High-risk security reports

K

Kassenärztliche Bundesvereinigung

kbv.de

46

The website www.kbv.de represents the Kassenärztliche Bundesvereinigung (KBV), the umbrella organization for 17 statutory health insurance physician associations in Germany. It serves as a central platform organizing ambulatory healthcare and representing the interests of contracted physicians and psychotherapists at the federal level. The site targets healthcare professionals and stakeholders within the German healthcare system. The business model is non-profit and focused on healthcare governance and support services. The organization holds a strong national market position as a key healthcare body in Germany. Technically, the website is hosted on Akamai CDN infrastructure, uses modern web technologies including HTML5, CSS3, JavaScript, and Bootstrap for responsive design. The site demonstrates good mobile optimization, accessibility, and SEO practices. Cookie consent is managed via a custom script from a subdomain. However, no explicit CMS or analytics services were detected. From a security perspective, the site uses HTTPS and shows no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security headers and does not provide a public security policy or incident response contacts. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Contact information is not directly available on the homepage, which may impact user trust and compliance. Overall, the site is professional, trustworthy, and well-structured but would benefit from enhanced privacy disclosures, security headers, and clearer contact information to improve compliance and user confidence.

K

Kassenärztliche Bundesvereinigung (KBV)

116117-termine.de

34

The website www.116117-termine.de serves as the official appointment booking platform for statutory health insured patients in Germany, operated under the auspices of the Kassenärztliche Bundesvereinigung (KBV). It provides a trusted and user-friendly service for booking, viewing, and canceling medical appointments with general practitioners and specialists. The platform is recognized as a Stiftung Warentest Testsieger in 2021, underscoring its market credibility and user trust. The target audience is primarily German statutory health insured patients seeking quick and reliable access to healthcare appointments. Technically, the website is built on the TYPO3 CMS framework, leveraging modern web technologies including JavaScript and CSS. It integrates Matomo analytics with a clear cookie consent mechanism, ensuring compliance with GDPR and privacy best practices. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Hosting appears to be managed by kv.digital GmbH, a technology partner closely affiliated with the KBV. From a security perspective, the site enforces HTTPS and employs cookie consent for tracking, minimizing privacy risks. However, explicit security headers such as Content Security Policy and HSTS are not evident, and no formal security or incident response policies are published. No vulnerabilities or exposed sensitive data were detected in the analysis. The WHOIS data is limited but does not raise concerns, and the domain appears legitimate and consistent with the official nature of the service. Overall, the website presents a professional, secure, and privacy-conscious platform that effectively supports its public healthcare mission. Strategic improvements could include publishing a security policy, adding security headers, and providing clearer contact information for incident response. These enhancements would further strengthen trust and compliance in an increasingly regulated digital environment.

B

Buzzvil

buzzvil.com

28

Buzzvil is a South Korean technology company specializing in reward-based advertising models that focus on customer acquisition, activation, and monetization. Their website presents a professional and modern interface primarily in Korean, targeting businesses and advertisers interested in innovative advertising solutions. The company positions itself as an innovative player in the advertising technology sector with a unique customer benefit model. Technically, the website is built using modern JavaScript frameworks such as React and Next.js, with good mobile optimization and moderate performance. Security posture is strong with HTTPS enforced and multiple security headers present, although privacy and cookie policies are not clearly visible, indicating room for improvement in compliance. The absence of WHOIS data is a notable concern, suggesting either privacy protection or recent domain registration, which slightly reduces trustworthiness. Overall, the website is professional and functional but would benefit from enhanced transparency and compliance documentation.

The website rcahmw.gov.uk currently presents a robot challenge screen implementing a proof-of-work CAPTCHA mechanism, indicating the presence of a Web Application Firewall or similar security control that blocks direct access to content. This prevents direct analysis of the actual website content, policies, or business information. The domain is a longstanding UK government domain registered since 1996 directly with Nominet, consistent with a legitimate government entity. The technical infrastructure includes advanced client-side cryptographic challenges and hosting via Amazon CloudFront CDN, demonstrating a modern approach to bot mitigation. However, no privacy, cookie, or terms of service policies are visible on this challenge page, nor is any contact or business information exposed. Security headers and SSL configuration details are not available from the provided data. Overall, the site shows strong security posture in terms of bot protection but lacks visible compliance and business transparency on this page.

C

Cheltenham Civic Society

cheltcivicsoc.org

38

Cheltenham Civic Society is a small non-profit organization dedicated to promoting civic pride, heritage conservation, and high standards in urban design within Cheltenham, UK. The society operates as a registered charity and engages the community through campaigns, events, and acting as a formal consultee to the local planning authority. Their website reflects a well-structured and content-rich platform that supports their mission and community engagement efforts. Technically, the website is built on WordPress using modern plugins and libraries, with good SEO and mobile optimization. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be enhanced. Privacy compliance is strong with clear policies and GDPR adherence. Overall, the website is professional, trustworthy, and serves its target audience effectively.

F

Fredrikstad Webdesign AS

fredrikstadwebdesign.no

48

Fredrikstad Webdesign AS is a Norwegian web design and digital marketing company specializing in creating websites, e-commerce platforms, and multimedia content that rank well in Google search results. The company emphasizes quality, long-term client relationships, and local Norwegian language support. Their website demonstrates a mature digital presence with modern technologies such as WordPress, Yoast SEO, Google Tag Manager, and reCAPTCHA, indicating a strong technical infrastructure. Security practices include HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. Overall, the site is professional, well-structured, and compliant with GDPR requirements. The business shows strong trust signals including partner badges, awards, and client testimonials, supporting a high legitimacy score.

A

Arquine

arquine.com

49

Arquine is an established international architecture and design magazine primarily serving Spanish-speaking audiences, founded in 1999. The website operates on a WordPress CMS platform with WooCommerce integration, hosted on DigitalOcean infrastructure. It employs modern web technologies including Google Fonts, Google Analytics, TikTok and Facebook tracking pixels, and Google Tag Manager, indicating a mature digital marketing and analytics setup. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of visible privacy and cookie policies, which could expose the organization to regulatory risks. No direct contact or incident response information is provided, limiting transparency and user trust. Overall, the site is professional and content-rich but would benefit from improved privacy and security practices.

Women In Architecture France is a small non-profit association dedicated to promoting gender equity in the architecture profession, primarily in France and Europe. Founded in 2018 by three architects, the organization focuses on advocacy, research, awards, and international collaboration to enhance the visibility and professional equality of women architects. The website serves as an informational platform showcasing the founders, their mission, and related activities. Technically, the website is built on an older version of WordPress with the Enfold theme and uses common web technologies such as jQuery and LayerSlider. The site is accessible, mobile-optimized, and uses HTTPS, but lacks modern security headers and up-to-date software versions, which could pose security risks. No analytics or tracking scripts are present, indicating minimal user tracking. From a security perspective, the site has a good SSL configuration but lacks important security headers and privacy compliance documentation such as privacy and cookie policies. The absence of WHOIS data for the domain is a concern for trust and legitimacy verification. No contact emails or phone numbers are provided, limiting direct communication channels. Overall, the website is professional and content-rich for its niche but requires improvements in security practices, privacy compliance, and transparency to enhance trustworthiness and reduce risk.

L

Start – Landesgartenschau Bad Nenndorf 2026

landesgartenschau-badnenndorf.de

48

The website for Landesgartenschau Bad Nenndorf 2026 serves as an informational portal for a regional garden exhibition event in Germany. It provides visitors with event dates, planning updates, and engagement opportunities. The site is built on Joomla CMS and uses modern frontend libraries such as Swiper and Fancybox, indicating a moderate level of technical maturity. However, the absence of privacy and cookie policies, as well as explicit contact information, suggests gaps in compliance and user trust facilitation. Security posture is basic, with no visible security headers or incident response contacts. Overall, the site is functional and informative but would benefit from enhanced privacy, security, and contact transparency to improve trust and compliance.

A

ASTR

astr.fr

47

ASTR is a well-established French national groupement d'achats (purchasing group) and service provider for road transport companies, founded in 2000. It offers a broad range of services including fuel, toll badges, tires, spare parts, insurance, training, and more, targeting transport companies and professionals. The website reflects a mature business with a strong market position supported by over 800 shareholder companies and a large fleet and workforce. Technically, the site is built on WordPress with modern web technologies, optimized for SEO, accessibility, and mobile devices. Security posture is good with HTTPS and cookie consent mechanisms, though security headers are not explicitly detected, indicating room for improvement. Overall, the site is professional, trustworthy, and compliant with GDPR, with clear contact information and a transparent partner ecosystem.

N

Neudeck

neudeck.de

49

Neudeck is a well-established German family-owned business specializing in the international import and distribution of semi-finished wood products. Founded in 1946, it operates with over 180 employees, multiple locations, and a significant logistics fleet, serving primarily B2B customers in the wood manufacturing and construction sectors. The company emphasizes sustainability through FSC and PEFC certifications and maintains a professional digital presence with a modern WordPress-based website featuring SEO optimizations and multimedia content. Technically, the website uses a mature tech stack including Bootstrap and Borlabs Cookie for GDPR compliance, with good mobile optimization and moderate performance. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and explicit security policies. Overall, the website reflects a credible and trustworthy business with a strong market position in the manufacturing sector.

D

Der Holzring GmbH

holzring.de

43

Der Holzring GmbH operates as a cooperative service provider focused on process optimization, intelligent performance remuneration, and fostering successful networking between shareholders and suppliers. The company positions itself as a trusted intermediary enhancing business relationships within the wood supply sector. The website reflects a medium-sized enterprise based in Germany, offering consulting and optimization services with a clear business model centered on collaboration and efficiency. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies such as Bootstrap and jQuery, hosted likely on Your-Server.de infrastructure. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Security posture is solid with HTTPS enforced and privacy-conscious analytics implementation, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-maintained, supporting the company's business credibility and digital maturity.

ISUZU France operates as a commercial vehicle manufacturer and distributor, focusing on trucks and pickups such as the D-MAX and Truck series. The website serves French-speaking customers with detailed product information, dealer locators, and customer service resources. The company is positioned as a significant player in the transportation sector in France, supported by a large-scale business infrastructure. Technically, the website employs modern frameworks including Laravel and Vue.js, with integration of Google Tag Manager and Iubenda for privacy compliance. The site is mobile-optimized and demonstrates good SEO practices. Security posture is solid with HTTPS enforced and CSRF protections, though some security headers and explicit incident response information are absent. Privacy policies are comprehensive and GDPR compliant, including a named Data Protection Officer. Overall, the site is professional, trustworthy, and safe for general audiences.

T

Tred Union

tredunion.fr

45

Tred Union is a French transport group established in 2009, focusing on regional transport and logistics services across diverse sectors including industrial, construction, agro-food, and e-commerce. The group aims to foster synergies among transport companies to offer competitive and specialized transport solutions such as refrigerated transport and large volume shipments. The website demonstrates a moderate level of digital maturity, leveraging modern web technologies like React, Google Maps API, and Google Analytics. However, it lacks explicit privacy and cookie policies, and no visible contact information was found in the analyzed content. Security measures include HTTPS and reCAPTCHA, but there is room for improvement in publishing security policies and headers. Overall, the site is professional and trustworthy with a strong market position in France's transport sector.

The website hostay.fr is currently inaccessible due to a Cloudflare Turnstile CAPTCHA security challenge, which blocks direct access to any business content or information. The domain is registered with Scaleway and uses Cloudflare nameservers, indicating a hosting and security setup consistent with a French-based small business or service. Due to the lack of visible content, no privacy, cookie, or terms of service policies are available, nor is there any contact or security policy information. The technical infrastructure includes modern security measures such as Cloudflare's WAF and CAPTCHA, but the absence of accessible content limits the ability to assess the website's full digital maturity or business model. The security posture is moderate based on the presence of Cloudflare protections, but the lack of visible security headers or policies reduces confidence. Overall, the site is low in trustworthiness and content quality due to the blocking mechanism.

A

Atlas Estate Agents

atlasestateagents.co.uk

45

Atlas Estate Agents is a well-established real estate agency specializing in residential and commercial property sales, lettings, and management in Liverpool, UK. The company emphasizes competitive pricing, family business values, and customer service, positioning itself as a trusted local market player since 1965. Their website provides property search functionality, valuation requests, and detailed service information targeting buyers, sellers, landlords, and tenants in the Liverpool area. Technically, the website employs a modern tech stack including jQuery, Bootstrap, Google Maps API, Google reCAPTCHA, Google Tag Manager, and Facebook Pixel. The site is mobile-optimized with good navigation and SEO practices, though some accessibility features are basic. Security measures include HTTPS enforcement and spam protection via reCAPTCHA, but lack certain HTTP security headers and cookie consent mechanisms. From a security perspective, the site shows a moderate maturity level with no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and formal privacy/cookie consent banners indicates room for improvement in compliance and defense-in-depth. The WHOIS lookup failed due to querying a subdomain rather than the registered domain, limiting domain trust verification. Overall, the site is professional and trustworthy but could enhance its security posture and privacy compliance. Strategically, the company should prioritize implementing security headers, cookie consent mechanisms, and publishing security policies to strengthen user trust and regulatory compliance. Additionally, clarifying domain registration details and improving accessibility would further enhance their digital maturity and risk management.

D

Dinas Lingkungan Hidup Kota Semarang

dlhkotasemarang.id

42

Dinas Lingkungan Hidup Kota Semarang is a government environmental agency responsible for managing environmental affairs in Semarang city, Indonesia. The website serves as an official portal providing information about the agency's structure, mission, and public services such as business permits, environmental impact assessments, and public reporting. The site targets the general public and stakeholders interested in environmental governance. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and Google Fonts, with Cloudflare DNS services. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and important security headers. Privacy and cookie policies are absent, which impacts compliance. The domain WHOIS data shows an anomalous future creation date, which may be a data error but slightly reduces trust. Overall, the website is a credible government resource with room for improvement in security and privacy compliance.

D

Dinas Lingkungan Hidup Kota Depok

dlhdepok.id

43

Dinas Lingkungan Hidup Kota Depok is the official government agency responsible for environmental management in Depok city, Indonesia. The website serves as a public information portal providing services such as environmental permits, waste management, and public complaint reporting. The agency operates under local government regulations and targets local citizens and stakeholders interested in environmental governance. Technically, the website is built with standard web technologies, uses HTTPS, and is hosted behind Cloudflare DNS, indicating a moderate level of digital maturity. However, the absence of privacy and cookie policies, lack of security headers, and no incident response information highlight areas for improvement in security and compliance. The domain WHOIS data shows a future creation date, which is inconsistent with the agency's founding year, suggesting a data anomaly but not necessarily a legitimacy issue. Overall, the website is professional, trustworthy, and safe for general audiences.

D

DLH Provinsi Sumatera Selatan

dlhsumateraselatan.id

49

The website dlhsumateraselatan.id serves as the official online portal for the Dinas Lingkungan Hidup (Environmental Agency) of South Sumatra Province, Indonesia. It provides public information including news, announcements, documents, and contact details relevant to environmental management and policies. The site targets residents and stakeholders within the province, functioning as a government information dissemination platform. Technically, the site employs standard web technologies such as Bootstrap, jQuery, and Font Awesome, hosted behind Cloudflare DNS services. The design and content quality are basic but functional, with moderate mobile optimization and navigation clarity. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy and cookie policies are absent, indicating compliance gaps. WHOIS data shows inconsistencies with a future domain creation date and a private registrar, raising legitimacy concerns. Overall, the site is accessible and safe for general audiences but requires improvements in security and privacy compliance to enhance trust and resilience.

D

Dinas Lingkungan Hidup Provinsi Sulawesi Tenggara

dlhsulawesitenggara.id

49

The website dlhsulawesitenggara.id serves as the official online presence of the Environmental Agency of Southeast Sulawesi Province, Indonesia. It provides public information including news, announcements, documents, and contact details relevant to environmental management in the region. The site targets residents and stakeholders within the province and operates as a government service platform. Technically, the website employs common web technologies such as Bootstrap, jQuery, and Font Awesome, hosted behind Cloudflare DNS services. The site demonstrates basic mobile optimization and moderate performance but lacks advanced SEO and accessibility features. Security-wise, HTTPS is enabled, but the absence of DNSSEC and security headers reduces the overall security posture. The WHOIS data presents inconsistencies, including a future domain creation date and a registrant organization that does not align with the government entity, which raises questions about domain ownership authenticity. No privacy, cookie, or terms of service policies are present, indicating compliance gaps. Overall, the website is functional and safe for general audiences but requires improvements in security, privacy compliance, and domain legitimacy to enhance trust and professionalism.

D

DLH Provinsi Sulawesi Tengah

dlhsulawesitengah.id

41

DLH Provinsi Sulawesi Tengah operates as the official environmental agency for Central Sulawesi Province, Indonesia, providing public information, news, and services related to environmental management. The website serves residents, government officials, and environmental stakeholders with updates, documents, and contact channels. Technically, the site uses modern frontend technologies including Bootstrap, jQuery, and Cloudflare DNS services, delivering a responsive and accessible user experience. Security posture is moderate with HTTPS enabled but lacks advanced DNS security and published policies. WHOIS data shows inconsistencies that warrant caution but do not directly undermine the site's legitimacy. Overall, the site is functional and trustworthy for its intended audience but requires improvements in privacy compliance and security best practices.

M

musicdirectory.ch

musicdirectory.ch

47

musicdirectory.ch is a specialized online platform operated by Helvetiarockt, targeting women, inter-, trans-, non-binary, and agender individuals in the Swiss music industry. It serves as a directory and community hub offering listings of people, projects, and events to foster networking and visibility within this niche market. The website is professionally designed with consistent branding and clear navigation, supporting multiple languages to cater to a diverse Swiss audience. Technically, it is built on WordPress with common plugins for forms, multilingual support, and performance optimization, and it integrates Google Analytics and Tag Manager for user tracking. Security-wise, the site uses HTTPS and some best practices like password strength meters and honeypots in forms but lacks advanced security headers and formal vulnerability disclosure mechanisms. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Overall, the site is trustworthy and safe for general audiences but would benefit from enhanced privacy and security measures.

D

Deutscher Sparkassen- und Giroverband e.V.

sparkassen-schulservice.de

48

The Sparkassen-Schulservice website is a well-established educational platform operated by the Deutscher Sparkassen- und Giroverband e.V., providing free, neutral, and comprehensive financial literacy materials for school students in Germany. The platform targets both students and teachers, offering a wide range of resources including PDFs, videos, interactive exercises, and printed materials. The site is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital presence. Technically, it is built on WordPress with modern plugins such as Yoast SEO and H5P for interactive content, and uses Google Tag Manager for analytics. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers and incident response policies are not published. Overall, the site is trustworthy, safe, and compliant with GDPR, serving as a valuable resource in the financial education sector.

I

IQS Initiative Qualitätssperrholz

iqsperrholz.org

44

The IQS Initiative Qualitätssperrholz is a voluntary association of companies within the wood import industry in Germany, focused on promoting fair competition and transparency in plywood product quality and labeling. The website serves as an informational platform to educate customers and industry participants about plywood standards and product declarations. The business model centers on collaboration among industry members to ensure consistent quality and compliance with relevant norms. The site is well-positioned within its niche, supported by a network of partner companies and the Gesamtverband Deutscher Holzhandel e.V., which provides organizational backing. Technically, the website is built on a modern WordPress CMS platform using Elementor and JetEngine plugins, with SEO optimization via Yoast and cookie consent managed by Borlabs Cookie. The site is mobile-optimized and performs moderately well, with a clean and professional design. Security posture is adequate with HTTPS enabled and domain transfer protection in place, though it lacks explicit security policies and vulnerability disclosures. Security-wise, the site benefits from SSL encryption and domain status protections but is missing critical compliance documents such as a privacy policy and terms of service, which impacts GDPR compliance and overall trust. No incident response or vulnerability disclosure mechanisms are present, which could be improved to enhance security readiness. Overall, the website is a credible and professional representation of the IQS initiative with good business credibility and technical implementation. Strategic improvements in privacy compliance and security transparency would further strengthen its position and trustworthiness.

R

Repair-Café Tösstal

repair-cafe-toesstal.ch

36

Repair-Café Tösstal is a small, community-driven non-profit organization based in Switzerland, focused on providing free repair services for various household and personal items to reduce waste and promote sustainability. Founded in 2018, it operates with a volunteer team and enjoys strong local support from municipalities and schools. The website reflects a well-structured and informative platform that clearly communicates its mission, services, and contact information. Technically, the site uses standard web technologies such as HTML5, CSS3, JavaScript, and jQuery, with moderate performance and good mobile optimization. However, there is a lack of formal privacy and cookie policies, and no visible security headers, which are areas for improvement. The security posture is moderate with no visible vulnerabilities or sensitive data exposure, but the absence of security best practices and compliance documentation lowers the overall security score. Overall, the website is trustworthy and professional, serving its target audience effectively with a clear business model and community focus.

Fahrschule Scheelen is a well-established driving school based in Emmendingen and Teningen, Germany, with over 40 years of experience and a strong local presence. The company offers comprehensive driving education services for various license classes, including cars and motorcycles, supported by modern vehicles and online learning tools. Their target audience includes both young and older individuals seeking driving licenses in the region. The website is professionally designed, mobile-optimized, and provides clear navigation and contact options, including multiple contact forms and direct phone and email contacts. Technically, the site is built on WordPress with Elementor and uses modern libraries and frameworks, hosted likely on Your-Server.de. Security posture is good with HTTPS and email obfuscation, though some security headers and cookie consent mechanisms are missing. Overall, the site reflects a credible and trustworthy business with a solid digital presence.

The analyzed content corresponds to an internal Chrome browser error page (chrome-error://chromewebdata/) which is displayed when a requested website is not accessible or offline. This page includes embedded Chromium offline game scripts and styling but contains no actual business or website content. Consequently, there is no identifiable company, no privacy or cookie policies, no contact information, and no external links or marketing content. The technical infrastructure is limited to Chromium internal scripts and basic HTML/CSS, with no hosting or CMS details available. Security posture is minimal due to the nature of the page being an error display rather than a public website. Overall, this page does not represent a legitimate business website and cannot be evaluated for compliance or security beyond its role as a browser error page.

W

Wiki Software International - Consulenza finanziaria

wikisoftware.it

43

Wiki Software International is a specialized Italian company founded in 2011, offering financial consultancy and software solutions focused on synchronizing financial flows and reducing errors in payment processes. Their market position is that of a niche provider with strong banking and financial know-how, targeting CFOs and financial departments of enterprises. The website reflects a professional B2B business model with key services including assessment, consultancy, international finance, IBAN checking, and a competence center. Technically, the site is built on WordPress with modern plugins and SEO tools, showing good mobile optimization and moderate performance. Security posture is adequate with HTTPS, DNSSEC, and reCAPTCHA, but the expired domain status is a critical risk. Privacy compliance is limited due to missing privacy and terms policies. Overall, the site is trustworthy and professional but requires urgent domain renewal and enhanced compliance documentation.

Unser-stadtplan.de is a German website operated by Städte-Verlag E. v. Wagner & J. Mitterhuber GmbH, providing digital and printed city maps, district maps, and comprehensive business directories. The platform also features job listings, targeting local residents and businesses in Germany. The website content is primarily in German and focuses on delivering detailed geographic and commercial information to its users. The business model revolves around map publishing and local business promotion, positioning itself as a regional leader in city planning and local information services. Technically, the website uses standard web technologies including JavaScript and CSS with custom scripts for UI interactions and animations. The site shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. No CMS or major frameworks are detected. The hosting provider and SSL configuration details are not explicitly available, limiting a full technical assessment. From a security perspective, the site does not explicitly show HTTPS status or security headers in the provided data, indicating potential gaps in security best practices. No privacy or cookie consent banners are present, which is a compliance concern under GDPR. The site includes a privacy policy and contact form but lacks visible incident response or security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is functional and provides valuable local information but would benefit from enhanced security measures, improved privacy compliance, and better technical modernization to strengthen trust and user experience.

The website revsci.net currently hosts extremely minimal content, consisting solely of a small JavaScript snippet that loads an external accessibility script. There is no metadata, no business information, no contact details, and no policies present on the site. The domain is newly registered in August 2023 via DropCatch.com, a domain drop-catching registrar, suggesting the site is either in early development or speculative. The lack of content and business information prevents any meaningful assessment of the company's market position or services. From a technical perspective, the site uses basic JavaScript but lacks modern web development best practices such as SEO metadata, accessibility features, or performance optimizations. There is no evidence of HTTPS or security headers, which poses a significant security risk. No analytics or advertising technologies are detected, indicating minimal digital maturity. Security posture is weak due to the absence of HTTPS, security headers, privacy policies, and contact information for incident response. The domain registration is legitimate but does not align with any visible business claims, reducing trustworthiness. No vulnerabilities or malicious indicators are detected, but the site is not production-ready. Overall, the site scores very low on content quality, security, privacy compliance, and business credibility. Strategic recommendations include enabling HTTPS, adding comprehensive privacy and cookie policies, publishing contact and security incident response information, and developing meaningful website content to establish trust and legitimacy.

S

Stadt Rheinfelden (Baden)

rheinfelden.de

49

Stadt Rheinfelden (Baden) operates an official municipal website providing extensive information and services to residents and visitors. The site covers a broad range of topics including citizen services, cultural events, urban planning, and tourism. The website is well-structured, professionally designed, and primarily targets local citizens and tourists. Technically, the site uses the cEasy CMS platform and integrates Matomo analytics for privacy-conscious user tracking. The infrastructure is modern with HTTPS enforced, but lacks some advanced security headers and cookie consent mechanisms. Security posture is moderate with no critical vulnerabilities detected. Overall, the site reflects a mature municipal digital presence with room for improvement in privacy compliance and security best practices.

L

Landkreis Lörrach

loerrach-landkreis.de

49

Landkreis Lörrach operates as a regional government authority in Germany, providing a broad range of public services including transportation, economic development, social and family support, environmental initiatives, and tourism promotion. The website serves residents and visitors with comprehensive information and digital services, reflecting a mature public sector entity with a consistent brand and professional presentation. Technically, the site is built on the cEasy CMS platform, employs modern web technologies, and integrates privacy-conscious analytics via Matomo. The site is well-optimized for mobile and accessibility standards, ensuring a good user experience. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the website demonstrates a trustworthy and professional digital presence aligned with its governmental role.

T

Team PAPREC ARKÉA

teampaprecarkea.com

39

Team PAPREC ARKÉA is a French offshore sailing team prominently preparing for the Vendée Globe 2024-2025 race, sponsored by Paprec and Arkéa. The website serves as an official platform to share news, media, and team information, targeting sailing enthusiasts and sports fans. The business model revolves around sponsorship and promotion within competitive sailing circuits. Technically, the site employs modern web standards, including responsive design, accessibility features, and structured data, ensuring a good user experience across devices. Security posture is solid with HTTPS and consent management, though improvements in security headers and explicit incident response information are recommended. The absence of WHOIS data introduces some uncertainty regarding domain legitimacy, but the professional presentation and active social media presence support the site's credibility. Overall, the site is well-maintained, compliant with privacy regulations, and effectively supports the team's branding and communication objectives.

F

Fachkommission Internet – Amnesty International

amnesty-intern.de

43

The Fachkommission Internet (FK Internet) website serves as an informational and support platform for the German section of Amnesty International, focusing on IT-related services such as webhosting, email, cloud storage, and intranet support. The organization operates as a small, volunteer-driven non-profit entity providing specialized IT assistance to Amnesty International groups and districts in Germany. The website is built on WordPress and leverages a variety of plugins and modern web technologies to deliver content and services effectively. Hosting is provided by Manitu, a reputable German hosting provider, which aligns with the organization's regional focus. From a technical perspective, the site demonstrates a moderate level of digital maturity with a modern tech stack, responsive design, and active content updates. However, there is room for improvement in areas such as security headers implementation and cookie consent mechanisms to enhance GDPR compliance. The absence of explicit terms of service and vulnerability disclosure pages suggests potential gaps in formal security and compliance documentation. Security posture is generally good, with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The site does not exhibit signs of malicious activity or phishing. Privacy compliance is supported by the presence of a privacy policy, though cookie consent mechanisms are lacking. Contact information is available primarily via email and contact forms, but no phone numbers or physical addresses are prominently displayed. Overall, FK Internet presents a trustworthy and professional online presence consistent with its non-profit mission. Strategic recommendations include enhancing privacy compliance with cookie consent, implementing security headers, and publishing formal security policies to strengthen trust and compliance further.

W

Weiss Internet Services

wwweiss.de

45

Weiss Internet Services is represented by a minimalistic German-language website primarily serving as a digital presence. The company appears to operate in the technology sector, likely providing internet-related services, though no detailed business description or service listings are present. The website uses the Weblication® CMS platform, indicating a moderate level of digital maturity but lacks advanced technical or marketing features. Security posture is basic with no HTTPS verification visible in the provided data, no security headers, and no privacy or cookie policies, which indicates room for improvement in compliance and security best practices. Overall, the site is accessible and functional but minimal in content and security features, suggesting a small business or early-stage digital presence.

Studierendenwerk Aachen is a regional non-profit organization providing essential student services such as housing, dining, and social support primarily for the academic community in Aachen, Germany. The website serves as an informational portal targeting students and university affiliates. The technical infrastructure relies on established but somewhat dated technologies including jQuery 1.12.4, Materialize CSS, and Google Maps API, with consent management handled by Usercentrics, indicating some GDPR awareness. However, the website lacks explicit privacy and cookie policies, which is a compliance gap. Security posture is moderate with HTTPS implied but no visible security headers or modern security practices. No contact or business certification information is readily available in the provided content, limiting trust signals. Overall, the site is functional but could benefit from modernization and enhanced compliance documentation.

The website cloud32.ch currently serves as a minimal 'Coming Soon' placeholder page with no substantive business content, contact information, or policies. The site uses WordPress with a Coming Soon plugin and includes styling via Tailwind CSS and FontAwesome. There is no evidence of active business operations or services presented on the site. The technical infrastructure is basic, with standard libraries such as jQuery and Google Fonts included. No analytics or tracking scripts are detected, and no security headers or SSL configuration details are available from the provided data. The security posture is weak due to lack of visible HTTPS enforcement and absence of security best practices. Privacy compliance is non-existent as no privacy or cookie policies are found. Overall, the site lacks business credibility and trust indicators, making it unsuitable for customer engagement at this time.

The website sefeaimpact.it currently serves a robot challenge screen implementing a proof-of-work captcha mechanism to verify visitors. This indicates the presence of a Web Application Firewall (WAF) or security layer blocking direct access to the actual website content. Due to this, no business-related content, contact information, or policies are accessible for analysis. The domain is registered since 2016 with DNSSEC enabled, suggesting a legitimate registration, but the lack of accessible content limits further trust evaluation. Technically, the site uses custom JavaScript with Web Workers and cryptographic hashing to implement the captcha challenge. The hosting leverages AWS Cloudfront CDN for content delivery. However, no SEO, accessibility, or privacy compliance features are present on the challenge page. Security headers and HTTPS configuration details are not visible in the provided data. The security posture shows some strengths in DNSSEC and captcha usage but lacks visible security headers and privacy compliance mechanisms. The site does not expose forms or inputs, reducing attack surface but also limiting user interaction. Overall, the site is currently inaccessible for normal users without passing the challenge, which impacts usability and trust. Given these factors, the overall risk is moderate due to the blocking mechanism, but the lack of transparency and policies is a concern. Strategic recommendations include implementing visible security headers, publishing privacy and cookie policies, providing contact and incident response information, and improving user experience post-challenge.

C

Consorzio Cooperativo Finanziario per lo Sviluppo

fin4coop.it

40

FIN4COOP is a cooperative financial intermediary operating nationally in Italy, focusing on providing financial services and support to cooperative members. The website serves as an information portal offering details on financial activities, brochures, membership procedures, financial statements, and news updates. The company targets cooperative organizations and mutual societies, positioning itself as a niche player in the cooperative finance sector with strategic partnerships and a cooperative business model. The website is professionally designed, consistent in branding, and includes trust signals such as privacy compliance and social media presence. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Maps API, and Google Analytics integrated with consent management. The site shows moderate performance and good mobile optimization. SEO practices are well implemented with proper meta tags and structured data. However, a visible PHP warning indicates a plugin issue that should be resolved to improve security and user experience. From a security perspective, the site uses HTTPS with excellent SSL configuration and employs a cookie consent mechanism via Iubenda. No critical vulnerabilities were detected, but the absence of security headers and the PHP warning reduce the security posture score. No incident response or security policy pages were found, suggesting room for improvement in transparency and preparedness. Overall, the website is trustworthy and professional with a good balance of content quality, technical implementation, and privacy compliance. Addressing the minor security issues and enhancing security headers would further strengthen the site's security and user trust.

The domain rumahweb.net is registered to CV. Rumahweb Indonesia since 2005, indicating a long-standing business presence in Indonesia within the technology sector. However, the website content is completely empty, with no metadata, no visible content, no forms, no links, and no scripts, which severely limits the ability to assess the company's digital presence or offerings. The lack of any privacy, cookie, or terms of service policies, as well as absence of contact information, further restricts evaluation of compliance and user engagement capabilities. From a technical perspective, no information about the technology stack, hosting provider, or performance can be derived due to the absence of content. Security posture cannot be assessed beyond the WHOIS data, which shows a domain with clientTransferProhibited and clientUpdateProhibited statuses, indicating some level of domain security. No WAF or blocking mechanisms were detected. Overall, the security posture is unknown due to lack of data, but the domain registration data is consistent and trustworthy. The website's lack of content and policies represents a significant risk for user trust and compliance. Strategic recommendations include developing a functional website with clear business information, implementing privacy and cookie policies, and establishing contact and security policies to improve trust and compliance.

A

Axapharm AG

grafixpharm.ch

46

Grafixpharm, operated by Axapharm AG, is a Swiss-based graphic design service provider with a multilingual WordPress website. The site demonstrates moderate digital maturity with the use of modern plugins such as Yoast SEO, WPML for multilingual support, and Google Analytics for visitor tracking. The website design is professional and mobile-optimized, providing a good user experience and clear navigation. However, the site lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security posture is adequate with HTTPS enabled and some tracking opt-out mechanisms, but it lacks advanced security headers and public security policies. Overall, the domain registration aligns well with the business claims, indicating legitimacy and consistency.

O

ORDRE DES ARCHITECTES - ORDE VAN ARCHITECTEN FCGOA

nroa-cnoa.be

44

The website represents the National Council of the Order of Architects (NROA) in Belgium, a governmental regulatory body overseeing architects. It provides information about the council's assignments, composition, and offers a service to find architects via an external API. The site is multilingual, targeting Dutch, French, and German-speaking audiences in Belgium. The business model is regulatory and service-oriented, focusing on governance and professional oversight within the architecture sector. The organization is relatively new online, with domain registration in 2023, consistent with the website's recent content updates. Technically, the website is built on WordPress with Elementor and uses modern SEO and cookie consent plugins. Hosting is provided by OVH, a reputable provider. The site is mobile-optimized, has good SEO practices, and uses Google Analytics with consent-based loading. Performance is moderate, and accessibility is basic but functional. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers are not explicitly detected. Security-wise, no critical vulnerabilities or exposed sensitive data were found. The site lacks explicit security policies or incident response contacts, which could be improved. Privacy compliance is good with a clear cookie policy and consent mechanism. Business credibility is supported by consistent branding, structured data, and trust signals such as official logos and partner links. Overall, the website is professional, secure, and compliant with GDPR requirements, serving its role as a national architectural regulatory authority effectively.

K

Kirchen in Zürich - Diese Seite ist nicht mehr in Betrieb.

kirchen-in-zuerich.ch

43

The website kirchen-in-zuerich.ch is currently inactive, displaying a message that it is no longer in operation. It appears to have been a WordPress-based site focused on churches in Zürich, Switzerland, but no active content or business services are available. The technical infrastructure is minimal, relying on WordPress with an under construction plugin and standard web fonts and CSS frameworks. There are no visible security headers or advanced security configurations, and no privacy or cookie policies are present. The site lacks contact information, forms, or social media links, indicating a low level of digital maturity and business engagement. Overall, the security posture is weak due to the absence of security best practices and policies, though no critical vulnerabilities or malicious indicators were detected. The domain registration data is consistent with the website's geographic focus and theme, but the inactive status reduces trust and business credibility. Strategic recommendations include reactivating the site with proper content, implementing security headers and HTTPS, adding privacy and cookie policies, and providing clear contact and incident response information to improve compliance and trust.

F

Fachkommission Internet – Amnesty International

fk-internet.de

44

The Fachkommission Internet (FK Internet) website serves as an IT support portal for the German section of Amnesty International, providing services such as webhosting, email, cloud storage, and intranet support. The organization operates as a small, volunteer-driven non-profit entity, targeting Amnesty International groups and districts in Germany. The website is built on WordPress and hosted on Manitu servers, reflecting a moderate to good level of technical maturity with modern plugins and responsive design. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in security headers and explicit security policies. Privacy compliance is mostly met with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the website is trustworthy, professional, and well-maintained, supporting its niche audience effectively.