Security Directory

S

Staples

staples.com

0

Staples is a leading enterprise retail and e-commerce company specializing in office supplies, furniture, printing services, and technology products. The website serves a broad audience including businesses and individual consumers, offering a comprehensive range of products and services with a strong emphasis on convenience such as free next-day delivery and loyalty rewards. The site demonstrates a mature digital infrastructure leveraging modern frameworks like React and Next.js, supported by robust analytics and marketing tools including Adobe DTM, New Relic, and Google Analytics. Security posture is strong with HTTPS enforcement, Content Security Policy, and multiple monitoring tools, though explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is well addressed with visible privacy and cookie policies and consent mechanisms. The absence of WHOIS registration data slightly impacts trust but is likely due to privacy protection. Overall, the site is professional, secure, and trustworthy, serving as a critical channel for Staples' business operations.

E

Europ Assistance

europ-assistance.com

0

Europ Assistance is a globally recognized assistance and insurance company, operating since 1963 and part of the Generali Group. The company provides a broad range of services including travel insurance, mobility assistance, home and living support, health services, senior care, and concierge offerings. Their website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to both consumers and business partners worldwide. Technically, the site is built on WordPress using Elementor, enhanced with modern plugins and analytics tools such as Piwik PRO, ensuring a robust and scalable infrastructure. Security posture is strong with HTTPS enforcement and multiple security headers, although explicit security policies and incident response information are not publicly available. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the strong brand presence and corporate affiliation. Strategic recommendations include publishing detailed security and incident response policies, enhancing accessibility, and maintaining vigilance on third-party plugin security.

S

Symetra Life Insurance Company

symetra.com

0

Symetra Life Insurance Company is a well-established insurance and financial services provider founded in 1957 and operating as a subsidiary of Symetra Financial Corporation. The company offers a broad range of products including life insurance, annuities, and employee benefits targeting individuals, families, employees, and employers across the United States. Their market position is solid with over 65 years of experience and a comprehensive portfolio of services. The website reflects a professional and user-friendly digital presence with clear navigation and extensive content tailored to various customer segments. From a technical perspective, the website employs a modern technology stack including Episerver CMS, Google Tag Manager, Google Analytics 4, Facebook Pixel, and other advanced analytics and monitoring tools. The site is mobile optimized, accessible, and SEO-friendly, providing a good user experience. Performance is moderate with room for optimization. Security posture is good with HTTPS enforced and no visible exposed sensitive data. However, explicit security headers are not clearly present, and there is no dedicated security policy or incident response page, which are areas for improvement. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Business credibility is high with clear contact information, social media presence, and trust indicators such as regulatory disclosures. Overall, the website and business appear legitimate and trustworthy, though the lack of WHOIS data transparency slightly reduces trust. Strategic recommendations include enhancing security header implementation, publishing a security policy, and providing vulnerability disclosure information to strengthen security posture and user trust.

D

Domains By Proxy, LLC

pluro.ai

0

Pluro.ai is a newly established technology company founded in 2024, specializing in web accessibility solutions. Their platform offers instant WCAG compliance checks, issue fixing tools, and ongoing accessibility monitoring aimed primarily at web developers and businesses seeking to improve website accessibility. The company positions itself as a niche SaaS provider focused on simplifying compliance with accessibility standards such as WCAG and ADA. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools including HubSpot, Google Tag Manager, Hotjar, and ContentSquare. The hosting infrastructure is based on AWS, ensuring reliable performance and scalability. Security posture is solid with HTTPS enforced, domain locking, and cookie consent mechanisms, though DNSSEC is not enabled and some advanced security headers are missing. Privacy compliance is well addressed with comprehensive privacy and cookie policies that align with GDPR requirements. No direct contact emails or phone numbers are published, with contact primarily via web forms. Overall, the website is professional, accessible, and trustworthy, with a good balance of technical maturity and business credibility.

D

Dieter-Kaltenbach-Stiftung

kita-ideenreich.de

0

The website represents KiTa ideenReich, a childcare facility operated by the Dieter-Kaltenbach-Stiftung and affiliated with Roche. It targets families seeking quality early childhood education and care, emphasizing developmental support and inclusion. The site is well-structured, professionally designed, and provides clear information about the facility's offerings and operational hours. Technically, the site uses a modern stack including jQuery and Bootstrap 4, hosted on a reliable provider with consistent domain registration data. Security posture is adequate with HTTPS usage, but lacks explicit security headers and cookie consent mechanisms, which are recommended for GDPR compliance. No forms or email contacts are directly visible, limiting direct digital communication channels. Overall, the site is trustworthy, safe, and serves its educational mission effectively.

D

Dieter-Kaltenbach-Stiftung

kita-am-baechle.de

0

KiTa Am Bächle is a childcare and kindergarten service provider located in Lörrach, Germany, operated by the Dieter-Kaltenbach-Stiftung foundation. The website serves as an informational portal for parents seeking childcare options, including a nature-focused kindergarten. The business model is non-profit and community-oriented, targeting local families exclusively. The site demonstrates a consistent brand presence and clear navigation, supporting its role as a trusted local childcare provider. Technically, the website employs modern frontend technologies such as jQuery, Bootstrap 4, and FontAwesome, with a responsive design optimized for mobile devices. The CMS appears to be REDAXO, and hosting is likely provided by kasserver.com. Performance is moderate with good SEO practices, though accessibility features are basic. No advanced analytics or tracking scripts are detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS and email obfuscation but lacks explicit security headers and cookie consent mechanisms, which are recommended for GDPR compliance. No forms or sensitive data collection points were found in the provided content, reducing immediate risk exposure. The WHOIS data is structured but lacks detailed registrant information, though no suspicious patterns were identified. Overall, the website is safe, professional, and trustworthy, with room for improvement in privacy compliance and security hardening. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

S

Spiel- und Kulturhaus Tutti Kiesi

tuttikiesi.de

0

Tutti Kiesi is a small non-profit cultural and educational organization based in Rheinfelden, Germany, providing a variety of community services including creative courses, holiday programs, group offers, leisure activities, care, and venue rentals. The website is well-structured, professionally designed, and targets children, youth, and adults in the local community. Technically, the site uses a PHP backend with REDAXO CMS, Bootstrap 4, jQuery, and FontAwesome, hosted on kasserver.com. It is mobile optimized and includes a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and session management in place, though security headers and incident response policies are not explicitly published. No vulnerabilities or suspicious domains were detected. Overall, the website is trustworthy and safe with no adult or questionable content.

D

Dobra knjiga

dobraknjiga.ba

0

Dobra knjiga is a well-established Bosnian bookstore and publisher specializing in offset and digital printing, publishing, and design services. With over 18 years of experience, it serves readers across Bosnia and Herzegovina and the diaspora, offering a curated selection of quality books through an online e-commerce platform. The website is built on WordPress with WooCommerce and Elementor, reflecting a modern digital infrastructure suitable for retail and publishing operations. Security posture is solid with HTTPS and password strength enforcement, though improvements in security headers and GDPR compliance mechanisms are recommended. Overall, the site presents a professional and trustworthy online presence with clear contact information and active social media engagement.

UniCredit Bank Bosnia and Herzegovina operates a professional and comprehensive retail banking website offering a wide range of financial products including loans, savings, digital banking, and insurance. The bank is part of the UniCredit Group, a well-established international banking group, which is reflected in consistent branding and domain registration data. The website demonstrates a mature digital infrastructure with modern technologies such as Adobe Experience Manager CMS, Adobe Analytics, and Tealium tag management, supporting a good user experience and mobile optimization. Security measures include HTTPS enforcement and Content Security Policy headers, although some improvements in header strictness are recommended. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Contact information is transparent and includes multiple channels such as phone, email, and online forms. Overall, the website is trustworthy, professionally maintained, and suitable for general audiences.

U

Union Banka d.d. Sarajevo

unionbank.ba

0

Union Banka d.d. Sarajevo is a well-established financial institution in Bosnia and Herzegovina, providing a broad range of banking services including accounts, loans, cards, savings, and digital banking platforms such as eUnion and mUnion. The bank targets both individual and corporate clients, with a notable focus on energy efficiency financing and sustainable banking initiatives. The website reflects a mature digital infrastructure built on modern technologies like React and Next.js, offering fast performance and excellent mobile optimization. Security measures such as HTTPS, security headers, and Google reCAPTCHA v3 are implemented, though explicit security policies and incident response information are not publicly detailed. Overall, the bank demonstrates a strong market position with consistent branding and trust indicators, supported by legitimate WHOIS registration data.

B

BH Telecom d.d. Sarajevo

bhtelecom.ba

0

BH Telecom d.d. Sarajevo is the leading telecommunications operator in Bosnia and Herzegovina, offering a comprehensive range of services including mobile telephony, fixed telephony, internet access, television services, and device sales. The company targets both private and business customers within the country, maintaining a strong market position supported by a professional and well-structured website. The digital infrastructure is built on WordPress with modern plugins and frameworks, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS enforcement and use of reCAPTCHA, though some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website reflects a mature digital presence aligned with the company's business stature.

The website www.discoverdebitsecurity.com is currently inaccessible due to blocking by the Incapsula Web Application Firewall (WAF), which prevents retrieval of any meaningful content or metadata. The WHOIS lookup indicates that the domain is either unregistered or the data is not publicly available, raising significant concerns about the legitimacy and operational status of the site. Without accessible content, no business information, contact details, or compliance policies can be identified. Technically, the site lacks visible infrastructure or technology indicators, and no security headers or SSL configuration can be verified. This severely limits the ability to assess the website's security posture or privacy compliance. Overall, the site appears non-operational or heavily restricted, resulting in a very low trust and credibility score.

The website at https://pbs-bw.de/Startseite is currently inaccessible beyond a standard 404 error page indicating the requested page does not exist. There is no meaningful content, metadata, or business information available on the page. The domain is registered and active with standard name servers but lacks transparency and detailed WHOIS data. The technical infrastructure cannot be fully assessed due to the absence of content and security headers. No privacy, cookie, or terms of service policies are present, and no contact information is provided. The security posture is minimal with no visible protections or best practices implemented. Overall, the site appears to be either under construction, misconfigured, or abandoned, resulting in a very low trust and credibility score.

S

Samsonite

samsonite.fi

0

Samsonite.fi is the official Finnish e-commerce website for Samsonite luggage and travel accessories, operated by Aboutbags NV based in Belgium. The site offers a comprehensive product catalog including luggage, backpacks, bags, kids' luggage, and personalisation services. It targets Finnish consumers seeking premium travel products and provides localized content and customer support. Technically, the site is built on Salesforce Commerce Cloud with modern JavaScript frameworks and integrates multiple marketing and analytics tools such as Google Analytics, Hotjar, and WonderPush. Security is robust with HTTPS, security headers, and no visible vulnerabilities. Privacy and cookie policies are present and GDPR compliant, although explicit security policies and incident response contacts are not found. WHOIS data aligns well with the business claims, indicating high legitimacy. Overall, the site demonstrates a mature digital presence with good security and privacy posture.

The website www.supportandgo.com operates as a service platform for multiple well-known luggage brands including Samsonite, American Tourister, Tumi, Lipault, Gregory, and Hartmann. It provides users with tools to find service support, parts delivery, pick-up services, and dispute resolution. The site targets both consumers and dealers, positioning itself as a key service facilitator within the luggage retail sector. The branding is consistent and professional, reflecting the established reputation of the Samsonite group. Technically, the website is built on ASP.NET MVC framework and utilizes common libraries such as jQuery, Modernizr, and Bootstrap. The site demonstrates moderate performance and good mobile optimization, though accessibility and SEO optimizations are basic. Security measures include the use of anti-forgery tokens in forms, but there is a lack of explicit security headers and cookie consent mechanisms, which are areas for improvement. From a security perspective, the site uses HTTPS (assumed though not explicitly confirmed), but lacks important HTTP security headers such as Content Security Policy and HSTS. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS registration data for the domain is a significant concern, as it raises questions about domain legitimacy despite the professional appearance and brand alignment of the website. Overall, the website presents a moderate risk profile with good business credibility but technical and security gaps that should be addressed. Strategic recommendations include verifying domain registration, implementing comprehensive security headers, adding cookie consent mechanisms, and publishing clear security and incident response policies to enhance trust and compliance.

The website myspreadshop.co.uk serves as a partner landing page for Spreadshop, a print on demand merchandise platform. It targets individuals and small businesses interested in creating and selling custom merchandise online. The site is minimalistic, providing a call to action to open a merch shop via an affiliate link, and links to Spreadshirt's main sites for legal and company information. Technically, the site uses modern web fonts and responsive design but lacks advanced frameworks or CMS indications. Security posture is basic with no visible security headers or privacy policies, and no HTTPS status provided in the data. The domain is registered since 2021 with EuroDNS SA, consistent with the business age and purpose. Overall, the site is functional but minimal, with room for improvement in privacy, security, and contact transparency.

А

Агенција за безбједност саобраћаја Републике Српске

absrs.org

0

The website absrs.org represents the Агенција за безбједност саобраћаја Републике Српске, a government agency dedicated to traffic safety in Republika Srpska, Bosnia and Herzegovina. The agency provides comprehensive information on traffic laws, safety campaigns, licensing procedures, and statistical data to support safer road usage. The site targets the general public, local communities, and government stakeholders, positioning itself as an authoritative source for traffic safety in the region. Technically, the website employs a moderate technology stack including Bootstrap for responsive design, jQuery, Slick Carousel, and Fancybox for UI elements, alongside Google Fonts and Google Analytics for tracking. Hosting is managed by BitLab, with domain registration dating back to 2012, indicating an established presence. The site is accessible, mobile-optimized, and features clear navigation, although some SEO and accessibility features are basic. From a security perspective, the site uses HTTPS URLs but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. Google Analytics is implemented via an older ga.js script, and no cookie consent mechanism is detected. The WHOIS data is transparent and consistent with the agency's government status, supporting legitimacy. Overall, the website is functional and trustworthy as a government information portal but would benefit from improved security practices and privacy compliance to enhance user trust and regulatory adherence.

HugeDomains operates as a reputable domain marketplace specializing in the sale of premium domain names, offering customers options to purchase domains outright or through payment plans. The company has been in business since 2005 and serves a broad audience of businesses and individuals seeking memorable and SEO-friendly domain names. The website is professionally designed with clear navigation, customer testimonials, and trust signals such as a 30-day money back guarantee and secure payment options including PayPal and Escrow.com. Technically, the site employs modern JavaScript libraries, Google Analytics for tracking, and Google reCAPTCHA for bot protection, ensuring a secure and user-friendly experience. However, explicit security policies and incident response information are not publicly available, and WHOIS data for the domain is missing or inaccessible, which slightly impacts trust assessments. Overall, the site demonstrates a strong security posture with HTTPS and SSL encryption, complemented by cookie consent mechanisms and privacy policies that indicate GDPR compliance. The business model is clear and well-positioned in the e-commerce domain sales sector, with a medium-sized operational scale and consistent branding.

A

Agencija za upravljanje oduzetom imovinom Republike Srpske

auoirs.net

0

The website represents the Agencija za upravljanje oduzetom imovinom Republike Srpske, a government agency under the Ministry of Justice of Republika Srpska, Bosnia and Herzegovina. The agency manages assets confiscated through criminal proceedings, as established by law. The website is built on WordPress using the Divi theme and Yoast SEO plugin, indicating a moderate level of digital maturity with good SEO practices but lacking advanced security configurations such as DNSSEC and security headers. The site is accessible via HTTPS, ensuring encrypted communication, but lacks visible privacy, cookie, or terms of service policies, which are important for compliance and user trust. No contact emails, phone numbers, or social media links were found, limiting direct communication channels. Overall, the site is professional and consistent with a government entity but could improve in privacy compliance and security posture.

Р

Републички завод за стандардизацију и метрологију

rzsm.org

0

The Republika Srpska Institute for Standardization and Metrology (RZSM) is a government administrative organization under the Ministry of Economy and Entrepreneurship of Republika Srpska, Bosnia and Herzegovina. It is responsible for standardization, metrology, control of precious metal items, and conformity assessment of products within Republika Srpska. The website serves as an official informational portal targeting citizens, businesses, and institutions in the region, providing regulatory and procedural information related to its mandate. Technically, the website is built on Joomla CMS with modern frontend technologies including WebComponents and FontAwesome. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Hosting details are limited but domain registration and DNS setup appear legitimate and stable. No advanced analytics or tracking tools are present, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS and has domain transfer protections enabled. However, DNSSEC is not enabled and no explicit security headers were detected in the provided HTML content. There are no published privacy or cookie policies, which is a compliance gap. No forms or user input fields were found, reducing attack surface. The domain WHOIS data is consistent with the business claims and shows a mature registration age. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced security headers, published privacy and cookie policies, and DNSSEC implementation to improve security posture and compliance. The absence of tracking and advertising tools supports a low-risk profile for user privacy.

Републички педагошки завод Републике Српске is a governmental educational institution serving the Republika Srpska region of Bosnia and Herzegovina. It provides pedagogical advisory services, professional development for educators, student achievement analysis, and supports educational projects including e-learning initiatives. The website is well-structured, primarily in Serbian Cyrillic, targeting educators, students, and educational institutions within the region. The institution holds a key position in the local education sector with a domain registered since 2003, indicating established presence and trust. Technically, the website employs modern web technologies including Bootstrap 4.5, jQuery, Font Awesome, and Google Fonts, hosted by BitLab. The site is mobile responsive and offers good user experience and navigation clarity. However, some technical improvements are recommended such as enabling DNSSEC and implementing security headers to enhance security posture. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks visible security headers and DNSSEC. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. No incident response or vulnerability disclosure information is provided, which could be improved to enhance trust and security readiness. Overall, the website is professional and trustworthy with good business credibility but requires enhancements in privacy compliance and security best practices to reach higher maturity levels.

R

Republički centar za istraživanje rata, ratnih zločina i traženje nestalih lica

rcirz.org

0

The Republika Srpska Center for Research of War, War Crimes, and Searching for Missing Persons is a government institution dedicated to the investigation, documentation, and analysis of war crimes and missing persons related to conflicts in Bosnia and Herzegovina and the former Yugoslavia. The organization provides expert services including data archiving, forensic support, and cooperation with judicial and international bodies. The website serves as an informational and research platform primarily targeting government entities, researchers, and families of missing persons. Technically, the website is built on WordPress using the Divi theme, incorporating standard SEO and analytics tools such as Yoast SEO and Google Analytics. The site demonstrates moderate performance and good mobile optimization but lacks advanced security headers and comprehensive privacy compliance features. The absence of visible contact information and policy documents limits user trust and regulatory adherence. From a security perspective, the site uses HTTPS but does not implement key security headers, and the WHOIS data is incomplete, which raises concerns about domain transparency. No forms or sensitive data collection mechanisms were detected, reducing immediate risk exposure. However, the lack of privacy and cookie policies indicates potential compliance gaps with GDPR and related regulations. Overall, the website reflects a legitimate government entity with a focused mission but requires improvements in transparency, security best practices, and privacy compliance to enhance trustworthiness and regulatory alignment.

The website www.mpoo.org represents the Zavod za obrazovanje odraslih, an official government institute under the Ministry of Education and Culture of Republika Srpska, Bosnia and Herzegovina. It serves as an informational portal focused on adult education, traffic education, licensing, and related public announcements. The site targets adult learners and professionals seeking education and licensing services within the region. The content is primarily in Serbian and includes resources such as test preparation, schedules, and official notices. Technically, the website is built on WordPress 6.8.2 with a variety of plugins enhancing SEO, accessibility, anti-spam, and content management. The site is mobile-optimized and includes accessibility tools, cookie consent mechanisms, and structured data for SEO. Performance is moderate, with room for improvement in security headers and advanced optimization. From a security perspective, the site uses HTTPS and anti-spam protections but lacks visible security headers like CSP or HSTS. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a cookie consent modal present but no explicit privacy policy or terms of service pages found. Overall, the website is trustworthy and professional, reflecting its government affiliation. However, improvements in security headers, privacy documentation, and WHOIS transparency would enhance its security posture and compliance standing.

Ц

Центар за бесплатну правну помоћ

mpr-centar.org

0

The website represents the 'Центар за бесплатну правну помоћ', a government-affiliated legal aid center in Republika Srpska, Bosnia and Herzegovina. It provides free legal assistance and representation before courts and other competent authorities, targeting socially vulnerable citizens. The organization is established by the Government of Republika Srpska and operates through offices in multiple cities. The website is built on WordPress using the Divi theme and employs Yoast SEO for optimization. The technical infrastructure is modern and moderately performant, with mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Business credibility is high given the official nature and consistent WHOIS data. Overall, the site is professional, trustworthy, and safe for general audiences.

Р

Републички хидрометеоролошки завод

rhmzrs.com

0

The Republika Srpska Hydrometeorological Institute (Републички хидрометеоролошки завод) is a government agency responsible for meteorological, seismological, hydrological, and environmental monitoring and reporting within Republika Srpska, Bosnia and Herzegovina. The website serves as an official portal providing weather forecasts, seismic activity reports, hydrological bulletins, and environmental quality data primarily in Serbian language. It targets citizens, governmental bodies, agricultural stakeholders, and scientific communities. The business model is a public service institution funded and operated by the government, with a stable market position as the official source of hydrometeorological information in the region. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript with jQuery, Bootstrap framework, Leaflet.js for interactive maps, and Axios for asynchronous requests. Hosting is supported by Cloudflare DNS services, enhancing reliability and performance. The site is mobile optimized with good navigation clarity and professional design, though accessibility features are basic. SEO is implemented at a basic level with meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and has domain transfer protections. However, it lacks DNSSEC, security headers like CSP or HSTS, and a cookie consent mechanism, which are areas for improvement. No explicit privacy policy or GDPR compliance statements are present, and no incident response or vulnerability disclosure policies are published. The WHOIS data aligns well with the website’s governmental nature, showing a consistent registration history and no privacy protection, which is appropriate. Overall, the website is a trustworthy and professional government resource with good content quality and technical implementation. Security posture is moderate with room for enhancements in headers and compliance. Privacy compliance is basic and could be improved with explicit policies and consent mechanisms. Strategic recommendations include enabling DNSSEC, adding security headers, publishing privacy and security policies, and implementing cookie consent to enhance trust and compliance.

L

Lanaco

nasljedje.org

0

The website represents the official online presence of the Republika Srpska Institute for the Protection of Cultural-Historical and Natural Heritage, a government agency under the Ministry of Education and Culture of Republika Srpska, Bosnia and Herzegovina. It provides information on cultural and natural heritage protection, public procurement, news, projects, and contact details. The site targets the general public, cultural professionals, and government stakeholders. The business model is a government service institution focused on heritage preservation and public information dissemination. Technically, the website is built on WordPress with common plugins such as Slider Revolution and Unyson Framework, using jQuery and Bootstrap for frontend functionality. The site is mobile-optimized with moderate performance and basic SEO and accessibility features. Hosting details are not explicitly stated but domain registration and DNS indicate a stable infrastructure. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and DNSSEC. No privacy or cookie policies are found, indicating compliance gaps. Contact information is clearly provided, enhancing trust. No signs of malicious content or adult material are present. Overall, the website is a credible government resource with good content and moderate technical maturity. Improvements in privacy compliance and security hardening are recommended to enhance trust and protect user data.

W

WINSLOT

koronavirususrpskoj.com

0

The website lighthouseeng.com/michael-gandy/ operates as an Indonesian gambling affiliate platform promoting slot games, specifically Slot88. It targets adult users interested in online gambling, offering links and promotions such as bonuses and cashback. The site uses Magento CMS and integrates various JavaScript libraries and tracking tools including Microsoft Clarity and Google Ads. The domain is well-established, registered since 2007, and uses Cloudflare DNS services. However, the website lacks critical compliance documents such as privacy policy and terms of service, and does not provide any contact information or security policies. Security posture is moderate with HTTPS enabled but missing important security headers and DNSSEC. Overall, the site is accessible without WAF blocking but exhibits basic content quality and limited privacy compliance.

M

mCloud doo

certrs.org

0

CERT RS is a governmental Computer Emergency Response Team website focused on cybersecurity incident response and awareness in Serbia. The site is built on WordPress with common plugins such as WooCommerce and GiveWP, indicating some donation or e-commerce capabilities. The technical infrastructure is modern but basic, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. The domain is expired, which poses a significant risk to service continuity and trust. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the website serves an important governmental function but requires improvements in domain management, security practices, and privacy compliance.

В

Влада Републике Српске

srpska2030.rs

0

The website srpska2030.rs serves as the official government platform for the Sustainable Development Strategy of Republika Srpska for 2024-2030. It provides comprehensive information on sustainable development goals, normative frameworks, strategic platforms, and public consultation mechanisms. Supported by the UNDP and the Slovak Ministry of Finance, it targets citizens, government officials, and stakeholders interested in sustainable development. The platform is built on WordPress with modern frontend technologies like Bootstrap and AOS, offering a responsive and user-friendly experience. Security posture is adequate with HTTPS and secure forms, but lacks advanced security headers and privacy compliance elements such as privacy and cookie policies. The domain registration is consistent with the business purpose and recent project timeline, enhancing trustworthiness.

L

Lanaco d.o.o

skolers.org

0

The website skolers.org serves as a centralized portal hub for the Ministry of Education and Culture of Republika Srpska, Bosnia and Herzegovina. It provides access to multiple educational eServices including portals for education, electronic courses, student enrollment, and electronic diaries for various school levels. The target audience includes students, parents, teachers, and educational institutions within Republika Srpska. The business model is government-affiliated digital service provision, positioning itself as an official and trusted educational platform in the region. Technically, the website uses standard HTML5, CSS3, and jQuery 3.5.1, with a moderate performance and good mobile optimization. The site lacks advanced frameworks or CMS indications and does not show evidence of analytics or tracking scripts in the provided content. SEO and accessibility are basic but functional. The domain is registered with Lanaco d.o.o in Bosnia and Herzegovina, consistent with the website's purpose and geographic focus. From a security perspective, the site uses HTTPS but lacks DNSSEC and visible security headers, which are recommended for enhanced protection. No privacy, cookie, or terms of service policies are present, indicating gaps in compliance with GDPR and related regulations. No forms or data collection mechanisms are visible on the main page, reducing immediate data exposure risks. Social media links connect to official Ministry accounts, enhancing trust. Overall, the website is a credible and functional government educational portal with good business credibility but requires improvements in privacy compliance and security best practices to strengthen its posture and user trust.

R

Republicka uprava civilne zastite RS

ruczrs.org

0

The website represents the Republic Civil Protection Administration of Republika Srpska, Bosnia and Herzegovina, providing governmental civil protection and emergency preparedness services. It serves as an official communication channel for public safety information, warnings, and organizational updates. The organization is positioned as a regional government authority with a focus on protecting citizens and property from natural and other disasters. The site content is primarily in Serbian Cyrillic, targeting the local population and stakeholders. Technically, the website is built on WordPress CMS with a suite of common plugins for SEO, forms, translation, and media display. The infrastructure is moderately modern with good mobile optimization and SEO practices. Performance is moderate, and accessibility is basic. The site uses HTTPS with a valid SSL certificate but lacks DNSSEC and some security headers, indicating room for security enhancements. Security posture is adequate but could be improved by enabling DNSSEC, adding security headers, and publishing explicit security and incident response policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms, which is critical for GDPR adherence. Business credibility is strong given the official nature, consistent branding, and social media presence. Overall, the site is trustworthy and professional but should address privacy compliance and security best practices to enhance user trust and regulatory adherence.

П

Пореска Управа РС

poreskaupravars.org

0

The Poreska Uprava Republike Srpske (Tax Administration of Republika Srpska) is a government entity responsible for the impartial and efficient collection and control of public revenues in Republika Srpska, Bosnia and Herzegovina. The website serves as an official portal providing information, e-services, and updates to taxpayers including individuals, legal entities, and entrepreneurs. It maintains a strong market position as the authoritative tax administration body in the region, offering key services such as e-fiscalization and electronic services to facilitate tax compliance. The site is multilingual, primarily in Serbian Cyrillic and Latin scripts, with an English version available, targeting local citizens and businesses.

The website vinagecko.com currently serves as a minimal placeholder page indicating that the site is 'coming soon'. There is no substantive business information, contact details, or service descriptions available. The domain has been registered since 2014, suggesting a long-term ownership, but the lack of content indicates the business may be inactive or in early development stages. The hosting provider is InMotion Hosting, and the domain registrar is GoDaddy.com, LLC. Technically, the site lacks modern SEO, accessibility, and security features, with no security headers or DNSSEC enabled. There are no privacy or cookie policies, nor any contact or incident response information, which limits compliance and trustworthiness. Overall, the site’s security posture is minimal, with no detected vulnerabilities but also no proactive security measures.

I

Izrada web stranica

izradawebstranica.ba

0

Izrada web stranica is a small digital agency based in Bosnia and Herzegovina specializing in the creation of unique websites and e-commerce shops. The company positions itself as a full-service digital agency focused on brand growth and web development services. The website is built on WordPress using Elementor, enhanced with SEO tools like Rank Math, and includes modern web technologies such as Lottie animations and Google Analytics for tracking. The technical infrastructure is solid with HTTPS enabled and a professional design, although some security best practices like security headers and privacy policies are missing. The security posture is moderate with no visible vulnerabilities but lacks formal security and privacy documentation. Overall, the website is professional and trustworthy but would benefit from improved privacy compliance and security practices.

VR Bank Heilbronn Schwäbisch Hall eG operates as a regional cooperative bank in Germany, providing banking and financial services primarily to local customers in the Heilbronn and Schwäbisch Hall regions. The website reflects a professional and consistent brand presence, targeting local retail banking clients with a focus on community and cooperative values. The business model centers on cooperative banking, offering a range of financial products and services tailored to its members and customers. The market position is that of a trusted regional bank with a medium-sized operational footprint.

S

Sparkasse Schwäbisch Hall - Crailsheim

sparkasse-sha.de

0

Sparkasse Schwäbisch Hall - Crailsheim operates as a regional savings bank in Germany, providing a broad range of financial services including retail banking, loans, investments, insurance, and real estate financing. The website targets both private and corporate customers with a comprehensive digital presence that supports online banking and customer engagement. The bank maintains a strong local market position with a focus on customer service and digital accessibility. Technically, the website is built on a modern CMS platform (likely Adobe Experience Manager) with a well-structured front-end using JavaScript and CSS. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. The presence of cookie consent mechanisms and privacy policies indicates compliance with GDPR and related regulations. From a security perspective, the site enforces HTTPS and employs session management features such as session timeout warnings. While explicit security headers are not visible in the provided data, the overall posture appears strong with no evident vulnerabilities or exposed sensitive data. However, the site could improve transparency by publishing explicit security policies and incident response procedures. Overall, the website is professional, trustworthy, and well-aligned with the business goals of a regional financial institution. It demonstrates good digital maturity and compliance, with minor recommendations for enhanced security documentation and header implementation.

W

Wirtschaftsförderungsgesellschaft des Landkreises Schwäbisch Hall mbH

wfgsha.de

0

The Wirtschaftsförderungsgesellschaft des Landkreises Schwäbisch Hall mbH (WFG) is a regional economic development organization focused on supporting small and medium-sized enterprises, investors, and startups within the Schwäbisch Hall district in Germany. Their website provides comprehensive information about their services including funding, networking, digitalization, and various community projects aimed at improving local business conditions and quality of life. The site is well-structured, professionally designed, and targets a German-speaking audience primarily composed of local businesses and stakeholders. Technically, the website uses a mix of older JavaScript libraries such as jQuery 1.4.1 and Fancybox 1.3.0, alongside modern tools like SweetAlert and Matomo for analytics. While the site is mobile-optimized and includes cookie consent mechanisms compliant with GDPR, the use of outdated libraries poses potential security risks. The site lacks visible security headers and explicit incident response or security policy pages, which could be improved to enhance security posture. From a security perspective, the website is served over HTTPS and implements a cookie consent banner, indicating good privacy compliance. However, the absence of updated libraries and security headers reduces the overall security score. No signs of WAF or blocking mechanisms were detected, and the domain registration data aligns well with the website's regional government affiliation, supporting legitimacy. Overall, the website is a trustworthy and professional platform for regional economic development, with good privacy compliance and user experience. Strategic improvements in updating technical components and enhancing security headers would further strengthen its security posture and trustworthiness.

A

AVS Abrechnungs- und Verwaltungs-Systeme GmbH

avs.de

0

AVS Abrechnungs- und Verwaltungs-Systeme GmbH is a medium-sized German company specializing in digital customer loyalty, voucher, and gift card solutions primarily for retail, tourism, and publishing sectors. With over 30 years of experience, AVS offers a comprehensive suite of products including gift vouchers, customer cards, city marketing vouchers, and electronic guest registration systems. The company is well-positioned in its market with strong industry partnerships and a professional digital presence. Technically, the website is built on TYPO3 CMS, uses modern JavaScript libraries, and integrates privacy-compliant tools such as Usercentrics for cookie consent and Matomo for analytics. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though additional security headers could enhance protection. Contact information and legal disclosures are clearly presented, supporting business credibility. Overall, AVS demonstrates a mature digital infrastructure and a trustworthy business model.

B

Biserje

biserje.ba

0

Biserje is an online cultural magazine based in Bosnia and Herzegovina, focusing on the intersection of tradition and modernity in culture and society. It serves a niche audience interested in Bosnian history, Islam, art, and social topics. The website is powered by WordPress with a modern tech stack including Elementor and Yoast SEO, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS enforced but lacks comprehensive security headers and incident response information. Privacy compliance is limited, with no cookie consent mechanism detected. Overall, the site is legitimate, professionally presented, and trustworthy within its domain.

NMLS Consumer Access is a publicly operated website providing consumers with a free and authoritative service to verify licensing and registration information of financial services companies and professionals across the United States. It is managed by State Regulatory Registry LLC, a subsidiary of the Conference of State Bank Supervisors (CSBS), positioning it as a trusted source in the financial regulatory space. The website primarily serves consumers seeking to confirm the legitimacy and authorization status of mortgage and financial services providers. Technically, the website employs standard web technologies including jQuery and Microsoft Ajax, with custom scripts to support search functionality. The site is hosted under a reputable registrar, GoDaddy, and shows moderate performance and basic mobile optimization. However, there is room for improvement in accessibility and SEO practices. The absence of DNSSEC and security headers indicates some gaps in the security posture, though no critical vulnerabilities or blocking mechanisms were detected. From a security perspective, the website demonstrates basic best practices such as clientTransferProhibited domain status and frame busting scripts to prevent clickjacking. However, it lacks explicit security policies, vulnerability disclosure mechanisms, and privacy or cookie policies, which are important for compliance and user trust. The site does not appear to collect extensive user data beyond search inputs and does not employ tracking or advertising technologies, which reduces privacy risks. Overall, the website is a legitimate, professional, and trustworthy resource with a strong business credibility score. Strategic improvements in security headers, DNSSEC, privacy compliance, and mobile accessibility would enhance its security posture and user experience. No adult or questionable content is present, making it safe for general audiences.

N

Nelnet Inc

nelnetinc.com

0

Nelnet Inc is a diversified enterprise primarily focused on student loan servicing, education technology, government services, consumer financial services, and renewable energy investments. Founded in 2000 and publicly traded on the NYSE (NNI), Nelnet serves millions of customers across multiple sectors including education, government, and finance. The company operates numerous subsidiaries and business units, offering a broad range of services from loan servicing to payment processing and fiber communications. Their market position is strong, supported by decades of experience and a large associate base. Technically, Nelnet's website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various plugins for SEO, analytics, and user experience enhancements. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Hosting and domain registration are managed through reputable providers, with domain age consistent with company history. From a security perspective, the site enforces HTTPS and employs domain registration protections. However, it lacks visible security headers and published security policies or incident response contacts. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Tracking technologies such as Google Tag Manager and Facebook Pixel are used, indicating moderate user tracking. Overall, Nelnet presents a professional, trustworthy online presence with strong business credibility and good technical implementation. Security posture is solid but could be enhanced by adding security headers and formal incident response disclosures. No critical vulnerabilities or blocking mechanisms were detected, and the content is safe for general audiences.

N

Nelnet, Inc.

nelnetinvestors.com

0

Nelnet, Inc. operates a comprehensive investor relations website providing detailed financial information, corporate governance documents, and shareholder communications. The company is positioned as a large, diversified entity primarily engaged in loan servicing, education technology, payment processing, and investments in communications and renewable energy sectors. The website targets investors, shareholders, and financial analysts with a professional and content-rich platform. Technically, the site leverages the Q4 Inc investor relations platform with modern JavaScript libraries and is optimized for accessibility and mobile use. Security posture is strong with HTTPS, anti-CSRF tokens, and cookie consent mechanisms, though some HTTP security headers are not explicitly detected. Privacy compliance is well addressed with clear policies and GDPR indicators. The absence of WHOIS data for the domain is a notable anomaly but does not detract significantly from the overall legitimacy given the professional content and official filings presented.

M

Merkle Inc.

eprize.com

0

Merkle Promotions, a division of Merkle Inc. and a dentsu company, specializes in digital promotions and gamification with over 25 years of experience. The company offers a broad range of promotional solutions including sweepstakes, instant win games, loyalty programs, and Web3 experiences, targeting brands seeking to engage customers through innovative digital activations. Their market position is strong, supported by notable clients such as Starbucks, Johnson & Johnson, and Coca-Cola, and a consistent brand presence. Technically, the website employs modern web technologies including GSAP for animations and Swiper.js for interactive galleries, delivering a visually engaging and mobile-optimized experience. While performance is moderate and SEO practices are good, there is room for improvement in accessibility and explicit CMS or hosting details are not evident. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit incident response or security policy disclosures. No critical vulnerabilities or exposed sensitive data were detected, but the absence of a cookie consent mechanism and incomplete WHOIS data for the domain reduce overall trust. The WHOIS query returned no registration data, which conflicts with the professional branding and may indicate privacy protection or domain registration issues. Overall, the website is professional and trustworthy in content and design but would benefit from enhanced security practices and clearer domain registration transparency. Strategic improvements in security headers, cookie consent, and WHOIS clarity are recommended to strengthen compliance and trust.

D

Deutsche Gesellschaft Club of Rome

clubofrome.de

0

The Deutsche Gesellschaft Club of Rome is a well-established non-profit organization focused on sustainability, future studies, and fostering knowledge exchange to promote a life-supporting future. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content that aligns with the organization's mission. Technically, the site is built on WordPress with modern plugins and integrations such as Google Analytics and Iubenda for privacy compliance. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The domain registration data is consistent and supports the legitimacy of the organization. Overall, the site presents a trustworthy and professional image suitable for its target audience.

B

Barry Callebaut

chocolate-academy.com

0

The Chocolate Academy website represents a professional educational platform operated by Barry Callebaut, targeting artisans and chefs globally with chocolate training, recipes, and community support. The site is well-structured, content-rich, and optimized for mobile with modern technologies including Drupal 10, Google Tag Manager, and Plausible Analytics. Privacy and cookie policies are comprehensive and GDPR compliant, with a clear consent mechanism in place. Security posture is strong with HTTPS and security headers, though explicit security and incident response policies are not published. The absence of WHOIS registration data for the domain is a notable concern, potentially indicating privacy protection or registration issues, which slightly impacts business credibility. Overall, the site is trustworthy and professional but would benefit from enhanced transparency in domain registration and direct contact information.

A

Agencija WEB Studio

webstudio.ba

0

Agencija WEB Studio is a full service digital marketing agency based in Bosnia and Herzegovina, positioning itself as the first such agency in the country. The website presents a professional digital marketing service offering focused on business growth and client acquisition. The technical infrastructure is built on WordPress CMS, utilizing the All in One SEO plugin and a custom theme, indicating a moderate level of digital maturity. The website is mobile optimized and has good SEO practices but lacks comprehensive privacy and cookie policies. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit incident response policies. Overall, the website is functional and professional but could improve in privacy compliance and security best practices to enhance trust and regulatory adherence.

P

Phobs

phobs.net

0

Phobs is a technology company specializing in revenue-generating IT solutions for the hospitality industry, including hotels and campsites. Their offerings include booking engines, channel management, yield management, and reservation applications, supported by a dedicated consulting and support team. The website presents a professional and modern digital presence, leveraging advanced web technologies such as Next.js and React, and integrates marketing and analytics tools like HubSpot, Google Tag Manager, and Facebook Pixel. Security posture is solid with HTTPS enforced, though some security headers and policies are missing. Privacy compliance is limited due to the absence of visible privacy and cookie policies. The lack of WHOIS data and domain registration information is a significant concern, impacting trust and legitimacy assessments.

S

Samsonite Australia

samsonite.com.au

0

Samsonite Australia operates a professional e-commerce website specializing in premium luggage, travel bags, and accessories. The brand leverages its 111 years of heritage to position itself as a market leader in the travel retail sector within Australia. The website offers a comprehensive product catalog, promotional offers, and a newsletter subscription to engage customers. Technically, the site is built on Salesforce Commerce Cloud (Demandware) and integrates multiple modern marketing and analytics tools, including Google Analytics, TikTok Pixel, Facebook Pixel, and Braintree for payment processing. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Security posture is strong with HTTPS enforced and secure payment gateways, though explicit security policies and incident response contacts are not publicly available. Overall, the domain and website present a trustworthy and mature online retail presence with room for improvement in transparency around security policies and vulnerability disclosures.

S

SAMSONITE MEXICO, S.A. DE C.V.

samsonite.com.mx

0

Samsonite Mexico operates an official e-commerce platform offering a wide range of luggage, backpacks, bags, and travel accessories. The website targets travelers, students, and professionals within Mexico, providing a seamless online shopping experience backed by recognized brand trust and warranty services. The site leverages modern web technologies including React, Next.js, and Shopify, integrating marketing and analytics tools such as Klaviyo and Mouseflow to optimize user engagement and sales performance. Security measures are robust with HTTPS enforcement and security headers, although privacy compliance could be improved by implementing cookie consent mechanisms and publishing security policies. Overall, the website demonstrates a mature digital presence consistent with a large retail brand, supporting its market position as a leading luggage provider in Mexico.

S

Samsonite Chile

samsonite.cl

0

Samsonite Chile operates an official e-commerce platform specializing in luggage, backpacks, handbags, and travel accessories targeted at Chilean consumers. The website presents a professional brand presence with a clear focus on retail sales, supported by product reviews and a comprehensive catalog. The technical infrastructure leverages modern web technologies including React, Next.js, Shopify, and Builder.io, hosted behind Cloudflare for performance and security. Marketing and analytics integrations such as Klaviyo, Facebook Pixel, and Microsoft Clarity enable customer engagement and data-driven insights. Security posture is strong with HTTPS enforcement and security headers, though visible privacy and cookie policies are absent, indicating room for compliance improvement. The domain registration data aligns well with the business claims, showing a mature and legitimate online presence. Overall, the site is well-designed, mobile-optimized, and trustworthy, serving a general audience with safe content.