High-risk security reports

B

Site is undergoing maintenance

blackkidshack.com

38

The website blackkidshack.com is currently in maintenance mode and does not provide active business content. It directs visitors to its parent site blackgirlshack.org for further information. The domain was registered in 2021 and is hosted on dot5hosting.com using WordPress CMS with a maintenance plugin. The technical infrastructure is basic with jQuery and Open Sans font usage. Security posture is moderate with HTTPS enabled but lacks security headers and published policies. No privacy, cookie, or terms of service policies are present, and no contact information is provided on the site. Overall, the site appears to be a small-scale project or non-profit initiative currently offline for updates or redesign.

WeGotNextCyber is a cybersecurity educational initiative operated by the BlackGirlsHack Foundation, a 501(c)(3) non-profit organization focused on increasing diversity and inclusion in cybersecurity by training underserved Black women and girls. The website presents an 18-week Saturday school program targeting 9th-12th grade students in Virginia, providing ethical hacking education and preparation for the CompTIA Security+ certification. The program leverages a trusted curriculum from cyber.org and includes hands-on labs and certification vouchers to enhance employability in cybersecurity fields. Technically, the website is built on WordPress using the Elementor page builder and jQuery libraries. It is hosted on dot5hosting.com with HTTPS enabled, ensuring secure connections. Performance and mobile optimization are moderate to good, though accessibility and SEO optimizations are basic. The site uses Jetpack for analytics and tracking but lacks advanced privacy and cookie policies or consent mechanisms. From a security perspective, the site has HTTPS but lacks security headers and published security policies or incident response contacts. No vulnerabilities or malware indicators were detected, but improvements are recommended in security headers and privacy compliance. The WHOIS data shows a consistent and appropriate domain registration matching the organization's timeline and mission. Overall, the website is a credible and focused educational platform with good content quality and business credibility but requires enhancements in privacy compliance, security best practices, and contact transparency to improve trust and security posture.

The website bgh.mobi serves as a branded short domain placeholder page with minimal content. It primarily promotes the concept of branded short link domains and directs users to short.io for setup. The site lacks any privacy, cookie, or terms of service policies and does not provide contact or business information. Technically, the site is simple, using basic HTML and CSS, hosted via dot5hosting.com with assets served from a Cloudfront CDN. Mobile optimization is adequate, but SEO and accessibility features are minimal. Security posture is weak due to the domain being expired for over 100 days, absence of DNSSEC, and lack of security headers. No analytics or tracking scripts are present, indicating minimal user tracking. Overall, the site appears to be a low-activity placeholder with limited business credibility and trust signals.

LINGUAPAGE is a German technology company operating under the name Villaester Moderne Medien GmbH, specializing in real-time website translation services through widgets and automation. The website is built on Joomla CMS with UIkit framework, indicating a moderate level of technical maturity. However, the site is currently in maintenance mode, limiting content availability and user interaction. The technical infrastructure is standard with HTTPS enabled and basic security practices such as CSRF tokens in forms, but lacks advanced security headers and explicit privacy or cookie policies. No contact information or social media presence is visible, which may impact user trust and engagement. Overall, the security posture is moderate but could be improved with additional headers and policies. The business credibility is limited by minimal public information and lack of contact details. Strategic recommendations include enhancing security headers, publishing privacy and cookie policies, and improving contact transparency.

The website at cyberthreatalliance.org is currently inaccessible, returning a 403 Forbidden error page that blocks access to any substantive content. The domain is registered with Network Solutions, LLC since 2014, indicating a stable and legitimate registration history. However, the lack of accessible content prevents extraction of business, security, or compliance information. No privacy, cookie, or terms of service policies are present, nor are there any contact details or forms. The technical infrastructure shows no DNSSEC enabled and no security headers detected, which are areas for improvement. Overall, the website's security posture is weak due to the lack of visible security best practices and the access restriction itself. The site does not appear to use any analytics, advertising, or tracking technologies. Content safety is rated safe as no adult or explicit content is present, but the site is effectively non-functional for analysis purposes.

B

BCVoices Inc.

bcvoices.org

46

BCVoices Inc. is a small non-profit organization dedicated to telling the stories of women's rights struggles and achievements from America's founding to the present day. Their key services include producing online docuseries, documentary shorts, and maintaining an oral history collection to educate and advocate for gender equity and women's autonomy. The organization targets a general audience interested in women's rights history and social justice. Technically, the website is built on WordPress using Elementor, with standard plugins for e-commerce and image optimization. The site is moderately performant, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS enforced and domain transfer protections, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy with strong social media presence and award recognition.

A

Arkone - Agence mobile et web

arkone.fr

44

Arkone is a French-based agency specializing in bespoke web and mobile application development, targeting businesses and startups primarily in France. Founded in 2021, the company positions itself as a 100% French, custom solution provider with a focus on quality and client satisfaction. Their key services include mobile app development, web development, event-related digital services, and startup accompaniment. The website reflects a professional and consistent brand image, supported by active social media channels and structured data for SEO. Technically, the website is built on WordPress using the Divi theme, enhanced with Yoast SEO and Google Analytics for performance and marketing insights. Hosting is provided by OVH, a reputable French hosting provider, with DNS managed via Cloudflare. The site is mobile optimized and performs moderately well, though accessibility features are basic. The presence of a cookie consent mechanism indicates some level of privacy compliance. From a security perspective, the site enforces HTTPS and uses Cloudflare DNS, but lacks several recommended security headers and does not publish a security policy or vulnerability disclosure. No critical vulnerabilities or WAF blocking were detected, but improvements in security headers and incident response transparency are advised. Overall, Arkone's website demonstrates a solid business and technical foundation with room for enhancement in privacy and security compliance. The risk level is moderate with no immediate critical issues, making it a trustworthy digital presence for a small technology agency.

2

2L.COMM SA

kendros.com

40

Kendros.com operates as a specialized travel industry information portal primarily targeting travel agencies and tourism professionals. The platform aggregates and distributes daily information from various service providers, including travel offers, directories, visa information, and news updates. The business is linked to 2L.COMM SA, a Swiss company, and serves a niche market within the transportation and hospitality sectors. The website content is mostly in French and provides basic but relevant information for its target audience. Technically, the website is built on legacy ASP.NET WebForms technology with JavaScript enhancements and uses Google Analytics for visitor tracking. The site is moderately optimized with basic mobile and accessibility features but lacks modern security headers and advanced privacy compliance mechanisms. The absence of a clear cookie policy and GDPR compliance indicators suggests room for improvement in privacy practices. From a security perspective, the site uses HTTPS but lacks critical security headers such as Content-Security-Policy and anti-CSRF protections. No vulnerabilities were directly observed, but the missing WHOIS data for the domain raises concerns about domain registration legitimacy. Overall, the security posture is moderate but could benefit from enhancements to protect user data and improve trust. The overall risk assessment indicates a moderately trustworthy site with some compliance and security gaps. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers and form protections, and resolving domain registration transparency issues to strengthen legitimacy and user trust.

A

APEF

apef.ch

40

APEF is a well-established non-profit association founded in 1983 that supports the parents of students at Institut Florimont in Switzerland. The organization focuses on volunteer coordination, organizing school and charitable events, and providing resources to families. The website is professionally designed using WordPress and WooCommerce, with modern plugins such as Yoast SEO and Breakdance. It features multilingual support (French and English) and integrates social media channels for community engagement. Security measures include HTTPS, Google reCAPTCHA on forms, and standard security headers, although there is room for improvement in cookie consent and public security policies. Overall, the website reflects a trustworthy and credible organization with a clear mission and active community involvement.

A

Association des Anciens Elèves de l'Institut Florimont

floanciens.ch

47

The website represents the Association des Anciens Elèves de l'Institut Florimont, a non-profit alumni association established in 1920, serving former students and professors of Institut Florimont in Switzerland. It provides community engagement through events, information sharing, and membership services. The site is built on Drupal 8 and integrates Google Tag Manager for analytics. The design is professional, mobile-optimized, and accessible, with clear navigation and relevant content for its target audience. Security posture is moderate with HTTPS enabled and secure login forms, but lacks advanced security headers and published security policies. Privacy compliance is limited due to absence of privacy and cookie policies. Overall, the site is trustworthy and well-positioned within its niche but could improve in security and privacy transparency.

L

Leucine Rich Bio Pvt Ltd

womicrobiome.com

46

The website womicrobiome.com represents the World of Microbiome™ Conference 2025, an event organized by Leucine Rich Bio Pvt Ltd focused on microbiome research, clinical applications, and industry innovations. The site targets microbiome researchers, clinicians, and industry professionals primarily in India, aiming to establish a global platform for microbiome science advancement. The business model centers on event hosting with paid registrations, supported by industry partnerships and media coverage. Technically, the site uses modern frontend technologies including Bootstrap 5.3, Font Awesome, and jQuery, with payment processing securely handled via Razorpay. The design is professional, mobile-optimized, and user-friendly, though SEO and accessibility features are basic. Security posture is moderate with HTTPS and CSRF protections but lacks DNSSEC and security headers. Privacy and cookie policies are absent, representing compliance gaps. WHOIS data shows a suspicious future domain creation date, reducing trustworthiness and requiring verification. Overall, the site is functional and professional but needs improvements in security and compliance documentation.

L

Leucine Rich Bio Pvt Ltd.

rychbiome.com

43

Rychbiome.com represents Leucine Rich Bio Pvt Ltd., a small healthcare company specializing in probiotic and synbiotic products tailored for the Indian population based on microbiome research. The company positions itself as South Asia's first microbiome company with a research-driven approach and offers products through e-commerce platforms. The website is professionally designed, mobile-optimized, and includes customer testimonials and certifications that enhance trust. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and integrates Google reCAPTCHA and Google Maps for user interaction and security. However, there is room for improvement in security posture, particularly in enabling DNSSEC and security headers, and in privacy compliance by adding privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and consistency.

L

Leucine Rich Bio Pvt Ltd

bugspeaks.com

47

BugSpeaks, operated by Leucine Rich Bio Pvt Ltd, is a pioneering South Asian healthcare company specializing in clinically validated microbiome testing kits for gut, skin, oral, and vaginal health. The company leverages scientific research and expert consultation to provide personalized health insights and probiotic recommendations. Their market position is strong in South Asia with expanding international presence. Technically, the website employs modern frameworks and analytics tools, offering a good user experience with mobile optimization and interactive features like chat widgets and sample report downloads. Security posture is adequate with HTTPS and domain protections but lacks advanced security headers and published incident response policies. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and trustworthy, with room for improvement in security and privacy transparency.

V

Ville de Morges

morgesavenir.ch

48

The website 'Morges Avenir' serves as an official information portal for the city of Morges, Switzerland, focusing on public works, infrastructure projects, and urban environment updates. It targets residents and users of the city, providing timely updates on construction, traffic disruptions, and public announcements. The site is positioned as a government service platform, offering transparency and communication about municipal projects. Technically, the website employs a modern tech stack including HTML5, CSS, JavaScript with jQuery and Bootstrap frameworks, and mapping technologies such as OpenLayers and proj4. It is mobile responsive and provides a moderate performance experience. The site integrates Google Analytics and Google Tag Manager for user tracking but lacks visible privacy and cookie policies, which is a compliance gap. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, it lacks visible security headers and formal security or incident response policies. The absence of privacy and cookie policies reduces its privacy compliance score. Overall, the security posture is moderate but could be improved with better header implementation and transparency. The overall risk assessment is low, given the official nature and trustworthy domain registration. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and publishing vulnerability disclosure and incident response information to enhance trust and compliance.

V

Ville de Morges

morgesdialogue.ch

47

The website 'Morges Dialogue - Démarche Participative' is an official municipal platform dedicated to engaging the population of Morges, Switzerland, in urban planning and development projects. It provides detailed information on participatory processes, legal frameworks, and specific urban initiatives such as Prairie-Nord and Morges Gare-Sud. The site targets local residents, associations, and municipal stakeholders, aiming to foster transparent and inclusive urban development. Technically, the website is built with standard HTML5 and CSS3, with no detected advanced frameworks or CMS. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. No analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the site lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance. The SSL configuration could not be confirmed from the data provided. No incident response or vulnerability disclosure information is present. The domain WHOIS data aligns well with the municipal nature of the site, supporting its legitimacy. Overall, the website is a trustworthy and informative municipal resource but would benefit from enhanced security measures, privacy compliance, and technical modernization to improve user trust and regulatory adherence.

P

Patinoire des Eaux Minérales

patinoiremorges.ch

48

Patinoire des Eaux-Minérales is a local public ice rink facility in Morges, Switzerland, offering recreational ice skating, events, and group activities. The website serves as an information portal for schedules, pricing, regulations, and contact details, targeting local residents and visitors interested in ice sports. The business operates as a small-scale public service with a focus on community engagement and sports promotion. Technically, the site is built on WordPress using the Divi theme, with common plugins for GDPR compliance and analytics. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is moderate with HTTPS enabled and some security plugins in use, but lacks explicit security headers and published security policies. Privacy compliance is basic with a cookie consent mechanism but no visible privacy or terms of service pages. Overall, the website is trustworthy and safe for general audiences, with room for improvement in security and compliance documentation.

C

Carac Media SA

carac.tv

48

Carac Media SA operates carac.tv, a Swiss French-language media platform offering live TV streaming, replay content, and program guides. Positioned as a niche broadcaster under Media One Group, it targets Swiss viewers interested in character-based TV content. The website employs modern web technologies including Nuxt.js and Vue.js, integrates advertising via Smart AdServer, and uses Google Tag Manager for analytics. Cookie consent is managed through Axept.io, reflecting some privacy compliance efforts. Security posture is solid with HTTPS and no visible vulnerabilities, though the absence of explicit privacy policies and security incident contacts indicates room for improvement. Overall, the site is professional, trustworthy, and well-branded, serving its audience effectively.

The website mediaone-digital.ch currently presents only a minimal HTML structure with a title 'Media One Group' and no substantive content, metadata, or interactive elements. This lack of content severely limits the ability to assess the business operations, market position, or services offered. The absence of contact information, privacy policies, or security details suggests the site is either under development or inactive. Technically, the site lacks modern web features, security headers, and HTTPS, indicating a low level of digital maturity and security posture. No WAF or blocking mechanisms were detected, but the site is not providing meaningful content or user engagement capabilities. From a security perspective, the lack of HTTPS and security best practices poses risks, and no compliance indicators are present. Overall, the site scores very low on content quality, technical implementation, security, privacy compliance, and business credibility, resulting in a high-risk profile and limited trustworthiness.

B

BAM - La Voie des Sens

lavoiedessens.ch

48

BAM - La Voie des Sens is a niche tourism operator in Switzerland offering unique gourmet experiences aboard the historic Bière Apples Morges (BAM) train. The company focuses on culinary outings such as gastronomic meals, fondue, beer and burgers, brunch, and wine pairings, targeting tourists and locals interested in regional terroir and heritage. The website is professionally designed using WordPress and the Divi theme, with good SEO and mobile optimization. However, it lacks explicit privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enabled but missing security headers. Contact options are limited to a newsletter subscription form, with no direct emails or phone numbers visible. Social media presence on Facebook and Instagram supports brand trust. Overall, the site is credible and well-positioned in its market niche but should improve privacy compliance and security headers to enhance trust and regulatory adherence.

K

KIS Communication

kiscommunication.ch

48

KIS Communication is a small Swiss-based graphic design and web development service provider founded in 2017 by Kim Sartori. The company offers branding, graphic design, and WordPress-based web services primarily targeting clients in the Broye vaudoise region. The website is professionally designed with a clear portfolio showcasing their work and provides multiple contact channels including email, phone, and social media links. Technically, the site is built on WordPress using modern frameworks like UIkit and includes SEO optimization via Yoast. Security measures include HTTPS and CAPTCHA on forms, but lack some standard security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and well-maintained but could improve in security and privacy compliance.

A

Alpirsbacher Klosterbräu Glauner GmbH

alpirsbacher.de

41

Alpirsbacher Klosterbräu Glauner GmbH operates a well-established brewery and retail business based in Germany, specializing in the production and sale of various beer products, branded merchandise, and related services including events and club memberships. The company maintains a strong regional presence with a professional online shop and active social media engagement. The website demonstrates a mature digital infrastructure leveraging Shopware CMS, modern JavaScript libraries, and consent management tools to ensure compliance and user experience. Security posture is solid with HTTPS enforcement, age verification for alcohol content, and privacy compliance, though there is room for improvement in publishing explicit security policies and headers. Overall, the business presents a trustworthy and professional front with clear contact information and comprehensive legal policies.

The website swym.it is currently inaccessible due to a security verification page that blocks direct content access. This prevents a full assessment of the business, its services, and compliance posture. The domain is well-established, created in 2012, with DNSSEC enabled, indicating a legitimate registration. However, the lack of accessible content, privacy policies, contact information, and security headers limits the ability to evaluate the website's security and compliance maturity. The technical infrastructure relies heavily on JavaScript for bot detection and browser verification, which may impact user experience and accessibility. Overall, the site appears to be protected by a generic web application firewall or security mechanism, which restricts automated analysis.

S

SI-Solutions GmbH

si-solutions.ch

43

SI-Solutions GmbH is a Swiss-based company specializing in SmartHome and ICT solutions, offering a range of services including module sales, downloads, and support. The company targets businesses and individuals interested in technology solutions for smart homes and ICT infrastructure. The website is built on a WordPress platform using Elementor, indicating a moderate level of digital maturity with basic mobile optimization and SEO features. However, the content is minimal and lacks comprehensive policy documentation. Security posture is adequate with HTTPS enabled but lacks important security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website presents a small technology service provider with room for improvement in security and compliance.

A

Alexander Schreibeisen GmbH & Co. KG

sensapolis-kehl.de

40

Sensapolis Kehl operates as a family-oriented indoor play and climbing park located in Kehl, Germany. The business offers a variety of play and climbing activities for children and adults, including themed birthday party rooms and creative ateliers. It positions itself as a local entertainment destination with a focus on family fun and events. The website is professionally designed, mobile-optimized, and uses modern web technologies such as WordPress, UIkit, and Yoast SEO. Privacy and cookie compliance are well implemented with clear policies and consent mechanisms. However, the site lacks explicit security policies and incident response information. The domain WHOIS data is minimal but consistent with the business claims. Overall, the site demonstrates a good security posture with HTTPS and cookie management, though improvements in security headers and disclosure policies are recommended.

C

CalaCarWash

cala-carwash.com

42

CalaCarWash is a premium car wash service provider located in Kehl, Germany, operating since 2016. The business offers advanced car wash technologies including high-pressure washing, active foam, power drying, and nanowax paint sealing, targeting local car owners seeking high-quality vehicle cleaning. The company emphasizes environmental sustainability through a water recycling system and uses biodegradable detergents. The website is built on WordPress with a modern theme and UIkit framework, providing a good user experience with clear navigation and mobile optimization. Contact information and social media presence are clearly provided, enhancing business credibility. Security posture is adequate with HTTPS and cookie consent mechanisms, though security headers and explicit security policies could be improved. No signs of blocking or WAF interference were detected, and the domain registration data supports legitimacy. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

K

Kartbahn CalaRace | Kehl

cala-race.com

37

Kartbahn CalaRace is a small regional indoor kart racing venue located in Kehl, Germany, offering a 450-meter two-level electric kart track with speeds over 50 km/h. The business targets families, event planners, and corporate clients, providing kart racing entertainment, event hosting, and gastronomy services including a sports bar. The website is professionally designed with excellent content quality, clear navigation, and good mobile optimization. Technically, it is built on WordPress with modern plugins and UIkit framework, ensuring a good user experience and SEO optimization. Security posture is good with HTTPS and cookie consent implemented, though some security headers could be improved. The WHOIS data is missing or the domain is unregistered, which is a concern for domain legitimacy and requires further investigation. Overall, the site is trustworthy, family-friendly, and well-maintained, but domain registration issues reduce business credibility scores.

C

Calamus Areal

orangerie-kehl.de

49

Die Orangerie Kehl is a specialized event location situated within the Calamus Areal in Kehl, Germany, catering to private and business events such as weddings, corporate parties, and seminars. The venue offers versatile spaces, culinary services, and proximity to a 4-star superior hotel, positioning itself as a local leader in hospitality event services. The website is built on WordPress using Elementor, indicating a modern and maintainable technical infrastructure. The presence of cookie consent mechanisms and GDPR-compliant privacy policies reflects a good level of digital maturity and privacy awareness. Security posture is solid with HTTPS and spam protection on forms, though improvements in security headers and vulnerability disclosure could enhance trust further. Overall, the site presents a professional and trustworthy image suitable for its target audience.

R

Restaurant Cala

restaurant-cala.de

46

Restaurant Cala is a small hospitality business located in Kehl, Germany, offering grilled meat, fish, vegetarian dishes, and a Sunday brunch. It operates on the CALAMUS-AREAL next to a 4-star hotel, targeting local and regional customers seeking quality dining experiences. The website is professionally designed using WordPress with popular plugins like WPBakery and Revolution Slider, supporting online reservations and gift voucher sales. Social media presence on Facebook and Instagram enhances customer engagement. Security posture is basic with HTTPS enabled but lacks advanced security headers and cookie consent mechanisms. Privacy policy is present and GDPR compliant, but terms of service and incident response information are missing. Overall, the site is trustworthy and functional but could improve security and privacy compliance.

C

Calamus Areal Kehl

apartments-kehl.de

47

Apartments Kehl operates a modern boardinghouse in Kehl-Sundheim, Germany, offering a range of stylish apartments with amenities such as sauna, wellness, fitness, and pet-friendly accommodations. The business targets tourists, families, and business travelers seeking comfort and leisure in a strategic location near Strasbourg and the Black Forest. The website reflects a professional hospitality provider with integrated leisure and dining services, supported by a network of partner domains. Technically, the site is built on WordPress with UIkit and includes modern consent management tools, though it lacks some security headers. The SSL configuration is excellent, and the site is mobile-optimized with good accessibility and SEO basics. Security posture is solid but could be improved by adding security headers and explicit incident response information. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the business. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. No adult or questionable content is present, making the site safe for general audiences.

H

Haus der Natur Obere Donau

hausdernatur-oberedonau.de

38

Haus der Natur Obere Donau is a regional non-profit nature and cultural education center located in Beuron, Germany. It serves as the seat for three organizations focused on nature conservation, sustainable tourism, and regional product marketing. The website provides information about their permanent exhibition, events, boat rentals, and educational offerings, targeting nature enthusiasts, local visitors, and schools. The site is well-structured, professionally designed, and consistent with its mission and audience. Technically, it is built on the Contao CMS platform, uses jQuery and Colorbox for UI, and is hosted on servers associated with kasserver.com. The website is mobile-optimized and SEO-friendly but lacks some advanced accessibility features.

cadwork is a software company specializing in CAD/CAM and BIM solutions for wood construction, joinery, civil engineering, and contractor project management. The company targets professionals in construction and engineering sectors, offering tools that cover design, production, and machine control. The website indicates a regional presence primarily in Switzerland with multiple related domains serving other countries. Technically, the website uses modern frontend technologies such as Bootstrap and jQuery, providing a good user experience and mobile optimization. However, SEO and accessibility features are basic, and no CMS or hosting details are evident. Security posture is limited due to missing HTTPS verification and lack of security headers, and no privacy or cookie policies are present, indicating compliance gaps. WHOIS data is missing, reducing trustworthiness, but the website content and related domains suggest a legitimate business. Overall, the site is functional and professional but requires improvements in security, privacy compliance, and transparency.

The website cadwork.swiss is registered to Cadwork Holz AG, a Swiss company founded in 2016. However, the website content is currently inaccessible, returning a 403 Forbidden error page that blocks access to any business or informational content. This severely limits the ability to assess the company's online presence, services, or compliance posture. The domain registration data is consistent and legitimate, matching the company name and country. The technical infrastructure appears minimal with no DNSSEC enabled and no visible security headers or analytics scripts. The lack of accessible content and policies indicates a low digital maturity level at this time. Security posture is weak due to missing standard protections and the access restriction itself.

C

CAD

cadwork.de

40

cadwork.de is a professional website representing CAD, a company specializing in 3D CAD/CAM software solutions primarily for the timber construction industry. The site offers a range of industry-specific software products, training events, and support resources, targeting professionals and companies in timber construction, engineering, architecture, and related fields. The business model focuses on software sales, trials, and customer support, with a strong presence in German-speaking countries and international partner sites. Technically, the website is built on WordPress using the Avada theme and WooCommerce for e-commerce capabilities, enhanced with multilingual support via WPML and SEO optimization through Rank Math. The site demonstrates good mobile optimization and user experience, with clear navigation and professional design. Security posture is adequate with HTTPS enabled and cookie consent implemented, though it lacks some advanced security headers and a public vulnerability disclosure policy. Overall, the domain registration and website content are consistent and trustworthy, indicating a legitimate business with a solid market position in its niche.

G

GRUPPENTOURISTIK.COM

gruppentouristik.com

49

GRUPPENTOURISTIK.COM is a specialized online portal focused on group travel, offering curated destinations, events, accommodations, and bus travel options primarily targeting German-speaking customers. The website presents a professional and content-rich platform that supports group travel planning with a clear focus on leisure and tourism. The business appears established since 2012, with a medium-sized market presence and consistent branding. Technically, the site is built on Drupal 11, leveraging modern libraries and responsive design, ensuring good user experience and mobile optimization. Security posture is solid with HTTPS, cookie consent, and privacy compliance, though some improvements like DNSSEC and enhanced security headers are recommended. No critical vulnerabilities or suspicious content were detected. Overall, the site is trustworthy and well-positioned in its niche.

D

DonationPay

donationpay.org

46

DonationPay is a nonprofit-focused service providing powerful fundraising tools to facilitate donations and campaign management. The website is built on WordPress using the Brizy page builder and integrates third-party services such as Google Tag Manager for analytics and Tawk.to for live chat support. The content is professionally presented and targeted at nonprofit organizations seeking fundraising solutions. Technically, the site is moderately optimized with HTTPS enabled and basic mobile responsiveness, though accessibility and SEO features are basic. Security posture is adequate with SSL but lacks advanced security headers and vulnerability disclosure mechanisms. Privacy and cookie policies are not found, indicating compliance gaps. The domain WHOIS data is unavailable, which reduces transparency and trustworthiness. Overall, the site is functional and safe but would benefit from improved privacy compliance and clearer contact information.

I

Interview Her

interview-her.com

43

Interview Her is a specialized non-profit platform dedicated to connecting media professionals with women experts in the fields of conflict, peace, and security. The website serves as a curated expert directory and resource to enhance accurate and diverse media reporting. It operates under the auspices of the Nobel Women's Initiative, lending credibility and a clear mission focus. The platform targets journalists, researchers, and media outlets seeking authoritative female voices on critical global issues. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and WPBakery Page Builder, ensuring a professional and responsive user experience. Hosting is managed via Hover, with domain registration consistent and transparent since 2018. Security posture is adequate with HTTPS enabled and domain transfer protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is limited by the absence of explicit privacy and cookie policies, which should be addressed to meet GDPR and other regulations. Overall, the site is trustworthy, well-branded, and serves a clear niche with good content quality and user experience.

O

outbrai.com

outbrai.com

48

The website outbrai.com is currently a parked domain primarily serving advertisements and related search results. It lacks substantive business content, contact information, or user engagement features. The technical infrastructure relies on common advertising and analytics technologies such as Google Analytics, Google Tag Manager, and Bodis domain parking services. The site is accessible without any WAF or security challenges but shows minimal security hardening and no GDPR compliance mechanisms. The WHOIS data indicates the domain is registered to a registrar parking service with a suspicious future creation date, reducing trust and legitimacy. Overall, the site appears to be a placeholder rather than an active business presence.

S

SBH

dreiklangsbh.de

35

The website www.dreiklangsbh.de is currently in maintenance mode, displaying a placeholder page with minimal content and no active business information. The company name 'SBH' is visible, but no detailed description, services, or contact information is provided. The site is hosted on WordPress with a maintenance plugin active, indicating ongoing development or updates. The technical infrastructure includes jQuery libraries and Open Sans font, hosted on servers associated with agenturserver, a German hosting provider. Security posture is basic with HTTPS implied but no visible security headers or advanced protections. No privacy or cookie policies are present, and no contact or compliance information is available, limiting trust and compliance assessment. Overall, the site is functional but lacks content and security maturity.

B

Breitbandinitiative Landkreis Tuttlingen (BIT)

breitband-tuttlingen.de

43

The Breitbandinitiative Landkreis Tuttlingen (BIT) is a regional public initiative focused on expanding and improving fiber optic broadband infrastructure within the Landkreis Tuttlingen region in Germany. The initiative supports municipalities in planning, tendering, and constructing a county-wide fiber backbone network, targeting businesses, schools, administration, and underserved areas. The website reflects a professional and consistent presentation of this mission, with clear contact information and regularly updated news about project milestones and funding. Technically, the site uses a custom PHP-based CMS with standard web technologies and is mobile-optimized, though some modern security headers and cookie consent mechanisms are missing. Security posture is moderate with HTTPS implied but lacking explicit security policies or incident response information. Overall, the domain and website appear legitimate and trustworthy for a public sector broadband initiative, with no signs of malicious or adult content.

Landschaftserhaltungsverband Landkreis Tuttlingen e.V. is a regional non-profit organization dedicated to the conservation and sustainable management of cultural landscapes and natural heritage in the Landkreis Tuttlingen area of Germany. The organization acts as a mediator and service provider for local farmers, foresters, municipalities, and conservation groups, facilitating landscape maintenance and preservation efforts. The website reflects a professional and consistent presentation of their mission, services, and contact information, targeting local stakeholders and interested citizens. Technically, the website is built on the Weebly platform, utilizing jQuery 1.8.3 and Google Analytics for tracking. While the site is accessible and well-structured, it shows signs of aging technology and lacks some modern security best practices such as security headers and cookie consent mechanisms. The site is moderately optimized for mobile and SEO but could benefit from updates to improve performance and compliance. From a security perspective, HTTPS is enabled, but the absence of security headers and use of an outdated JavaScript library present potential risks. No explicit security policies or incident response contacts are provided, indicating room for improvement in security transparency and readiness. Privacy compliance is partially met with a privacy policy page but lacks cookie consent and detailed GDPR indicators. Overall, the website is trustworthy and professional for its non-profit mission but should prioritize technical and security enhancements to strengthen its digital maturity and compliance posture.

N

Naturpark Obere Donau e.V.

naturpark-obere-donau.de

47

Naturpark Obere Donau e.V. operates as a regional non-profit nature park organization in southern Baden-Württemberg, Germany. The website serves as an information hub for visitors and locals interested in nature experiences, regional products, events, and educational resources. The organization maintains a visitor center called 'Haus der Natur' and promotes regional culture and environmental awareness. The site is well-positioned as a trusted regional authority with sponsorship from local government and lottery funds. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates Matomo analytics and Usercentrics for privacy compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS and consent management, though it lacks explicit HTTP security headers and a public security policy. Overall, the domain registration and website content align well, indicating legitimacy and trustworthiness.

C

CNRS Innovation

cnrsinnovation.com

42

CNRS Innovation is a French organization affiliated with CNRS, focused on bridging research and innovation by supporting technology transfer, start-up creation, and project prematuration. The website reflects a professional presence with clear information about their services, target audience, and programs such as RISE. The technical infrastructure is based on WordPress with modern plugins and integrations including Google Analytics and Google Maps API, indicating a mature digital setup. Security posture is solid with HTTPS enforced and no exposed sensitive data, though improvements can be made by adding explicit security headers and cookie consent mechanisms. Overall, the website is trustworthy and well-positioned within the French research innovation ecosystem.

U

UNESCO Global Geopark Schwäbische Alb

geopark-alb.de

42

The website www.geopark-alb.de represents the UNESCO Global Geopark Schwäbische Alb, a recognized educational and tourism entity focused on geological heritage and sustainability in southwestern Germany. The site offers rich multimedia content, educational resources, and detailed information about the geopark's natural and cultural assets. Technically, the site is built on Silverstripe CMS with UIkit framework, ensuring a modern and responsive user experience. Privacy compliance is well addressed through a comprehensive privacy policy and an active cookie consent mechanism using Klaro. Security posture is solid with HTTPS enforced and privacy-friendly video embeds, though some security headers could be improved. No critical vulnerabilities or suspicious elements were detected. Overall, the website is professional, trustworthy, and well-positioned to serve its target audience of tourists, educators, and geology enthusiasts.

F

Urlaub mit Kindern Baden-Württemberg | familien-ferien

familien-ferien.de

39

The website familien-ferien.de is a family vacation information platform focused on Baden-Württemberg, Germany, offering child-friendly accommodation and excursion tips. It targets families with children seeking vacation options in the region. The site uses modern technologies including the Neos CMS and the Flow PHP framework, with integrations for accessibility (eyeAble) and cookie consent management (Cookiebot). Google Tag Manager is used for analytics and tracking. The site is well-structured, mobile-optimized, and SEO-friendly with structured data markup. However, it lacks visible privacy policy and terms of service pages, and no direct contact information is found in the HTML content. Security posture is moderate with HTTPS enabled but missing security headers and no explicit security or incident response policies.

K

KAROLINGISCHE KLOSTERSTADT e.V.

campus-galli.de

49

Campus Galli is a German non-profit organization dedicated to the historical reconstruction of a Carolingian monastery using authentic 9th-century methods. The website serves as an educational and visitor information platform, offering event calendars, ticket sales, and detailed insights into the project. The organization positions itself as a niche cultural heritage and educational tourism entity with a medium-sized operational scale. Technically, the website is built on WordPress with modern plugins and frameworks, hosted by a reputable German provider, and optimized for SEO and mobile use. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though some security headers and incident response details could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with its mission.

B

Bahnbetriebe Blumberg GmbH & Co. KG

sauschwaenzlebahn.de

48

Bahnbetriebe Blumberg GmbH & Co. KG operates the Sauschwänzlebahn, a historic steam and diesel train service in the Black Forest region of Germany. The company offers nostalgic train rides, special events, and group packages, positioning itself as a notable regional tourism attraction with multiple awards and partnerships. The website is professionally designed, providing clear information and multiple contact channels, targeting tourists, families, and railway enthusiasts. Technically, the site is built on WordPress with WooCommerce and Fusion Builder, offering moderate performance and good mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the domain registration and website content align well, indicating a trustworthy and legitimate business presence.

K

KlickImpuls GmbH

klickimpuls.at

44

KlickImpuls GmbH is a small, professional online marketing agency based in Linz, Austria, specializing in SEO, SEA, social media marketing, conversion rate optimization, and tracking solutions. The company targets B2B and B2C clients seeking to improve their digital marketing performance with sustainable and transparent strategies. Their website demonstrates a mature digital presence with multimedia content, client showcases, and clear service offerings. Technically, the site is built on WordPress with Elementor, leveraging modern marketing and analytics tools such as Google Analytics 4, Bing Ads, Facebook Pixel, and VWO for optimization and tracking. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data is a notable gap, slightly reducing trust but not undermining the overall legitimacy given the professional web presence and compliance indicators. Overall, the site is well-designed, user-friendly, and compliant with GDPR requirements.

S

SEMSEA Suchmaschinenmarketing

semsea.at

44

SEMSEA Suchmaschinenmarketing is a specialized digital marketing agency based in Austria, focusing on Google Ads services with over 10 years of experience. The company offers tailored Google Ads consulting, setup, management, and package solutions aimed at helping businesses optimize their advertising budgets and achieve measurable growth. The website demonstrates a professional and consistent brand presence, supported by client logos and embedded Google Reviews, indicating a trustworthy market position. Technically, the website is built on WordPress using the Elementor framework, incorporating modern web technologies such as jQuery and Font Awesome. It integrates third-party services including Zoho Forms for contact and lead generation, Elfsight widgets for social proof, and tracking tools like eTracker and Fraud Blocker. The site is mobile-optimized, accessible, and SEO-friendly, with proper meta tags and structured data enhancing search visibility. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, explicit security headers are not detected, and no dedicated security or incident response policies are published. The WHOIS data is unavailable or privacy-protected, which limits domain ownership transparency but is common for small agencies. No critical vulnerabilities or exposed sensitive data were found. Overall, SEMSEA presents a low-risk, professional digital marketing service with good privacy compliance and a solid technical foundation. Strategic improvements in security headers and incident response transparency could further enhance trust and security posture.

The website at cnstrc.com is currently inaccessible due to an Access Denied error, likely caused by a web application firewall or security mechanism blocking content access. As a result, no direct content, metadata, or business information could be extracted or analyzed. The domain is registered with Amazon Registrar, Inc. since 2015, indicating a stable registration history but no further business details are available. The lack of accessible content prevents assessment of the company's services, technical infrastructure, or security posture beyond domain registration data. Security posture cannot be evaluated due to missing content and headers, and no privacy or compliance policies are detectable. Overall, the site appears to be protected by security controls but lacks publicly available information for comprehensive analysis.