High-risk security reports

M

Indicadores económicos diarios, Chile - API REST / Internal Server Error

mindicador.cl

43

Mindicador.cl is an open source service providing daily economic indicators for Chile in JSON format via an API REST interface. The website targets developers, analysts, and businesses interested in Chilean economic data. The domain is well established since 2014 and hosted on DigitalOcean infrastructure. However, the current website is experiencing backend issues, returning an Internal Server Error which severely impacts accessibility and user experience. The technical stack includes older versions of Bootstrap and Font Awesome, with Google Analytics integrated for visitor tracking but no visible privacy or cookie policies. Security posture is weak with no detected security headers and no public security or incident response policies. Overall, the site demonstrates a niche technical service but suffers from operational and compliance gaps.

F

Freeride Mountain Bike Association e.V. (FMBA)

fmbworldtour.com

48

The Freeride Mountain Bike Association e.V. (FMBA) operates the FMB World Tour, the official international circuit for freeride mountain biking disciplines. Founded in 2010 and registered as a non-profit in Munich, Germany, FMBA governs and promotes the sport through event sanctioning, athlete licensing, and ranking systems. The website serves athletes, event organizers, and fans with news, rankings, event calendars, and membership information. The organization holds a strong market position as the official governing body for freeride mountain biking.

Y

Yrkesorganisasjonenes Sentralforbund

arbeidslivsbarometeret.no

49

YS Arbeidslivsbarometeret is a Norwegian research platform operated by Yrkesorganisasjonenes Sentralforbund (YS), providing annual labor market surveys and analyses. The website serves as a repository for reports and databases related to Norwegian working life, targeting workers, unions, and policymakers. The platform is supported by academic collaboration with Oslo Metropolitan University, enhancing its credibility and research quality. Technically, the site is built on WordPress with common plugins and integrates Google Analytics and Tableau for data visualization. The site is mobile-optimized and presents a professional user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks some advanced security headers and explicit incident response policies. Privacy compliance is adequate with privacy and cookie policies present, but the absence of a cookie consent mechanism is a minor gap. Overall, the site is trustworthy and well-positioned within its niche, with room for improvement in security and compliance transparency.

The website hno.at represents the Österreichische Gesellschaft für Hals-, Nasen-, Ohrenheilkunde, Kopf- und Halschirurgie, a professional medical society in Austria specializing in ENT medicine. It serves as an informational and organizational platform for medical professionals and patients, offering resources on health topics, specialist roles, congresses, and events. The site is built on TYPO3 CMS and employs standard web technologies including jQuery, Bootstrap, and Google Analytics for user tracking. It demonstrates GDPR compliance through cookie consent mechanisms and a privacy policy page. However, explicit terms of service and security policies are not present. The site is professionally designed with good navigation and content relevance, targeting a German-speaking audience in the healthcare sector.

The website letsmeeton2ndst.com currently serves a 403 Forbidden error page, indicating that access to the content is restricted or blocked. There is no accessible business information, contact details, or policy documents on the site. The domain is very recently registered in January 2024 and uses SiteGround hosting services. The lack of content and contact information suggests the site is either under development or intentionally restricted. Technically, the site uses basic HTML with Google Fonts but lacks modern SEO, accessibility, or security features. No analytics or tracking scripts are present, and no privacy or cookie policies are found, indicating poor privacy compliance. Security posture is minimal with no DNSSEC and no visible security headers. Overall, the site is not currently functional for end users or business purposes.

E

Erfurt Tourismus & Marketing GmbH

erfurt-tourismus.de

45

Erfurt Tourismus & Marketing GmbH operates the official tourism website for the city of Erfurt, Germany, providing comprehensive information on city tours, accommodation, events, and cultural highlights. The website serves as a central hub for tourists and event planners, offering online booking capabilities and detailed guides. The company holds a strong market position as the official tourism promoter for the region, targeting a broad audience including families, groups, and individual travelers. Technically, the website is built on TYPO3 CMS with Bootstrap for responsive design, hosted on AWS infrastructure. It employs modern web technologies and privacy-conscious analytics tools such as Matomo alongside Google and Facebook tracking pixels. The site is well-optimized for SEO, mobile use, and accessibility, with clear navigation and multilingual support. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. However, explicit security headers are not visibly implemented, and no dedicated security or incident response policies are published. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but could be enhanced with additional headers and transparency. The website content is safe for general audiences, focusing on tourism and cultural promotion without any adult or questionable content. Contact information is comprehensive and clearly presented, supporting business credibility and trust. The domain registration and DNS setup are consistent with a legitimate public entity, reinforcing the site's authenticity. Strategic recommendations include implementing explicit security headers, publishing a security policy or incident response contact, and continuing to maintain GDPR compliance and transparency to enhance user trust and security maturity.

T

Team Stadt Erfurt

erfurt-klingt-gut.de

49

The website 'Team Stadt Erfurt – Klingt gut.' serves as a public sector employment and training portal for the city of Erfurt, Germany. It targets job seekers interested in municipal jobs, apprenticeships, and internships, positioning itself as one of the largest employers in the region with approximately 3,700 employees. The site promotes a diverse range of job opportunities within the city administration, emphasizing job variety and security. Technically, the website is built on the TYPO3 CMS platform, utilizing the UIkit CSS framework for responsive design. The site demonstrates good mobile optimization and SEO practices, with structured data and Open Graph tags enhancing search engine visibility. Hosting appears to be managed via domaincontrol.com nameservers, commonly associated with GoDaddy services. Performance is moderate, with no critical technical issues detected in the provided content. From a security perspective, the site uses HTTPS as indicated by canonical URLs, and implements a cookie consent mechanism, reflecting basic privacy compliance. However, no explicit privacy policy, terms of service, security policy, or incident response contacts were found in the analyzed content. Security headers and vulnerability disclosures are absent, suggesting room for improvement in security posture. No signs of WAF or content blocking were detected, and the content is safe for general audiences. Overall, the website is professionally designed and credible as a municipal employment portal. Strategic recommendations include publishing comprehensive privacy and security policies, implementing security headers, and providing clear contact information for data protection and incident response to enhance trust and compliance.

The domain hostcompliance.com currently resolves to a Squarespace placeholder page indicating that the domain has been mapped but not claimed by any website owner. As such, no actual business content, branding, or services are presented on the site. The domain was registered in 2015 with GoDaddy Corporate Domains, LLC and is currently active with a valid registration status but lacks DNSSEC protection. The technical infrastructure is minimal, relying on Squarespace's platform and Cloudflare nameservers, but no active website content or security headers are present. From a security perspective, the site shows no evidence of HTTPS enforcement or security best practices, and no privacy or cookie policies are published. This results in a very low security posture and poor privacy compliance. Overall, the website is inaccessible for meaningful analysis beyond the placeholder content, leading to a low AI score and limited business credibility.

P

PMT Water Engineering

watereng.com.au

44

PMT Water Engineering is an Australian-based manufacturer and facilitator specializing in prefabricated steel water tanks and packaged water treatment systems. The company serves commercial, industrial, and export markets with over 20 years of experience, operating under the parent company Asia Pacific Tanks Pty Ltd. Their website presents a professional image with clear contact information and service descriptions, targeting industrial clients and remote locations both domestically and internationally. Technically, the website is built on WordPress using the Divi theme, incorporating modern technologies such as Google reCAPTCHA v3 for spam protection. Hosting is provided by HostYourServices in Australia, ensuring regional alignment with the business. Security posture is moderate with HTTPS enforced and spam protection active; however, the absence of security headers and published security policies indicates room for improvement. Privacy compliance is weak due to missing privacy and cookie policies, which could expose the company to regulatory risks. Overall, the website is functional and professional but would benefit from enhanced security and compliance measures.

S

SEPOS, spol. s r. o.

sepos.cz

47

SEPOS, spol. s r. o. is a Czech family-owned company specializing in the manufacturing and retail of interior and entrance doors, door frames, and fittings. With over 30 years of experience, the company serves a diverse clientele including investors, architects, construction firms, and end customers. Their business model combines retail and wholesale sales with comprehensive services such as professional advice, certified installation, and delivery. The company maintains a strong market position in the Czech Republic with multiple design stores nationwide. Technically, the website is built on the INT - JET CMS platform and uses modern web technologies including Foundation CSS framework, jQuery, and integrates analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and Snowplow Analytics. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some accessibility features could be enhanced. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks a publicly available security policy, incident response contacts, and security.txt file. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and long-term registration consistent with the company's stated history. Overall, SEPOS.cz presents a professional and trustworthy online presence with solid business credibility and moderate technical maturity. Strategic improvements in security transparency and accessibility would further strengthen their posture.

H

KEMBANGTOTO - Bandar Resmi Situs Toto 4D Penyedia Slot Togel Toto Hiburan Menarik

hog-roast.com

48

The website hog-roast.com operates as an online gambling platform branded as Kembangtoto, offering toto 4D and slot togel games primarily targeting Indonesian players. The business claims a long history dating back to 2003, positioning itself as a trusted bandar (agent) in the gambling niche. The site integrates modern tracking and analytics technologies primarily from Alibaba and Lazada ecosystems, indicating a moderate level of digital maturity. However, the website lacks critical compliance elements such as privacy and cookie policies, terms of service, and visible contact information, which undermines its credibility and user trust. Security posture is weak with no visible security headers or DNSSEC enabled, and no HTTPS enforcement details were found in the provided data. The domain is well aged and registered with GoDaddy, which supports legitimacy but lacks transparency due to missing registrant details. Overall, the site presents moderate business viability but requires significant improvements in compliance, security, and transparency to enhance trust and reduce risk.

The website safefoodaustralia.com.au currently serves a 404 Not Found error page, indicating that the site content is inaccessible or not configured. There is no visible business information, metadata, or structured data to analyze. The domain is registered through a reputable registrar, Tucows (Australia) Pty Ltd trading as OpenSRS, with standard domain status prohibitions but lacks DNSSEC. The absence of website content and policies severely limits the ability to assess the business, technical infrastructure, or security posture. No security headers or SSL configuration details are available, and no contact or compliance information is present. Overall, the site appears inactive or improperly maintained, resulting in a low trust and credibility score.

U

UK Wing Chun Assoc.

ukwingchun.com

49

The UK Wing Chun Association operates as a small, specialized martial arts organization focused on Wing Chun Kung Fu training and community building within the United Kingdom. Founded in 1985 by Master James Sinclair, it holds a respected position in the martial arts community and offers classes, instructor resources, and merchandise through its website. The digital presence is built on a modern WordPress platform utilizing WooCommerce for e-commerce and Elementor for design, indicating a moderate level of digital maturity. The website is well-structured, mobile-optimized, and integrates social media and payment processing via PayPal, supporting a seamless user experience. From a security perspective, the site enforces HTTPS with good SSL configuration and employs Facebook Pixel for marketing and analytics. However, the absence of explicit security headers and a visible privacy policy or terms of service page indicates room for improvement in compliance and security posture. The WHOIS data for the domain is missing, which raises concerns about domain registration legitimacy and trustworthiness, despite the professional appearance and established business history claimed on the site. Overall, the website presents a professional and trustworthy front for its target audience but should address privacy compliance and domain registration transparency to enhance trust and security. Strategic recommendations include publishing comprehensive privacy and terms policies, implementing security headers, and verifying domain registration details to align with best practices and regulatory requirements.

A

ARO Inc.

aro.ca

46

ARO Inc. is a Canadian accounts receivable management company established in 1993, providing debt collection and payment solutions primarily to Canadian consumers and businesses. The company maintains a professional online presence with clear contact information and multiple office locations, positioning itself as a reliable service provider in the finance sector. The website is built using modern web technologies including Vue.js and Google Fonts, offering a responsive and user-friendly experience. However, the site lacks key compliance documents such as privacy and cookie policies, which are critical for regulatory adherence and user trust. Security posture is generally good with HTTPS enforced, but could be improved by enabling DNSSEC and adding security headers. No incident response or vulnerability disclosure information is published, indicating room for maturity in security governance. Overall, the domain registration is consistent with the business claims, supporting the legitimacy of the company. Strategic improvements in privacy compliance and security transparency would enhance trust and reduce risk.

A

Axxis

axxisconsulting.com.mx

48

Axxis is a Mexico-based technology consulting firm specializing in business process management, robotic process automation, and digital transformation solutions. Established in 2004, the company positions itself as a leader in intelligent process automation, serving medium to large enterprises with services including BPM, RPA, cloud optimization, and digital marketing consulting. The website reflects a mature digital presence built on WordPress with modern plugins and a professional design. However, it lacks critical privacy and cookie policies, which impacts compliance and user trust. Security posture is generally good with HTTPS enabled, but could benefit from enhanced security headers and published incident response policies. Overall, the domain registration and business information are consistent and trustworthy, supporting a positive legitimacy assessment.

Wholesale 4 Inc. operates an e-commerce platform specializing in residential and commercial hardware products, locksmith supplies, and specialty locks. The company offers a broad catalog of hardware items from multiple well-known brands, targeting hardware retailers, locksmiths, and commercial and residential customers. The business model is primarily retail and wholesale via an online store, with an established domain since 2003 indicating a mature presence in the hardware retail sector. The website is built on WordPress with WooCommerce, leveraging popular plugins and technologies such as WPBakery Page Builder and Slider Revolution to deliver a functional and visually consistent user experience. Mobile optimization and navigation are good, supporting usability across devices. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and important security headers, which are recommended for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies, which could expose the business to regulatory risks. Contact information is clearly presented, enhancing business credibility. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy practices.

I

Indian Association of Preventive and Social Medicine

iapsm.org

43

The Indian Association of Preventive and Social Medicine (IAPSM) is a well-established non-profit professional organization founded in 1974, focused on advancing public health in India through education, research, advocacy, and community medicine programs. The website serves as a portal for members and the public to access information about events, publications, membership, and educational resources. The organization targets healthcare professionals, epidemiologists, and medical students in India, positioning itself as a key player in the public health sector. Technically, the website employs legacy JavaScript libraries such as jQuery 1.12.4 and plugins like bxSlider and jcarousel for UI components. Hosting appears to be via a shared hosting provider linked to PublicDomainRegistry.com. The site shows moderate performance and basic mobile optimization but lacks modern CMS or frameworks. SEO and accessibility features are basic, with room for improvement. From a security perspective, the site lacks visible security headers and DNSSEC is not enabled, which are areas of concern. There is no explicit HTTPS enforcement information available, and no privacy or cookie policies are present, indicating compliance gaps. The domain registration is consistent and legitimate, with a long registration period and transfer protections in place. Overall, the website is functional and professional but would benefit from enhanced security measures, privacy compliance improvements, and modernization of its technical stack to improve performance, security, and user trust.

C

Centro de Administraciones Tributarias Subnacionales (CeATS)

ceats.org

44

Centro de Administraciones Tributarias Subnacionales (CeATS) is a well-established non-profit organization based in Argentina, focused on subnational tax administration collaboration, training, and research. The website reflects a professional presence with clear navigation, relevant content, and active engagement through events and educational programs. The organization partners with universities and government tax agencies, reinforcing its credibility and market position in the government and education sectors. Technically, the website uses a modern but standard technology stack including Bootstrap, jQuery, and various carousel and slider libraries. Hosting is stable with a reputable registrar, and the site is mobile optimized with moderate performance. However, there is room for improvement in accessibility and SEO optimization. From a security perspective, the site uses HTTPS but lacks advanced security headers and DNSSEC, which are recommended to enhance protection. No privacy or cookie policies were found, indicating compliance gaps with GDPR and other privacy regulations. Contact information is clearly provided, supporting business credibility. Overall, the website is trustworthy and functional but would benefit from enhanced privacy compliance and security hardening to align with best practices and regulatory requirements.

C

Castorani

castorani.it

49

Castorani is a small Italian wine producer and retailer with a well-established online presence since 2002. The website offers e-commerce capabilities for purchasing wines, along with hospitality services such as tastings and vineyard tours. The company targets wine enthusiasts and tourists interested in authentic Italian wine experiences. Technically, the site is built on PrestaShop, uses modern web technologies, and integrates Cookiebot for GDPR-compliant cookie management. Security posture is solid with HTTPS, DNSSEC, and no visible vulnerabilities, though additional security headers could enhance protection. Privacy compliance is strong, with clear cookie consent and a comprehensive privacy policy. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

C

Camping de Rozenhof

campingrozenhof.com

49

Camping de Rozenhof is a family-oriented camping and rental business located in Zeeland, Netherlands, offering various camping pitches and rental accommodations such as chalets and houses. The website targets families and beach lovers seeking a tranquil vacation experience. The business operates a small-scale hospitality model with a regional market focus. Technically, the website is built on Joomla CMS with modern JavaScript libraries including jQuery, Bootstrap, and Swiper.js, and integrates Google Analytics and Tag Manager for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is moderate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are not found, indicating compliance gaps. Suspicious external links embedded in the HTML may pose reputational risks. Overall, the website is professional and trustworthy but would benefit from enhanced security and privacy compliance measures.

The domain searchranktraffic.live currently serves only a 404 Not Found error page with no accessible content or metadata. There is no visible business information, contact details, or any form of user engagement elements. The WHOIS data for this domain is unavailable due to unsupported TLD, providing no registrar, creation, expiry, or registrant details. This lack of information severely limits the ability to assess the legitimacy or business operations behind the domain. Technically, the site is served by nginx 1.24.0 but lacks HTTPS and security headers, indicating a minimal or non-existent security posture. Overall, the domain appears inactive or improperly configured, posing a high risk for trust and usability.

The website socketapiupdates.com currently presents minimal content consisting solely of placeholder text ('Lorem Ipsum'), indicating it is either under development or abandoned. The domain WHOIS data is suspicious due to a future creation date (July 1, 2025), which is inconsistent with the current timeline and raises legitimacy concerns. No business information, contact details, or policies are present on the site, limiting its credibility and trustworthiness. Technically, the site lacks metadata, security headers, and advanced configurations, and no CMS or frameworks are detected. The absence of privacy and cookie policies indicates non-compliance with GDPR and other privacy regulations. Overall, the site exhibits a very low security posture and poor digital maturity.

B

Be The Change Stiftung

baeume-fuer-den-wandel.de

47

Be The Change Stiftung is a German non-profit organization dedicated to environmental sustainability, particularly through tree planting projects in Kenya. Their website showcases detailed project information, funding status, and transparency reports, positioning them as a trustworthy entity in the environmental non-profit sector. The organization targets environmentally conscious donors and partners, leveraging digital tools to engage and inform stakeholders. Technically, the website is built on WordPress with modern plugins such as WooCommerce, Yoast SEO, and Borlabs Cookie for compliance and user experience. Hosting is provided by Manitu, a reputable German hosting provider. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear GDPR-aligned policies and consent mechanisms. Overall, the website is professional, well-branded, and trustworthy, with good SEO and mobile optimization.

T

Tilt d.o.o.

irobot.si

45

iRobot Slovenija, operated by Tilt d.o.o., is a specialized retailer and distributor of smart robotic cleaning devices such as Roomba and Braava in Slovenia. The company offers a range of robotic vacuum cleaners, mops, and accessories, targeting Slovenian consumers seeking innovative home cleaning solutions. The website is professionally designed with multimedia content and clear navigation, supporting a positive user experience and brand consistency. Technically, the site employs modern JavaScript libraries, Google Tag Manager, and Facebook Pixel for analytics and marketing, hosted under a Slovenian registrar with secure HTTPS configuration. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Security posture is good with no critical vulnerabilities detected, though some security headers could be improved. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

S

Spletna trgovina za male živali Pasjahrana.net

pasjahrana.net

47

PasjaHrana.net is a Slovenian online retail store specializing in pet supplies, particularly for dogs and cats. The business is veterinarian-led, emphasizing quality products and pet well-being. The website targets pet owners in Slovenia and offers a range of products including food, supplements, hygiene, and accessories. The site features structured data for local business identification and provides contact phone and physical address information. Technically, the site uses modern web fonts, integrates multiple marketing and analytics tools such as Klaviyo, Hotjar, Google Analytics, and Facebook Pixel, and is mobile optimized with good SEO practices. Security posture is adequate with HTTPS enforced and consent mechanisms for tracking, but lacks explicit security headers and published privacy or incident response policies. WHOIS data is missing or unavailable, raising concerns about domain registration legitimacy, though the website content and business information appear consistent with a small Slovenian e-commerce operation. Overall, the site is professional and trustworthy but would benefit from improved transparency in privacy and security policies and verification of domain registration status.

L

Lassana

lassana.si

42

Lassana is a well-established beauty salon chain based in Ljubljana, Slovenia, offering a wide range of hairdressing, pedicure, cosmetic, and massage services. The company operates 14 salons and also retails professional cosmetics both in-store and online. The website reflects a mature digital presence with integrated online booking via Fresha and an e-commerce platform for product sales. Technically, the site is built on WordPress with modern frameworks and plugins, ensuring good performance, SEO, and mobile responsiveness. Security measures include HTTPS, reCAPTCHA, and cookie consent management, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

C

Creative Industry Košice

atdays.sk

43

Art & Tech Days is a Slovak-based cultural festival that uniquely combines art, technology, and digital culture, organized by Creative Industry Košice in partnership with EIT Culture & Creativity. The festival is positioned as a regional leader in media art and innovation, attracting international speakers and audiences. The website is professionally designed, multilingual, and optimized for SEO and mobile use, reflecting a mature digital presence. Technically, it leverages WordPress with modern plugins and Google Tag Manager for analytics, hosted on a reputable Slovak hosting provider with DNSSEC and HTTPS enabled, ensuring a secure user experience. Security posture is strong with standard best practices, though improvements in security headers and incident response disclosures are recommended. Privacy compliance is robust with clear cookie consent and GDPR-aligned policies. However, the absence of direct contact information and terms of service slightly reduces business credibility. Overall, the site is trustworthy, safe, and well-maintained, serving its audience effectively.

D

Deutscher Berufsverband der Hals-Nasen-Ohrenärzte e.V.

hno-aerzte.de

47

The Deutscher Berufsverband der Hals-Nasen-Ohrenärzte e.V. operates as a professional association for ENT (ear, nose, throat) specialists in Germany. The website serves as a comprehensive portal offering information about the association, professional development events, a marketplace for medical equipment and job postings, and patient education resources. It targets medical professionals and practice staff, positioning itself as a leading entity in the German healthcare sector for ENT specialists. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including Matomo for analytics and responsive design frameworks. The infrastructure is hosted on servers indicated by the agenturserver nameservers, with good mobile optimization and accessibility features. The site implements a cookie consent mechanism compliant with GDPR, and uses HTTPS with a solid SSL configuration. From a security perspective, the site demonstrates good practices such as encrypted connections, cookie consent, and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policy documentation and incident response contacts, which are recommended for enhanced trust and compliance. The WHOIS data aligns well with the website's claims, supporting legitimacy. Overall, the website is professional, trustworthy, and well-maintained, with minor areas for improvement in security transparency and policy disclosures.

D

Diagnose-Funk e.V.

diagnose-funk.org

47

Diagnose-Funk e.V. is a well-established German non-profit environmental and consumer protection organization focused on educating the public about the risks of electromagnetic fields, including mobile communications and WLAN radiation. The organization provides comprehensive information, advocacy, and publications aimed at promoting health-conscious telecommunications technologies. Their target audience includes affected individuals, environmental advocates, municipalities, and scientific communities. The website is professionally designed with good navigation and mobile optimization, reflecting a mature digital presence. Technically, the site uses a variety of JavaScript libraries and privacy-respecting Matomo analytics, hosted on Hostpoint AG servers. Security posture is solid with HTTPS enabled, but lacks some security headers and cookie consent mechanisms, which are recommended for compliance and enhanced protection. WHOIS data confirms the domain's legitimacy and long-term establishment. Overall, the site is trustworthy and serves as a valuable resource in its niche.

The website arche-tickets.de is currently inaccessible, returning a 403 Forbidden error page indicating that access is blocked by server permissions. Due to this, no meaningful content, metadata, or business information is available for analysis. The technical infrastructure is based on Apache 2.4.58 running on Windows with OpenSSL 3.1.3 and PHP 8.2.12, hosted likely via domaindiscount24.net nameservers. No CMS or frameworks are detected. Security posture is minimal with no security headers observed and only basic SSL configuration implied by HTTPS on port 443. The WHOIS data shows the domain is active with standard registrar nameservers but lacks detailed registrant information. Overall, the site lacks transparency, content, and compliance indicators, resulting in a low trust and security score.

The website zaferia.org is currently inaccessible, returning a 403 Forbidden error page that blocks access to any meaningful content. The domain is registered since 2011 with GoDaddy.com, LLC and hosted on SiteGround, but no business or contact information is available on the site. The lack of privacy, cookie, or terms of service policies and absence of any contact details significantly limit the ability to assess the business or security posture. Technically, the site uses Google Fonts but lacks security headers and DNSSEC, indicating basic security configuration. Overall, the site appears to be either restricted intentionally or misconfigured, resulting in poor user experience and low trustworthiness.

B

Bixby Knolls Business Improvement Association

bixbyknollsinfo.com

41

Bixby Knolls Business Improvement Association is a small, community-focused non-profit organization established in 2002, dedicated to supporting local businesses and residents in the Bixby Knolls area of Long Beach, California. The website serves as a hub for community events, business directories, donation campaigns, and programs aimed at fostering neighborhood engagement and economic growth. The organization recently transitioned to a 501(c)(3) nonprofit status to facilitate tax-deductible donations, reflecting its commitment to sustainable community support. The target audience includes local business owners, residents, and community members interested in neighborhood development and events. Technically, the website is built on WordPress using the Divi theme, supplemented by popular plugins such as LayerSlider, DataTables, Contact Form 7, and Bloom for newsletter management. Hosting is provided by Bluehost, with domain registration dating back to 2002, indicating a mature digital presence. The site demonstrates moderate performance and good mobile optimization, though accessibility and SEO optimizations are basic. Analytics integration via MonsterInsights is present but not configured, suggesting room for improvement in data-driven insights. From a security perspective, the website enforces HTTPS and has domain transfer protections in place. However, DNSSEC is not enabled, and no advanced security headers are detected, which could expose the site to certain DNS and web-based attacks. Privacy compliance is lacking, with no visible privacy or cookie policies, and no consent mechanisms for data collection, despite the presence of multiple forms collecting personal information. There is no public incident response or vulnerability disclosure information, which could be a concern for transparency and trust. Overall, the website is trustworthy and professional in its presentation and business credibility but requires enhancements in privacy compliance and security best practices to align with modern standards. Strategic improvements in these areas will strengthen user trust and regulatory adherence.

The Long Beach City Prosecutor Doug Haubert website serves as the official online presence for the city prosecutor's office responsible for prosecuting adult misdemeanor crimes within Long Beach, California. The site provides comprehensive information about prosecutorial services, community programs, diversion initiatives, and resources for victims and residents. It targets local residents and community stakeholders, positioning itself as a trusted government service provider. The business model is public service under the government sector, with a medium-sized operational scope and a founding date consistent with the domain registration in 2011. Technically, the website is built on WordPress with common plugins such as Yoast SEO and Google Language Translator, hosted by GoDaddy. The site demonstrates moderate performance and good mobile optimization, with a clean and professional design. SEO practices are adequately implemented, though accessibility features are basic. The presence of multiple external domains, some suspicious, suggests potential security review is warranted. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. No privacy or cookie policies are present, indicating compliance gaps with GDPR and other privacy regulations. Contact information is clearly provided, enhancing business credibility. No incident response or vulnerability disclosure information is available, which could be improved. Overall, the website is functional, professional, and trustworthy for its intended government service role but would benefit from enhanced security measures and privacy compliance to strengthen its posture and user trust.

L

Long Beach City Auditor's Office

cityauditorlauradoud.com

44

The Long Beach City Auditor's Office website serves as the official online presence for the city government auditing authority. It provides information about independent audits, fraud investigations, and promotes transparency and accountability in city operations. The site targets residents, government officials, and community stakeholders interested in city financial oversight. Technically, the website is built on WordPress with common plugins and uses Google Analytics and Google Translate for analytics and multilingual support. The site is accessible, mobile-optimized, and professionally designed with consistent branding. Security posture is moderate with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies. The absence of WHOIS registration data is a notable concern, potentially indicating domain registration or data retrieval issues, which impacts domain legitimacy assessment. Overall, the site is trustworthy and safe for general audiences but would benefit from enhanced security and privacy compliance measures.

The Port of Long Beach is a major U.S. seaport operating as a government port authority, facilitating international trade and maritime logistics. The website reflects a well-established entity with a long history dating back to 1996, offering comprehensive port services, environmental stewardship, and community engagement. The site targets businesses, shipping companies, government agencies, and the local community, positioning itself as a key player in the transportation sector. Technically, the website is built on modern frameworks such as React and Gatsby, hosted via Akamai CDN, and employs advanced UI components including Mobiscroll and Gravity Forms. The site demonstrates excellent performance, mobile responsiveness, and accessibility, with strong SEO and metadata implementation. Security is robust with HTTPS, multiple security headers, and domain transfer protections, although DNSSEC is not enabled. From a security perspective, the site shows good maturity with no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms in place. However, the absence of a formal security policy, incident response contacts, or vulnerability disclosure mechanisms suggests room for improvement in transparency and incident readiness. Overall, the Port of Long Beach website is a professional, secure, and trustworthy digital presence for a large government transportation entity. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and adding vulnerability disclosure information to enhance security posture and stakeholder trust.

C

California Green Business Network

greenbusinessca.org

47

The California Green Business Network is a well-established non-profit organization founded in 2008, dedicated to promoting sustainability and green business practices across California. It operates as a coalition of cities and counties, providing certification services, resource conservation guidance, and community support to small and medium-sized businesses. The website reflects a strong market position as a leader in the green business certification space, with a clear focus on environmental impact and community engagement. Technically, the website is built on WordPress with modern technologies such as jQuery, Google Tag Manager, and Mailchimp integration. It demonstrates good SEO practices, mobile optimization, and accessibility features, although performance is moderate. The site uses HTTPS with a solid SSL configuration but lacks some advanced security headers and DNSSEC, which could enhance its security posture. From a security perspective, the site follows basic best practices including secure forms and no exposed sensitive data. However, it lacks a formal security policy, incident response contact information, and a cookie consent mechanism, which are important for compliance and user trust. The WHOIS data is consistent and supports the legitimacy of the domain and organization. Overall, the website is professional, trustworthy, and content-rich, serving its target audience effectively. Strategic improvements in privacy compliance and security policies would further strengthen its position and reduce risk.

S

Scribble Software, Inc.

marinago.com

45

MARINAGO Office, operated by Scribble Software, Inc., offers a comprehensive cloud-based marina management software solution designed to streamline operations for marinas, ports, harbors, and boatyards. The platform integrates key functionalities such as slip reservations, fuel dock sales, ship store management, accounting integration, enterprise reporting, and automated customer communications. Positioned as a trusted and scalable solution, MARINAGO Office targets marina professionals seeking efficient and profitable management tools. The website reflects a professional and consistent brand image with strong customer testimonials and integration with reputable accounting software providers. Technically, the website employs a modern technology stack including Bootstrap, jQuery, and various UI libraries, with Google Tag Manager and Google Ads for analytics and marketing. The site is mobile-optimized with good SEO practices and clear navigation, although accessibility features are basic. Security posture is moderate with HTTPS usage implied but lacking visible security headers and explicit security policies. Privacy and cookie policies are not found, indicating room for compliance improvement. The WHOIS data is notably missing or unavailable, which raises some concerns about domain registration transparency and legitimacy. Despite this, the website content and external references strongly indicate a legitimate business operation. Overall, the site scores well on content quality and business credibility but needs enhancements in privacy compliance and security best practices to strengthen trust and regulatory adherence.

The website infoskophost.de is currently inaccessible, returning a 403 Forbidden error page indicating that access to the resource is denied. Due to this restriction, no meaningful content, metadata, or business information is available for analysis. The domain uses standard UI-DNS nameservers, suggesting legitimate hosting infrastructure, but no registrant details or business claims are present to verify. The lack of accessible content prevents assessment of the company's business model, services, or market position. Technically, the site runs on an Apache server but lacks visible security headers or SSL configuration details. The security posture cannot be evaluated due to blocked access. Overall, the site appears inactive or restricted, resulting in a low AI score and limited insights.

B

BVDP Berufsverband Deutscher Psychiater

berufsverband-psychiater.de

41

The BVDP Berufsverband Deutscher Psychiater website serves as the official online presence of the German professional association for psychiatrists. It provides information, networking opportunities, and representation for psychiatrists in Germany. The site is built on a WordPress platform using the Divi theme, enhanced with SEO tools like Yoast and analytics via Matomo, indicating a moderate level of digital maturity. The technical infrastructure is standard for professional association websites, hosted by securehost.de, and optimized for mobile devices with good navigation and content relevance. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable compliance gap. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security transparency to improve compliance and user trust.

B

BVDN Berufsverband Deutscher Nervenärzte

berufsverband-nervenaerzte.de

42

The website www.berufsverband-nervenaerzte.de represents the BVDN Berufsverband Deutscher Nervenärzte, a professional association for neurologists, psychiatrists, and psychotherapists in Germany. It serves as a platform to consolidate professional and healthcare policy interests at both state and federal levels. The site targets medical professionals within the neurological and psychiatric fields, providing information and networking opportunities. The business model is centered on professional representation and advocacy within the healthcare sector. The website is moderately sized and founded around 2020, consistent with the domain registration data. Technically, the website is built on WordPress using the Divi theme, enhanced with plugins such as Yoast SEO for search engine optimization and Matomo for analytics, indicating a reasonable level of digital maturity. Hosting is provided by securehost.de, and the site uses HTTPS, ensuring encrypted communications. The site is mobile-optimized and demonstrates good design and navigation clarity, although accessibility features are basic. From a security perspective, the site employs HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and does not publish explicit privacy, cookie, or incident response policies, which are important for GDPR compliance and user trust. No vulnerability disclosure or data protection officer contact information is provided, representing compliance gaps. The use of Matomo analytics suggests some privacy-conscious tracking, but cookie consent mechanisms are absent. Overall, the website is professional and trustworthy within its niche but would benefit from enhanced privacy and security disclosures to improve compliance and user confidence. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, publishing incident response and vulnerability disclosure information, adding security headers, and providing data protection officer contact details to align with GDPR requirements.

B

BDN Berufsverband Deutscher Neurologen

berufsverband-neurologen.de

42

The Berufsverband Deutscher Neurologen (BDN) is a professional association representing neurologists in Germany. The website serves as a central platform providing relevant information on health policy, continuing education, billing, guidelines, and professional political engagement. The site targets medical professionals specialized in neurology and positions itself as a key industry body within the German healthcare sector. Technically, the website is built on WordPress using the Divi theme, enhanced with Yoast SEO for search optimization and Matomo for analytics tracking. Hosting is managed via securehost.de, indicating a professional hosting environment. Security posture is moderate with HTTPS usage and no exposed sensitive data, but lacks explicit security headers and incident response policies. Privacy compliance is minimal due to the absence of visible privacy and cookie policies. Overall, the website is professional, content-rich, and trustworthy, but could improve in privacy compliance and security transparency.

The website 'Initiative #Seelen+HirnGesundheit des SPIZ' is a German healthcare initiative focused on mental, neurological, and social health. It provides information, decision aids, and treatment options related to mental health, targeting both the general public and healthcare professionals. The initiative appears to be a small-scale, non-profit organization founded around 2017, consistent with the domain registration date. The website uses WordPress CMS with the Divi theme and employs Yoast SEO for search optimization and Matomo for analytics, indicating a moderate level of digital maturity. The technical infrastructure is hosted by Variomedia AG, a known registrar and hosting provider. Security posture is adequate with HTTPS enabled but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of explicit privacy and cookie policies or consent mechanisms. No contact information or incident response channels are clearly provided, which limits user trust and compliance with regulations. Overall, the website is professional and relevant but would benefit from improved security and privacy practices.

T

TTG Czech Republic

ttg.cz

34

TTG Czech Republic is a Czech media outlet specializing in news, analysis, and inspiration related to the travel and tourism industry. The website offers comprehensive coverage of travel destinations, agencies, transportation, hospitality, events, and industry trends, targeting professionals and enthusiasts in the tourism sector. The site is well-branded and maintains a consistent professional appearance with active social media channels on Facebook, Twitter, and Instagram. Technically, the website is built on WordPress with modern plugins and libraries, including The Events Calendar and WPForms, and uses HTTPS for secure communications. However, the absence of WHOIS data and lack of explicit privacy and cookie policies indicate areas for improvement in transparency and compliance. Security posture is moderate with HTTPS enabled but missing security headers. Overall, the site is functional, relevant, and trustworthy for its audience but would benefit from enhanced privacy disclosures and security hardening.

ACK.Travel is the official website of the Asociace cestovních kanceláří ČR, a Czech association representing travel agencies. The site provides news, travel information, and resources primarily targeting travel professionals and travelers within the Czech Republic. The content is professionally presented with a clear focus on travel and tourism industry updates and member services. Technically, the website employs common JavaScript libraries such as jQuery and AmCharts for interactive maps and user interface elements, and uses Matomo for analytics tracking. However, the site lacks visible privacy and cookie policies, and no WHOIS data could be extracted due to malformed WHOIS responses, which limits the ability to fully verify domain legitimacy. Security headers and SSL configuration details are not provided in the data, indicating potential areas for improvement in security posture. Overall, the website appears legitimate and professionally maintained but would benefit from enhanced privacy compliance and security transparency.

T

Terra Incognita - Krajina nespoznaná

terraincognita.sk

43

Terra Incognita - Krajina nespoznaná is a Slovak website focused on exploration or travel related to unknown or less explored landscapes. The site uses WordPress with the Divi theme and integrates common analytics and marketing tools such as Google Analytics and Facebook Pixel. The website is moderately optimized for SEO and mobile devices, providing a generally good user experience with clear navigation and professional design elements. However, it lacks explicit privacy, cookie, and terms of service policies, which impacts its privacy compliance and trustworthiness. Security posture is basic with HTTPS enabled but missing important security headers and formal security policies. No contact information or incident response details are provided, limiting direct communication channels for users or security issues. Overall, the website is legitimate and consistent with its domain registration data but would benefit from enhanced privacy and security practices.

C

Creative Industry Košice n.o.

cike.sk

42

Creative Industry Košice n.o. is a non-profit organization dedicated to fostering cultural and creative industry development in Košice and the broader Eastern Slovakia region. The organization engages in international projects, educational workshops, research, and community challenges to promote innovation and cultural growth. Their website reflects a well-established regional presence with a focus on collaboration among artists, innovators, and policymakers. Technically, the website is built on WordPress with modern tools such as Google Analytics and Tag Manager, and it demonstrates good SEO and mobile optimization. Security posture is solid with HTTPS enforced, though improvements are needed in security headers and explicit incident response policies. Overall, the site is professional, trustworthy, and serves its target audience effectively.

The website instytutpolski.pl serves as the official online presence for the network of Polish Institutes, which are government cultural institutions promoting Polish culture internationally. The site features an interactive map showcasing the locations of these institutes across Europe and Asia, providing users with easy navigation to individual institute pages. The business operates within the government sector, focusing on cultural diplomacy and international cultural promotion. The domain is registered with a reputable registrar and has an appropriate age for its business purpose. Technically, the website employs modern JavaScript libraries such as Leaflet.js for map rendering and clustering, and it is hosted by cyber_Folks S.A. The site uses HTTPS and includes performance monitoring via Akamai mPulse. However, the site lacks advanced security headers and comprehensive privacy or cookie policies, which are important for GDPR compliance and user trust. The mobile optimization and accessibility are basic but functional. From a security perspective, the site benefits from HTTPS but lacks DNSSEC and security headers, which could improve its security posture. No forms or user input fields are present on the homepage, reducing attack surface. There is no evidence of vulnerability disclosure or incident response policies. The absence of privacy and cookie policies indicates a compliance gap with GDPR requirements. Overall, the website is moderately secure and credible but would benefit from enhanced privacy compliance, security hardening, and inclusion of contact and policy information to improve user trust and regulatory adherence.

M

Magyar Játékfejlesztő Egyesület

gamedevday.hu

44

The Budapest Game Dev Day website represents a professional event platform organized by the Magyar Játékfejlesztő Egyesület, targeting the Hungarian game development community. It offers a comprehensive program including presentations, pitch contests, exhibitions, and networking opportunities, positioning itself as a central hub for local developers and industry professionals. The site is built on WordPress with Elementor, integrating modern web technologies and external services for ticketing and analytics. Security posture is adequate with HTTPS and no visible vulnerabilities, though explicit privacy and cookie policies are missing. The WHOIS data shows an anomalous future creation date, likely a data error, but the website content and external references support legitimacy. Overall, the site is well-designed, user-friendly, and serves its business purpose effectively.

C

Creative Industry Košice, n. o.

cityofmediaarts.sk

41

City of Media Arts is a cultural initiative managed by Creative Industry Košice, a non-profit organization promoting Košice as a UNESCO Creative City of Media Arts. The website serves as a platform to showcase media arts events, exhibitions, and news, targeting cultural professionals and the general public interested in media arts. The organization holds a recognized position in the regional cultural landscape with a focus on media arts and creative industries. Technically, the website is built on WordPress 5.6.16, hosted by Websupport, and uses modern web technologies including Google Analytics and Tag Manager for analytics. The site is mobile optimized with good SEO practices and moderate performance. However, there is room for improvement in accessibility and security headers implementation. From a security perspective, the website benefits from HTTPS, DNSSEC, and secure cookie settings, but lacks important security headers and a formal security or incident response policy. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional, trustworthy, and well-aligned with its cultural mission. Strategic improvements in security headers, privacy compliance, and incident response transparency would enhance its security posture and user trust.

R

RST - Rýchlejšie, spoľahlivejšie, tichšie

rst.sk

42

RST - Rýchlejšie, spoľahlivejšie, tichšie is a Slovak IT service provider specializing in computer and notebook repair, custom PC assembly, diagnostics, and maintenance primarily serving the Košice region. Founded in 2020, the company has established a trusted local presence supported by multiple partner testimonials and a clear contact presence including phone, email, and physical address. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the website is built using modern JavaScript frameworks Vue.js and Nuxt.js, delivering a responsive and well-structured user interface. Performance is moderate with good mobile optimization. However, there is room for improvement in accessibility and SEO features. No CMS or hosting provider details are explicitly detected. From a security perspective, the site uses HTTPS with DNSSEC enabled, which is positive. However, it lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance and user trust. No forms or analytics scripts are present, reducing data collection risks but also limiting marketing insights. Overall, the website is safe, professional, and trustworthy with a solid business foundation but requires enhancements in privacy compliance and security best practices to improve its security posture and regulatory adherence.