Other security reports

M

Mealdoo

mealdoo.com

50

The website mealdoo.com presents minimal accessible content, primarily a basic Angular-based landing page with no visible business description, contact information, or policies. The domain is relatively new, registered in late 2022, consistent with a startup or new business. The technical infrastructure includes modern frontend technology (Angular 18.2.13) and hosting likely on AWS, but lacks visible security headers or HTTPS confirmation in the provided data. No privacy or cookie policies are present, indicating low privacy compliance. The absence of contact details and business information reduces trustworthiness and business credibility. Overall, the site appears to be in an early development or placeholder state with limited user engagement features.

L

Home | Luxembourg. Our Common Ground.

luxembourg-ourcommonground.lu

53

The website 'Luxembourg. Our Common Ground.' serves as a cultural and promotional platform highlighting Luxembourg's diversity, multilingualism, and inclusive society. It targets a general audience interested in Luxembourg's heritage, culture, and tourism. The site features rich multimedia content including images, videos, and interactive galleries, supported by modern web technologies such as Typekit fonts, Glide.js carousels, and lazy loading for performance optimization. Cookie consent is managed via CookieYes, indicating some level of privacy compliance. However, the absence of explicit privacy policy, terms of service, and contact information limits transparency and user trust. The WHOIS data is unavailable due to a malformed domain query, which reduces confidence in domain legitimacy but does not necessarily indicate malicious intent. Overall, the site is professionally designed and well-branded, with strong cultural and tourism messaging.

The website www.kn.lt is currently inaccessible due to a Cloudflare security challenge page that requires human verification via Turnstile captcha. This prevents access to any meaningful content or business information. The WHOIS query for the domain failed, returning an invalid domain name error, indicating possible registration or configuration issues. No metadata, privacy policies, contact information, or business details are available for analysis. The technical infrastructure is protected by Cloudflare services, but no further technical or security details can be assessed due to the blocked content. Overall, the site lacks publicly accessible information, which severely limits trust and credibility assessments.

V

vseosaunovani.cz

vseosaunovani.cz

55

The website vseosaunovani.cz is a niche informational platform focused on sauna bathing, its health benefits, traditions, and local sauna recommendations primarily targeting the Czech Republic audience. The site operates as a content and blog platform, providing articles and advice related to sauna culture and wellness. It is built on the Wix platform, leveraging Wix's CMS and hosting infrastructure, with integrations such as Google Tag Manager and Cookiebot for analytics and cookie consent management. Technically, the site demonstrates moderate performance and good mobile optimization, though accessibility and SEO could be improved. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and incident response information. The absence of WHOIS data and privacy policy reduces trust and compliance confidence. Overall, the site is functional and professional but would benefit from enhanced transparency and security practices.

S

Saunia AT, s.r.o.

saunia.at

42

Saunia AT, s.r.o. is preparing to launch its Austrian website as an extension of the established Saunia wellness brand from the Czech Republic. The current website is a placeholder with minimal content, primarily targeting investors and redirecting users to the Czech site. The business focuses on wellness and sauna services, aiming to establish a presence in Austria. Technically, the site uses basic web technologies including jQuery and Slick carousel, with moderate performance and basic mobile optimization. Security posture is limited with no advanced headers or policies published, and privacy compliance is minimal due to absence of privacy and cookie policies. Overall, the site is functional but lacks comprehensive content and security features, reflecting an early stage of digital maturity.

U

Uus777

caiac19.org

57

Uus777 operates as an online slot gambling agent primarily targeting the Indonesian market. The website promotes slot 77 international gambling services with claims of high jackpot wins and fast payouts. The business model revolves around online gambling facilitation, with registration and login links provided via short URLs. The domain is well aged, registered since 2003, and uses Cloudflare DNS services. The website is built using AMP HTML technology, optimized for mobile performance and fast loading. However, the site lacks critical compliance elements such as privacy and cookie policies, and does not provide any contact information or terms of service. Security posture is weak with no security headers detected and DNSSEC not enabled. No analytics or advertising tracking scripts are present, indicating minimal user tracking. Overall, the site has basic content quality and design, with low trustworthiness due to missing compliance and security best practices. The content is adult-oriented due to gambling services, targeting adults only.

Ultimira T:mi is a small Finnish business with a minimal online presence, primarily providing contact information through its website. The company appears to be established since 2000, indicating a long-standing operation, but the website content is very limited, lacking detailed business descriptions or service listings. The market position is likely local and niche, with no visible digital marketing or social media engagement. Technically, the website is very basic, with no detected CMS, frameworks, or modern technologies, and lacks mobile optimization and accessibility features. Security posture is weak due to absence of HTTPS and security headers, and no privacy or cookie policies are present, indicating non-compliance with GDPR and modern web standards. Overall, the website presents a low digital maturity and limited trust signals, which could impact customer confidence and growth potential.

R

Riesa Consultative Oy

riesa.io

56

Riesa Consultative Oy is a Finnish consulting company specializing in accessibility and equality services. The company positions itself as Finland's leading accessibility expert, offering services such as the Accessibility Index and urban environment accessibility consulting. Their target audience includes organizations seeking to improve accessibility and inclusivity. The website is professionally designed, well-structured, and provides clear information about services and client references, supporting a strong market position in the accessibility consulting niche. Technically, the website is built on WordPress with modern SEO and analytics tools including Yoast SEO, Google Analytics, and Google Tag Manager. The site is mobile-optimized and demonstrates good accessibility practices. Hosting and DNS are managed with Cloudflare, ensuring reliable performance and security. The site uses HTTPS with a valid SSL certificate, though DNSSEC is not enabled. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms compliant with GDPR. However, it lacks visible security policies, incident response contacts, and advanced security headers. No vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business profile, using privacy protection services reasonably. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic improvements include enabling DNSSEC, publishing security policies, and enhancing security headers to further strengthen the security posture.

The website barnlimetree.com is currently inaccessible beyond a minimal HTML page displaying the message 'Anonymous Proxy detected.' This indicates that access is restricted, likely due to security or proxy detection mechanisms, preventing any meaningful content or business information from being retrieved or analyzed. The domain WHOIS data is suspicious, showing a creation date in the future (January 2025), which undermines trust and suggests possible data manipulation or error. No metadata, scripts, forms, or contact information are present on the site, and no privacy or security policies are found. The technical infrastructure appears minimal with no DNSSEC enabled and no advanced security headers detected. Overall, the site lacks transparency, content, and trust indicators, resulting in a very low security and business credibility score.

S

SIA PURON

puron.lv

54

SIA PURON is a licensed and insured security services company operating throughout Latvia, offering a comprehensive range of technical and physical security solutions. With over 25 years of experience and a workforce exceeding 210 employees, the company serves both private and corporate clients. Their services include alarm monitoring, mobile patrols, fire safety systems, video surveillance, and security system installation and maintenance. The company holds ISO 9001:2015 certification and maintains a significant insurance coverage, reinforcing its market credibility. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Tag Manager, Google Analytics, Facebook Pixel, and Cloudflare Turnstile CAPTCHA for security and analytics. The site is well-optimized for mobile devices, features good SEO practices, and provides a smooth user experience. Security best practices are observed with HTTPS enforcement and consent-based tracking, although explicit security headers could be improved. The security posture is solid with no evident vulnerabilities or exposed sensitive data. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. However, the site lacks explicit incident response contact details and a vulnerability disclosure policy, which are recommended for enhanced security transparency. Overall, SIA PURON presents a trustworthy and professional digital presence aligned with its business operations. The domain registration details corroborate the company's legitimacy and history. Strategic improvements in security headers and incident response disclosures would further strengthen their security posture and client trust.

The website www.globalgiving.org is currently inaccessible due to a security challenge implemented by PerimeterX, which blocks access via a captcha verification. This prevents retrieval of any meaningful content, metadata, or business information from the site. The WHOIS query also failed, returning no usable registration data, indicating privacy protection or query restrictions. Consequently, no contact details, privacy policies, or terms of service could be identified. The technical infrastructure appears to include PerimeterX for bot mitigation, but no other technologies or CMS platforms are detectable. Security posture is limited due to lack of accessible data, but the presence of a WAF indicates some level of security enforcement. Overall, the site cannot be fully assessed, and the risk is elevated due to lack of transparency and accessibility.

F

Festival des Cabanes

cabanes.lu

56

The Festival des Cabanes website represents a youth-focused architecture competition organized in Luxembourg, targeting young people aged 12 to 26. The event is supported by recognized local organizations such as the Service national de la jeunesse and the Ordre des Architectes et Ingénieurs-conseils, positioning it as a niche cultural and educational initiative. The website content is professionally presented, with clear information about the event, its objectives, and timelines, supporting good user engagement and trust. Technically, the site is built on WordPress with modern front-end technologies and is mobile-optimized, though performance is moderate and accessibility features are basic. Security posture is adequate with HTTPS enabled but lacks important security headers and formal privacy and cookie policies, which are critical for GDPR compliance. Overall, the site is trustworthy and well-suited for its purpose but would benefit from enhanced privacy compliance and security hardening.

The website nitko.info is a personal portfolio and creative expression platform for Ervin Poljak, featuring poetry, stories, family projects, and other artistic content. It targets a general audience interested in literary and cultural works. The site is small-scale and primarily serves as a personal showcase rather than a commercial business. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, jQuery, and integrates Google Analytics, Google Tag Manager, and Mixpanel for visitor tracking. It is built on the Galaksija CMS and hosted under a domain registered with privacy protection. The site shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. Security posture is weak, with no visible HTTPS enforcement or security headers, and no privacy or cookie policies present, indicating poor privacy compliance. The WHOIS data shows a domain age consistent with the site's stated founding year and a registrant country matching the website language, supporting legitimacy. Overall, the site is safe for general audiences but requires significant improvements in security and privacy compliance to enhance trust and protection.

The website ekoart.info is currently inaccessible beyond a minimal 404 Not Found error page, providing no business content, metadata, or user interaction elements. The domain WHOIS data is inconsistent, showing a creation date in the future (January 22, 2025), which raises concerns about the legitimacy and operational status of the domain. There is no evidence of privacy policies, cookie consent mechanisms, contact information, or security policies on the site. Technically, the site lacks any detectable technologies, scripts, or frameworks and does not implement DNSSEC or advanced security headers. The hosting provider is the domain registrar REG.RU LLC, but no further hosting details are available. Overall, the site appears inactive or placeholder with very low trustworthiness and business credibility.

W

Wiener Städtische Versicherungsverein

airt.at

48

The website www.airt.at represents the cultural exhibition series "Architektur im Ringturm" managed by the Wiener Städtische Versicherungsverein, part of the Vienna Insurance Group. It serves as a platform to showcase architectural and cultural exhibitions primarily focused on Central and Eastern Europe. The site offers detailed information about current and past exhibitions, architecture talks, and historical context of the Ringturm building. It targets architecture and culture enthusiasts and operates as a free-entry exhibition series supported by sponsorships. Technically, the site is built on WordPress with modern plugins and libraries, including multilingual support and spam protection via Google reCAPTCHA. The website demonstrates good digital maturity with responsive design, SEO optimization, and accessibility considerations. Security posture is solid with HTTPS enforced and spam prevention on forms, though some security headers could be improved. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent banner with opt-in, and GDPR-aligned data collection practices. Overall, the site is professional, trustworthy, and well-maintained, reflecting the reputable parent organization. No critical security or compliance issues were detected.

F

Fiva Events

fivaevents.com

48

Fiva Events operates as a niche platform dedicated to classic and historic vehicle events, providing event listings and application forms primarily for enthusiasts and organizers within this specialized community. The website presents a professional and consistent brand image with a focus on user-friendly event search and application functionalities. Technically, the site leverages modern frontend technologies such as Alpine.js and Laravel Livewire, ensuring a responsive and interactive user experience. The presence of HTTPS and reCAPTCHA integration indicates a baseline commitment to security, although the absence of comprehensive security headers and privacy policies suggests room for improvement in compliance and protection measures. The lack of publicly available WHOIS data raises questions about domain registration transparency, which could impact trustworthiness. Overall, the site is functional and well-designed but would benefit from enhanced privacy compliance and clearer business contact information to strengthen credibility and user trust.

N

Naturpark Landseer Berge

landseer-berge.at

46

Naturpark Landseer Berge is a regional nature park located in Austria, focusing on promoting tourism, cultural heritage, and outdoor recreational activities. The website serves as an informational portal providing details about the park's attractions, events, and regional highlights. The target audience includes tourists, families, and nature enthusiasts interested in exploring the area. Technically, the site is built on the Worldsoft CMS platform and uses legacy JavaScript libraries such as jQuery 1.12.4 and jQuery UI 1.12.1, which may pose security risks. The website is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but missing critical security headers and using outdated libraries. No privacy or cookie policies are present, indicating compliance gaps. Overall, the site is functional and informative but requires updates to improve security, privacy compliance, and technical modernization.

I

INSIDE COMMUNICATION

inside-communication.lu

38

INSIDE COMMUNICATION is a communication agency based in Luxembourg focusing on strategies, innovation, and impact. The current website is a placeholder announcing a forthcoming new site and offers a newsletter subscription to keep interested parties informed. The company targets businesses or professionals seeking communication and innovation services. The website's technical infrastructure uses standard web technologies including HTML5, CSS3, JavaScript, and integrates Google Fonts and CreateSend for email marketing. However, the site lacks advanced frameworks or CMS indications and shows basic mobile optimization and accessibility features. Security posture is limited with no visible HTTPS confirmation or security headers, and no privacy or cookie policies are present. The WHOIS data is unavailable due to query rate limits, limiting domain legitimacy verification. Overall, the site is functional but minimal, with room for significant improvements in security, privacy compliance, and content richness.

A

Error

assegaiandjavelin.com

51

The domain assegaiandjavelin.com is currently not connected to an active website and instead serves a Wix error page indicating the domain is not linked to any Wix site. There is no business content, contact information, or policies available on the site. The domain is registered since 2002 with Diamatrix C.C., indicating a long registration history but no active web presence. The technical infrastructure is based on Wix platform using AngularJS and jQuery libraries, but no advanced SEO, security headers, or privacy compliance mechanisms are present. Security posture is weak due to lack of HTTPS information and security headers. Overall, the site is inactive and provides no business or security assurances.

L

Latin Studio

latinstudio.at

58

Latin Studio is a small local dance studio based in Austria specializing in Latin dance styles. The website is built on the Wix platform and offers information about dance classes and workshops targeting dance enthusiasts. The technical infrastructure is standard for Wix-hosted sites, with moderate performance and basic mobile optimization. Security posture is basic with HTTPS enabled but lacks security headers and formal privacy or cookie policies. No contact or incident response information is provided, limiting transparency and compliance. Overall, the site is functional but would benefit from enhanced security and privacy features to improve trust and compliance.

L

Luxembourgticket GIE

luxembourgticket-gie.lu

53

Luxembourgticket GIE operates a website focused on ticketing services in Luxembourg, targeting both the general public and businesses. The site is built on WordPress and incorporates modern tracking and consent tools such as Google Tag Manager and Cookiebot, reflecting a moderate level of digital maturity. However, the absence of key compliance documents like a privacy policy and terms of service, as well as missing contact information, limits the site's transparency and trustworthiness. The security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and incident response information. Overall, the site presents a basic but functional online presence with room for improvement in compliance and security documentation.

M

MXGP Czech republic 26.-27.7.2025 - Home

mxgploket.com

42

The website www.mxgploket.com serves as an informational portal for the MXGP Czech Republic motocross event scheduled for July 26-27, 2025. It provides event details, ticketing links, accommodation, maps, and contact navigation. The site targets motocross enthusiasts and event attendees primarily in the Czech Republic region. Technically, it is built on Joomla CMS with standard web technologies including jQuery, Bootstrap, and Google Maps API integration. The site includes Google Analytics for visitor tracking but lacks visible privacy or cookie policies, which is a compliance gap. Security posture is basic with no detected security headers or advanced protections. WHOIS data for the domain is unavailable, raising concerns about domain registration legitimacy. Overall, the site is functional but requires improvements in privacy compliance, security hardening, and domain legitimacy verification.

T

Ticketportal

ticketportal.sk

53

Ticketportal.sk is a well-established Slovak ticket sales platform specializing in entertainment events such as theatre, music concerts, festivals, musicals, and sports. The website targets a general audience in Slovakia and positions itself as a leading ticketing service provider in the region. The platform leverages modern web technologies including jQuery, Google Tag Manager, Facebook SDK, and reCAPTCHA to provide a secure and user-friendly experience. Consent management is implemented to comply with GDPR requirements, although explicit privacy and terms of service documents were not found in the provided content. Security posture is strong with HTTPS enforced and anti-bot measures in place, but could be improved by adding security headers and publishing a security policy. Overall, the website is professional, trustworthy, and technically sound, serving a large user base with extensive event ticketing services.

The website online.hafanplus.cz is an online platform offering pet insurance products primarily targeting dog owners in the Czech Republic. The site provides forms to collect pet and insurance information and offers optional add-ons for working and special dogs. The business model focuses on direct online insurance product offerings with a simple user interface. Technically, the site uses modern frontend technologies including React, Ant Design, and Bootstrap frameworks, with Google Tag Manager for analytics. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. Security posture is basic; HTTPS is assumed but no security headers were detected, and no explicit security or incident response policies are published. Privacy compliance is partially addressed via a cookie consent banner and a linked privacy policy page. However, no contact information or business registration details are provided, and WHOIS data is unavailable, which reduces trustworthiness. Overall, the site is functional and safe but would benefit from enhanced transparency, security practices, and business credibility disclosures.

G

Donor Advised Fund Payment Option | Chariot

givechariot.com

52

The website www.givechariot.com is an active Wix-hosted site with basic business presence but lacks detailed business, compliance, and contact information. The absence of WHOIS registration data raises concerns about domain legitimacy and transparency. Technically, the site uses standard Wix technologies and includes third-party marketing and analytics tools such as Hotjar and Apollo.io, indicating some level of digital maturity. However, the lack of visible privacy policies, cookie consent mechanisms, and security headers suggests a weak security posture and poor privacy compliance. Overall, the site appears to be a small-scale business or project with limited online presence and trust indicators.

H

Hospitallers Medical Battalion

hospitallers.org.uk

51

The website www.hospitallers.org.uk is currently inaccessible or blocked, with WHOIS data indicating that the domain name is invalid under Nominet UK naming rules. This prevents a comprehensive analysis of the business, its services, or its digital presence. The lack of accessible content and metadata means no business description, contact information, or security posture can be reliably assessed. The technical infrastructure appears to be restricted or protected by access controls, limiting visibility into technologies or frameworks used. Security posture cannot be evaluated due to absence of accessible data, and no privacy or cookie policies are detected. Overall, the domain's legitimacy is questionable given the WHOIS error and lack of registration data, and the website is effectively non-functional for analysis purposes.

The website ai6yr.org currently serves as a minimal placeholder page with very limited content, primarily welcoming visitors and providing a single external link to a Mastodon profile. The domain is relatively new, registered in late 2022, and uses privacy protection services, which is typical for small or personal projects. The hosting is provided by GoDaddy with DNS managed by Cloudflare, but no advanced security configurations or content management systems are detected. The site lacks any privacy, cookie, or terms of service policies, and no contact or business information is disclosed, limiting its credibility and trustworthiness. From a technical perspective, the website is basic with minimal SEO and accessibility features. There are no scripts, analytics, or advertising technologies detected, and the site does not implement security headers or DNSSEC, which could improve its security posture. The SSL configuration is assumed basic due to HTTPS usage but no detailed headers were provided. The site is accessible without any WAF or security challenges blocking content. Security posture is weak due to the absence of security headers, policies, and contact information for incident response. The domain registration privacy protection is justified given the minimal business presence, but the lack of transparency and content reduces trust. No vulnerabilities or malicious indicators were found, but the site would benefit from improved security best practices and compliance documentation. Overall, the website represents a small or personal project with minimal digital maturity and security readiness. Strategic recommendations include enhancing security configurations, publishing privacy and cookie policies, adding contact and business information, and improving content quality to build trust and compliance.

H

Hrvatsko meteorološko društvo

meteohmd.hr

43

Hrvatsko meteorološko društvo (HMD) is a well-established Croatian non-profit meteorological society dedicated to promoting meteorological science and practice. The website serves as an information hub for members and enthusiasts, offering news, events, project details, and membership services. The organization has a clear national presence with a domain registered since 2001 and consistent WHOIS data aligning with its Croatian roots. Technically, the website uses a traditional tech stack with jQuery and Google Analytics, but some libraries are outdated, posing potential security risks. Accessibility features are commendable, though mobile optimization is basic. Security posture is moderate with HTTPS usage but lacks visible security headers and cookie consent mechanisms, indicating partial GDPR compliance. Overall, the site is professional and trustworthy but would benefit from technical and compliance improvements.

The website empl.io appears to be a small business or startup registered in the US since 2019. The site is built on WordPress using Bootstrap 3.3.4 and the Yoast SEO plugin, indicating a basic level of technical infrastructure. However, the content is minimal with no visible privacy, cookie, or terms of service policies, and no contact information is provided. The technical setup lacks modern security headers and DNSSEC is not enabled, which are areas for improvement. The security posture is basic with no detected vulnerabilities but also no advanced protections. Overall, the site presents a low level of business credibility and privacy compliance, limiting trustworthiness. Strategic improvements in security, privacy policies, and contact transparency are recommended to enhance the site's professionalism and compliance.

A

APERITIF

le-aperitif.com

62

APERITIF is a small creative studio based in Spain specializing in design, creativity, strategy, advertising, and illustration services. The website showcases a professional portfolio targeting brands, businesses, and individuals worldwide who value high-quality creative work. The company maintains an active social media presence across major platforms, reinforcing its market position as a niche creative agency. Technically, the website is built on the Portfoliobox CMS platform, leveraging AngularJS and jQuery, hosted on Amazon Cloudfront CDN, and includes Google Analytics for user tracking. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is moderate with HTTPS enabled but lacks advanced security headers and privacy compliance documentation. The absence of WHOIS data is a notable concern, reducing domain trustworthiness despite the professional site content. Overall, the site is functional and professional but would benefit from enhanced privacy, security policies, and transparent contact information.

M

Mastodon Mulchers| Forestry Mulching Attachments | United States

mastodon.com

51

The website at www.mastodon.com appears to be a minimal placeholder or parked page hosted on the Wix platform, with no substantive content, business information, or contact details. The WHOIS lookup failed to return any registration data, indicating the domain may not be registered or the data is intentionally blocked. The site uses Wix's Thunderbolt framework and includes Google Tag Manager scripts but lacks privacy policies, cookie consent mechanisms, or terms of service. No forms or user data collection points are present. Security posture is weak due to absence of HTTPS confirmation and security headers. Overall, the site lacks credibility and trust indicators, suggesting it is not an active business website.

The website themehaus.net currently displays a minimal HTML page with a message in Japanese indicating an invalid URL and a possible delay in program settings reflection. The domain is registered since 2014 with a reputable registrar, GMO Internet Group, Inc. d/b/a Onamae.com, and uses Cloudflare for DNS hosting. However, the website content is effectively inaccessible or blocked, providing no business or service information, no metadata, no contact details, and no security or privacy policies. This severely limits the ability to assess the business model, market position, or technical maturity. The lack of DNSSEC and security headers indicates room for security improvements. Overall, the website appears to be either under development, misconfigured, or intentionally blocked, resulting in a low trust and quality rating.

Expert Lookup was a service provided by Elsevier, now officially sunset as indicated by the website's sole content: a sunset notice message. The website no longer offers active services or user engagement features. The domain is well-established, created in 2006, and hosted on Amazon AWS infrastructure, indicating a previously professional setup. However, the current website is minimalistic with no interactive elements, policies, or contact information, reflecting its discontinued status. Technically, the website is very basic with no detected scripts, frameworks, or CMS. The hosting is via AWS DNS servers, but no advanced security headers or DNSSEC are enabled. The site is accessible without WAF or security challenges but lacks modern SEO, accessibility, and privacy compliance features. The absence of privacy and cookie policies indicates non-compliance with GDPR and related regulations. From a security perspective, the site shows minimal security posture with no visible security headers or incident response contacts. The domain registration is transparent and consistent with a legitimate business domain, registered through SafeNames Ltd. The domain age supports the legitimacy of the business history, but the website content no longer reflects an active service. Overall, the website poses low risk but also low value due to its discontinued status. Strategic recommendations include improving security configurations if the domain is repurposed, adding privacy and cookie policies for compliance, and enhancing content quality and user engagement if relaunched.

W

Wojta Foto

wojta-foto.cz

46

Wojta Foto is a niche photography website specializing in speedway sports event photography, primarily serving audiences in the Czech Republic and Poland. The site showcases galleries of speedway races and related events, targeting speedway fans and photography enthusiasts. The business operates as a small entity founded in 2010, with a focus on content publishing and portfolio showcasing. Technically, the website is built on WordPress using common plugins such as NextGEN Gallery and Jetpack, hosted by Wedos, a Czech hosting provider. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but it lacks security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is safe for general audiences and maintains a moderate level of professionalism and trustworthiness.

SportPHOTO.cz is a professional sports photography agency specializing in capturing and providing images and insights from various global sports arenas. The website targets sports enthusiasts, media outlets, and event organizers, offering photographic content primarily in motorsport and other sports categories. The business operates in the Czech Republic and maintains a niche market position with a small-sized operation. The website content is well-structured and professionally presented, focusing on showcasing recent sports photography works and categorized galleries.

Z

ZAMG (Zentralanstalt für Meteorologie und Geodynamik)

naturkalender.at

41

Naturkalender.at is a citizen science platform operated under the auspices of the Austrian Central Institute for Meteorology and Geodynamics (ZAMG). It enables users to observe and record natural phenomena such as plants and animals throughout the year, contributing valuable data to climate research and phenology studies. The platform offers a dedicated mobile app for Android and iOS, fostering community engagement and scientific collaboration. The website is well-branded, consistent, and targets nature enthusiasts and researchers primarily in Austria. Technically, the site is built on Joomla CMS with Gantry 5 framework and uses modern UI components like Smart Slider 3. While the site is mobile optimized and provides a good user experience, some technical improvements are recommended, particularly in security headers and cookie consent mechanisms. The absence of WHOIS data limits full trust verification, but the affiliation with ZAMG and partner organizations supports legitimacy. Overall, the site presents a professional and trustworthy front for its niche scientific community.

2

Just a moment...

220.lv

51

The website www.220.lv is currently inaccessible due to a Cloudflare Turnstile anti-bot challenge page that blocks access to the actual content. As a result, no business information, metadata, or contact details are available for analysis. The page serves as a security checkpoint rather than a functional website, preventing extraction of meaningful data. The technical infrastructure includes Cloudflare's security services, but no further details on hosting, CMS, or technology stack can be determined. Security posture cannot be fully assessed due to lack of access to the real site content. Overall, the site is protected by a strong WAF mechanism, but this also limits external analysis.

The website at xc-academy.com is currently non-operational, serving a 404 error page indicating no site configuration found. The domain is registered since 2008 through Ascio Technologies, Inc. Danmark, a registrar service provider, but no active business or content is present on the site. The detected CMS is TYPO3, as indicated by the error page branding. There are no privacy, cookie, or terms of service policies, nor any contact or security information available. The lack of content and security measures results in a very low trust and credibility score.

B

Bikeschule Klosters

bikeschuleklosters.ch

49

Bikeschule Klosters is a well-established mountain bike school located in Klosters/Davos, Switzerland, with a history dating back to 1931. The company offers a broad range of bike courses, camps, workshops, and private guiding services tailored for children, youth, and adults. Their business model focuses on experiential outdoor education and recreation, supported by an online booking platform. The website reflects a professional and consistent brand image with clear contact information and partner affiliations, positioning them as a trusted local service provider in the biking community. Technically, the website is built on TYPO3 CMS, utilizing modern web technologies such as jQuery, Owl Carousel, and Google Tag Manager for analytics. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with compressed assets and responsive design elements enhancing user experience. From a security perspective, the site enforces HTTPS with IP anonymization for analytics and a comprehensive cookie consent mechanism. However, it lacks explicit security headers and publicly available security or incident response policies. No vulnerabilities or exposed sensitive data were detected, indicating a solid security posture for a small business. Overall, the website is safe, professional, and trustworthy, with no adult or questionable content. The domain registration data aligns well with the business claims, reinforcing legitimacy. Strategic improvements could focus on enhancing security headers, publishing security policies, and expanding incident response transparency to further strengthen trust and compliance.

The domain cine.cz is registered since 2015 with a recognized registrar, indicating a legitimate registration. However, the website content is completely inaccessible, displaying only a minimal message 'Missing index page or access denied!'. This suggests the site is either inactive, misconfigured, or access is restricted. No metadata, scripts, forms, or contact information are present, limiting any meaningful analysis of business operations or services. The lack of HTTPS information and security headers further indicates poor security posture. Overall, the site does not provide any user-facing content or compliance documentation, resulting in a very low trust and credibility score.

The website drias-climat.fr appears to be a climate-related informational site, likely affiliated with meteorological data services in France, as inferred from its nameservers pointing to meteofrance.fr. The domain is registered since 2011 and is active, indicating a stable presence. However, the accessible content is minimal, primarily a captcha verification page, with no visible privacy, cookie, or terms of service policies. There is no contact information or business details presented on the page. Technically, the site uses JavaScript and base64 encoded images but lacks modern web practices such as HTTPS enforcement and security headers. The overall user experience and content quality are poor, with limited navigation or engagement features.

I

Infrastructure Services for Open Access C.I.C.

is4oa.org

59

Infrastructure Services for Open Access C.I.C. (IS4OA) is a small non-profit community interest company based in the United Kingdom, serving as the parent holding company for the Directory of Open Access Journals (DOAJ). The website primarily provides organizational information and transparent financial reporting for DOAJ, targeting the academic and open access publishing community. The business model focuses on supporting open access infrastructure through non-commercial means, positioning IS4OA as a trusted steward in the open access ecosystem. Technically, the website is built on the WordPress platform hosted on WordPress.com, utilizing Jetpack and Gutenberg technologies. It employs HTTPS for secure communication and embeds financial documents as PDFs for transparency. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. However, it lacks advanced security headers and DNSSEC, which could enhance its security posture. From a security perspective, the site benefits from HTTPS and domain registration protections but lacks published privacy, cookie, and security policies. No incident response or vulnerability disclosure information is provided, which are areas for improvement. The absence of privacy and cookie policies also impacts GDPR compliance. Overall, the security posture is adequate but could be strengthened with additional policies and technical controls. The overall risk assessment is low given the non-commercial nature and transparent operations, but strategic recommendations include publishing privacy and cookie policies, enabling DNSSEC, adding security headers, and establishing vulnerability disclosure and incident response contacts to enhance trust and compliance.

W

wettermelden.at

wettermelden.at

50

The website wettermelden.at appears to be an informational platform related to weather reporting, likely affiliated with the Austrian meteorological service (ZAMG), as indicated by the logo and DNS name servers. The site uses modern web technologies such as React and Leaflet.js for interactive map features, but the visible content is minimal and primarily serves as a weather data reporting interface. The technical infrastructure is moderately modern with external dependencies on trusted CDNs and analytics services. Security posture is basic with no evident security headers or privacy policies, and no contact or incident response information is provided. The domain registration is consistent with the website's purpose and location, registered via a known Austrian registrar and using name servers linked to ZAMG. Overall, the site is functional but lacks comprehensive privacy, security, and contact information, which limits trust and compliance levels.

3

37th International Conference on Alpine Meteorology (ICAM)

icam2025.hr

51

The website for the 37th International Conference on Alpine Meteorology (ICAM) presents a well-structured and content-rich platform for the upcoming scientific conference scheduled in Poreč, Croatia in late 2025. It targets researchers and professionals in mountain meteorology and climate science, offering detailed event information, registration, and abstract submission functionalities via partner platforms. The site demonstrates a moderate level of digital maturity with modern web technologies and responsive design, although it lacks key privacy and security policy disclosures. The security posture is adequate with HTTPS and Cloudflare DNS, but could be improved by adding security headers and incident response information. Overall, the domain registration aligns with the event's geographic focus but shows an unusual future creation date, likely due to event timing. Strategic improvements in privacy compliance and contact transparency would enhance trust and compliance.

V

Volcanica

jvolcanica.org

46

Volcanica is a specialized academic journal dedicated to volcanology research, operating under a diamond open access model that eliminates fees for authors and readers. It is supported institutionally by Presses universitaires de Strasbourg and holds recognized open access certifications such as the DOAJ Seal and memberships in the Free Journal Network and OASPA. The website is built on Open Journal Systems, leveraging modern web technologies including Bootstrap and MathJax, and integrates analytics tools like Google Analytics and Tag Manager for user tracking. The site is mobile responsive, accessible, and professionally designed, providing a positive user experience for its target audience of researchers and professionals in volcanology. Security posture is generally good with HTTPS enforced, but lacks some security headers and visible cookie consent mechanisms. WHOIS data is unavailable, likely due to privacy protection, which is common and justified for this type of academic publishing entity. Overall, the website demonstrates a strong trust profile and professional operation.

V

VTP soft a.s.

poolbilliard.cz

57

Český poolbilliard is a niche sports community website focused on pool billiards in the Czech Republic. It provides news, tournament information, player rankings, and educational content to its audience of billiard enthusiasts and players. The site is built on WordPress and integrates common plugins for photo galleries and GDPR compliance. The presence of official partner logos and links indicates a legitimate and community-supported platform. Technically, the site uses standard web technologies including jQuery and Google Fonts, with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and updated libraries. The absence of WHOIS registrant data reduces domain transparency and slightly impacts trustworthiness. Overall, the site is professional and trustworthy for its intended audience but could improve in security and contact transparency.

V

VK Benátky nad Jizerou

vkbenatky.cz

42

VK Benátky nad Jizerou is a local volleyball sports club based in the Czech Republic, established since 2009. The website serves as a hub for club members, players, and fans, providing detailed information about various teams, schedules, news, and club management. The club targets youth and adult volleyball players and enthusiasts within the regional community. Technically, the website is built on WordPress using Elementor and integrates modern web technologies such as jQuery and Font Awesome, hosted by WEDOS. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS with appropriate security headers, but lacks some privacy compliance features such as cookie consent mechanisms. Overall, the domain registration data aligns well with the website content, indicating a legitimate and trustworthy entity.

H

HC Benátky nad Jizerou

hokejbenatky.cz

46

HC Benátky nad Jizerou is a Czech ice hockey club with a well-established online presence since at least 2002. The website serves as an information hub for the club's activities, including team rosters, match schedules, news updates, and youth hockey programs. It targets local fans, players, and the community, providing comprehensive sports-related content and partner promotions. The site is hosted likely by REG-ZONER, a Czech hosting provider, and uses a technology stack including Bootstrap, jQuery, and Slick Carousel. While the site is functional and mobile-optimized, it uses some outdated JavaScript libraries and analytics scripts, which pose potential security risks. The security posture is moderate, with cookie consent implemented but lacking visible security headers and modern analytics. No explicit privacy policy or terms of service pages were found, which may impact compliance. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the site. Strategic improvements in security and privacy compliance are recommended to enhance trust and protect user data.

I

ILINČEV s.r.o.

ilincev.com

51

ILINČEV s.r.o. is a Czech-based small business specializing in UX design and conversion rate optimization (CRO) services. The website presents a professional image with extensive case studies, blog content, and clear contact information, positioning the company as a recognized expert in its field within the Czech market. The business model focuses on consulting, workshops, and long-term optimization services for web and app clients. Technically, the site is built on WordPress with modern optimization and tracking tools, delivering fast performance and excellent mobile responsiveness. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though security headers and formal policies are lacking. The absence of WHOIS registration data raises concerns about domain legitimacy, warranting further verification. Overall, the site is trustworthy and professional but could improve privacy compliance and security transparency.

The website thearmoredgarage.com is currently inaccessible due to a Cloudflare security block, preventing access to any substantive content. As a result, no business information, contact details, or policies are available for analysis. The domain is registered since 2015 with NameCheap and uses Cloudflare DNS services, indicating a legitimate registration and hosting setup. However, the lack of accessible content severely limits the ability to assess the company's market position, services, or technical maturity. The security posture cannot be fully evaluated beyond the presence of Cloudflare's WAF blocking access, which suggests some level of protection against attacks but also restricts transparency. Overall, the site is currently non-functional for external users, resulting in a low AI score and incomplete analysis.