, the website is professional and trustworthy but would benefit from enhanced security measures and privacy compliance to reduce risk and improve user trust. Strategic improvements in these areas will strengthen the company's digital maturity and regulatory posture.